ZyXEL 202H 91-003-194001B User Manual
Product codes
91-003-194001B
P-202H Plus v2 User’s Guide
Chapter 33 VPN/IPSec Setup
306
33.4 IKE Setup
To edit this menu, the Key Management field in Menu 27.1.1 – IPSec Setup must be set to
IKE. Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec
Setup; press [SPACE BAR] to select Yes and then press [ENTER] to display Menu 27.1.1.1
– IKE Setup.
IKE. Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec
Setup; press [SPACE BAR] to select Yes and then press [ENTER] to display Menu 27.1.1.1
– IKE Setup.
End/Subnet
Mask
When the Addr Type field is configured to Single, this field is N/A.
When the Addr Type field is configured to Range, enter the end (static) IP address, in
When the Addr Type field is configured to Range, enter the end (static) IP address, in
a range of computers on the network behind the remote IPSec router.
When the Addr Type field is configured to SUBNET, enter a subnet mask on the
When the Addr Type field is configured to SUBNET, enter a subnet mask on the
network behind the remote IPSec router.
This field displays N/A when you configure the Secure Gateway Address field to
This field displays N/A when you configure the Secure Gateway Address field to
0.0.0.0.
Port Start
0 is the default and signifies any port. Type a port number from 0 to 65535. Someone
behind the remote IPSec router cannot create a VPN tunnel when attempting to
connect using a port number that does not match this port number or range of port
numbers.
Some of the most common IP ports are: 21, FTP; 53, DNS; 23, Telnet; 80, HTTP; 25,
Some of the most common IP ports are: 21, FTP; 53, DNS; 23, Telnet; 80, HTTP; 25,
SMTP; 110, POP3.
End
Enter a port number in this field to define a port range. This port number must be
greater than that specified in the previous field. This field is N/A when 0 is configured in
the Port Start field.
Enable Replay
Detection
As a VPN setup is processing intensive, the system is vulnerable to Denial of Service
(DoS) attacks The IPSec receiver can detect and reject old or duplicate packets to
protect against replay attacks. Enable replay detection by setting this field to Yes.
Press [SPACE BAR] to select Yes or No. Choose Yes and press [ENTER] to enable
Press [SPACE BAR] to select Yes or No. Choose Yes and press [ENTER] to enable
replay detection.
Key
Management
Press [SPACE BAR] to choose either IKE or Manual and then press [ENTER]. Manual
is useful for troubleshooting if you have problems using IKE key management.
Edit Key
Management
Setup
Press [SPACE BAR] to change the default No to Yes and then press [ENTER] to go to
a key management menu for configuring your key management setup (described
later). If you set the Key Management field to IKE, this will take you to Menu 27.1.1.1
– IKE Setup. If you set the Key Management field to Manual, this will take you to
Menu 27.1.1.2 – Manual Setup.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to
save your configuration, or press [ESC] at any time to cancel.
Table 101 Menu 27.1.1 IPSec Setup
FIELD
DESCRIPTION