ZyXEL Communications ZyWALL 2 Series Manual De Usuario

ZyWALL 2 Series User’s Guide 

37-12  

VPN/IPSec 

Setup 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Phase 1 

Negotiation 

Mode 

Press [SPACE BAR] to choose from Main or Aggressive and then press 
[ENTER]. See earlier for a discussion of these modes. Multiple SAs 
connecting through a secure gateway must have the same negotiation mode.  

Authentication 

Method 

Press [SPACE BAR] to choose from PreShare Key or RSA SIG and then 
press [ENTER]. 

PSK  ZyWALL gateways authenticate an IKE VPN session by matching pre-shared 

keys. Pre-shared keys are best for small networks with fewer than ten nodes. 
Enter your pre-shared key here. Enter up to 31 characters. Any character may 
be used, including spaces, but trailing spaces are truncated.  

Both ends of the VPN tunnel must use the same pre-shared key. You will 
receive a “PYLD_MALFORMED” (payload malformed) packet if the same pre-
shared key is not used on both ends. 

Certificate  Press [SPACE BAR] to choose the certificate to use for this VPN tunnel. You 

must have certificates already configured in the My Certificates screen 

                            Menu 27.1.1.1 - IKE Setup 

 

      Phase 1 

        Negotiation Mode= Main 
        Authentication Method= PreShare Key 

        PSK= qwer1234 

        Certificate= N/A 

        Encryption Algorithm= DES 

        Authentication Algorithm= MD5 
        SA Life Time (Seconds)= 300 

        Key Group= DH1 

      Phase 2 

        Active Protocol= ESP 

        Encryption Algorithm= DES 

        Authentication Algorithm= MD5 
        SA Life Time (Seconds)= 2880 

        Encapsulation= Tunnel 

        Perfect Forward Secrecy (PFS)= None 

 

                    Press ENTER to Confirm or ESC to Cancel: 

Press Space Bar to Toggle.