ZyXEL 2WG Guía Del Usuario

 Chapter 15 IPSec VPN Screens

ZyWALL 2WG User’s Guide

Figure 202   SECURITY > VPN > SA Monitor  

The following table describes the labels in this screen. 

Use this screen to change settings that apply to all of your VPN tunnels.

Normally, you do not configure your local VPN policy rule’s IP addresses to overlap with the 
remote VPN policy rule’s IP addresses (see 

). For 

example, you usually would not configure both with 192.168.1.0. However, overlapping local 
and remote network IP addresses can occur with dynamic VPN rules or IP alias.

Local and remote network IP addresses can overlap when you configure a dynamic VPN rule 
for a remote site (see 

). For example, when you configure ZyWALL X, you 

configure the local network as 192.168.1.0/24 and the remote network as any (0.0.0.0). The 
“any” includes all possible IP addresses. It will forward traffic from network A to network B 
even if both the sender (for example 192.168.1.8) and the receiver (for example 192.168.1.9) 
are in network A. Note that the remote access can still use the VPN tunnel to access computers 
on ZyWALL X’s network.

Table 91   SECURITY > VPN > SA Monitor

#

This is the security association index number. 

Name

This field displays the identification name for this VPN policy.

Local Network 

This field displays the IP address of the computer using the VPN IPSec feature of 

your ZyWALL.

Remote Network 

This field displays IP address (in a range) of computers on the remote network 

behind the remote IPSec router.

Encapsulation

This field displays Tunnel or Transport mode. 

IPSec Algorithm

This field displays the security protocols used for an SA.
Both AH and ESP increase ZyWALL processing requirements and 

communications latency (delay).

Refresh

Click Refresh to display the current active VPN connection(s). 

Disconnect

Select a security association index number that you want to disconnect and then 

click Disconnect.