ZyXEL p-334 Manual Do Utilizador
Prestige 334 User’s Guide
161
Chapter 15 VPN Screens
• Enable NAT traversal on both IPSec endpoints.
In order for IPSec router A (see the figure) to receive an initiating IPSec packet from IPSec
router B, set the NAT router to forward UDP port 500 to IPSec router A.
router B, set the NAT router to forward UDP port 500 to IPSec router A.
15.7.2 Remote DNS Server
In cases where you want to use domain names to access Intranet servers on a remote network
that has a DNS server, you must identify that DNS server. You cannot use DNS servers on the
LAN or from the ISP since these DNS servers cannot resolve domain names to private IP
addresses on the remote network
that has a DNS server, you must identify that DNS server. You cannot use DNS servers on the
LAN or from the ISP since these DNS servers cannot resolve domain names to private IP
addresses on the remote network
The following figure depicts an example where three VPN tunnels are created from Prestige
A; one to branch office 2, one to branch office 3 and another to headquarters. In order to
access computers that use private domain names on the headquarters (HQ) network, the
Prestige at branch office 1 uses the Intranet DNS server in headquarters. The DNS server
feature for VPN does not work with Windows 2000 or Windows XP.
A; one to branch office 2, one to branch office 3 and another to headquarters. In order to
access computers that use private domain names on the headquarters (HQ) network, the
Prestige at branch office 1 uses the Intranet DNS server in headquarters. The DNS server
feature for VPN does not work with Windows 2000 or Windows XP.
Figure 62 VPN Host using Intranet DNS Server Example
Note: If you do not specify an Intranet DNS server on the
remote network, then the VPN host must use IP addresses to
access the computers on the remote network.
remote network, then the VPN host must use IP addresses to
access the computers on the remote network.