Справочник Пользователя для ZyXEL Communications 5 Series
Chapter 19 IPSec VPN
ZyWALL 5/35/70 Series User’s Guide
360
You can usually provide a static IP address or a domain name for the ZyWALL. Sometimes,
your ZyWALL might also offer another alternative, such as using the IP address of a port or
interface.
your ZyWALL might also offer another alternative, such as using the IP address of a port or
interface.
You can usually provide a static IP address or a domain name for the remote IPSec router as
well. Sometimes, you might not know the IP address of the remote IPSec router (for example,
telecommuters). In this case, you can still set up the IKE SA, but only the remote IPSec router
can initiate an IKE SA.
well. Sometimes, you might not know the IP address of the remote IPSec router (for example,
telecommuters). In this case, you can still set up the IKE SA, but only the remote IPSec router
can initiate an IKE SA.
Finding Out More
• See
for IPSec VPN background information.
19.2 The VPN Rules (IKE) Screen
Click SECURITY > VPN to display the VPN Rules (IKE) screen. Use this screen to manage
the ZyWALL’s list of VPN rules (tunnels) that use IKE SAs.
the ZyWALL’s list of VPN rules (tunnels) that use IKE SAs.
Figure 209 SECURITY > VPN > VPN Rules (IKE)
The following table describes the labels in this screen.
Table 100 SECURITY > VPN > VPN Rules (IKE)
LABEL
DESCRIPTION
+/-
In the heading row, click + to expand or - to collapse the VPN rule network
policies.
policies.
VPN Rules
These VPN rules define the settings for creating VPN tunnels for secure
connection to other computers or networks.
connection to other computers or networks.
Click this icon to add a VPN gateway policy (or IPSec rule).
#
This is your VPN rule number. Click + to expand or - to collapse the VPN rule’s
network policies.
network policies.