Справочник Пользователя для ZyXEL Communications 5 Series
Chapter 19 IPSec VPN
ZyWALL 5/35/70 Series User’s Guide
367
19.4 The Network Policy Edit Screen
Click SECURITY > VPN and the add network policy (
) icon or a network policy’s edit
icon in the VPN Rules (IKE) screen to display the VPN-Network Policy -Edit screen. Use
this screen to configure a network policy. A network policy identifies the devices behind the
IPSec routers at either end of a VPN tunnel and specifies the authentication, encryption and
other settings needed to negotiate a phase 2 IPSec SA.
this screen to configure a network policy. A network policy identifies the devices behind the
IPSec routers at either end of a VPN tunnel and specifies the authentication, encryption and
other settings needed to negotiate a phase 2 IPSec SA.
Enable Multiple
Proposals
Proposals
Select this to allow the ZyWALL to use any of its phase 1 key groups and
encryption and authentication algorithms when negotiating an IKE SA.
When you enable multiple proposals, the ZyWALL allows the remote IPSec
router to select which phase 1 key groups and encryption and authentication
algorithms to use for the IKE SA, even if they are less secure than the ones you
configure for the VPN rule.
Clear this to have the ZyWALL use only the configured phase 1 key groups and
encryption and authentication algorithms when negotiating an IKE SA.
encryption and authentication algorithms when negotiating an IKE SA.
When you enable multiple proposals, the ZyWALL allows the remote IPSec
router to select which phase 1 key groups and encryption and authentication
algorithms to use for the IKE SA, even if they are less secure than the ones you
configure for the VPN rule.
Clear this to have the ZyWALL use only the configured phase 1 key groups and
encryption and authentication algorithms when negotiating an IKE SA.
Associated
Network Policies
Network Policies
The following table shows the policy(ies) you configure for this rule.
To add a VPN policy, click the add network policy (
To add a VPN policy, click the add network policy (
) icon in the VPN Rules
(IKE) screen (see
). Refer to
for more information.
#
This field displays the policy index number.
Name
This field displays the policy name.
Local Network
This field displays one or a range of IP address(es) of the computer(s) behind the
ZyWALL.
ZyWALL.
Remote Network
This field displays one or a range of IP address(es) of the remote network behind
the remote IPsec router.
the remote IPsec router.
Edit
Click this icon to open the screen where you can configure the network policy.
Delete
Click this icon to remove the network policy.
Apply
Click Apply to save your changes back to the ZyWALL.
Cancel
Click Cancel to exit this screen without saving.
Table 101 SECURITY > VPN > VPN Rules (IKE) > Edit Gateway Policy (continued)
LABEL
DESCRIPTION