ZyXEL Communications USG40 User Manual page 551
Zywall/usg series
Hide thumbs
Also See for USG40:
- User manual (742 pages) ,
- Handbook (810 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
Each field is described in the following table.
Table 211 Configuration > VPN > IPSec VPN > VPN Gateway > Add/Edit
LABEL
DESCRIPTION
Show Advanced
Click this button to display a greater or lesser number of configuration fields.
Settings / Hide
Advanced Settings
Create New Object
Use to configure any new settings objects that you need to use in this screen.
General Settings
Enable
Select this to activate the VPN Gateway policy.
VPN Gateway
Type the name used to identify this VPN gateway. You may use 1-31 alphanumeric
Name
characters, underscores(
This value is case-sensitive.
IKE Version
IKEv1 / IKEv2
Select IKEv1 or IKEv2. IKEv1 applies to IPv4 traffic only. IKEv2 applies to both IPv4
and IPv6 traffic. IKE (Internet Key Exchange) is a protocol used in setting up security
associations that allows two parties to send data securely. See
534
Gateway Settings
My Address
Select how the IP address of the ZyWALL/USG in the IKE SA is defined.
If you select Interface, select the Ethernet interface, VLAN interface, virtual Ethernet
interface, virtual VLAN interface or PPPoE/PPTP interface. The IP address of the
ZyWALL/USG in the IKE SA is the IP address of the interface.
If you select Domain Name / IP, enter the domain name or the IP address of the
ZyWALL/USG. The IP address of the ZyWALL/USG in the IKE SA is the specified IP
address or the IP address corresponding to the domain name. 0.0.0.0 is not generally
recommended as it has the ZyWALL/USG accept IPSec requests destined for any
interface address on the ZyWALL/USG.
Peer Gateway
Select how the IP address of the remote IPSec router in the IKE SA is defined.
Address
Select Static Address to enter the domain name or the IP address of the remote IPSec
router. You can provide a second IP address or domain name for the ZyWALL/USG to try
if it cannot establish an IKE SA with the first one.
Select Dynamic Address if the remote IPSec router has a dynamic IP address (and
does not use DDNS).
Authentication
Note: The ZyWALL/USG and remote IPSec router must use the same authentication
Chapter 29 IPSec VPN
), or dashes (-), but the first character cannot be a number.
_
for more information on IKEv1 and IKEv2.
Fall back to Primary Peer Gateway when possible: When you select this, if the
connection to the primary address goes down and the ZyWALL/USG changes to
using the secondary connection, the ZyWALL/USG will reconnect to the primary
address when it becomes available again and stop using the secondary connection.
Users will lose their VPN connection briefly while the ZyWALL/USG changes back to
the primary connection. To use this, the peer device at the secondary address
cannot be set to use a nailed-up VPN connection. In the Fallback Check Interval
field, set how often to check if the primary address is available.
method to establish the IKE SA.
ZyWALL/USG Series User's Guide
551
Section 29.1 on page
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications USG40
Related Products for ZyXEL Communications USG40
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications UAG Series
- ZyXEL Communications ZyWALL USG100-Plus
- ZyXEL Communications ZyWALL USG 2000