Vti; Restrictions For Ipsec Virtual Tunnel Interface; Vti Screen - ZyXEL Communications ZyWall 110 User Manual
Hide thumbs
Also See for ZyWall 110:
- User manual (829 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
10.12 VTI
IPSec VPN Tunnel Interface (VTI) encrypts or decrypts IPv4 traffic from or to the interface according to
the IP routing table.
VTI allows static routes to send traffic over the VPN. The IPSec tunnel endpoint is associated with an
actual (virtual) interface. Therefore many interface capabilities such as Policy Route, Static Route, Trunk,
and BWM can be applied to the IPSec tunnel as soon as the tunnel is active
IPSec VTIs simplifies network management and load balancing. Create a trunk using VPN tunnel
interfaces for load balancing. In the following example configure VPN tunnels with static IP addresses or
DNS on both Zyxel Devices (or IPSec routers at the end of the tunnel). Also configure VTI and a trunk on
both Zyxel Devices.
Figure 272 VTI and Trunk for VPN Load Balancing
10.12.1 Restrictions for IPSec Virtual Tunnel Interface
• IPv4 traffic only
• IPSec tunnel mode only. A shared keyword must not be configured when using tunnel mode.
• With a VTI VPN you do not add local or remote LANs to your VPN configuration.
• For a VTI VPN you should only have one local and one remote WAN.
• A dynamic peer is not supported
• The IPSec VTI is limited to IP unicast and multicast traffic only.
10.12.2 VTI Screen
To access this screen, click Configuration > Network > Interface > VTI.
Chapter 10 Interfaces
ZyWALL USG Series User's Guide
389
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
