ZyXEL Communications 200 Series User Manual page 581

Table 186 Device HA > Active-Passive Mode (continued)
LABEL
Authentication
Interface
Virtual Router IP
/ Netmask
Management IP /
Netmask
Link Status
Modify
Synchronization
Server Address
Sync. Now
Server Port
Password
ZyWALL USG 100/200 Series User's Guide
DESCRIPTION
Select the authentication method the virtual router uses. Every interface in a virtual
router must use the same authentication method and password. Choices are:
None - this virtual router does not use any authentication method.
Text - this virtual router uses a plain text password for authentication. Type the
password in the field next to the radio button. The password can consist of
alphanumeric characters, the underscore, and some punctuation marks (+-/*= :; .!
@$&%#~ ' \ () ), and it can be up to eight characters long.
IP AH (MD5) - this virtual router uses an encrypted MD5 password for
authentication. Type the password in the field next to the radio button. The
password can consist of alphanumeric characters, the underscore, and some
punctuation marks (+-/*= :; .! @$&%#~ ' \ () ), and it can be up to eight characters
long.
See Authentication Types on page 295
methods.
This field identifies the interface. At the time of writing, only the Ethernet interfaces
can be included in the virtual router.
This is the master ZyWALL's (static) IP address and subnet mask for this interface.
If a backup takes over for the master, it uses this IP address. These fields are blank
if the interface is a DHCP client or has no IP settings.
This field displays the interface's management IP address and subnet mask. You
can use this IP address and subnet mask to access the ZyWALL whether it is in
master or backup mode.
This tells whether the monitored interface's connection is down or up.
This column provides icons to activate, deactivate, or edit monitored interfaces.
To activate or deactivate device HA monitoring of an interface, click the interface's
Active icon. Make sure you click Apply to save and apply the change.
To edit an interface's management IP address and subnet mask, click its Edit icon.
The Add/Edit screen appears.
Use synchronization to have a backup ZyWALL copy the master ZyWALL's
configuration, certificates, AV signatures, IDP and application patrol signatures,
and system protect signatures.
Every interface's management IP address must be in the same subnet as the
interface's IP address (the virtual router IP address).
If this ZyWALL is set to backup role, enter the IP address or fully-qualified domain
name (FQDN) of the ZyWALL from which to get updated configuration. Usually,
you should enter the IP address or FQDN of a virtual router on a secure network.
If this ZyWALL is set to master role, this field displays the ZyWALL's IP addresses
and/or fully-qualified domain names (FQDN) through which ZyWALLs in backup
role can get updated configuration from this ZyWALL.
Click this to copy the specified ZyWALL's configuration.
If this ZyWALL is set to backup role, enter the port number to use for Secure FTP
when synchronizing with the specified master ZyWALL.
If this ZyWALL is set to master role, this field displays the ZyWALL's Secure FTP
port number. Click the link if you need to change the FTP port number.
Every ZyWALL in the virtual router must use the same port number. If the master
ZyWALL changes, you have to manually change this port number in the backups.
Enter the password used for verification during synchronization. Every ZyWALL in
the virtual router must use the same password.
If you leave this field blank in the master ZyWALL, no backup ZyWALLs can
synchronize from it.
If you leave this field blank in a backup ZyWALL, it cannot synchronize from the
master ZyWALL.
Chapter 34 Device HA
for more information about authentication
581