Table of Contents
Advertisement
ZyWALL 5/35/70 Series User's Guide
Table 104 VPN Rules (Manual) (continued)
LABEL
IPSec Algorithm
Remote Gateway
Address
Modify
Add
19.15 VPN Rules (Manual): Edit
Manual key management is useful if you have problems with IKE key management.
19.15.1 Security Parameter Index (SPI)
An SPI is used to distinguish different SAs terminating at the same destination and using the
same IPSec protocol. This data allows for the multiplexing of SAs to a single gateway. The
SPI (Security Parameter Index) along with a destination IP address uniquely identify a
particular Security Association (SA). The SPI is transmitted from the remote VPN gateway to
the local VPN gateway. The local VPN gateway then uses the network, encryption and key
values that the administrator associated with the SPI to establish the tunnel.
Note: Current ZyXEL implementation assumes identical outgoing and incoming SPIs.
Click the edit icon on the VPN Rules (Manual) screen to edit VPN rules.
327
DESCRIPTION
This field displays the security protocols used for an SA.
Both AH and ESP increase ZyWALL processing requirements and communications
latency (delay).
This is the static WAN IP address or domain name of the remote IPSec router.
Click the edit icon to edit the VPN policy.
Click the delete icon to remove the VPN policy. A window displays asking you to
confirm that you want to delete the VPN rule. When a VPN policy is deleted,
subsequent policies move up in the page list.
Click the dial icon to dial up the connection manually. If a VPN tunnel has been built
and dialed up, every time you click this icon, a warning message appears in the
status bar on the bottom of the screen.
Click Add to add a new VPN policy.
Chapter 19 VPN Screens
Advertisement
Table of Contents
Troubleshooting
