Introduction My VPN Gateway Configuration Checklist Throughout this guide, there are certain pieces of information that are needed later on for configuring VPN Tracker. This information is marked with red numbers to make it easier to reference it later. You can print this checklist to help keep track of the various settings of your ZyWALL USG VPN gateway device. ...
Task 1 – VPN Gateway Configuration We will first set up VPN on the VPN gateway. If you already have VPN in place, it’s helpful to follow this tutorial to see how settings on the device fit together with VPN Tracker. Step 1 –...
Page 6
Step 2 – Create a VPN User Go to O bject > U ser/Group a nd switch to the U ser t ab. Then, click the A dd button: ➔ ( 3) User Name...
Page 7
Step 3 – Create an Authentication Method Go to O bject > Auth. Method a nd click the Add b utton: ➔ Name : Enter a name for the new authentication method (here: v pn_auth ) ➔...
Page 8
Step 4 – Set up Phase 1 Go to V PN > IPsec VPN and switch to the V PN Gateway t ab. Click the A dd button: ➔ Click the S how Advanced Settings button to be able to access all settings ➔...
Page 9
Gateway Settings My Address : Select I nterface and select your primary W AN network interface (here: w an1 ) from the pop-up menu ➔ Peer Gateway Address : Select D ynamic Address ➔ Authentication ...
Page 10
Phase 1 Settings SA Life Time : Leave the default of 86400 seconds ➔ Negotiation Mode : Leave the default of M ain Mode ➔ Proposal : F or security reasons, we recommend changing the default proposal settings to use at least 3 DES and S HA-1 (with the option of using A ES-128 and S HA-1 ) as ➔...
Page 11
Extended Authentication Select the Enable Extended Authentication c heckbox ➔ Server Mode : Choose v pn_auth from the pop-up. If you do not see the vpn_auth entry here, you may have skipped Step 3 – Create an Authentication Method ➔...
Page 12
Step 5 – Set up Phase 2 Switch to the V PN Connection t ab (under V PN > I PSec VPN ) and click the A dd button: ➔ Click the S how Advanced Settings button to be able to access all settings ➔...
Page 13
VPN Gateway Application Scenario : Select R emote Access (Server Role) ➔ VPN Gateway : Choose the phase 1 (VPN gateway) setup you created in S tep 4 (here: vpn_tracker ) from the pop-up ➔ Policy ...
Page 14
Phase 2 Settings SA Life Time : Leave the default of 86400 seconds ➔ Active Protocol : Leave the default of E SP ➔ Encapsulation : Leave the default of T unnel ➔ Proposal : F or security reasons, we recommend changing the default proposal settings to use at least 3 DES and S HA-1 (with the option of using A ES-128 and S HA-1 ) as ➔...
Page 15
Related Settings Make sure A dd this VPN connection to IPSec_VPN zone is selected. This means that any security rules or settings configured for the IPSec_VPN zone will apply to this ➔ VPN connection. S ome devices may not have this option, i n that case, please add the connection manually to N etwork > Zone It is not necessary to make any changes to the ...
Task 2 – VPN Tracker Configuration After finishing task 1, you should now have a completed a configuration checklist containing your ZyWALL USG VPN gateway’s settings. We will now create a matching configuration in VPN Tracker. Step One: Add a connection ...
Task Three - Testing the VPN connection In order to test your connection, you will need to connect from a different location. For example, if you are setting up a VPN connection to your office, try it out at home, or from an Internet cafe, or go visit a friend. ...
Troubleshooting In case there’s a problem connecting, a yellow warning triangle will show up. Click the yellow warning triangle to be taken to the log. The log will explain exactly what the problem is. Follow the steps listed in the log. TIP...