Keep Alive; Table 27-2 Vpn Summary - ZyXEL Communications ZyXEL ZyWALL 2WE User Manual

ZyWALL 2 and ZyWALL 2WE
LABEL
# This field displays the VPN rule number.
Y signifies that this VPN rule is active.
Active
This field displays the IP address of the computer using the VPN IPSec feature of your
Local Addr.
ZyWALL.
This field displays IP address (in a range) of computers on the remote network behind the
Remote Addr.
remote IPSec gateway.
This field displays the encapsulation mode (Tunnel or Transport). The ZyWALL's
Encap.
encapsulation mode should be identical to the secure remote gateway.
This field displays the authentication algorithm (SHA1 or MD5) and encryption algorithm
Algorithm (DES or 3DES). The ZyWALL's authentication and encryption algorithms should be identical
to the secure remote gateway.
This field displays the IP address of the remote secure gateway with which you're making the
Gateway VPN connection. This field displays 0.0.0.0 if the remote secure gateway has a dynamic
WAN IP address.
Click Apply to save your changes. Click Reset to begin configuring this screen afresh.

27.6 Keep Alive

When you initiate an IPSec tunnel with keep alive enabled, the ZyWALL automatically renegotiates the
tunnel when the IPSec SA lifetime period expires (see section 27.10 for more on the IPSec SA lifetime). In
effect, the IPSec tunnel becomes an "always on" connection after you initiate it. Both IPSec routers must
have a ZyWALL-compatible keep alive feature enabled in order for this feature to work.
If the ZyWALL has its maximum number of simultaneous IPSec tunnels connected to it and they all have
keep alive enabled, then no other tunnels can take a turn connecting to the ZyWALL because the ZyWALL
never drops the tunnels that are already connected.
27-4

Table 27-2 VPN Summary

DESCRIPTION
VPN/IPSec Setup