ZyXEL Communications ZYWALL SSL 10 Support Notes page 59

1) Configure the static Public IP address to WAN interface through Network > WAN1 (or 2)
> WAN IP Address Assignment
2) Enter the WAN IP address as My Address in Gateway Policy
3) On peer VPN gateway, use the same IP address as Remote Gateway Address in
Gateway Policy
4) On Local VPN gateway, select IP as the Local IP Type and enter the public WAN IP
address as the content of identify. On remote VPN peer, select IP as the Peer ID Type and
enter the same IP address as the content of identify.
Configure ZyWALL with Dynamic WAN IP Address
This section describes an example configuration ZyWALL with dynamic WAN IP address.
If ZyWALL uses PPPoE or Ethernet/DHCP for its Internet connection, WAN IP address is
dynamically assigned by ISP. Since ZyWALL has no idea about its WAN IP address before
it is assigned, it is difficult/impossible to use WAN IP Address for My Address in Gateway
Policy.
To overcome this problem, Dynamic DNS can be used to resolving the VPN gateway.
When new IP address is assigned to ZyWALL's WAN interface, ZyWALL will updates the
related record in DDNS server. Therefore the peer VPN gateway can resolve ZyWALL's IP
address to make a VPN tunnel.
In following example, local VPN gateway (ZyWALL) uses a dynamic WAN IP address
All contents copyright (c) 2006 ZyXEL Communications Corporation.
ZyWALL SSL 10 Support Notes
59