ZyXEL Communications ZYWALL USG 2000 Manual page 358
Unified security gateway
Hide thumbs
Also See for ZYWALL USG 2000:
- User manual (1114 pages) ,
- Support notes (227 pages) ,
- Quick start manual (120 pages)
Table of Contents
Advertisement
Chapter 21 IPSec VPN
Table 110 VPN > IPSec VPN > VPN Gateway > Edit (continued)
LABEL
Certificate
Local ID Type
Content
358
DESCRIPTION
Select this to have the ZyWALL and remote IPSec router use
certificates to authenticate each other when they negotiate the IKE
SA. Then select the certificate the ZyWALL uses to identify itself to the
remote IPsec router.
This certificate is one of the certificates in My Certificates. If this
certificate is self-signed, import it into the remote IPsec router. If this
certificate is signed by a CA, the remote IPsec router must trust that
CA.
Note: The IPSec routers must trust each other's certificates.
The ZyWALL uses one of its Trusted Certificates to authenticate the
remote IPSec router's certificate. The trusted certificate can be a self-
signed certificate or that of a trusted CA that signed the remote IPSec
router's certificate.
This field is read-only if the ZyWALL and remote IPSec router use
certificates to identify each other. Select which type of identification is
used to identify the ZyWALL during authentication. Choices are:
IP - the ZyWALL is identified by an IP address
DNS - the ZyWALL is identified by a domain name
E-mail - the ZyWALL is identified by an e-mail address
This field is read-only if the ZyWALL and remote IPSec router use
certificates to identify each other. Type the identity of the ZyWALL
during authentication. The identity depends on the Local ID Type.
IP - type an IP address; if you type 0.0.0.0, the ZyWALL uses the IP
address specified in the My Address field. This is not recommended
in the following situations:
•
There is a NAT router between the ZyWALL and remote IPSec
router.
•
You want the remote IPSec router to be able to distinguish
between IPSec SA requests that come from IPSec routers with
dynamic WAN IP addresses.
In these situations, use a different IP address, or use a different
Local ID Type.
DNS - type the domain name; you can use up to 31 ASCII characters
including spaces, although trailing spaces are truncated. This value is
only used for identification and can be any string.
E-mail - the ZyWALL is identified by an e-mail address; you can use
up to 31 ASCII characters including spaces, although trailing spaces
are truncated. This value is only used for identification and can be any
string.
ZyWALL USG 2000 User's Guide
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZYWALL USG 2000
Related Products for ZyXEL Communications ZYWALL USG 2000
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications USG210
- ZyXEL Communications ZyWall USG20W-VPN
- ZyXEL Communications ZyWall USG20-VPN
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2