ZyXEL Communications ZYWALL USG 2000 Manual page 360
Unified security gateway
Hide thumbs
Also See for ZYWALL USG 2000:
- User manual (1114 pages) ,
- Support notes (227 pages) ,
- Quick start manual (120 pages)
Table of Contents
Advertisement
Chapter 21 IPSec VPN
Table 110 VPN > IPSec VPN > VPN Gateway > Edit (continued)
LABEL
Content
Phase 1 Settings
SA Life Time
(Seconds)
360
DESCRIPTION
This field is disabled if the Peer ID Type is Any. Type the identity of
the remote IPSec router during authentication. The identity depends
on the Peer ID Type.
If the ZyWALL and remote IPSec router do not use certificates,
IP - type an IP address; see the note at the end of this description.
DNS - type the domain name; you can use up to 31 ASCII characters
including spaces, although trailing spaces are truncated. This value is
only used for identification and can be any string.
E-mail - the ZyWALL is identified by an e-mail address; you can use
up to 31 ASCII characters including spaces, although trailing spaces
are truncated. This value is only used for identification and can be any
string.
If the ZyWALL and remote IPSec router use certificates, type the
following fields from the certificate used by the remote IPSec router.
IP - subject alternative name field; see the note at the end of this
description.
DNS - subject alternative name field
E-mail - subject alternative name field
Subject Name - subject name (maximum 255 ASCII characters,
including spaces)
Note: If Peer ID Type is IP, please read the rest of this section.
If you type 0.0.0.0, the ZyWALL uses the IP address specified in the
Secure Gateway Address field. This is not recommended in the
following situations:
•
There is a NAT router between the ZyWALL and remote IPSec
router.
•
You want the remote IPSec router to be able to distinguish
between IPSec SA requests that come from IPSec routers with
dynamic WAN IP addresses.
In these situations, use a different IP address, or use a different Peer
ID Type.
Click Advanced to display more settings. Click Basic to display fewer
settings.
Type the maximum number of seconds the IKE SA can last. When this
time has passed, the ZyWALL and remote IPSec router have to update
the encryption and authentication keys and re-negotiate the IKE SA.
This does not affect any existing IPSec SAs, however.
ZyWALL USG 2000 User's Guide
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZYWALL USG 2000
Related Products for ZyXEL Communications ZYWALL USG 2000
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications USG210
- ZyXEL Communications ZyWall USG20W-VPN
- ZyXEL Communications ZyWall USG20-VPN
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2