ZyXEL Communications ZYWALL2 ET 2WE User Manual page 226

ZyWALL 2 Series User's Guide
LABEL
My IP Address Enter the WAN IP address of your ZyWALL. The VPN tunnel has to be rebuilt if this IP
address changes.
The following applies if this field is configured as 0.0.0.0:
Secure Gateway Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with which
Address you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has
a dynamic WAN IP address (the Key Management (or IPSec Keying Mode) field must be
set to IKE).
In order to have more than one active rule with the Secure Gateway Address field set to
0.0.0.0, the ranges of the local IP addresses cannot overlap between rules.
If you configure an active rule with 0.0.0.0 in the Secure Gateway Address field and the
LAN's full IP address range as the local IP address, then you cannot configure any other
active rules with the Secure Gateway Address field set to 0.0.0.0.
Encapsulation Select Tunnel mode or Transport mode from the drop-down list box.
Mode
ESP Select ESP if you want to use ESP (Encapsulation Security Payload). The ESP protocol
(RFC 2406) provides encryption as well as some of the services offered by AH. If you
select ESP here, you must select options from the Encryption Algorithm and
Authentication Algorithm fields (described below).
14-20
Table 14-7 Basic IKE VPN Rule Edit
The ZyWALL uses the current ZyWALL WAN IP address (static or dynamic) to set up
the VPN tunnel.
If the WAN connection goes down, the ZyWALL uses the dial backup IP address for
the VPN tunnel when using dial backup or the LAN IP address when using traffic
redirect. See the chapter on WAN for details on dial backup and traffic redirect.
DESCRIPTION
VPN Screens