ZyXEL Communications ZyWALL USG 200 Series User Manual page 490
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 200 Series:
- User manual (902 pages) ,
- Manual (1157 pages) ,
- Reference manual (394 pages)
Table of Contents
Advertisement
Chapter 25 IPSec VPN
Table 130 Configuration > VPN > IPSec VPN > VPN Gateway > Edit (continued)
LABEL
Pre-Shared
Key
Certificate
Local ID Type
490
DESCRIPTION
Select this to have the ZyWALL and remote IPSec router use a pre-
shared key (password) to identify each other when they negotiate
the IKE SA. Type the pre-shared key in the field to the right. The pre-
shared key can be
•
8 - 32 alphanumeric characters or ,;|`~!@#$%^&*()_+\{}':./
<>=-".
•
8 - 32 pairs of hexadecimal (0-9, A-F) characters, preceded by
"0x".
If you want to enter the key in hexadecimal, type "0x" at the
beginning of the key. For example, "0x0123456789ABCDEF" is in
hexadecimal format; in "0123456789ABCDEF" is in ASCII format. If
you use hexadecimal, you must enter twice as many characters since
you need to enter pairs.
The ZyWALL and remote IPSec router must use the same pre-shared
key.
Select this to have the ZyWALL and remote IPSec router use
certificates to authenticate each other when they negotiate the IKE
SA. Then select the certificate the ZyWALL uses to identify itself to
the remote IPsec router.
This certificate is one of the certificates in My Certificates. If this
certificate is self-signed, import it into the remote IPsec router. If
this certificate is signed by a CA, the remote IPsec router must trust
that CA.
Note: The IPSec routers must trust each other's certificates.
The ZyWALL uses one of its Trusted Certificates to authenticate
the remote IPSec router's certificate. The trusted certificate can be a
self-signed certificate or that of a trusted CA that signed the remote
IPSec router's certificate.
This field is read-only if the ZyWALL and remote IPSec router use
certificates to identify each other. Select which type of identification
is used to identify the ZyWALL during authentication. Choices are:
IP - the ZyWALL is identified by an IP address
DNS - the ZyWALL is identified by a domain name
E-mail - the ZyWALL is identified by an e-mail address
ZyWALL USG 100/200 Series User's Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
