ZyXEL Communications ZyWALL 1050 User Manual page 248
Hide thumbs
Also See for ZyWALL 1050:
- User manual (892 pages) ,
- Support notes (345 pages) ,
- Cli reference manual (284 pages)
Table of Contents
Advertisement
ZyWALL 1050 User's Guide
Table 71 Network > IPSec VPN > VPN Gateway > Edit (continued)
LABEL
My Address
Secure
Gateway
Address
Authentication
Method
Pre-Shared
Key
Certificate
Local ID Type
248
DESCRIPTION
Select how the IP address of the ZyWALL in the IKE SA is defined. Choices are
Interface and Domain Name.
If you select Interface, you must select an Ethernet interface, VLAN interface,
virtual Ethernet interface, virtual VLAN interface, PPPoE/PPTP interface, or
auxiliary interface. The IP address of the ZyWALL in the IKE SA is the IP address
of the interface.
If you select Domain Name, you must provide the domain name or the IP address
of the ZyWALL. The IP address of the ZyWALL in the IKE SA is the specified IP
address or the IP address corresponding to the domain name. 0.0.0.0 is invalid.
If you change this value, the ZyWALL has to re-build the IKE SA.
Type the IP address or the domain name of the remote IPSec router. Set this field
to 0.0.0.0 if the remote IPSec router has a dynamic IP address. You can provide a
second IP address or domain name. In this case, if the ZyWALL cannot establish
an IKE SA with the first one, it tries to establish an IKE SA with the second one.
Note: The ZyWALL and remote IPSec router must use the same
authentication method to establish the IKE SA.
Select this if the ZyWALL and remote IPSec router do not use certificates to
identify each other when they negotiate the IKE SA. Then, type the pre-shared
key in the field to the right. The pre-shared key can be
•
8 - 32 alphanumeric characters or ,;|`~!@#$%^&*()_+\{}':./<>=-.
•
16 - 64 hexadecimal (0-9, A-F) characters, preceded by "0x".
If you want to enter the key in hexadecimal, type "0x" at the beginning of the key.
For example, "0x0123456789ABCDEF" is in hexadecimal format; in
"0123456789ABCDEF" is in ASCII format. If you use hexadecimal, you must enter
twice as many characters as listed above.
The ZyWALL and remote IPSec router must use the same pre-shared key.
Select this if the ZyWALL and remote IPSec router use certificates to identify each
other when they negotiate the IKE SA. Then, select the certificate the remote
IPSec router uses to identify the ZyWALL. This certificate is one of the certificates
in My Certificates.
Note: The ZyWALL must import the remote IPSec router's
certificate before it can establish the IKE SA.
The ZyWALL uses one of its Trusted Certificates to authenticate the remote
IPSec router. The trusted certificate can be a self-signed certificate or that of a
trusted CA that signed the remote IPSec router's certificate.
This field is read-only if the ZyWALL and remote IPSec router use certificates to
identify each other. Select which type of identification is used to identify the
ZyWALL during authentication. Choices are:
IP - the ZyWALL is identified by an IP address
DNS - the ZyWALL is identified by a domain name
E-mail - the ZyWALL is identified by an e-mail address
Chapter 12 IPSec VPN
Advertisement
Table of Contents
Related Manuals for ZyXEL Communications ZyWALL 1050
Related Products for ZyXEL Communications ZyWALL 1050
- ZyXEL Communications Version 1.03
- ZyXEL Communications ZyWALL 70
- ZyXEL Communications ZYWALL 2WG - V4.03
- ZyXEL Communications ZYWALL USG 200 UNIFIED
- ZyXEL Communications ZYWALL 2WG - V4.04
- ZyXEL Communications ZYWALL 1050 - V1.00 EDITION 1
- ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1
- ZyXEL Communications Unified Security Gateway ZyWALL 1000