Zycoo CooVox-U80 User Manual page 96

Notice:
1.If the CooVox IPPBX is behind NAT, port 500 and 4500 must be open on the router/firewall.
2.If the CooVox IPPBX is connected to the Internet via PPPoE, then IPSec Local IP needs to be the IP address
assigned by PPPoE.
3.IPSec VPN server can connect 3 IPSec clients.
IPSec VPN Client (Tunnel mode)
On the remote site, open the web GUI of another CooVox IPPBX system and navigate to web
menu to configure the VPN ClientNetwork Settings‐>VPN Client.
On the VPN Client page choose IPSec and tick "Enable" option to enable IPSec client.
Enable: Tick the checkbox to enable IPSec client.
Type:Ensure this is the same as the IPSec server.
IPSec Local IP:WAN port IP which can connect to the IPSec server.
Server Address:Specify the IPSec server IP.
IPSecPassword:Specify the IPSec VPN password defined previously on the server.
IPSec Remote Network:TheIPSec VPN server LAN network address.
Notice:
1.After saving the configuration, the client will try to connect to the server using the details provided.
2.If connection is successfully established then the system will display "Status: 1 tunnel has been established!!!"
3. If connection fails thenthe system will display "Status: There's no tunnel! Reconnecting..."
IPSec VPN server (Transport mode)
IPSec Transport mode is used for end‐to‐end communications, NAT traversal is not supported
with the transport mode. So if two CooVox IPPBX's are connected via IPSec transport mode, IPSec
only encrypts the communication service ports, unlike Tunnel mode which encrypts the whole
LAN subnet.
Navigate to web menu Network Settings‐>VPN Server. Check the IPSec radio button.