Table of Contents
Advertisement
Table 92 VPN > IPSec VPN > VPN Connection > Manual Key > Edit (continued)
LABEL
Authentication
Key
Policy
Local Policy
Remote Policy Select the address or address group corresponding to the remote network. Select
Property
My Address
Secure
Gateway
Address
Enable
NetBIOS
broadcast
over IPSec
Advanced/Basic
Inbound/
Outbound traffic
NAT
Outbound Traffic
Source NAT
Source
Destination
SNAT
Inbound Traffic
ZyWALL USG 1000 User's Guide
DESCRIPTION
Enter the authentication key, which depends on the authentication algorithm.
MD5 - type a unique key 16-20 characters long
SHA1 - type a unique key 20 characters long
You can use any alphanumeric characters or ,;|`~!@#$%^&*()_+\{}':./<>=-". If you
want to enter the key in hexadecimal, type "0x" at the beginning of the key. For
example, "0x0123456789ABCDEF" is in hexadecimal format; in
"0123456789ABCDEF" is in ASCII format. If you use hexadecimal, you must enter
twice as many characters as listed above.
The remote IPSec router must have the same authentication key.
The ZyWALL ignores any characters above the minimum number of characters
required by the algorithm. For example, if you enter
for a MD5 authentication key, the ZyWALL only uses
The ZyWALL still stores the longer key.
You can set up overlapping local policies or overlapping remote policies in the
ZyWALL.
Select the address or address group corresponding to the local network. Select
Create Object to configure a new one.
Create Object to configure a new one.
Type the IP address of the ZyWALL in the IPSec SA. 0.0.0.0 is invalid.
Type the IP address of the remote IPSec router in the IPSec SA.
Select this check box if you want the ZyWALL to send NetBIOS (Network Basic
Input/Output System) packets through the IPSec SA.
NetBIOS packets are TCP or UDP packets that enable a computer to connect to
and communicate with a LAN. It may sometimes be necessary to allow NetBIOS
packets to pass through IPSec SAs in order to allow local computers to find
computers on the remote network and vice versa.
Click this button to show or hide the Inbound/Outbound traffic NAT fields.
Click the Advanced or Basic button to show or hide this section.
This translation hides the source address of computers in the local network. It may
also be necessary if you want the ZyWALL to route packets from computers
outside the local network through the IPSec SA.
Select the address object that represents the original source address (or select
Create Object to configure a new one). This is the address object for the
computer or network outside the local network. The size of the original source
address range (Source) must be equal to the size of the translated source
address range (SNAT).
Select the address object that represents the original destination address (or
select Create Object to configure a new one). This is the address object for the
remote network.
Select the address object that represents the translated source address (or select
Create Object to configure a new one). This is the address object for the local
network. The size of the original source address range (Source) must be equal to
the size of the translated source address range (SNAT).
Chapter 20 IPSec VPN
12345678901234567890
1234567890123456
.
305
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications Unified Security Gateway ZyWALL 1000
Related Products for ZyXEL Communications Unified Security Gateway ZyWALL 1000
- ZyXEL Communications Internet Security Gateway 10~100 Series
- ZyXEL Communications ZYWALL 1050 - V2.00 EDITION 1
- ZyXEL Communications ZyWALL 10/10
- ZyXEL Communications 10 Series
- ZyXEL Communications 100 Series
- ZyXEL Communications ZyWALL 10/10 II/50
- ZyXEL Communications Unified Security Gateway ZyWALL 300
- ZyXEL Communications ZyXEL Prestige 100MH