ZyXEL Communications ZYWALL USG 2000 Manual page 87

• Remote Access (Client Role) - Choose this to connect to an IPSec server. This
ZyWALL is the client (dial-in user) and can initiate the VPN tunnel.
Figure 41 VPN Express Wizard: Step 3
The following table describes the labels in this screen.
Table 16 VPN Express Wizard: Step 3
LABEL
Secure
Gateway
Pre-Shared
Key
Local Policy
(IP/Mask)
ZyWALL USG 2000 User's Guide
DESCRIPTION
If Any displays in this field, it is not configurable for the chosen scenario.
If this field is configurable, enter the WAN IP address or domain name of
the remote IPSec router (secure gateway) to identify the remote IPSec
router by its IP address or a domain name.
Type your pre-shared key in this field. A pre-shared key identifies a
communicating party during a phase 1 IKE negotiation. It is called "pre-
shared" because you have to share it with another party before you can
communicate with them over a secure connection.
Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62
hexadecimal ("0-9", "A-F") characters. Precede hexadecimal characters
with "0x".
Both ends of the VPN tunnel must use the same pre-shared key. You will
receive a PYLD_MALFORMED (payload malformed) packet if the same pre-
shared key is not used on both ends.
Type a static local IP address that corresponds to the remote IPSec
router's configured remote IP address (the remote IP address of the other
ZyWALL).
To specify IP addresses on a network by their subnet mask, type the
subnet mask of the LAN behind your ZyWALL.
Chapter 4 Wizard Setup
87