You can also enter a remote secure gateway's domain name in the Secure Gateway Address
field if the remote secure gateway has a dynamic WAN IP address and is using DDNS. The
ZyWALL has to rebuild the VPN tunnel each time the remote secure gateway's WAN IP
address changes (there may be a delay until the DDNS servers are updated with the remote
gateway's new WAN IP address).
14.4.1 Dynamic Secure Gateway Address
If the remote secure gateway has a dynamic WAN IP address and does not use DDNS, enter
0.0.0.0 as the secure gateway's address. In this case only the remote secure gateway can
initiate SAs. This may be useful for telecommuters initiating a VPN tunnel to the company
network.
See the Telecommuter VPN/IPSec Examples section
14.5 Summary Screen
The following figure helps explain the main fields in the web configurator.
Figure 114 IPSec Summary Fields
Local and remote IP addresses must be static.
Click VPN to open the VPN Rules screen. This is a read-only menu of your IPSec rules
(tunnels). Edit an IPSec rule by clicking the edit icon to configure the associated submenus.
Chapter 14 VPN Screens
Note: The Secure Gateway IP Address may be configured as
0.0.0.0 only when using IKE key management and not Manual
key management.
ZyWALL 35 User's Guide
for configuration examples.
241