Table of Contents
Advertisement
P-2602HWNLI Support Notes
VPN client: 10.1.33.33
NAT router WAN IP: 202.132.154.2
Prestige WAN: 202.132.154.3
Since the VPN client is behind a NAT router, it must have a private IP address in most case. This may
cause the VPN client to send it's private IP address as the content of it's phase 1 ID. So you have to
configure Prestige's secure gateway's phase 1 ID as the private IP address of the VPN client.
How can I keep a tunnel alive?
To keep a tunnel alive, you can check "keep alive" option when configuring your VPN tunnel. With this
option, whenever phase 2 SA lifetime is due, IKE negotiation procedure will be invoked automatically
even without traffic to make the connection stay.
But to reduce the consumption of system resource, if VPN tunnels get disconnected either manually, by
idle timer, or because of power cycle, packet triggering is still necessary to make the tunnel up.
Single, Range, Subnet, which types of IP address do Prestige 10/10II/10W/50/100 support
in VPN/IPSec?
The mentioned Prestige series support all of the types. In other words, you can specify a single PC, a
range of PCs or even a network of PCs to utilize the VPN/IPSec service.
Can Prestige support IPSec passthrough?
Yes, Prestige can support IPSec passthrough. Prestige series don't only support IPSec/VPN gateway, it
can also be a NAT router supporting IPSec passthrough.
187
All contents copyright (c) 2006 ZyXEL Communications Corporation.
Advertisement
Table of Contents
