Prestige 334 User’s Guide
Chapter 34 VPN/IPSec Setup
318
Figure 179
Menu 27.1.1 IPSec Setup
The following table describes the fields in this menu.
Menu 27.1.1 – IPSec Setup
Index= 1 Name= Taiwan
Active= Yes Keep Alive= No Nat Traversal= No
Local ID type Content=
My IP Addr= 0.0.0.0
Peer ID type= IP Content=
Secure Gateway Address= zw50test.zyxel.com.tw
Protocol= 0 DNS Server= 0.0.0.0
Local:
Remote:
Addr Type= SINGLE
Local IP Addr= 1.1.1.1
Port Start= 0
Addr Type= SUBNET
IP Addr Start= 4.4.4.4
Port Start= 0
End= N/A
End/Subnet Mask= 255.255.0.0
End= N/A
Enable Replay Detection = No
Key Management= IKE
Edit Key Management Setup= No
Press ENTER to Confirm or ESC to Cancel:
Table 105
Menu 27.1.1 IPSec Setup
FIELD
DESCRIPTION
Index
This is the VPN rule index number you selected in the previous menu.
Name
Enter a unique identification name for this VPN rule. The name may be up to 32
characters long but only 10 characters will be displayed in
Menu 27.1 - IPSec
Summary
.
Active
Press [SPACE BAR] to choose either
Yes
or
No
. Choose
Yes
and press [ENTER] to
activate the VPN tunnel. This field determines whether a VPN rule is applied before a
packet leaves the firewall.
Keep Alive
Press [SPACE BAR] to choose either
Yes
or
No
. Choose
Yes
and press [ENTER] to
have the Prestige automatically re-initiate the SA after the SA lifetime times out, even if
there is no traffic. The remote IPSec router must also have keep alive enabled in order
for this feature to work.
Nat Traversal
Select this check box to enable NAT traversal. NAT traversal allows you to set up a
VPN connection when there are NAT routers between the two IPSec routers.
The remote IPSec router must also have NAT traversal enabled. You can use NAT tra-
versal with
ESP
protocol using
Transport
or
Tunnel
mode, but not with
AH
protocol
nor with
Manual
key management.
In order for an IPSec router behind a NAT router to receive an initiating IPSec packet,
set the NAT router to forward UDP port 500 to the IPSec router behind the NAT router.
Local ID type
Press [SPACE BAR] to choose
IP
,
DNS
, or
and press [ENTER].
Select
IP
to identify this Prestige by its IP address.
Select
DNS
to identify this Prestige by a domain name.
Select
to identify this Prestige by an e-mail address.