![background image](/i/zyxel/144895/zyxel-zywall-2-ee/h/zyxel-zywall-2-ee-514.png)
ZyWALL 2 Series User’s Guide
37-8
VPN/IPSec
Setup
Table 37-2 Menu 27.1.1: IPSec Setup
FIELD DESCRIPTION
EXAMPLE
Peer ID type
Press [SPACE BAR] to choose
IP
,
DNS
, or
and press [ENTER].
Select
IP
to identify the remote IPSec router by its IP address.
Select
DNS
to identify the remote IPSec router by a domain name.
Select
to identify the remote IPSec router by an e-mail address.
Content
When you select
IP
in the
Peer ID type
field, type the IP address of the
computer with which you will make the VPN connection in the peer
Content
field. The ZyWALL automatically uses the address in the
Secure
Gateway Address
field (refer to the
Secure Gateway Address
field
description) if you configure the peer
Content
field to
0.0.0.0
or leave it
blank.
It is recommended that you type an IP address other than
0.0.0.0
in the
peer
Content
field or use the
DNS
or
ID type in the following
situations.
When there is a NAT router between the two IPSec routers.
When you want the ZyWALL to distinguish between VPN
connection requests that come in from remote IPSec routers with
dynamic WAN IP addresses.
When you select
DNS
or
in the
Peer ID type
field, type a domain
name or e-mail address by which to identify the remote IPSec router in the
peer
Content
field. Use up to 31 ASCII characters including spaces,
although trailing spaces are truncated. The domain name or e-mail
address is for identification purposes only and can be any string.
Secure
Gateway
Address
Type the IP address or the domain name (up to 31 characters) of the
IPSec router with which you’re making the VPN connection.
Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP
address (the
Key Management
field must be set to
IKE
, see later).
Zw50test.com.
tw
Protocol
Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies
any protocol.
0
DNS Server
If there is a private DNS server that services the VPN, type its IP address
here. The ZyWALL assigns this additional DNS server to the ZyWALL's
DHCP clients that have IP addresses in this IPSec rule's range of local
addresses.
A DNS server allows clients on the VPN to find other computers and
servers on the VPN by their (private) domain names.