ZyXEL Communications P-2812HNU-51c Manual

A SERVICE OF

next previous

Chapter 12 IPSec VPN

P-2812HNU-51c User’s Guide

263

The following table describes the fields in this screen.

Table 75 Security > IPSec VPN > IPSec Setting > Manual

LABEL DESCRIPTION

IPSec Setting

Enable Select this check box to activate this VPN policy. This option

determines whether a VPN rule is applied before a packet leaves the

firewall.

IPSec

Connection

Name

Type up to 60 alphanumeric characters to identify this VPN policy. You

may use spaces, underscores and dashes, but the P-2812HNU-51c

drops trailing spaces.

Remote IPSec

Gateway

Address

Type the WAN IP address or the URL (up to 31 characters) of the IPSec

router with which you're making the VPN connection.

Tunnel access

from local IP

addresses

Specify the IP addresses of the devices behind the P-2812HNU-51c

that can use the VPN tunnel. The local IP addresses must correspond to

the remote IPSec router's configured remote IP addresses.

Two active SAs cannot have the local and remote IP address(es) both

the same. Two active SAs can have the same local or remote IP

address, but not both. You can configure multiple SAs between the

same local and remote IP addresses, as long as only one is active at

any time.

Use the drop-down menu to choose Single Address or Subnet. Select

Single Address for a single IP address. Select Subnet to specify IP

addresses on a network by their subnet mask.

IP Address

for VPN

When the local IP address type is configured to Single Address, enter

a (static) IP address on the LAN behind your P-2812HNU-51c.

When the local IP address type is configured to Subnet, enter a

(static) IP address on the LAN behind your P-2812HNU-51c.

IP

Subnetmask

When the local IP address type is configured to Single Address, this

field is not available.

When the local IP address type is configured to Subnet, enter a subnet

mask on the LAN behind your P-2812HNU-51c.

Tunnel access

from remote IP

addresses

Specify the IP addresses of the devices behind the remote IPSec router

that can use the VPN tunnel. The remote IP addresses must correspond

to the remote IPSec router's configured local IP addresses.

Two active SAs cannot have the local and remote IP address(es) both

the same. Two active SAs can have the same local or remote IP

address, but not both. You can configure multiple SAs between the

same local and remote IP addresses, as long as only one is active at

any time.

Use the drop-down menu to choose Single Address or Subnet. Select

Single Address with a single IP address. Select Subnet to specify IP

addresses on a network by their subnet mask.

IP Address

for VPN

When the remote IP address type is configured to Single Address,

enter a (static) IP address on the network behind the remote IPSec

router.

When the remote IP address type is configured to Subnet, enter a

(static) IP address on the network behind the remote IPSec router.