manualshive.com logo in svg

TheGreenBow IPSec VPN Client Zyxel ZyWall 10, Configuration Manual

TheGreenBow IPSec VPN Client Zyxel ZyWall 10 Configuration Manual is a comprehensive guide that helps users to easily set up and configure their VPN client. This manual is available for free download from our website, allowing users to access step-by-step instructions and optimize their VPN experience.

Share
Download
background image

Doc.Ref tgbvpn_cg_ZyWall10_en
Doc.version 

2.0 – Nov.2004 

VPN version 

2.5x 

 

 

3

 

TheGreenBow IPSec VPN Client configuration 

3.1

 

VPN Client Phase 1 (IKE) Configuration 

In the "Interface" field, you can select a star ("*"), if the client host receive a dynamic IP Address from an ISP for 
example. 
The "Remote Address" field value is the Zyxel ZyWALL VPN router public IP address or DNS address. 
By clicking in "Advanced" button, you can setup "Phase 1 Ids" and "Aggressive Mode". 

 

 

The remote Gateway 
IP address is either 
an explicit IP address, 

abcdefgh 

abcdefgh 

Phase 1 configuration 

3.2

 

VPN Client Phase 2 (IPSec) Configuration 

In this window, you define IPSec VPN Policy. "VPN Client address" is the virtual IP address of the client inside 
the LAN.  With Zyxel VPN gateways, this address must not belong to the remote LAN.  
Take as example the choice of 192.168.1.100 for virtual IP address. When the VPN client is sending a TCP or an 
UDP packet to a target remote computer 192.168.0.x, this target will send inside its subnet an ARP request in 
order to get VPN client MAC address and reply directly to it. But, this request cannot receive any answer because 
the client is not physically present inside the subnet. So, initial packets from the client will not be answered. 
 
 

IPSec VPN Router Configuration 

Property of TheGreenBow Sistech SA - © Sistech 2001-2005 

7/12 

Summary of Contents for IPSec VPN Client Zyxel ZyWall 10

Page 1: ...IPSec VPN Client Configuration Guide Router Zyxel ZyWall 10 WebSite http www thegreenbow com Contact support thegreenbow com IPSec VPN Router Configuration Property of TheGreenBow Sistech SA Sistech 2001 2005 0 12 ...

Page 2: ...eGreenBow IPSec VPN Client configuration 0 3 1 VPN Client Phase 1 IKE Configuration 0 3 2 VPN Client Phase 2 IPSec Configuration 0 3 3 Open the IPSec VPN tunnels 0 4 VPN IPSec Troubleshooting 0 4 1 PAYLOAD MALFORMED error 0 4 2 INVALID COOKIE error 0 4 3 no keystate error 0 4 4 received remote ID other than expected error 0 4 5 NO PROPOSAL CHOSEN error 0 4 6 INVALID ID INFORMATION error 0 4 7 I cl...

Page 3: ...heGreenBow VPN client to the LAN behind the Zyxel ZyWall Router The VPN client is connected to the Internet by a dialup connection from an ISP The client will have a virtual IP address in the remote LAN All the addresses in this document are given for example purpose 192 168 1 3 Internet Zyxel ZyWall 10 192 168 1 78 192 168 1 1 155 2 4 36 80 11 8 4 192 168 100 57 IPSec VPN Router Configuration Pro...

Page 4: ...all VPN configuration can be achieved with a web browser Read Zyxel ZyWALL 10 documentation for more information Once connected to your VPN gateway click on VPN link in the Zyxel ZyWALL 10 VPN configuration interface Select a VPN connection and click on Edit 2 2 ZyWall IKE Mode Click on Active Select IKE and Main if you want to use IKE Main mode exchange IPSec VPN Router Configuration Property of ...

Page 5: ... Address with the IP addresses of your LAN 2 4 ZyWall Phase 1 IDs Phase 1 IDs are set in the following view of the configuration interface We choose to use IP Addresses as IDs 2 5 ZyWall IPSec Protocol Next step consists into selecting IPSec Protocol TheGreenBow VPN client do not accept AH protocol Set the Pre Shared Key and click on Advanced IPSec VPN Router Configuration Property of TheGreenBow ...

Page 6: ...on algorithms For Phase 1 select the algorithm you want DH1 is also known as Diffie Hellman 768 and DH2 as Diffie Hellman 1024 For Phase 2 do not forget to select ESP as active protocol Click on Apply once you have finished IPSec VPN Router Configuration Property of TheGreenBow Sistech SA Sistech 2001 2005 6 12 ...

Page 7: ...PN Client Phase 2 IPSec Configuration In this window you define IPSec VPN Policy VPN Client address is the virtual IP address of the client inside the LAN With Zyxel VPN gateways this address must not belong to the remote LAN Take as example the choice of 192 168 1 100 for virtual IP address When the VPN client is sending a TCP or an UDP packet to a target remote computer 192 168 0 x this target w...

Page 8: ...n configured accordingly you are ready to open VPN tunnels First make sure you enable your firewall with IPSec traffic 1 Click on Save Apply to take into account all modifications we ve made on your VPN Client configuration 2 Click on Open Tunnel or generate traffic that will automatically open a secure IPsec VPN Tunnel e g ping IE browser 3 Select Connections to see opened VPN Tunnels 4 Select Co...

Page 9: ...e error 115315 Default SA ZyWALL P1 SEND phase 1 Main Mode SA VID 115317 Default SA ZyWALL P1 RECV phase 1 Main Mode SA VID 115317 Default SA ZyWALL P1 SEND phase 1 Main Mode KEY NONCE 115319 Default SA ZyWALL P1 RECV phase 1 Main Mode KEY NONCE 115319 Default SA ZyWALL P1 SEND phase 1 Main Mode ID HASH NOTIFY 115319 Default ipsec_get_keystate no keystate in ISAKMP SA 00B57C50 If you have an no ke...

Page 10: ...SEND phase 1 Main Mode ID HASH NOTIFY 122626 Default SA ZyWALL P1 RECV phase 1 Main Mode ID HASH NOTIFY 122626 Default phase 1 done initiator id c364cd70 195 100 205 112 responder id c364cd72 195 100 205 114 src 195 100 205 112 dst 195 100 205 114 122626 Default SA ZyWALL ZyWALL P2 SEND phase 2 Quick Mode SA KEY ID HASH NONCE 122626 Default RECV Informational HASH NOTIFY with INVALID_ID_INFORMATIO...

Page 11: ...efault gateway value in VPN Server LAN A target on your remote LAN can receive pings but does not answer because there is a no Default gateway setting You cannot access to the computers in the LAN by their name You must specify their IP address inside the LAN We recommend you to install ethereal http www ethereal com on one of your target computer You can check that your pings arrive inside the LA...

Page 12: ...s News and updates on TheGreenBow web site http www thegreenbow com Technical support by email at support thegreenbow com Sales contacts at 33 1 43 12 39 37 ou by email at info thegreenbow com IPSec VPN Router Configuration Property of TheGreenBow Sistech SA Sistech 2001 2005 12 12 ...

Reviews:

No comments

Related manuals for IPSec VPN Client Zyxel ZyWall 10

NEC Express5800/E120d-M Getting Started preview
Express5800/E120d-M
Brand: NEC Pages: 2
E-Tech Wireless Mini PCI Module User Manual preview
Wireless Mini PCI Module
Brand: E-Tech Pages: 42
Orolia Seven Solutions WR-ZEN Series User Manual preview
Seven Solutions WR-ZEN Series
Brand: Orolia Pages: 167
eWON 2101CD Installation Manual preview
2101CD
Brand: eWON Pages: 34
Cabletron Systems SmartSwitch 8-slot User'S Reference Manual preview
SmartSwitch 8-slot
Brand: Cabletron Systems Pages: 150
V-Count Ultima Go Quick Installation Manual preview
Ultima Go
Brand: V-Count Pages: 2
Doro GW7001 Quick Installation Manual preview
GW7001
Brand: Doro Pages: 50
Multi-Tech RoteFinder RF500S User Manual preview
RoteFinder RF500S
Brand: Multi-Tech Pages: 134
Carrier 40VMW005 Installation And Maintenance Instructions Manual preview
40VMW005
Brand: Carrier Pages: 18
Qvis 72-8P Series User Manual preview
72-8P Series
Brand: Qvis Pages: 233
ZyXEL Communications LTE7480-S905 Quick Start Manual preview
LTE7480-S905
Brand: ZyXEL Communications Pages: 4
Umniah 3G Evo Router User Manual preview
3G Evo Router
Brand: Umniah Pages: 12
Tripp Lite N306-05M Specification Sheet preview
N306-05M
Brand: Tripp Lite Pages: 2
Mellanox Technologies SwitchX-2 MSX1024B-1BFS Installation Manual preview
SwitchX-2 MSX1024B-1BFS
Brand: Mellanox Technologies Pages: 31
MikroTik RouterBOARD 711-5HnD Quick Setup Manual And Warranty Information preview
RouterBOARD 711-5HnD
Brand: MikroTik Pages: 2
Thales payShield 10K Installation And User Manual preview
payShield 10K
Brand: Thales Pages: 470
7inova 7R130 Quick Installation Manual preview
7R130
Brand: 7inova Pages: 11
Edimax AR-7084gA Specifications preview
AR-7084gA
Brand: Edimax Pages: 2

Brands by name

Popular brands

Load more brands