ZyWALL Series Internet Security Gateway
VPN Screens
15-17
Table 15-7 VPN IKE
LABEL DESCRIPTION
Content
Peer ID
Type
Peer ID Content
when you set
Authentication Method
to
Pre-Shared
Key
.
IP
Type the IP address of the computer with which you will make the VPN
connection. If you configure this field to
0.0.0.0
or leave it blank, the
ZyWALL will use the address in the
Secure Gateway Address
field.
DNS or
E-Mail
Type a domain name or e-mail address by which to identify the remote
IPSec router. Use up to 31 ASCII characters including spaces,
although trailing spaces are truncated. The domain name or e-mail
address is for identification purposes only and can be any string.
It is recommended that you type an IP address other than
0.0.0.0
or use the
DNS
or
Peer ID Type
with the following situations:
There is a NAT router between the two IPSec routers.
You want the ZyWALL to distinguish between VPN connection requests
coming in from remote IPSec routers with dynamic WAN IP addresses.
Peer ID
Type
Peer ID Content
when you set
Authentication Method
to
Certificate
.
IP
Type the same IP address as the subject alternative name field of the
certificate the remote IPSec router will use for this VPN connection. If
you configure this field as
0.0.0.0
or leave it blank, the ZyWALL uses
the address in the
Secure Gateway Address
field. The ZyWALL
checks the peer ID content against the IP address in the subject
alternative name field of the remote IPSec router’s certificate that it
uses for this VPN connection.
DNS or
E-Mail
Type the dame domain name or e-mail address as the subject
alternative name field of the certificate the remote IPSec router will use
for this VPN connection.
Subject
Name
Type the subject name of the certificate the remote IPSec router will
use for this VPN connection.
Any
The peer
Content
field is not available.
With
Pre-Shared Key
or
Certificate
, if you use
IP
as the peer ID type and configure
the content as
0.0.0.0
(or blank) and the
Secure Gateway Address
is also
configured as
0.0.0.0
, the ZyWALL does not check the peer’s ID content.
Regardless of how you configure the
ID Type
and
Content
fields, active rules cannot
have overlapping local and remote IP address ranges.
Содержание Internet Security Gateway ZyWALL 100
Страница 1: ...ZyWALL 10W 30W 50 100 Internet Security Gateway User s Guide Version 3 62 February 2004 ...
Страница 8: ......
Страница 32: ......
Страница 42: ......
Страница 52: ...ZyWALL Series Internet Security Gateway 1 10 Getting to Know Your ZyWALL Figure 1 2 VPN Application ...
Страница 60: ......
Страница 74: ......
Страница 92: ......
Страница 102: ......
Страница 103: ...DMZ and WAN III Part III DMZ and WAN This part covers configuration of the DMZ and WAN screens ...
Страница 104: ......
Страница 108: ......
Страница 124: ...ZyWALL Series Internet Security Gateway 8 16 WAN Screens Figure 8 10 Dial Backup Setup ...
Страница 132: ......
Страница 134: ......
Страница 156: ......
Страница 170: ......
Страница 217: ...VPN IPSec VI Part VI VPN IPSec This part provides information on how to configure Virtual Private Networks ...
Страница 218: ......
Страница 224: ......
Страница 235: ...ZyWALL Series Internet Security Gateway VPN Screens 15 11 Figure 15 5 VPN IKE ...
Страница 260: ......
Страница 262: ......
Страница 282: ...ZyWALL Series Internet Security Gateway 16 20 Certificates Figure 16 9 Trusted CA Details ...
Страница 291: ...ZyWALL Series Internet Security Gateway Certificates 16 29 Figure 16 14 Trusted Remote Host Details ...
Страница 298: ......
Страница 300: ......
Страница 302: ...ZyWALL Series Internet Security Gateway 17 2 Authentication Server Figure 17 1 Local User Database ...
Страница 308: ......
Страница 350: ......
Страница 351: ...Logs IX Part IX Logs This part provides information and instructions for the logs and reports ...
Страница 352: ......
Страница 356: ...ZyWALL Series Internet Security Gateway 20 4 Log Screens Figure 20 2 Log Settings ...
Страница 364: ......
Страница 365: ...Maintenance X Part X Maintenance This part covers the maintenance screens ...
Страница 366: ......
Страница 378: ......
Страница 380: ......
Страница 386: ...ZyWALL Series Internet Security Gateway 22 6 Introducing the SMT Figure 22 5 Advanced Management SMT Menus ...
Страница 406: ......
Страница 420: ......
Страница 428: ......
Страница 446: ......
Страница 466: ......
Страница 490: ......
Страница 504: ......
Страница 524: ......
Страница 536: ......
Страница 538: ......
Страница 554: ......
Страница 574: ......
Страница 580: ......
Страница 586: ......
Страница 588: ......
Страница 590: ......
Страница 592: ......
Страница 604: ......
Страница 608: ......
Страница 610: ......
Страница 614: ......
Страница 624: ......
Страница 634: ......
Страница 636: ......
Страница 648: ......
Страница 654: ......
Страница 680: ......
Страница 682: ......