Page 76 / 944 Scroll up to view Page 71 - 75
Chapter 5 Quick Setup
ZyWALL USG 50 User’s Guide
76
5.4
VPN Setup Wizard: Wizard Type
A VPN (Virtual Private Network) tunnel is a secure connection to another computer
or network. Use this screen to select which type of VPN connection you want to
configure.
Figure 42
VPN Setup Wizard: Wizard Type
Express
: Use this wizard to create a VPN connection with another ZLD-based
ZyWALL using a pre-shared key and default security settings.
Advanced
: Use this wizard to configure detailed VPN security settings such as
using certificates. The VPN connection can be to another ZLD-based ZyWALL or
other IPSec device.
Page 77 / 944
Chapter 5 Quick Setup
ZyWALL USG 50 User’s Guide
77
5.5
VPN Express Wizard - Scenario
Click the
Express
radio button as shown in
Figure 42 on page 76
to display the
following screen.
Figure 43
VPN Express Wizard: Step 2
Rule Name
: Type the name used to identify this VPN connection (and VPN
gateway). You may use 1-31 alphanumeric characters, underscores (
_
), or dashes
(-), but the first character cannot be a number. This value is case-sensitive.
Select the scenario that best describes your intended VPN connection. The figure
on the left of the screen changes to match the scenario you select.
Site-to-site - Choose this if the remote IPSec device has a static IP address or a
domain name. This ZyWALL can initiate the VPN tunnel.
Site-to-site with Dynamic Peer - Choose this if the remote IPSec device has a
dynamic IP address. Only the remote IPSec device can initiate the VPN tunnel.
Remote Access (Server Role) - Choose this to allow incoming connections from
IPSec VPN clients. The clients have dynamic IP addresses and are also known as
dial-in users. Only the clients can initiate the VPN tunnel.
Remote Access (Client Role) - Choose this to connect to an IPSec server. This
ZyWALL is the client (dial-in user) and can initiate the VPN tunnel.
Page 78 / 944
Chapter 5 Quick Setup
ZyWALL USG 50 User’s Guide
78
5.5.1
VPN Express Wizard - Configuration
Figure 44
VPN Express Wizard: Step 3
Secure Gateway
: If
Any
displays in this field, it is not configurable for the
chosen scenario. If this field is configurable, enter the WAN IP address or
domain name of the remote IPSec device (secure gateway) to identify the
remote IPSec router by its IP address or a domain name. Use 0.0.0.0 if the
remote IPSec router has a dynamic WAN IP address.
Pre-Shared Key
: Type the password. Both ends of the VPN tunnel must use
the same password. Use 8 to 31 case-sensitive ASCII characters or 8 to 31 pairs
of hexadecimal (“0-9”, “A-F”) characters. Proceed a hexadecimal key with “0x”.
You will receive a PYLD_MALFORMED (payload malformed) packet if the same
pre-shared key is not used on both ends.
Local Policy (IP/Mask)
: Type the IP address of a computer on your network.
You can also specify a subnet. This must match the remote IP address
configured on the remote IPSec device.
Remote Policy (IP/Mask)
: If
Any
displays in this field, it is not configurable
for the chosen scenario. If this field is configurable, type the IP address of a
computer behind the remote IPSec device. You can also specify a subnet. This
must match the local IP address configured on the remote IPSec device.
Page 79 / 944
Chapter 5 Quick Setup
ZyWALL USG 50 User’s Guide
79
5.5.2
VPN Express Wizard - Summary
This screen provides a read-only summary of the VPN tunnel’s configuration and
also commands that you can copy and paste into another ZLD-based ZyWALL’s
command line interface to configure it.
Figure 45
VPN Express Wizard: Step 4
Rule Name
: Identifies the VPN gateway policy.
Secure Gateway
: IP address or domain name of the remote IPSec device. If
this field displays
Any
, only the remote IPSec device can initiate the VPN
connection.
Pre-Shared Key
: VPN tunnel password. It identifies a communicating party
during a phase 1 IKE negotiation.
Local Policy
: (Static) IP address and subnet mask of the computers on the
network behind your ZyWALL that can use the tunnel.
Remote Policy
: (Static) IP address and subnet mask of the computers on the
network behind the remote IPSec device that can use the tunnel. If this field
displays
Any
, only the remote IPSec device can initiate the VPN connection.
Copy and paste the
Configuration for Secure Gateway
commands into
another ZLD-based ZyWALL’s command line interface to configure it to serve as
the other end of this VPN tunnel. You can also use a text editor to save these
commands as a shell script file with a “.zysh” filename extension. Then you can
use the file manager to run the script in order to configure the VPN connection.
See the commands reference guide for details on the commands displayed in
this list.
Page 80 / 944
Chapter 5 Quick Setup
ZyWALL USG 50 User’s Guide
80
5.5.3
VPN Express Wizard - Finish
Now you can use the VPN tunnel.
Figure 46
VPN Express Wizard: Step 6
Note: If you have not already done so, use the myZyXEL.com link and register your
ZyWALL with myZyXEL.com and activate trials of services like Content Filter.
Click
Close
to exit the wizard.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top