ZyXEL Communications 2WG User Manual

Page 57

ZyWALL 2WG Support Notes

When you configure VPN rule with certificate, select Certificate under VPN-> Gateway Policy. Select My

Certificate from the drop-down list. When (My) certificate is selected, ZyWALL will show what is the Local ID

Type and Content in my certificate. You must configure the same setting on peer ZyWALL and vise versal.

For example, on Local ZyWALL, the Local ID Type is E-mail and content is

Therefore, configure Peer ID Type and content on peer ZyWALL.

Online Enroll Certificates

This example displays how to use PKI feature in VPN function of ZyXEL appliance. Through PKI function,

users can achieve party identification when doing VPN/IPSec negotiation. With online enrollment, ZyWALL

firstly create certification request locally, then send certification request to trusted CA (Certificate Authority)