ZyXEL Communications 2WG User Manual

ZyWALL 2WG Support Notes

All contents copyright (c) 2006 ZyXEL Communications Corporation.

66

Offline Enroll Certificates

In this guide, we describe how ZyWALL devices, both ZyWALL A and ZyWALL B as IPSec/VPN tunnel

end points, authenticate each other through PKI. We use CA (Certificate Authority) service provided by

Windows 2000 server in this example. The whole procedure includes

Step 1. Create certificate request on ZyWALL A.

Step 2. Enroll the certificate request to Windows 2000.

Step 3. Create certificate request on ZyWALL B.

Step 4. Enroll the certificate request to Windows 2000.

Step 5. Setup VPN rule on ZyWALL A

Step 6. Setup VPN rule on ZyWALL B.