Configuring basic ike vpn rule setup, 9 configuring basic ike vpn rule setup – ZyXEL Communications ZyXEL ZyWALL 2WE User Manual

ZyWALL 2 and ZyWALL 2WE

VPN/IPSec Setup

27-7

27.8.1 ID Type and Content Examples

Two IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel.
The two ZyWALLs in this example can complete negotiation and establish a VPN tunnel.

Table 27-5 Matching ID Type and Content Configuration Example

ZYWALL A

ZYWALL B

Local ID type: E-mail

Local ID type: IP

Local ID content: [email protected]

Local ID content: 1.1.1.2

Peer ID type: IP

Peer ID type: E-mail

Peer ID content: 1.1.1.2

Peer ID content: [email protected]

The two ZyWALLs in this example cannot complete their negotiation because ZyWALL B’s Local ID type
is IP, but ZyWALL A’s Peer ID type is set to E-mail. An “ID mismatched” message displays in the IPSEC
LOG.

Table 27-6 Mismatching ID Type and Content Configuration Example

ZYWALL A

ZYWALL B

Local ID type: IP

Local ID type: IP

Local ID content: 1.1.1.10

Local ID content: 1.1.1.10

Peer ID type: E-mail

Peer ID type: IP

Peer ID content: [email protected]

Peer ID content: N/A

27.9 Configuring Basic IKE VPN Rule Setup

Select one of the VPN rules in the VPN Summary screen and click Edit to configure the rule’s settings. The
basic IKE rule setup screen is shown next.