beautypg.com

ZyXEL Communications P-334W User Manual

Page 223

background image

Prestige 334W User’s Guide

VPN Screens

16-13

Table 16-7 VPN: Rule Setup (Basic)

LABEL DESCRIPTION

DNS Server (for
IPSec VPN)

If there is a private DNS server that services the VPN, type its IP address here. The
Prestige assigns this additional DNS server to the Prestige’s DHCP clients that
have IP addresses in this IPSec rule's range of local addresses. A DNS server
allows clients on the VPN to find other computers and servers on the VPN by their
(private) domain names.

My IP Address

Enter the WAN IP address of your Prestige. The Prestige uses its current WAN IP
address (static or dynamic) in setting up the VPN tunnel if you leave this field as
0.0.0.0.

The VPN tunnel has to be rebuilt if this IP address changes.

Local ID Type

Select IP to identify this Prestige by its IP address.
Select DNS to identify this Prestige by a domain name.
Select E-mail to identify this Prestige by an e-mail address.

Local Content

When you select IP in the Local ID Type field, type the IP address of your computer
in the local Content field. The Prestige automatically uses the IP address in the My
IP Address field (refer to the My IP Address field description) if you configure the
local Content field to 0.0.0.0 or leave it blank.

It is recommended that you type an IP address other than 0.0.0.0 in the local
Content field or use the DNS or E-mail ID type in the following situations.

When there is a NAT router between the two IPSec routers.

When you want the remote IPSec router to be able to distinguish between
VPN connection requests that come in from IPSec routers with dynamic
WAN IP addresses.

When you select DNS or E-mail in the Local ID Type field, type a domain name or
e-mail address by which to identify this Prestige in the local Content field. Use up to
31 ASCII characters including spaces, although trailing spaces are truncated. The
domain name or e-mail address is for identification purposes only and can be any
string.

Secure Gateway
Address

Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with
which you're making the VPN connection. Set this field to 0.0.0.0 if the remote
IPSec router has a dynamic WAN IP address (the IPSec Keying Mode field must
be set to IKE). The remote address fields do not apply when the Secure Gateway
Address field is configured to 0.0.0.0. In this case only the remote IPSec router can
initiate the VPN.

Peer ID Type

Select IP to identify the remote IPSec router by its IP address.
Select DNS to identify the remote IPSec router by a domain name.
Select E-mail to identify the remote IPSec router by an e-mail address.

See also other documents in the category ZyXEL Communications Hardware: