12 vpn rules (ike): network policy edit – ZyXEL Communications 70 Series User Manual

ZyWALL 5/35/70 Series User’s Guide

Chapter 19 VPN Screens

324

19.12 VPN Rules (IKE): Network Policy Edit

Click VPN and the add network policy (

) icon in the VPN Rules (IKE) screen to display

the VPN-Network Policy -Edit screen. Use this screen to configure a network policy.

Enable Multiple

Proposals

Select this check box to allow the ZyWALL to use any of its phase 1 or phase 2

encryption and authentication algorithms when negotiating an IPSec SA.
When you enable multiple proposals, the ZyWALL allows the remote IPSec router

to select which encryption and authentication algorithms to use for the VPN

tunnel, even if they are less secure than the ones you configure for the VPN rule.
Clear this check box to have the ZyWALL use only the phase 1 or phase 2

encryption and authentication algorithms configured below when negotiating an

IPSec SA.

Associated

Network Policies

The following table shows the policy(ies) you configure for this rule.
To add a VPN policy, click the add network policy (

) icon in the VPN Rules

(IKE) screen (see

Figure 148 on page 316

). Refer to

Section 19.12 on page 324

for more information.

#

This field displays the policy index number.

Name

This field displays the policy name.

Local Network

This field displays one or a range of IP address(es) of the computer(s) behind the

ZyWALL.

Remote Network

This field displays one or a range of IP address(es) of the remote network behind

the remote IPsec router.

Apply

Click Apply to save your changes back to the ZyWALL.

Cancel

Click Cancel to exit this screen without saving.

Table 101 VPN Rules (IKE): Gateway Policy: Edit (continued)

LABEL

DESCRIPTION