Krumböck Bernd

Software | Hardware | Dienstleistung

Hauptmenü

Tutorials

3. Zyxel ZyWall Konfiguration

Das Netz hinter der Zywall ist 192.168.1.0/24 und der DynDNS Name ist zywall.dyndns.org.

Abbildung 1. VPN Konfiguration

Nat Traversal: Yes                                                                                                           
Name: HQ                                                                                                                      
Key Managemengt: IKE                                                                                                          
Negotiation Mode: Main                                                                                                        
Enable Extended Authentication: No                                                                                            
Local: Site-to-Site: Subnet 192.168.1.0/255.255.255.0                                                                         
Remote: Site-to-Site: Subnet 192.168.0.0/255.255.255.0                                                                        
DNS Server (for IPSec VPN): 12.34.56.78 (DNS Server des Providers)                                                            
Pre-Shared Key: 12345678 (bitte einen sicheren Key verwenden)                                                                 
Local ID Type: IP: (nichts eintragen)                                                                                         
Peer ID Type: IP: (192.168.0.101)                                                                                             
My IP Address: 0.0.0.0                                                                                                        
Secure Gateway Address: router.dyndns.org                                                                                     
Encapsulation Mode: Tunnel                                                                                                    
ESP: Yes                                                                                                                      
Encryption Algorithm: 3DES                                                                                                    
Authentication Algorithm: MD5

Abbildung 2. Advanced VPN Konfiguration

Protocol: 0                                                                                                                  
Enable Replay Detection: Yes                                                                                                  
Local Port:                                                                                                                   
  Start 0                                                                                                                     
  End   0                                                                                                                     
Remote Port:                                                                                                                  
  Start 0                                                                                                                     
  End   0                                                                                                                     
Phase 1                                                                                                                       
  Negotiation Mode: Main                                                                                                      
  Encryption Algorithm: 3DES                                                                                                  
  Authentication Algorithm: MD5                                                                                               
  SA Life Time (Seconds): 3600                                                                                                
  Key Group: DH2                                                                                                              
Phase 2                                                                                                                       
  Active Protocol: ESP                                                                                                        
  Encryption Algorithm: 3DES                                                                                                  
  Authentication Algorithm: MD5                                                                                               
  SA Life Time (Seconds): 9600                                                                                                
  Encapsulation: Tunnel                                                                                                       
  Perfect Forward Secrecy(PFS): DH2