IPsec ZyXEL USG40: Difference between revisions

(adding more changes)
No edit summary
Now, click "OK" and activate the config by clicking on the entry that you have just created and pressing the "Activate" button.
 
<br>
 
Next, we're going to select the "VPN Connection" Tab and click "Add".
 
* Click show "Advanced settings"
* Select "Nailed-Up" and "Enable Replay Detection".
 
* Under "VPN Gateway" select "Remote Access (Client Role) and select the VPN Gateway you just created in the drop down box.
* in "Local Policy" select "DMZ_SUBNET" and in "Remote Policy" select "LAN1_SUBNET".
 
 
 
* Under "Phase 2 Setting", change the "SA Life Time" to "3000000".
* Keep the defaults fror "Active Protocol" & "Encapsulation".
* In the "Proposal" section, change "Encryption" to "3DES" and the "Authentication" to "SHA1".
* We then need to change the "Perfect Forward Secrecy (PFS)" to "DH2".
* Now all we need to do is click "OK" and "Activate".
 
<br>
Once all of this has been done, press "Connect" and you should see that you now have an active IPsec connection from your ZyWALL USG40 to your FireBrick.
 
 
Retrieved from ‘http://support.aa.net.uk/IPsec_ZyXEL_USG40