ZyXEL Communications ZYWALL 70 - V4.04 Guía de usuario descargar pdf (Pagina 98)

contents are consistent and they can connect.

Basically the story is the same when ID type is IP. If user configures ID content, then

ZyWALL will use it as a check. So the ID content also has to match each other. For

example, ID type and ID content of incoming packets must match “Peer ID Type” and

“Peer ID content”. Or ZyWALL will reject the connection.

However, user can leave “ID content” blank if the ID type is IP. ZyWALL will put

proper value in it during IKE negotiation. This appendix describes all combinations and

behaviors of ZyWALL.

We can put all combinations in to these two tables:

(Local ID Type is IP):

Configuration **Run-time status

My IP Addr Local ID Content My IP Addr Local ID Content

0.0.0.0 *blank My WAN IP My WAN IP

0.0.0.0 a.b.c.d (it can be

0.0.0.0)

My WAN IP a.b.c.d ( 0.0.0.0, if user

specified it)

a.b.c.d (not 0.0.0.0) *blank a.b.c.d a.b.c.d

a.b.c.d (not 0.0.0.0) e.f.g.h (or 0.0.0.0) a.b.c.d e.f.g.h (or 0.0.0.0)

*Blank: User can leave this field as empty, doesn’t put anything here.

**Runtime status: During IKE negotiation, ZyWALL will use “My IP Addr” field as

source IP of IKE packets, and put “Local ID Content” in the ID payload.

(Peer ID Type is IP):

Configuration

Secure

Gateway Addr

Peer ID

Content

*Run-time check

0.0.0.0 blank Just check ID types of incoming packet and

machine’s peer ID type. If the peer’s ID is IP, then

we accept it.

0.0.0.0 a.b.c.d System checks both type and content

a.b.c.d blank 1. System will check the ID type and the content.

2. The contents will match only if the ID content of

coming packet is a.b.c.d because system will put

Secure Gateway Address as Peer ID content.

a.b.c.d e.f.g.h 1. System will check the ID type and the content.

2. The contents will match only if the ID content of

coming packet is e.f.g.h.

*Runtime Check: During IKE negotiation, we will check ID of incoming packet and see

if it matches our setting of “Peer ID Type” and “Peer ID Content”.

Summary:

1 2 ... 93 94 95 96 97 98 99 100 101 102 103 ... 111 112

Comentarios a estos manuales

Sin comentarios

ZyXEL Communications ZYWALL 70 - V4.04 Guía de usuario Pagina 98

Comentarios a estos manuales

Relacionado con productos y manuales para Redes ZyXEL Communications ZYWALL 70 - V4.04