VPN Advanced Wizard - Phase 2

Active Protocol: ESP is compatible with NAT, AH is not.

Encapsulation: Tunnel is compatible with NAT, Transport is not.

Proposal: 3DES and AES use encryption. The longer the AES key, the higher the security (this may affect throughput). Null uses no encryption.

Local Policy (IP/Mask): Type the IP address of a computer on your network. You can also specify a subnet. This must match the remote IP address configured on the peer IPSec device.

Incoming Interface: The peer IPSec device connects to the ZyWALL via this interface.

Remote Policy (IP/Mask): Type the IP address of a computer behind the peer IPSec device. You can also specify a subnet. This must match the local IP address configured on the peer IPSec device.

Nail Up: Select this to have the ZyWALL automatically renegotiate the IPSec SA when the SA life time expires.