VPN Advanced Wizard - Phase 2
Active Protocol: ESP is compatible with NAT, AH is not.
Encapsulation: Tunnel is compatible with NAT, Transport is not.
Proposal: 3DES and AES use encryption. The longer the AES key, the higher the security (this may affect throughput). Null uses no encryption.
Local Policy (IP/Mask): Type the IP address of a computer on your network. You can also specify a subnet. This must match the remote IP address configured on the peer IPSec device.
Incoming Interface: The peer IPSec device connects to the ZyWALL via this interface.
Remote Policy (IP/Mask): Type the IP address of a computer behind the peer IPSec device. You can also specify a subnet. This must match the local IP address configured on the peer IPSec device.
Nail Up: Select this to have the ZyWALL automatically renegotiate the IPSec SA when the SA life time expires.