ZyXEL Communications ZYWALL 70 - V4.03 Technical Information PDF herunterladen (Seite 57)

Peer ID: Type=DNS Content = a.b.c.d

IPSEC Policy: Local=Single 1.1.1.1, Peer=Single 2.2.2.2

(2) On Bridge_B, add two VPN rules:

1. Rule one:

IKE: Static rule, XAUTH is disabled.

Local ID: Type=DNS Content = a.a.a.a

Peer ID: Type=DNS Content = b.b.b.b

IPSEC: Local=Single 3.3.3.3, Remote=Single 4.4.4.4

2. Rule two:

IKE: Dynamic rule, enable XATUH and set as server mode.

Local ID: Type=DNS Content = d.c.b.a

Peer ID: Type=DNS Content = a.b.c.d

IPSEC Policy: Local=Single 1.1.1.1, Remote=Single 2.2.2.2

(3) Dial VPN tunnel from Bridge_A to Bridge_B, the VPN tunnel will fail to build

up by phase one ID mismatch.

17. [BUG FIX][ 060426102]

Symptom: User can’t receive mail through VPN tunnel when WAN is in PPTP

encapsulation.

Condition:

Topology:

PC1 (mail client) --- ZW5 (PPTP) === VPN tunnel === ZW70 ---- PC2 (mail server)

(1) Establish VPN tunnel between ZW5 and ZW70.

(2) ZW5's WAN is PPTP, enable AS.

(3) ZW70's WAN can be any encapsulation type, disable AS.

(4) PC1 receives mail from PC2 but it fails.

18. [BUG FIX][060503068]

Symptom: Asymmetrical route cannot work.

Condition:

Topology as follows:

PC (A) ---- [L]DUT(B)[W] ------- Internet --- HTTP server(D)(66.102.7.104)

| |

-- [L]Router(C)[W] --- Internet

1. DUT configures a static route that forwarding packets of destination IP

66.102.7.104 through internal link to Router(C).

PC (A)’s default route entry is DUT (B).

Router (c) is NAT enabled.

2. PC (A) establishes HTTP connection to HTTP server (D).

a. SYN Packet: A -> B (LAN) -> C (LAN) -> C (WAN) -> D.

b. SYN ACK Packet: D -> C (WAN) -> C (LAN) -> A.

c. ACK Packet: A -> B (LAN), and DUT drop it.

19. [BUG FIX][060502057]

Symptom: Trigger port can’t be reconnected.

1 2 ... 52 53 54 55 56 57 58 59 60 61 62 ... 81 82

Keine Kommentare

ZyXEL Communications ZYWALL 70 - V4.03 Technical Information Seite 57