Search
Newsletter
r1400: Setting-up SoftRemote VPNs with Zyxel firewalls.doc
Set up VPN Connections to Zyxel 10W Firewalls Using SoftRemote software
Problem
You want to set up a VPN connection between a dial-up or broadband-connected remote user and a company Zyxel 10W firewall.
Applies To
SafeNet SoftRemote
Zyxel Zywall 10W
Solution
Before you begin you will need to know the internal LAN address range and subnet mask, and the internal and external IP addresses of the Zyxel.
Set up the Zyxel for VPN access
1. Open Internet Explorer. Type in the IP address of the router.
2. Enter the password for the router and press Enter.
3. On the left-hand side, click Advanced and then VPN.
4. Place a mark in the check box of the next empty rule in the first column of the table in the summary window.
5. Click Edit.
6. You will be presented with the following screen:
7. Place a tick in the Active box.
8. Enter a name for the connection.
9. Next to the Local: heading, select the Address Type as Range Address in the drop-down box.
10. Enter the first address of the internal LAN IP range in the IP Address Start box.
11. Enter the end address of the internal LAN IP range in the End/Subnet Mask box.
12. Enter the External IP address of the router in both the first Content and My IP Address boxes, just under the Local ID Type drop-down box.
13. Select MD5 from the Authentication Algorithm drop-down box.
14. Enter a value that will be the password for the connection in the Pre-Shared Key box.
15. Click Advanced and you will be presented with the following screen:
1. Re-enter the Pre-Shared Key under Phase 1
2. Change the Authentication Algorithm under Phase 2 to MD5.
3. Click OK and the Apply and close Internet Explorer.
The Zyxel is now configured to allow VPN access to the internal network once you have configured the Soft Remote software.
Install and Configure the SoftRemote software
The SoftRemote VPN client software will work with most firewalls, including Cisco and NetScreen, but this guide only explains how to configure it for connecting to Zyxel routers.
1. Install the SoftRemote VPN client software from the installation CD and re-boot.
2. Right-click the SoftRemote icon 
and select Security Policy Editor.
3. Click Edit | Add | Connection, you will be presented with the following screen:
If the computer is to be used offline (offsite via modem) and online (locally-connected via network card) the VPN software must be set to only use the modem.
This is accomplished by connecting via modem and altering the "Internet Interface" setting from "Any" to the modem.
Note - This option is only available when connected via the modem.
If you don't do this the next time the user connects directly to the network they won't be able to see the network at all
To connect:
- Right-click and select "Connect..."
To disconnect:
- Right-click and select "Disconnect..."
Troubleshooting the connection:
- On the client right-click and select "Log viewer". This gives detailed information on the progress of the connection.
- On the firewall view the logs, selecting to display the "IKE" logs
Common errors
| Error | Cause |
| The log shows no response from the firewall | Incorrect IP address set at the SoftRemote client end No Internet connection VPN profile not set “Active” at the firewall end |
| The log shows errors in the VPN negotiation | Check your settings at both ends very carefully. It is easy to make mistakes. By viewing the client and firewall-side logs it is usually quite easy to resolve the issue. |
For further information, you can consult the guides provided by Zyxel themselves at http://www.zyxel.com/support/supportnote/zywall10w_30w/index_f.php.
Latest News
- Pay-by-phone is coming
- Technology for paying by mobile phone is ready
01/12/2008 | MORE - “IT illiteracy plagues UK workforce”
- Damning headline from a City & Guilds report on IT in the workplace
01/12/2008 | MORE - Kill your computers
- You must kill your computers before disposing of them.
03/11/2008 | MORE