IPsec VPN between Zyxel VMG and Vigor Router
This application note demonstrates how to establish IPsec VPN tunnel between Vigor router and Zyxel VMG router. Suppose the Vigor Router has LAN subnet on IP address 192.168.24.0/24, and Zyxel VMG is on 192.168.1.0/24.
Vigor Router Settings
1. Go to VPN and Remote Access >> IPsec General Setup, and enter Pre-Shared Key 
2. Go to VPN and Remote Access >> LAN to LAN, and click an available index,
- Give Profile Name
- Enable the profile
- Select Dial-In for Call Direction
- Allow IPsec Tunnel in Dial-In Settings
- Enter VMG router's LAN network in TCP/IP Network Settings > Remote Network IP/Mask
Zyxel VMG Router Settings
1. Go IPsec VPN Setup page and click Add New Connection
- Check Active
- Give an IPsec Connection Name
- Enter Vigor router's WAN IP or domain in Remote IPsec Gateway Address
- Select Subnet for Tunnel access from local IP addresses and enter VMG's LAN network
- Select Subnet for Tunnel access from remote IP addresses and enter Vigor Router's LAN network
- Enter Pre-Shared Key
2. Click more in IKE Advanced Settings
- Select "Main" for Mode
- Set Phase 1 Encryption Algorithm to "AES128_SHA1_G2"
- Set Phase 1 Key Lifetime to 86400
- Set Phase 2 Encryption Algorithm to "AES128_SHA1"
- Set Phase 2 Key Lifetime to 3600
Dial VPN
Switch to IPsec VPN Monitor page and click Trigger
We can see the VPN status after VPN is connected
Published On:2018-04-24
Was this helpful?