VPN Configuration Provisioning with DHCP public IP

Line2 Posts: 40  Freshman Member
edited April 14 in Security
Successfully configured IKEv2 road warrier VPN on ZyWALL. ZyWALL has dynamic WAN IP address. Configuration Privisioning allways provision the current public IP address instead of the FQDN. How can we change this?

Accepted Solution

All Replies

  • Alfonso
    Alfonso Posts: 257  Master Member
    Hi @Line2

    Congratulations. IKEv2 road warrior sounds great.
    I got it with another brand, but most of my clients are Android, and they needed to install a certificate.
    For non root on Android devices it was a problem, so i came back to a L2TP/IPSEC road warrior.

    AS far as I know, only clients need to know the public ip address (or the FQDN) of the road warrior server. So, no new configuration would be necessary on the Zywall.

    Why do you want to configure FQDN instead the public ip address?

  • Line2
    Line2 Posts: 40  Freshman Member
    I already use IKev2 for Clients with Active Directory Authentication on Apple iOS Devices with certificate auth in phase1. No problem with that using Apple configuration profile. But not with ZyXEL configuration provisioning.
    ZyWALL has no fix IP address on WAN interface, so FQDN is CNAME to a dyndns address.
  • Line2
    Line2 Posts: 40  Freshman Member
    ok, thank you.

Security Highlight