Vpn Wizard Ipsec Setting (Ike Phase 2); Figure 31 Vpn Wizard: Ipsec Setting; Table 19 Vpn Wizard: Ipsec Setting - ZyXEL Communications ZYWALL P1 User Manual

Chapter 3 Wizard Setup
Table 18 VPN Wizard: IKE Tunnel Setting (continued)
LABEL
User Name
Password
Back
Next

3.6 VPN Wizard IPSec Setting (IKE Phase 2)

Use this screen to specify the authentication, encryption and other settings needed to negotiate
a phase 2 IPSec SA.

Figure 31 VPN Wizard: IPSec Setting

The following table describes the labels in this screen.

Table 19 VPN Wizard: IPSec Setting

LABEL
Encapsulation Mode
IPSec Protocol
76
DESCRIPTION
Enter a user name for your ZyWALL to be authenticated by the VPN peer (in
server mode). The user name can be up to 31 case-sensitive ASCII characters,
but spaces are not allowed. You must enter a user name and password when
you select client mode.
Enter the corresponding password for the above user name. The password can
be up to 31 case-sensitive ASCII characters, but spaces are not allowed.
Click Back to return to the previous screen.
Click Next to continue.
DESCRIPTION
Tunnel is compatible with NAT, Transport is not.
Tunnel mode encapsulates the entire IP packet to transmit it securely. A Tunnel
mode is required for gateway services to provide access to internal systems.
Tunnel mode is fundamentally an IP tunnel with authentication and encryption.
Transport mode is used to protect upper layer protocols and only affects the
data in the IP packet. In Transport mode, the IP packet contains the security
protocol (AH or ESP) located after the original IP header and options, but before
any upper layer protocols contained in the packet (such as TCP and UDP).
Select the security protocols used for an SA.
Both AH and ESP increase ZyWALL processing requirements and
communications latency (delay).
ZyWALL P1 User's Guide