ZyXEL Communications ZyWall 10 User Manual page 202

ZyWALL 10~100 Series Internet Security Gateway
FIELD
IPSec This field displays the security protocols used for an SA. ESP provides
Algorithm confidentiality and integrity of data by encrypting the data and
encapsulating it into IP packets. Encryption methods include 56-bit DES
and 168-bit 3DES. NULL denotes a tunnel without encryption.
AH (Authentication Header) provides strong integrity and authentication
by adding authentication information to IP packets. This authentication
information is calculated using header and payload data in the IP packet.
This provides an additional level of security. AH choices are MD5 (default
- 128 bits) and SHA -1(160 bits).
Both AH and ESP increase the ZyWALL's processing requirements and
communications latency (delay).
You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2
if ??? is displayed.
Key Mgt This field displays the SA's type of key management, (IKE or Manual).
Remote When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to
Addr Start Single, this is a static IP address on the network behind the remote IPSec
router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to
Range, this is the beginning (static) IP address, in a range of computers
on the network behind the remote IPSec router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to
SUBNET, this is a static IP address on the network behind the remote
IPSec router.
This field displays N/A when you configure the Secure Gateway Addr
field in SMT 27.1.1 to 0.0.0.0.
19-4
Table 19-1 Menu 27.1: IPSec Summary
DESCRIPTION EXAMPLE
ESP DES MD5
IKE
172.16.2.40
VPN/IPSec Setup