ZyXEL Communications ZyWall 10W User Manual page 228
Zywall series internet security gateway
Hide thumbs
Also See for ZyWall 10W:
- User manual (708 pages) ,
- Quick start manual (9 pages) ,
- Specifications (2 pages)
Table of Contents
Advertisement
ZyWALL Series Internet Security Gateway
LABEL
My IP Address
Secure Gateway
Address
Encapsulation
Mode
ESP
AH
Encryption
Algorithm
15-18
Table 15-7 VPN IKE
Enter the WAN IP address of your ZyWALL. The ZyWALL uses its current WAN IP
address (static or dynamic) in setting up the VPN tunnel if you leave this field as
0.0.0.0.
The VPN tunnel has to be rebuilt if this IP address changes.
Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with
which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec
router has a dynamic WAN IP address (the Key Management field must be set to
IKE).
In order to have more than one active rule with the Secure Gateway Address field
set to 0.0.0.0, the ranges of the local IP addresses cannot overlap between rules.
If you configure an active rule with 0.0.0.0 in the Secure Gateway Address field and
the LAN's full IP address range as the local IP address, then you cannot configure
any other active rules with the Secure Gateway Address field set to 0.0.0.0.
Select Tunnel mode or Transport mode from the drop-down list box.
Select ESP if you want to use ESP (Encapsulation Security Payload). The ESP
protocol (RFC 2406) provides encryption as well as some of the services offered by
AH. If you select ESP here, you must select options from the Encryption Algorithm
and Authentication Algorithm fields.
Select AH if you want to use AH (Authentication Header Protocol). The AH protocol
(RFC 2402) was designed for integrity, authentication, sequence integrity (replay
resistance), and non-repudiation but not for confidentiality, for which the ESP was
designed. If you select AH here, you must select options from the Authentication
Algorithm field.
Select DES, 3DES, AES or NULL from the drop-down list box.
The ZyWALL and the remote IPSec router generate an encryption key from the
Diffie-Hellman key exchange. The DES encryption algorithm uses a 56-bit key. Triple
DES (3DES) is a variation on DES that uses a 168-bit key. As a result, 3DES is more
secure than DES. It also requires more processing power, resulting in increased
latency and decreased throughput. AES uses a 128-bit key. AES is faster than 3DES
and provides a similar level of security.
Select NULL to set up a tunnel without encryption. When you select NULL, you do
not enter an encryption key.
DESCRIPTION
VPN Screens
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZyWall 10W
Related Products for ZyXEL Communications ZyWall 10W
- ZyXEL Communications 1
- ZyXEL Communications 802.11g Wireless Firewall Router 1-P-320W
- ZyXEL Communications Prestige 128L
- ZyXEL Communications Prestige 128IMH
- ZyXEL Communications PRESTIGE 153
- ZyXEL Communications PRESTIGE 153X
- ZyXEL Communications ZyXEL Prestige 100MH
- ZyXEL Communications ZyXEL Prestige 100WH