What You Need To Know - ZyXEL Communications ZyWALL 110 User Manual
Hide thumbs
Also See for ZyWALL 110:
- User manual (1090 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
Chapter 22 IPSec VPN
22.1.2 What You Need to Know
An IPSec VPN tunnel is usually established in two phases. Each phase establishes a security
association (SA), a contract indicating what security parameters the ZyWALL/USG and the remote
IPSec router will use. The first phase establishes an Internet Key Exchange (IKE) SA between the
ZyWALL/USG and remote IPSec router. The second phase uses the IKE SA to securely establish an
IPSec SA through which the ZyWALL/USG and remote IPSec router can send data between
computers on the local network and remote network. This is illustrated in the following figure.
Figure 260 VPN: IKE SA and IPSec SA
In this example, a computer in network A is exchanging data with a computer in network B. Inside
networks A and B, the data is transmitted the same way data is normally transmitted in the
networks. Between routers X and Y, the data is protected by tunneling, encryption, authentication,
and other security features of the IPSec SA. The IPSec SA is secure because routers X and Y
established the IKE SA first.
ZyWALL/USG Series User's Guide
388
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
