Manual Setup; Active Protocol; Security Parameter Index (Spi); Table 210 Active Protocol: Encapsulation And Security Protocol - ZyXEL Communications ZyWall 35 User Manual

Internet security appliance

Hide thumbs Also See for ZyWall 35:

Table of Contents

Encapsulation

Secrecy (PFS)

When you have completed this menu, press [ENTER] at the prompt "Press ENTER to Confirm..." to

save your configuration, or press [ESC] at any time to cancel.

44.5 Manual Setup

You only configure Menu 27.1.1.2 – Manual Setup when you select Manual in the Key

Management field in Menu 27.1.1 – IPSec Setup. Manual key management is useful if you

have problems with IKE key management.

This field is a combination of mode and security protocols used for the VPN. See

Introduction to IPSec

To edit this menu, move the cursor to the Edit Manual Setup field in Menu 27.1.1 – IPSec

Setup, press [SPACE BAR] to select Yes and then press [ENTER] to go to Menu 27.1.1.2 –

Manual Setup.

Chapter 44 VPN/IPSec Setup

Menu 27.1.1.1: IKE Setup (continued)

Press [SPACE BAR] to choose from Tunnel mode or Transport mode and then press

[ENTER]. See earlier for a discussion of these.

Perfect Forward Secrecy (PFS) is disabled (None) by default in phase 2 IPSec SA

setup. This allows faster IPSec setup, but is not so secure. Press [SPACE BAR] and

choose from DH1 or DH2 to enable PFS. DH1 refers to Diffie-Hellman Group 1 a 768

bit random number. DH2 refers to Diffie-Hellman Group 2 a 1024 bit (1Kb) random

number (more secure, yet slower).

for more information on these parameters.

SECURITY PROTOCOL

ZyWALL 35 User's Guide