Ipsec Vpn; Chapter 28 Ipsec Vpn; Ipsec Vpn Overview - ZyXEL Communications ZYWALL USG Series Reference Manual
Security firewalls
Hide thumbs
Also See for ZYWALL USG Series:
- Application notes (187 pages) ,
- Application note (184 pages) ,
- User manual (150 pages)
Table of Contents
Advertisement
This chapter explains how to set up and maintain IPSec VPNs in the ZyWALL / USG.
28.1 IPSec VPN Overview
A virtual private network (VPN) provides secure communications between sites without the expense
of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication,
access control and auditing. It is used to transport traffic over the Internet or any insecure network
that uses TCP/IP for communication.
Internet Protocol Security (IPSec) is a standards-based VPN that offers flexible solutions for secure
data communications across a public network like the Internet. IPSec is built around a number of
standardized cryptographic techniques to provide confidentiality, data integrity and authentication
at the IP layer.
The following figure is one example of a VPN tunnel.
Figure 19 VPN: Example
The VPN tunnel connects the ZyWALL / USG (X) and the remote IPSec router (Y). These routers
then connect the local network (A) and remote network (B).
A VPN tunnel is usually established in two phases. Each phase establishes a security association
(SA), a contract indicating what security parameters the ZyWALL / USG and the remote IPSec
router will use. The first phase establishes an Internet Key Exchange (IKE) SA between the ZyWALL
/ USG and remote IPSec router. The second phase uses the IKE SA to securely establish an IPSec
ZyWALL / USG (ZLD) CLI Reference Guide
C
HAPTER
2 8
IPSec VPN
185
Hide quick links:
Advertisement
Table of Contents
