Vpn Advanced Wizard - Finish - ZyXEL Communications UAG5100 User Manual

• Pre-Shared Key: VPN tunnel password.
• Certificate: The certificate the UAG uses to identify itself when setting up the VPN tunnel.
• Local Policy: IP address and subnet mask of the computers on the network behind your UAG
that can use the tunnel.
• Remote Policy: IP address and subnet mask of the computers on the network behind the
remote IPSec device that can use the tunnel.
• Copy and paste the Configuration for Remote Gateway commands into another ZLD-based
UAG's command line interface.
• Negotiation Mode: Main mode provides better security, while aggressive mode is faster.
• Encryption Algorithm: The key size and encryption algorithm to use in the IPSec SA. 3DES
and AES use encryption. The longer the AES key, the higher the security (this may affect
throughput). Null uses no encryption.
• Authentication Algorithm: The hash algorithm to use to authenticate packet data in the IPSec
SA. MD5 gives minimal security and SHA512 gives the highest security.
• Key Group: The Diffie-Hellman key group to use for encryption. DH5 is more secure than DH1
or DH2 (although it may affect throughput).
• Active Protocol:ESP is compatible with NAT, AH is not.
• Encapsulation: Tunnel is compatible with NAT, Transport is not.
• Click Save to save the VPN rule.

5.3.11 VPN Advanced Wizard - Finish

Now the rule is configured on the UAG. The Phase 1 rule settings appear in the VPN > IPSec VPN
> VPN Gateway screen and the Phase 2 rule settings appear in the VPN > IPSec VPN > VPN
Connection screen.
Chapter 5 Quick Setup Wizards
UAG Series User's Guide
78