G. pki faq – ZyXEL Communications 2WG User Manual

Page 254

Advertising
background image

ZyWALL 2WG Support Notes

All contents copyright (c) 2006 ZyXEL Communications Corporation.

254

F28. Single, Range, Subnet, which types of IP address does ZyWALL support in

VPN/IPSec?

All ZyWALL series support single, range, and subnet configuration for VPN IPSec. In other words, you

can specify a single PC, a range of PCs or even a network of PCs to utilize the VPN/IPSec service.

F29. Does ZyWALL support IPSec pass-through?

Yes, ZyWALL can support IPSec pass-through. ZyWALL series don't only support IPSec/VPN gateway, it

can also be a NAT router supporting IPSec pass-through.

If the VPN connection is initiated from the security gateway behind ZyWALL, no configuration is

necessary for neither NAT nor Firewall.

If the VPN connection is initiated from the security gateway outside of ZyWALL, NAT port forwarding

and Firewall forwarding are necessary.

To configure NAT port forwarding, please go to WEB interface, Setup/ "NAT", put the secure gateway's

IP address in default server.

To configure Firewall forwarding, please go to WEB interface, Setup/Firewall, select Packet Direction to

WAN to LAN, and create a firewall rule the forwards IKE(UDP:500).

F30. Can ZyWALL behave as a NAT router supporting IPSec pass through and an IPSec

gateway simultaneously?

No, ZyWALL can't support them simultaneously. You need to choose either one. If ZyWALL is to support

IPSec pass through, you have to disable the VPN function on ZyWALL. To disable it, you can either

deactivate each VPN rule or issue a CI command, "IPSec switch off".

G. PKI FAQ

G01. Basic Cryptography concept

Encryption and decryption are two major operations involved in cryptography. Whenever we would

like to send some secret over an insecure media, such as Internet, we may encrypt the secret before

sending it out. The receiver thus needs the corresponding decryption key to recover the encrypted

secrete. We need to have keys for both encryption and decryption. The key used to encrypt data is

called the encryption key, and the key for decryption is called the decryption key.

Cryptography can be categorized into two types, symmetric and asymmetric cryptography. For

symmetric cryptography, the encryption key is the same with the decryption. Otherwise, we the

Advertising
Popular Brands
Popular manuals