1 ipsec sa proposal using manual keys, 7 vpn rule setup (manual) – ZyXEL Communications P-334U User Manual

P-334U/P-335U User’s Guide

160

Chapter 13 IPSec VPN

13.6.1 IPSec SA Proposal Using Manual Keys

In IPSec SA using manual keys, you can only specify one encryption algorithm and one
authentication algorithm. There is no DH key exchange, so you have to provide the encryption
key and the authentication key the ZyXEL Device and remote IPSec router use.

Note: The ZyXEL Device and remote IPSec router must use the same encryption key

and authentication key.

13.6.2 Authentication and the Security Parameter Index (SPI)

For authentication, the ZyXEL Device and remote IPSec router use the SPI, instead of pre-
shared keys, ID type and content. The SPI is an identification number.

Note: The ZyXEL Device and remote IPSec router must use the same SPI.

13.7 VPN Rule Setup (Manual)

Refer to

Figure 91 on page 148

for a graphical representation of the fields in the web

configurator.
Select Manual in the IPSec Keying Mode field on the Rule Setup screen to open the screen
as shown next.
Use this screen to configure VPN rules (tunnels) that use manual keys. Manual key
management is useful if you have problems with IKE key management.
See

Section 13.6 on page 159

for more information about IPSec SAs using manual keys.