ZyXEL Communications 202H User Manual

Prestige 202H User’s Guide

26-6

VPN/IPSec Setup

Table 26-2 Menu 27.1 IPSec Summary

FIELD DESCRIPTION

EXAMPLE

Local Addr End

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured
to Single, this is the same (static) IP address as in the Local Addr
Start field.

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured
to Range, this is the end (static) IP address, in a range of computers
on the LAN behind your Prestige.

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured
to SUBNET, this is a subnet mask on the LAN behind your Prestige.

192.168.1.38

Encap

This field displays Tunnel mode or Transport mode. You need to
finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ???
is displayed.

Tunnel

IPSec Algorithm

This field displays the security protocols used for an SA. ESP
provides confidentiality and integrity of data by encrypting the data
and encapsulating it into IP packets. Encryption methods include 56-
bit DES and 168-bit 3DES. NULL denotes a tunnel without
encryption.

AH (Authentication Header) provides strong integrity and
authentication by adding authentication information to IP packets.
This authentication information is calculated using header and
payload data in the IP packet. This provides an additional level of
security. AH choices are MD5 (default - 128 bits) and SHA -1(160
bits).

Both AH and ESP increase the Prestige’s processing requirements
and communications latency (delay).

You need to finish configuring the VPN policy in menu 27.1.1.1 or
27.1.1.2 if ??? is displayed.

ESP DES MD5

Key Mgt

This field displays the SA’s type of key management, (IKE or
Manual).

IKE