ZyXEL Communications 2WG User Manual
Page 247
ZyWALL 2WG Support Notes
All contents copyright (c) 2006 ZyXEL Communications Corporation.
247
company to carry the data traffic over its Internet access lines, thus reducing the need for some installed
lines.
F04. What are most common VPN protocols?
There are currently three major tunneling protocols for VPNs. They are Point-to-Point Tunneling Protocol
(PPTP), Layer 2 Tunneling Protocol (L2TP) and Internet Protocol Security (IPSec).
F05. What is PPTP?
PPTP is a tunneling protocol defined by the PPTP forum that allows PPP packets to be encapsulated
within Internet Protocol (IP) packets and forwarded over any IP network, including the Internet itself. The
PPTP is supported in Windows NT and Windows 98 already. For Windows 95, it needs to be upgraded by
the Dial-Up Networking 1.2 upgrade.
F06. What is L2TP?
Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP)
used by an Internet service provider (ISP) to enable the operation of a virtual private network (VPN) over
the Internet.
F07. What is IPSec?
IPSec is a set of IP extensions developed by IETF (Internet Engineering Task Force) to provide security
services compatible with the existing IP standard (IPv.4) and also the upcoming one (IPv.6). In addition,
IPSec can protect any protocol that runs on top of IP, for instance TCP, UDP, and ICMP. The IPSec
provides cryptographic security services. These services allow for authentication, integrity, access control,
and confidentiality. IPSec allows for the information exchanged between remote sites to be encrypted and
verified. You can create encrypted tunnels (VPNs), or just do encryption between computers. Since you
have so many options, IPSec is truly the most extensible and complete network security solution.
What secure protocols does IPSec support?
There are two protocols provided by IPSec, they are AH (Authentication Header, protocol number 51)
and ESP (Encapsulated Security Payload, protocol number 50).
What are the differences between 'Transport mode' and 'Tunnel mode?
The IPSec protocols (AH and ESP) can be used to protect either an entire IP payload or only the
upper-layer protocols of an IP payload. Transport mode is mainly for an IP host to protect the data
generated locally, while tunnel mode is for security gateway to provide IPSec service for other machines
lacking of IPSec capability.