Figure 80 vpn > setup > edit > advanced, Table 52 vpn > setup > edit > advanced – ZyXEL Communications G.SHDSL.bis 4-port Security Gateway P-793H User Manual

P-793H User’s Guide

Chapter 11 IPSec VPN

171

Figure 80 VPN > Setup > Edit > Advanced

The following table describes the fields in this screen.

Table 52 VPN > Setup > Edit > Advanced

LABEL

DESCRIPTION

VPN - IKE -

Advanced Setup

Protocol Enter the IP protocol number whose traffic is allowed to use the VPN tunnel. Enter

0 to allow all IP protocols to use the VPN tunnel. See

Appendix E on page 407

for

some common IP protocols.

Enable Replay

Detection

Select this to enable replay detection. As a VPN setup is processing intensive, the

system is vulnerable to Denial of Service (DoS) attacks. The IPSec receiver can

detect and reject old or duplicate packets to protect against replay attacks.

Local Start Port
End

Enter the port number or range of port numbers in the local network whose traffic

is allowed to use the VPN tunnel. Enter 0 in both fields to allow all port numbers in

the local network to use the VPN tunnel. See

Appendix E on page 407

for some

common port numbers.

Remote Start Port
End

Enter the port number or range of port numbers in the remote network whose

traffic is allowed to use the VPN tunnel. Enter 0 in both fields to allow all port

numbers in the remote network to use the VPN tunnel. See

Appendix E on page

407

for some common port numbers.

Phase 1

Negotiation Mode Select the negotiation mode for the IKE SA. Main is more secure than

Aggressive. The ZyXEL Device and remote IPSec router must use the same

negotiation mode.