Table 207 menu 27.1: ipsec summary – ZyXEL Communications ZyXEL ZyWALL 35 User Manual

Page 563

Advertising
background image

ZyWALL 35 User’s Guide

Chapter 44 VPN/IPSec Setup

561

The following table describes the fields in this screen.

Table 207 Menu 27.1: IPSec Summary

FIELD

DESCRIPTION

#

This is the VPN policy index number.

Name

This field displays the unique identification name for this VPN rule. The name may be

up to 32 characters long but only 10 characters will be displayed here.

A

Y signifies that this VPN rule is active.

Local Addr

Start

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is

a static IP address on the LAN behind your ZyWALL.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

the beginning (static) IP address, in a range of computers on the LAN behind your

ZyWALL.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

is a static IP address on the LAN behind your ZyWALL.

Addr End /

Mask

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is

the same (static) IP address as in the Local Addr Start field.

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

the end (static) IP address, in a range of computers on the LAN behind your ZyWALL.

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

is a subnet mask on the LAN behind your ZyWALL.

Encap

This field displays Tunnel mode or Transport mode. See earlier for a discussion of

these. You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ???

is displayed.

IPSec

Algorithm

This field displays the security protocols used for an SA. ESP provides confidentiality

and integrity of data by encrypting the data and encapsulating it into IP packets.

Encryption methods include 56-bit DES, 168-bit 3DES and 128-bit AES. NULL denotes

a tunnel without encryption.
AH (Authentication Header) provides strong integrity and authentication by adding

authentication information to IP packets. This authentication information is calculated

using header and payload data in the IP packet. This provides an additional level of

security. AH choices are MD5 (default - 128 bits) and SHA -1(160 bits).
Both AH and ESP increase the ZyWALL’s processing requirements and

communications latency (delay).
You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ??? is

displayed.

Key Mgt

This field displays the SA’s type of key management, (IKE or Manual).

Remote Addr

Start

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is

a static IP address on the network behind the remote IPSec router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

the beginning (static) IP address, in a range of computers on the network behind the

remote IPSec router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

is a static IP address on the network behind the remote IPSec router.
This field displays N/A when you configure the Secure Gw Addr field in SMT 27.1.1 to

0.0.0.0.

Advertising
See also other documents in the category ZyXEL Communications Hardware: