ZyXEL Communications P-334 User Manual

Page 317

Advertising
background image

Prestige 334 User’s Guide

Chapter 34 VPN/IPSec Setup

316

Local Addr
Start

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is a
static IP address on the LAN behind your Prestige.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is
the beginning (static) IP address, in a range of computers on the LAN behind your Pres-
tige.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this
is a static IP address on the LAN behind your Prestige.

Local Addr
End

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is
the same (static) IP address as in the Local Addr Start field.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is
the end (static) IP address, in a range of computers on the LAN behind your Prestige.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this
is a subnet mask on the LAN behind your Prestige.

Encap

This field displays Tunnel mode or Transport mode. See earlier for a discussion of
these. You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ???
is displayed.

IPSec
Algorithm

This field displays the security protocols used for an SA. ESP provides confidentiality
and integrity of data by encrypting the data and encapsulating it into IP packets. Encryp-
tion methods include 56-bit DES and 168-bit 3DES. NULL denotes a tunnel without
encryption.
AH (Authentication Header) provides strong integrity and authentication by adding
authentication information to IP packets. This authentication information is calculated
using header and payload data in the IP packet. This provides an additional level of
security. AH choices are MD5 (default - 128 bits) and SHA -1(160 bits).
Both AH and ESP increase the Prestige’s processing requirements and communica-
tions latency (delay).
You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ??? is
displayed.

Key Mgt

This field displays the SA’s type of key management, (IKE or Manual).

Remote Addr
Start

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is a
static IP address on the network behind the remote IPSec router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is
the beginning (static) IP address, in a range of computers on the network behind the
remote IPSec router.
When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this
is a static IP address on the network behind the remote IPSec router.
This field displays N/A when you configure the Secure Gateway Addr field in SMT
27.1.1 to 0.0.0.0.

Table 104 Menu 27.1 IPSec Summary

FIELD

DESCRIPTION

Advertising
Popular Brands
Popular manuals