Home » ZyXEL Manuals » Networking » ZyXEL P-660HNU-F1 » Manual Viewer

ZyXEL P-660HNU-F1 User Guide - Page 204

My IP Address, Secure Gateway Address, IPSec SA, IKE SA

Get ZyXEL P-660HNU-F1 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 204 highlights

Chapter 16 VPN Figure 104 VPN: IKE SA and IPSec SA A B IPSec SA X IKE SA Y In this example, a computer in network A is exchanging data with a computer in network B. Inside networks A and B, the data is transmitted the same way data is normally transmitted in the networks. Between routers X and Y, the data is protected by tunneling, encryption, authentication, and other security features of the IPSec SA. The IPSec SA is established securely using the IKE SA that routers X and Y established first. My IP Address My IP Address is the WAN IP address of the ZyXEL Device. The ZyXEL Device has to rebuild the VPN tunnel if My IP Address changes after setup. The following applies if this field is configured as 0.0.0.0: • The ZyXEL Device uses the current ZyXEL Device WAN IP address (static or dynamic) to set up the VPN tunnel. Secure Gateway Address Secure Gateway Address is the WAN IP address or domain name of the remote IPSec router (secure gateway). If the remote secure gateway has a static WAN IP address, enter it in the Secure Gateway Address field. You may alternatively enter the remote secure gateway's domain name (if it has one) in the Secure Gateway Address field. You can also enter a remote secure gateway's domain name in the Secure Gateway Address field if the remote secure gateway has a dynamic WAN IP address and is using DDNS. The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway's WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway's new WAN IP address). Dynamic Secure Gateway Address If the remote secure gateway has a dynamic WAN IP address and does not use DDNS, enter 0.0.0.0 as the secure gateway's address. In this case only the remote secure gateway can initiate SAs. This may be useful for telecommuters initiating a VPN tunnel to the company network (see Section 16.6.11 on page 219 for configuration examples). The Secure Gateway IP Address may be configured as 0.0.0.0 only when using IKE key management and not Manual key management. 204 ADSL Series User's Guide

Section	Page
ADSL Router Series	1
Videos	2
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
User’s Guide	19
Introduction	21
1.1 Overview	21
1.2 Applications for the ZyXEL Device	21
1.2.1 Internet Access	21
1.2.2 Wireless Connection	22
1.2.3 ZyXEL Device’s USB and Print Server Support	22
1.3 The WPS/WLAN Button	23
1.4 Ways to Manage the ZyXEL Device	24
1.5 Good Habits for Managing the ZyXEL Device	25
1.6 The RESET Button	25
Introducing the Web Configurator	27
2.1 Overview	27
2.1.1 Accessing the Web Configurator	27
2.2 The Web Configurator Layout	29
2.2.1 Title Bar	29
2.2.2 Main Window	30
2.2.3 Navigation Panel	30
2.3 User Mode	32
2.3.1 Overview	32
2.3.2 What You Can Do	32
2.3.3 Navigation Panel	33
2.3.4 Network Map	33
2.3.5 Control Panel	34
2.3.6 Power Saving	34
2.3.7 Content Filter	35
2.3.8 Firewall	36
2.3.9 Wireless Security	37
2.3.10 WPS	38
2.3.11 Media Server	38
Tutorials	41
3.1 Overview	41
3.2 Setting Up Your DSL Connection	41
3.3 How to Set up a Wireless Network	44
3.3.1 Example Parameters	44
3.3.2 Configuring the ADSL Device	44
3.3.3 Connecting Wirelessly to your ADSL Device	46
3.3.4 Configuring the Wireless Client using the WPS PIN number	48
3.4 Setting Up NAT Port Forwarding to Allow Access to Network Servers from the Internet	49
3.5 Using the File Sharing Feature	50
3.5.1 Set Up File Sharing	51
3.5.2 Access Your Shared Files From a Computer	54
3.6 Using the Print Server Feature	56
3.7 Configuring the MAC Address Filter for Restricting Wireless Internet Access	70
3.8 Configuring Static Route for Routing to Another Network	71
3.9 Configuring QoS Queue and Class Setup	73
3.10 Access the ADSL Device Using DDNS	77
3.10.1 Registering a DDNS Account on www.dyndns.org	78
3.10.2 Configuring DDNS on Your ADSL Device	78
3.10.3 Testing the DDNS Setting	79
Technical Reference	81
Connection Status and System Info Screens	83
4.1 Overview	83
4.2 The Connection Status Screen	83
4.3 The System Info Screen	84
Broadband	87
5.1 Overview	87
5.1.1 What You Can Do in this Chapter	87
5.1.2 What You Need to Know	87
5.1.3 Before You Begin	88
5.2 The Broadband Screen	88
5.2.1 Add/Edit Internet Connection	89
5.3 Technical Reference	100
Wireless	105
6.1 Overview	105
6.1.1 What You Can Do in this Chapter	105
6.1.2 Wireless Network Overview	105
6.1.3 Before You Begin	107
6.2 The Wireless General Screen	107
6.2.1 No Security	109
6.2.2 Basic (Static WEP/Shared WEP Encryption)	109
6.2.3 More Secure (WPA(2)-PSK)	111
6.2.4 WPA(2) Authentication	112
6.3 The More AP Screen	113
6.3.1 Edit More AP	114
6.4 The WPS Screen	115
6.5 The WMM Screen	117
6.6 Scheduling Screen	118
6.7 Technical Reference	119
6.7.1 Additional Wireless Terms	119
6.7.2 Wireless Security Overview	119
6.7.3 Signal Problems	122
6.7.4 BSS	122
6.7.5 MBSSID	122
6.7.6 WiFi Protected Setup (WPS)	123
Home Networking	131
7.1 Overview	131
7.1.1 What You Can Do in this Chapter	131
7.1.2 What You Need To Know	131
7.2 The LAN Setup Screen	134
7.3 The Static DHCP Screen	136
7.3.1 Before You Begin	136
7.4 The UPnP Screen	137
7.5 The File Sharing Screen	138
7.5.1 Before You Begin	139
7.5.2 Add/Edit File Sharing	140
7.5.3 Add New User	141
7.6 The Media Server Screen	142
7.6.1 The Media Server Screen	142
7.7 The Print Server Screen	143
7.7.1 Before You Begin	143
7.8 Technical Reference	144
7.9 Installing UPnP in Windows Example	148
7.10 Using UPnP in Windows XP Example	151
Routing	157
8.1 Overview	157
8.2 Configuring Static Route	157
8.2.1 Add/Edit Static Route	158
DNS Route	161
9.1 Overview	161
9.1.1 What You Can Do in this Chapter	161
9.2 The DNS Route Screen	162
9.2.1 Add/Edit DNS Route Edit	162
Quality of Service (QoS)	165
10.1 Overview	165
10.1.1 What You Can Do in this Chapter	165
10.1.2 What You Need to Know	165
10.2 The QoS General Screen	166
10.3 The Queue Setup Screen	167
10.3.1 Add/Edit a QoS Queue	168
10.4 The Class Setup Screen	169
10.4.1 Add/Edit QoS Class	170
10.5 The QoS Monitor Screen	173
10.6 QoS Technical Reference	173
10.6.1 IP Precedence	174
10.6.2 DiffServ	174
Network Address Translation (NAT)	175
11.1 Overview	175
11.1.1 What You Can Do in this Chapter	175
11.1.2 What You Need To Know	175
11.2 The Port Forwarding Screen	176
11.2.1 The Port Forwarding Screen	177
11.2.2 The Port Forwarding Edit Screen	177
11.3 The Sessions Screen	178
11.4 The ALG Screen	179
11.5 Technical Reference	180
11.5.1 NAT Definitions	180
11.5.2 What NAT Does	180
11.5.3 How NAT Works	180
Dynamic DNS	183
12.1 Overview	183
12.1.1 What You Need To Know	183
12.2 The Dynamic DNS Screen	183
Firewall	185
13.1 Overview	185
13.1.1 What You Can Do in this Chapter	185
13.1.2 What You Need to Know	185
13.2 The General Screen	186
13.3 The Services Screen	187
13.4 Firewall Technical Reference	188
13.4.1 Guidelines For Enhancing Security With Your Firewall	188
13.4.2 Security Considerations	188
MAC Filter	191
14.1 Overview	191
14.1.1 What You Need to Know	191
14.2 The MAC Filter Screen	191
Certificates	193
15.1 Overview	193
15.1.1 What You Can Do in this Chapter	193
15.1.2 What You Need to Know	193
15.1.3 Verifying a Certificate	195
15.2 Local Certificates	196
15.2.1 Trusted CAs	197
15.2.2 Trusted CA Import	198
15.2.3 View Certificate	198
15.3 VPN Certificates	199
15.3.1 Import Certificate	200
VPN	203
16.1 Overview	203
16.1.1 What You Can Do in the VPN Screens	203
16.1.2 What You Need to Know About IPSec VPN	203
16.1.3 Before You Begin	205
16.2 VPN Setup Screen	205
16.3 The VPN Edit Screen	206
16.4 Configuring Advanced Settings	210
16.5 Viewing SA Monitor	212
16.6 IPSec VPN Technical Reference	212
16.6.1 IPSec Architecture	212
16.6.2 IPSec and NAT	213
16.6.3 VPN, NAT, and NAT Traversal	214
16.6.4 Encapsulation	215
16.6.5 IKE Phases	216
16.6.6 Negotiation Mode	217
16.6.7 Remote DNS Server	217
16.6.8 ID Type and Content	218
16.6.9 Pre-Shared Key	219
16.6.10 Diffie-Hellman (DH) Key Groups	219
16.6.11 Telecommuter VPN/IPSec Examples	219
System Monitor	223
17.1 Overview	223
17.1.1 What You Can Do in this Chapter	223
17.2 The WAN Status Screen	223
17.3 The LAN Status Screen	224
17.4 The NAT Status Screen	225
User Account	227
18.1 Overview	227
18.2 The User Account Screen	227
Remote MGMT	229
19.1 Overview	229
19.1.1 What You Need to Know	229
19.2 The Remote MGMT Screen	229
System	231
20.1 Overview	231
20.1.1 What You Need to Know	231
20.2 The System Screen	231
Time Setting	233
21.1 Overview	233
21.2 The Time Setting Screen	233
Log Setting	235
22.1 Overview	235
22.2 The Log Setting Screen	235
Firmware Upgrade	237
23.1 Overview	237
23.2 The Firmware Screen	237
Backup/Restore	239
24.1 Overview	239
24.2 The Backup/Restore Screen	239
24.3 The Reboot Screen	241
Diagnostic	243
25.1 Overview	243
25.1.1 What You Can Do in this Chapter	243
25.2 The Ping Screen	243
25.3 The DSL Line Screen	244
Troubleshooting	247
26.1 Overview	247
26.2 Power, Hardware Connections, and LEDs	247
26.3 ZyXEL Device Access and Login	248
26.4 Internet Access	250
26.5 Wireless Internet Access	251
26.6 USB Device Connection	252
26.7 UPnP	253
Product Specifications	255
IP Addresses and Subnetting	263
Setting Up Your Computer’s IP Address	273
Pop-up Windows, Java Script and Java Permissions	303
Wireless LANs	311
Common Services	331
Open Software Announcements	335
Legal Information	357