ZyXEL P-792H v2 User Guide - Page 170
Security > VPN > Setup > Manual Key continued
View all ZyXEL P-792H v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 170 highlights
Chapter 12 VPN Table 46 Security > VPN > Setup > Manual Key (continued) LABEL DESCRIPTION Remote Remote IP addresses must be static and correspond to the remote IPSec router's configured local IP addresses. Two active SAs cannot have the local and remote IP address(es) both the same. Two active SAs can have the same local or remote IP address, but not both. You can configure multiple SAs between the same local and remote IP addresses, as long as only one is active at any time. Remote Address Type Use the drop-down menu to choose Single, Range, or Subnet. Select Single with a single IP address. Select Range for a specific range of IP addresses. Select Subnet to specify IP addresses on a network by their subnet mask. IP Address Start When the Remote Address Type field is configured to Single, enter a (static) IP address on the network behind the remote IPSec router. When the Remote Address Type field is configured to Range, enter the beginning (static) IP address, in a range of computers on the network behind the remote IPSec router. When the Remote Address Type field is configured to Subnet, enter a (static) IP address on the network behind the remote IPSec router. End / Subnet Mask When the Remote Address Type field is configured to Single, this field is N/A. When the Remote Address Type field is configured to Range, enter the end (static) IP address, in a range of computers on the network behind the remote IPSec router. When the Remote Address Type field is configured to Subnet, enter a subnet mask on the network behind the remote IPSec router. Address Information My IP Address Enter the WAN IP address of your P-792H v2. The VPN tunnel has to be rebuilt if this IP address changes. The following applies if this field is configured as 0.0.0.0: The P-792H v2 uses the current P-792H v2 WAN IP address (static or dynamic) to set up the VPN tunnel. Secure Gateway Type the WAN IP address or the URL (up to 31 characters) of the IPSec Address router with which you're making the VPN connection. Security Protocol IPSec Protocol Select ESP if you want to use ESP (Encapsulation Security Payload). The ESP protocol (RFC 2406) provides encryption as well as some of the services offered by AH. If you select ESP here, you must select options from the Encryption Algorithm and Authentication Algorithm fields (described next). Encryption Algorithm Select DES, 3DES or NULL from the drop-down list box. When DES is used for data communications, both sender and receiver must know the same secret key, which can be used to encrypt and decrypt the message or to generate and verify a message authentication code. The DES encryption algorithm uses a 56-bit key. Triple DES (3DES) is a variation on DES that uses a 168-bit key. As a result, 3DES is more secure than DES. It also requires more processing power, resulting in increased latency and decreased throughput. Select NULL to set up a tunnel without encryption. When you select NULL, you do not enter an encryption key. 170 P-792H v2 User's Guide