Netgear FVS114NA FVS114 Reference Manual - Page 175
VPN Gateway A, IPSec Security Association IKE, VPN Tunnel Negotiation Steps
![]() |
View all Netgear FVS114NA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 175 highlights
Reference Manual for the ProSafe VPN Firewall FVS114 VPN Gateway A VPN Tunnel VPN Gateway B PCs PCs Figure C-5: VPN tunnel Security Associaton (SA) The SA contains all the information necessary for gateway A to negotiate a secure and encrypted communication stream with gateway B. This communication is often referred to as a "tunnel." The gateways contain this information so that it does not have to be loaded onto every computer connected to the gateways. Each gateway must negotiate its SA with another gateway using the parameters and processes established by IPSec. As illustrated below, the most common method of accomplishing this process is via the Internet Key Exchange (IKE) protocol which automates some of the negotiation procedures. VPN Gateway IPSec Security Association IKE VPN Tunnel Negotiation Steps 1) Communication request sent to VPN Gateway 2) IKE Phase I authentication VPN Gateway 3) IKE Phase II negotiation 4) Secure data transfer 5) IPSec tunnel termination Figure C-6: IPSec Security Association (SA) negotiation Or, you can configure your gateways using manual key exchange, which involves manually configuring each paramter on both gateways. 1. The IPSec software on Host A initiates the IPSec process in an attempt to communicate with Host B. The two computers then begin the Internet Key Exchange (IKE) process. Virtual Private Networking C-9 202-10098-01, April 2005
![](/manual_guide/products/netgear-fvs114-fvs114-reference-manual-5307826/175.png)