P-334U/P-335U User’s Guide
Table of Contents
15
Chapter 13
IPSec VPN
.............................................................................................................
139
13.1 IPSec VPN Overview
...................................................................................
139
13.1.1 IKE SA (IKE Phase 1) Overview
...........................................................
140
13.1.1.1 IP Addresses of the ZyXEL Device and Remote IPSec Router ..140
13.1.2 IKE SA Setup
........................................................................................
140
13.1.2.1 IKE SA Proposal
.........................................................................
141
13.1.2.2 Diffie-Hellman (DH) Key Exchange
.............................................
141
13.1.2.3 Authentication
.............................................................................
141
13.1.2.4 Negotiation Mode
........................................................................
143
13.1.2.5 VPN, NAT, and NAT Traversal
.....................................................
143
13.1.3 IPSec SA (IKE Phase 2) Overview
.....................................................
144
13.1.3.1 Local Network and Remote Network
...........................................
144
13.1.3.2 IPSec Protocol
............................................................................
144
13.1.3.3 Encapsulation
..............................................................................
145
13.1.3.4 IPSec SA Proposal and Perfect Forward Secrecy
......................
145
13.1.4 Additional IPSec VPN Topics
................................................................
146
13.1.4.1 SA Life Time
................................................................................
146
13.1.4.2 Encryption and Authentication Algorithms
..................................
146
13.2 Remote DNS Server
......................................................................................
147
13.3 VPN Summary
...............................................................................................
147
13.4 VPN Rule Setup (IKE)
...................................................................................
148
13.5 Advanced VPN Rule Setup (IKE)
................................................................
153
13.6 IPSec SA Using Manual Keys
....................................................................
159
13.6.1 IPSec SA Proposal Using Manual Keys
...............................................
160
13.6.2 Authentication and the Security Parameter Index (SPI)
.......................
160
13.7 VPN Rule Setup (Manual)
..............................................................................
160
13.8 VPN SA Monitor
...........................................................................................
164
13.9 VPN Global Setting
.......................................................................................
165
13.10 Telecommuter VPN/IPSec Examples
...........................................................
165
13.10.1 Telecommuters Sharing One VPN Rule Example
..............................
166
13.10.2 Telecommuters Using Unique VPN Rules Example
...........................
166
13.11 VPN and Remote Management
...................................................................
168
Chapter 14
Static Route Screens
...........................................................................................
169
14.1 Static Route Overview
....................................................................................
169
14.2 IP Static Route Screen
...................................................................................
170
14.2.1 Static Route Setup Screen
...................................................................
171
Chapter 15
Bandwidth Management
......................................................................................
173
15.1 Bandwidth Management Overview
...............................................................
173