
For example, if the local private network is 192.168.1.0/255.255.255.0, you could choose 192.168.1.200 as the Start IP Address. But, you have to notice that the first two IP addresses of 192.168.1.200 and 192.168.1.201 are reserved for ISDN remote
3.11.3 IPSec General Setup
In IPSec General Setup, there are two major parts of configuration.
There are two phases of IPSec.
¾Phase 1: negotiation of IKE parameters including encryption, hash,
¾Phase 2: negotiation IPSec security methods including Authentication Header (AH) or Encapsulating Security Payload (ESP) for the following IKE exchange and mutual examination of the secure tunnel establishment.
There are two encapsulation methods used in IPSec, Transport and Tunnel. The Transport mode will add the AH/ESP payload and use original IP header to encapsulate the data payload only. It can just apply to local packet, e.g., L2TP over IPSec. The Tunnel mode will not only add the AH/ESP payload but also use a new IP header (Tunneled IP header) to encapsulate the whole original IP packet.
Authentication Header (AH) provides data authentication and integrity for IP packets passed between VPN peers. This is achieved by a keyed
Encapsulating Security Payload (ESP) is a security protocol that provides data confidentiality and protection with optional authentication and replay detection service.
IKE Authentication Method This usually applies to those are remote
VigorPro5500 Series User’s Guide | 105 |