ZyXEL Communications 35 manual 17

ZyWALL 35 Internet Security Appliance

4.Use the forth wizard screen to configure IPSec settings and click Next to continue.

Choose Tunnel mode or Transport mode.

Choose which protocol to use (ESP or AH) for the IKE key exchange.

Choose an encryption algorithm or select

NULL to set up a tunnel without encryption.

Choose an authentication algorithm.

Set the IPSec SA lifetime. This field allows you to determine how long the IPSec SA should stay up before it times out.

Choose whether to enable Perfect Forward Secrecy (PFS) using Diffie-Hellman public- key cryptography. Select None (the default) to disable PFS. DH1 refers to Diffie-Hellman Group 1 a 768 bit random number. DH2 refers to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number (more secure, yet slower).

5.This read-only screen shows a summary of the VPN rule’s settings. Check whether what you have configured is correct.

Click Finish to save and complete the wizard setup. Otherwise, click Back to return to the previous screen.

16