Prestige 792H G.SHDSL Router

 

Table 14-9 VPN Manual Key

 

 

LABEL

DESCRIPTION

 

 

My IP Address

Enter the WAN IP address of your Prestige. The Prestige uses its current WAN IP

 

address (static or dynamic) in setting up the VPN tunnel if you leave this field as

 

0.0.0.0. The VPN tunnel has to be rebuilt if this IP address changes.

 

 

Secure Gateway

Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with

Address

which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec

 

router has a dynamic WAN IP address (the IPSec Key Mode field must be set to

 

IKE).

 

 

Security Protocol

 

 

 

IPSec Protocol

Select ESP if you want to use ESP (Encapsulation Security Payload). The ESP

 

protocol (RFC 2406) provides encryption as well as some of the services offered by

 

AH. If you select ESP here, you must select options from the Authentication

 

Algorithm field (described later).

 

 

Encryption Algorithm

Select DES, 3DES or NULL from the drop-down list box.

 

When DES is used for data communications, both sender and receiver must know the

 

same secret key, which can be used to encrypt and decrypt the message or to

 

generate and verify a message authentication code. The DES encryption algorithm

 

uses a 56-bit key. Triple DES (3DES) is a variation on DES that uses a 168-bit key.

 

As a result, 3DES is more secure than DES. It also requires more processing power,

 

resulting in increased latency and decreased throughput. Select NULL to set up a

 

tunnel without encryption. When you select NULL, you do not enter an encryption

 

key.

 

 

Encapsulation Key

With DES, type a unique key 8 characters long. With 3DES, type a unique key 24

(only with ESP)

characters long. Any characters may be used, including spaces, but trailing spaces

 

are truncated.

 

 

Authentication

Select SHA1 or MD5 from the drop-down list box. MD5 (Message Digest 5) and

Algorithm

SHA1 (Secure Hash Algorithm) are hash algorithms used to authenticate packet data.

 

The SHA1 algorithm is generally considered stronger than MD5, but is slower. Select

 

MD5 for minimal security and SHA-1for maximum security.

 

 

Authentication Key

Type a unique authentication key to be used by IPSec if applicable. Enter 16

 

characters for MD5 authentication or 20 characters for SHA-1 authentication. Any

 

characters may be used, including spaces, but trailing spaces are truncated.

 

 

Back

Click Back to return to the previous screen.

 

 

VPN Screens

14-23

Page 201
Image 201
ZyXEL Communications 792H manual VPN Screens 14-23