Chapter 18 VPN Screens
Table 102 AH and ESP
| ESP | AH |
|
|
|
| DES (default) | MD5 (default) |
| Data Encryption Standard (DES) is a widely | MD5 (Message Digest 5) produces a |
| used method of data encryption using a | digest to authenticate packet data. |
| private (secret) key. DES applies a |
|
| to each |
|
|
|
|
| 3DES | SHA1 |
| Triple DES (3DES) is a variant of DES, which | SHA1 (Secure Hash Algorithm) produces a |
ENCRYPTION | iterates three times with three separate keys | |
(3 x 56 = 168 bits), effectively doubling the |
| |
| strength of DES. |
|
|
|
|
| AES |
|
| Advanced Encryption Standard is a newer |
|
| method of data encryption that also uses a |
|
| secret key. This implementation of AES |
|
| applies a |
|
| data. AES is faster than 3DES. |
|
|
|
|
| Select NULL to set up a phase 2 tunnel |
|
| without encryption. |
|
|
|
|
| MD5 (default) | MD5 (default) |
| MD5 (Message Digest 5) produces a | MD5 (Message Digest 5) produces a |
| digest to authenticate packet data. | digest to authenticate packet data. |
|
|
|
AUTHENTICATION | SHA1 | SHA1 |
| SHA1 (Secure Hash Algorithm) produces a | SHA1 (Secure Hash Algorithm) produces a |
| ||
|
|
|
| Select MD5 for minimal security and SHA1 for maximum security. | |
|
|
|
18.3 My IP Address
My IP Address is the WAN IP address of the ZyXEL Device. The ZyXEL Device has to rebuild the VPN tunnel if My IP Address changes after setup.
The following applies if this field is configured as 0.0.0.0:
•The ZyXEL Device uses the current ZyXEL Device WAN IP address (static or dynamic) to set up the VPN tunnel.
•If the WAN connection goes down, the ZyXEL Device uses the dial backup IP address for the VPN tunnel when using dial backup or the LAN IP address when using traffic redirect. See Chapter 7 on page 101 for details on dial backup and traffic redirect.
18.4Secure Gateway Address
Secure Gateway Address is the WAN IP address or domain name of the remote IPSec router (secure gateway).
276 |
| |
| ||
|
|
|