P-334U/P-335U User’s Guide
.............................................................................................................
139
13.1
IPSec VPN Overview ...................................................................................
13.1.1 IKE SA (IKE Phase 1) Overview ...........................................................
140
13.1.1.1 IP Addresses of the ZyXEL Device and Remote IPSec Router ..
13.1.2 IKE SA Setup ........................................................................................
13.1.2.1 IKE SA Proposal .........................................................................
141
13.1.2.2 Diffie-Hellman (DH) Key Exchange .............................................
13.1.2.3 Authentication .............................................................................
13.1.2.4 Negotiation Mode ........................................................................
143
13.1.2.5 VPN, NAT, and NAT Traversal .....................................................
13.1.3 IPSec SA (IKE Phase 2) Overview .....................................................
144
13.1.3.1 Local Network and Remote Network ...........................................
13.1.3.2 IPSec Protocol ............................................................................
13.1.3.3 Encapsulation ..............................................................................
145
13.1.3.4 IPSec SA Proposal and Perfect Forward Secrecy ......................
13.1.4 Additional IPSec VPN Topics ................................................................
146
13.1.4.1 SA Life Time ................................................................................
13.1.4.2 Encryption and Authentication Algorithms ..................................
13.2
Remote DNS Server ......................................................................................
147
13.3 VPN Summary ...............................................................................................
13.4
VPN Rule Setup (IKE) ...................................................................................
148
13.5
Advanced VPN Rule Setup (IKE) ................................................................
153
13.6
IPSec SA Using Manual Keys ....................................................................
159
13.6.1 IPSec SA Proposal Using Manual Keys ...............................................
160
13.6.2 Authentication and the Security Parameter Index (SPI) .......................
13.7
VPN Rule Setup (Manual) ..............................................................................
13.8
VPN SA Monitor ...........................................................................................
164
13.9
VPN Global Setting .......................................................................................
165
13.10 Telecommuter VPN/IPSec Examples ...........................................................
13.10.1 Telecommuters Sharing One VPN Rule Example ..............................
166
13.10.2 Telecommuters Using Unique VPN Rules Example ...........................
13.11 VPN and Remote Management ...................................................................
168
Chapter 14
169
14.1
Static Route Overview ....................................................................................
14.2
IP Static Route Screen ...................................................................................
170
14.2.1 Static Route Setup Screen ...................................................................
171
Chapter 15
173
15.1
Bandwidth Management Overview ...............................................................
Table of Contents
15
