Table 54 Security > VPN > Rule Setup: Manual (continued)
LABEL | DESCRIPTION |
IPSec Protocol | Select the security protocols used for an SA. |
| Both AH and ESP increase processing requirements and communications latency |
| (delay). |
| If you select ESP here, you must select options from the Encryption Algorithm |
| and Authentication Algorithm fields (described below). |
|
|
Encryption | Select which key size and encryption algorithm to use in the IKE SA. Choices are: |
Algorithm | DES - a |
| |
| 3DES - a |
| The ZyXEL Device and the remote IPSec router must use the same algorithms |
| and keys. Longer keys require more processing power, resulting in increased |
| latency and decreased throughput. |
|
|
Encryption Key | This field is applicable when you select ESP in the IPSec Protocol field above. |
| With DES, type a unique key 8 characters long. With 3DES, type a unique key 24 |
| characters long. Any characters may be used, including spaces, but trailing |
| spaces are truncated. |
|
|
Authentication | Select which hash algorithm to use to authenticate packet data in the IPSec SA. |
Algorithm | Choices are SHA1 and MD5. SHA1 is generally considered stronger than MD5, |
| but it is also slower. |
|
|
Authentication | Type a unique authentication key to be used by IPSec if applicable. Enter 16 |
Key | characters for MD5 authentication or 20 characters for |
| characters may be used, including spaces, but trailing spaces are truncated. |
|
|
Apply | Click Apply to save your changes back to the ZyXEL Device. |
|
|
Reset | Click Reset to begin configuring this screen afresh. |
|
|
13.8 VPN SA Monitor
In the web configurator, click SECURITY > VPN > SA Monitor. Use this screen to display and manage active VPN connections.
A Security Association (SA) is the group of security settings related to a specific VPN tunnel. This screen displays active VPN connections. Use Refresh to display active VPN connections.
Figure 95 Security > VPN > SA Monitor
164 | Chapter 13 IPSec VPN |