Index

Perfect Forward Secrecy 450 PFS 450

phase 2 settings 449 policy enforcement 449 remote access 448 remote IPSec router 441 remote network 441 remote policy 449 replay detection 448 SA life time 449

SA monitor 245

SA see also IPSec SA 476 see also VPN

site-to-site with dynamic peer 448 static site-to-site 448

transport encapsulation 449 tunnel encapsulation 449 VPN gateway 444

IPSec SA

active protocol 476 and firewall 425, 878

and to-ZyWALL firewall 878 authentication algorithms 470, 471 authentication key (manual keys) 478 destination NAT for inbound traffic 480 encapsulation 476

encryption algorithms 471 encryption key (manual keys) 478 local policy 476

manual keys 478

NAT for inbound traffic 478 NAT for outbound traffic 478 Perfect Forward Secrecy (PFS) 477 proposal 477

remote policy 476 search by name 246 search by policy 246

Security Parameter Index (SPI) (manual keys) 478

see also IPSec see also VPN

source NAT for inbound traffic 479 source NAT for outbound traffic 479 status 245

transport mode 476 tunnel mode 476

when IKE SA is disconnected 476 IPSec VPN

configuration overview 110 hub and spoke 131

prerequisites 109, 110 see also IPSec troubleshooting 877 tutorial 127

where used 110 ISP account

CHAP 763 CHAP/PAP 763 MPPE 763 MSCHAP 763 MSCHAP-V2 763 PAP 763

ISP accounts 761

and PPPoE/PPTP interfaces 293, 761 authentication type 763 encryption method 763

stac compression 764

J

Java 638

permissions 51

JavaScript 51

K

key pairs 739

L

L2TP VPN 517 configuration overview 111 configuring in Windows 2000 191 configuring in Windows Vista 175 configuring in Windows XP 185 Default_L2TP_VPN_Connection 518

Default_L2TP_VPN_Connection example 173 Default_L2TP_VPN_GW 518 Default_L2TP_VPN_GW example 171

DNS 520 example 171

IPSec configuration 517 policy routes 518 prerequisites 111

 

1067

ZyWALL USG 2000 User’s Guide