ZyWALL 5/35/70 Series User’s Guide
19.7
ID Type and Content ......................................................................................
307
19.7.1 ID Type and Content Examples ............................................................
308
19.8
IKE Phases ....................................................................................................
309
19.8.1 Negotiation Mode ..................................................................................
310
19.8.2 Pre-Shared Key ....................................................................................
19.8.3 Diffie-Hellman (DH) Key Groups ...........................................................
311
19.8.4 Perfect Forward Secrecy (PFS) ...........................................................
19.9
X-Auth (Extended Authentication) ..................................................................
19.9.1 Authentication Server ...........................................................................
19.15.1 Security Parameter Index (SPI) ..........................................................
327
19.18 Telecommuter VPN/IPSec Examples ...........................................................
333
19.18.1 Telecommuters Sharing One VPN Rule Example ..............................
19.18.2 Telecommuters Using Unique VPN Rules Example ...........................
334
19.19 VPN and Remote Management ...................................................................
336
Chapter 20
Certificates............................................................................................................
338
20.1
Certificates Overview .....................................................................................
20.1.1 Advantages of Certificates ....................................................................
339
20.2
Self-signed Certificates ..................................................................................
20.3
Configuration Summary .................................................................................
20.5.1 Certificate File Formats .........................................................................
342
20.12 Verifying a Trusted Remote Host’s Certificate ..............................................
357
20.12.1 Trusted Remote Host Certificate Fingerprints .....................................
Chapter 21
Authentication Server..........................................................................................
366
21.1
Authentication Server Overview .....................................................................
21.1.1 Local User Database ............................................................................
21.1.2 RADIUS ................................................................................................
Chapter 22
370
22.1
NAT Overview ................................................................................................
22.1.1 NAT Definitions .....................................................................................
22.1.2 What NAT Does ....................................................................................
371
22.1.3 How NAT Works ...................................................................................
22.1.4 NAT Application ....................................................................................
372
22.1.5 Port Restricted Cone NAT ....................................................................
373
22.1.6 NAT Mapping Types .............................................................................
22.2
Using NAT ......................................................................................................
374
22.2.1 SUA (Single User Account) Versus NAT ..............................................
22.5
Port Forwarding ..............................................................................................
379
17
Table of Contents
