ZyWALL 5/35/70 Series User’s Guide

Table 94 ESP and AH

 

ESP

AH

 

 

 

Encryption

DES (default)

 

 

Data Encryption Standard (DES) is a

 

 

widely used method of data encryption

 

 

using a secret key. DES applies a 56-bit

 

 

key to each 64-bit block of data.

 

 

3DES

 

 

Triple DES (3DES) is a variant of DES,

 

 

which iterates three times with three

 

 

separate keys (3 x 56 = 168 bits),

 

 

effectively doubling the strength of DES.

 

 

AES

 

 

Advanced Encryption Standard is a

 

 

newer method of data encryption that

 

 

also uses a secret key. This

 

 

implementation of AES applies a 128-bit

 

 

key to 128-bit blocks of data. AES is

 

 

faster than 3DES.

 

 

Select NULL to set up a phase 2 tunnel

 

 

without encryption.

 

Authentication

MD5 (default)

MD5 (default)

 

MD5 (Message Digest 5) produces a

MD5 (Message Digest 5) produces a

 

128-bit digest to authenticate packet

128-bit digest to authenticate packet

 

data.

data.

 

SHA1

SHA1

 

SHA1 (Secure Hash Algorithm) produces

SHA1 (Secure Hash Algorithm) produces

 

a 160-bit digest to authenticate packet

a 160-bit digest to authenticate packet

 

data.

data.

 

Select MD5 for minimal security and SHA-1for maximum security.

 

 

 

19.3 My ZyWALL

My ZyWALL identifies the WAN IP address or domain name of the ZyWALL (if it has one) or leave the field set to 0.0.0.0 when the ZyWALL is in router mode. This field displays the ZyWALL’s IP address when the ZyWALL is in bridge mode. The ZyWALL has to rebuild the VPN tunnel if the My ZyWALL IP address changes after setup.

19.4 Remote Gateway Address

Remote Gateway Address is the WAN IP address or domain name of the remote IPSec router (secure gateway).

305

Chapter 19 VPN Screens