Manualshelf

ZyWALL User's Guide

ManualsBrandsZyXEL Communications ManualsNetwork CardZyWALL 2 Plus
11121314151617181920
Table of Contents
ZyWALL 2 Plus User’s Guide
14
Chapter 14
IPSec VPN.............................................................................................................................. 253
14.1 IPSec VPN Overview ..................................................................................................... 253
14.1.1 IKE SA Overview .................................................................................................... 254
14.2 VPN Rules (IKE) .............................................................................................................. 255
14.3 IKE SA Setup .................................................................................................................. 257
14.3.1 IKE SA Proposal .................................................................................................... 257
14.4 Additional IPSec VPN Topics ........................................................................................... 261
14.4.1 SA Life Time ........................................................................................................... 262
14.4.2 IPSec High Availability ........................................................................................... 262
14.4.3 Encryption and Authentication Algorithms ............................................................. 263
14.5 VPN Rules (IKE) Gateway Policy Edit ............................................................................. 264
14.6 IPSec SA Overview .....................................................................................................270
14.6.1 Local Network and Remote Network ...................................................................... 270
14.6.2 Virtual Address Mapping ........................................................................................ 271
14.6.3 Active Protocol ....................................................................................................... 272
14.6.4 Encapsulation ......................................................................................................... 272
14.6.5 IPSec SA Proposal and Perfect Forward Secrecy ................................................. 273
14.7 VPN Rules (IKE) Network Policy Edit ............................................................................. 273
14.8 Network Policy Port Forwarding ................................................................................... 278
14.9 Network Policy Move .....................................................................................................280
14.10 IPSec SA Using Manual Keys ................................................................................... 281
14.10.1 IPSec SA Proposal Using Manual Keys ............................................................... 281
14.10.2 Authentication and the Security Parameter Index (SPI) ....................................... 281
14.11 VPN Rules (Manual) ...................................................................................................... 281
14.12 VPN Rules (Manual) Edit ............................................................................................ 283
14.13 VPN SA Monitor .......................................................................................................... 285
14.14 VPN Global Setting ....................................................................................................... 286
14.14.1 Local and Remote IP Address Conflict Resolution .............................................. 286
14.15 Telecommuter VPN/IPSec Examples ............................................................................ 289
14.15.1 Telecommuters Sharing One VPN Rule Example ................................................ 289
14.15.2 Telecommuters Using Unique VPN Rules Example ............................................. 290
14.16 VPN and Remote Management ..................................................................................... 291
14.17 Hub-and-spoke VPN ...................................................................................................... 292
14.17.1 Hub-and-spoke VPN Example ............................................................................. 293
14.17.2 Hub-and-spoke Example VPN Rule Addresses ................................................... 293
14.17.3 Hub-and-spoke VPN Requirements and Suggestions ......................................... 294
Chapter 15
Certificates ............................................................................................................................ 295
15.1 Certificates Overview ....................................................................................................... 295
15.1.1 Advantages of Certificates ..................................................................................... 296
15.2 Self-signed Certificates .................................................................................................... 296