Filter
Top Products
ZyWALL 50 Internet Security Gateway
23-10 VPN/IPSec Setup
Table 23-4 Menu 27.1.1 — IPSec Setup
FIELD DESCRIPTION EXAMPLE
Press [SPACE BAR] to select Yes or No. Choose Yes and press [ENTER]
to enable replay detection.
Key
Management
Press [SPACE BAR] to choose either IKE or Manual and then press
[ENTER].
If you choose IKE, then you must configure the IKE Setup menu. Move the
cursor to the Edit IKE Setup field, press [SPACE BAR] to change the
default No to Yes and then press [ENTER] to go to the IKE Setup menu.
If you choose Manual, then you must configure the ESP/AH Setup menu.
Move the cursor to the Edit Manual Setup field, press [SPACE BAR] to
change the default No to Yes and then press [ENTER] to go to the IKE
Setup menu.
Manual is a useful option for troubleshooting if you have problems using
IKE key management.
IKE
Edit IKE Setup
You must configure this menu when you choose IKE key management.
Press [SPACE BAR] to change the default No to Yes and then press
[ENTER] to go to Menu 27.1.1.1 – IKE Setup discussed next.
No
Edit Manual
Setup
You must configure this menu when you choose Manual key
management. Press [SPACE BAR] to change the default No to Yes and
then press [ENTER] to display Menu 27.1.1.2 – Manual Setup discussed
later.
N/A
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
23.4 IKE Setup
To edit this menu, move the cursor to the Edit IKE Setup field in Menu 27.1.1 – IPSec Setup; press
[SPACE BAR] to select Yes and then press [ENTER] to display Menu 27.1.1.1 – IKE Setup.
23.4.1 IKE Phases
There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase
2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate
SAs for IPSec.