P-334U/P-335U User’s Guide
Table of Contents 15
Chapter 13
IPSec VPN.............................................................................................................139
13.1 IPSec VPN Overview ...................................................................................139
13.1.1 IKE SA (IKE Phase 1) Overview ...........................................................140
13.1.1.1 IP Addresses of the ZyXEL Device and Remote IPSec Router ..140
13.1.2 IKE SA Setup ........................................................................................140
13.1.2.1 IKE SA Proposal .........................................................................141
13.1.2.2 Diffie-Hellman (DH) Key Exchange .............................................141
13.1.2.3 Authentication .............................................................................141
13.1.2.4 Negotiation Mode ........................................................................143
13.1.2.5 VPN, NAT, and NAT Traversal .....................................................143
13.1.3 IPSec SA (IKE Phase 2) Overview .....................................................144
13.1.3.1 Local Network and Remote Network ...........................................144
13.1.3.2 IPSec Protocol ............................................................................144
13.1.3.3 Encapsulation ..............................................................................145
13.1.3.4 IPSec SA Proposal and Perfect Forward Secrecy ......................145
13.1.4 Additional IPSec VPN Topics ................................................................146
13.1.4.1 SA Life Time ................................................................................146
13.1.4.2 Encryption and Authentication Algorithms ..................................146
13.2 Remote DNS Server ......................................................................................147
13.3 VPN Summary ...............................................................................................147
13.4 VPN Rule Setup (IKE) ...................................................................................148
13.5 Advanced VPN Rule Setup (IKE) ................................................................153
13.6 IPSec SA Using Manual Keys ....................................................................159
13.6.1 IPSec SA Proposal Using Manual Keys ...............................................160
13.6.2 Authentication and the Security Parameter Index (SPI) .......................160
13.7 VPN Rule Setup (Manual) ..............................................................................160
13.8 VPN SA Monitor ...........................................................................................164
13.9 VPN Global Setting .......................................................................................165
13.10 Telecommuter VPN/IPSec Examples ...........................................................165
13.10.1 Telecommuters Sharing One VPN Rule Example ..............................166
13.10.2 Telecommuters Using Unique VPN Rules Example ...........................166
13.11 VPN and Remote Management ...................................................................168
Chapter 14
Static Route Screens ...........................................................................................169
14.1 Static Route Overview ....................................................................................169
14.2 IP Static Route Screen ...................................................................................170
14.2.1 Static Route Setup Screen ...................................................................171
Chapter 15
Bandwidth Management...................................................................................... 173
15.1 Bandwidth Management Overview ...............................................................173