ZyXEL Communications NWD-210N - FOR MAC V1.00 Guide de l'utilisateur Page 133
- Page / 292
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 18 IPSec VPN
NBG5715 User’s Guide
133
Peer Content The configuration of the peer content depends on the peer ID type.
For IP, type the IP address of the computer with which you will make the VPN
connection. If you configure this field to 0.0.0.0 or leave it blank, the NBG5715
will use the address in the Secure Gateway Address field (refer to the Secure
Gateway Address field description).
For Domain Name or E-mail, type a domain name or e-mail address by which
to identify the remote IPSec router. Use up to 31 ASCII characters including
spaces, although trailing spaces are truncated. The domain name or e-mail
address is for identification purposes only and can be any string.
It is recommended that you type an IP address other than 0.0.0.0 or use the
Domain Name or E-mail ID type in the following situations:
When there is a NAT router between the two IPSec routers.
When you want the NBG5715 to distinguish between VPN connection requests
that come in from remote IPSec routers with dynamic WAN IP addresses.
IPSec Algorithm
Phase 1
Pre-Shared
Key
Type your pre-shared key in this field. A pre-shared key identifies a
communicating party during a phase 1 IKE negotiation. It is called "pre-shared"
because you have to share it with another party before you can communicate
with them over a secure connection.
Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal
("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x”
(zero x), which is not counted as part of the 16 to 62 character range for the
key. For example, in "0x0123456789ABCDEF", “0x” denotes that the key is
hexadecimal and “0123456789ABCDEF” is the key itself.
Both ends of the VPN tunnel must use the same pre-shared key. You will receive
a “PYLD_MALFORMED” (payload malformed) packet if the same pre-shared key
is not used on both ends.
Mode Select Main or Aggressive from the drop-down list box. Multiple SAs
connecting through a secure gateway must have the same negotiation mode.
Encryption
Algorithm
Select which key size and encryption algorithm to use for data communications.
Choices are:
DES - a 56-bit key with the DES encryption algorithm
3DES - a 168-bit key with the DES encryption algorithm
The NBG5715 and the remote IPSec router must use the same algorithms and
key , which can be used to encrypt and decrypt the message or to generate and
verify a message authentication code. Longer keys require more processing
power, resulting in increased latency and decreased throughput.
Authentication
Algorithm
Select which hash algorithm to use to authenticate packet data. Choices are
SHA1 and MD5. SHA1 is generally considered stronger than MD5, but it is also
slower.
SA Life Time Define the length of time before an IKE or IPSec SA automatically renegotiates
in this field. It may range from 1 to 2,000,000,000 seconds.
A short SA Life Time increases security by forcing the two VPN gateways to
update the encryption and authentication keys. However, every time the VPN
tunnel renegotiates, all users accessing remote resources are temporarily
disconnected.
Table 54 Security > IPSec VPN > General > Edit: IKE (continued)
LABEL DESCRIPTION
- Default Login Details 1
- About This User's Guide 3
- Need More Help? 4
- Customer Support 4
- Document Conventions 5
- Icons Used in Figures 6
- Safety Warnings 7
- Contents Overview 10
- NBG5715 User’s Guide 10
- Table of Contents 11
- Table of Contents 13
- User’s Guide 19
- CHAPTER 1 21
- 1.2 Applications 22
- 1.5 LEDs 23
- CHAPTER 2 25
- CHAPTER 3 26
- 3.2.1 The Menus 28
- CHAPTER 4 33
- 4.2.2 Weather Edit 34
- 4.3 Resetting the NBG5715 35
- CHAPTER 5 37
- 5.3 The Log Screen 38
- 5.4 DHCP Table 38
- 5.5 Packet Statistics 40
- 5.6 VPN Monitor 41
- Chapter 5 Monitor and Summary 42
- CHAPTER 6 43
- CHAPTER 7 44
- 7.3 Navigation Panel 45
- Status Screen 45
- 7.4 Network Map 46
- 7.5 Control Panel 47
- 7.5.1 Game Engine 48
- 7.5.2 Power Saving 48
- 7.5.3 Content Filter 49
- 7.5.4 Bandwidth MGMT 50
- 7.5.5 Firewall 51
- 7.5.6 Wireless Security 51
- 7.5.7 WPS 52
- Chapter 7 Easy Mode 54
- ITEM DESCRIPTION 54
- CHAPTER 8 55
- to open the status screen 56
- 8.2.1 Navigation Panel 58
- Chapter 8 Router Mode 59
- LINK TAB FUNCTION 59
- Chapter 8 Router Mode 60
- CHAPTER 9 61
- Wireless Client 62
- Access Point 62
- 9.2.2 PIN Configuration 63
- Wireless LAN Mode 2.4G 64
- SSID SSID_Example3 64
- Channel 6 64
- Security WPA-PSK 64
- Chapter 9 Tutorials 66
- Technical Reference 69
- CHAPTER 10 71
- Encapsulation Method 72
- WAN IP Address 72
- DNS Server Address Assignment 72
- WAN MAC Address 72
- 10.4 The Broadband Screen 73
- 10.4.2 PPPoE Encapsulation 75
- Chapter 10 WAN 76
- 10.5 The Advanced Screen 77
- CHAPTER 11 79
- 11.1.2 What You Should Know 80
- 11.3 Wireless Security Modes 84
- 11.3.2 WEP Encryption 85
- 11.3.3 WPA-PSK/WPA2-PSK 86
- 11.3.4 WPA/WPA2 87
- 11.4 The MAC Filter Screen 88
- 11.6 The QoS Screen 90
- 11.7 The WPS Screen 91
- 11.8 The WPS Station Screen 92
- 11.9 The Scheduling Screen 93
- Chapter 11 Wireless LAN 94
- CHAPTER 12 95
- 12.3 What You Need To Know 96
- 12.4 The LAN IP Screen 97
- 12.5 The IP Alias Screen 97
- Chapter 12 LAN 98
- CHAPTER 13 99
- 13.4 The Client List Screen 101
- CHAPTER 14 103
- 14.1.2 What You Need To Know 104
- 14.2 The NAT General Screen 105
- 14.4 The NAT Advance Screen 109
- 14.5 Technical Reference 110
- Chapter 14 NAT 112
- CHAPTER 15 113
- CHAPTER 16 115
- Chapter 16 Static Route 117
- LABEL DESCRIPTION 117
- Chapter 16 Static Route 118
- CHAPTER 17 119
- What is a Firewall? 120
- Stateful Inspection Firewall 120
- About the NBG5715 Firewall 120
- Chapter 17 Firewall 123
- CHAPTER 18 124
- 18.3 What You Need To Know 125
- 18.4 The General Screen 126
- 18.5 Edit VPN Rule 128
- 18.5.1 IKEKey Setup 129
- Chapter 18 IPSec VPN 133
- 18.5.2 Manual Key Setup 134
- 18.6 The SA Monitor Screen 139
- 18.7 Technical Reference 139
- 18.7.1 IPSec Architecture 140
- 18.7.2 Encapsulation 141
- 18.7.3 IKE Phases 142
- 18.7.5 IPSec and NAT 143
- 18.7.7 ID Type and Content 144
- 18.7.8 Pre-Shared Key 145
- CHAPTER 19 147
- 19.4 General Screen 148
- 19.5 Advance Screen 148
- CHAPTER 20 152
- 20.4 WWW Screen 153
- 20.5 Telnet Screen 154
- CHAPTER 21 155
- 21.3 UPnP Screen 156
- 21.4 Technical Reference 156
- CHAPTER 22 163
- 22.4 Password Screen 164
- 22.5 Time Setting Screen 165
- 22.6 Firmware Upgrade Screen 166
- 22.7 Backup/Restore Screen 167
- 22.8 The Language Screen 169
- Chapter 22 Maintenance 170
- CHAPTER 23 171
- I forgot the password 172
- 23.4 Internet Access 174
- 23.7 USB Device Problems 176
- Chapter 23 Troubleshooting 178
- APPENDIX A 179
- APPENDIX B 183
- JavaScript 186
- Java Permissions 188
- JAVA (Sun) 189
- Mozilla Firefox 190
- Allowing Pop-Ups 192
- Enabling Java 192
- APPENDIX C 195
- Subnet Masks 196
- Network Size 197
- Notation 197
- Subnetting 198
- Example: Four Subnets 199
- Example: Eight Subnets 200
- Subnet Planning 201
- Configuring IP Addresses 202
- Private IP Addresses 202
- IP Address Conflicts 203
- APPENDIX D 205
- Windows XP/NT/2000 206
- Verifying Settings 208
- Windows Vista 209
- Windows 7 213
- Mac OS X: 10.3 and 10.4 217
- Mac OS X: 10.5 and 10.6 220
- Linux: Ubuntu 8 (GNOME) 223
- Linux: openSUSE 10.3 (KDE) 227
- APPENDIX E 233
- Fragmentation Threshold 236
- Preamble Type 237
- IEEE 802.11g Wireless LAN 237
- Wireless Security Overview 237
- IEEE 802.1x 238
- Types of RADIUS Messages 239
- Types of EAP Authentication 239
- Encryption 241
- WPA and WPA2 241
- User Authentication 242
- Security Parameters Summary 244
- Antenna Overview 244
- Appendix E Wireless LANs 246
- APPENDIX F 247
- Appendix F Common Services 248
- Appendix F Common Services 249
- APPENDIX G 251
- APPENDIX H 281
- Viewing Certifications 282
- ZyXEL Limited Warranty 282
- Registration 282
- End-User License Agreement 283
- Appendix H Legal Information 286
- NBG5715 User’s Guide292 292
Produits connexes et manuels pour Routeurs ZyXEL Communications NWD-210N - FOR MAC V1.00
(341 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.474 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels