ZyWALL 70 User’s Guide
Chapter 14 VPN Screens
235
C
H A P T E R
14
VPN Screens
This chapter introduces the VPN Web Configurator. See
information on viewing logs and
for IPSec log descriptions.
14.1 VPN/IPSec Overview
Use the screens documented in this chapter to configure rules for VPN connections and
manage VPN connections.
14.2 IPSec Algorithms
The
ESP
and
AH
protocols are necessary to create a Security Association (SA), the
foundation of an IPSec VPN. An SA is built from the authentication provided by the
AH
and
ESP
protocols. The primary function of key management is to establish and maintain the SA
between systems. Once the SA is established, the transport of data may commence.
14.2.1 AH (Authentication Header) Protocol
AH
protocol (RFC 2402) was designed for integrity, authentication, sequence integrity (replay
resistance), and non-repudiation but not for confidentiality, for which the
ESP
was designed.
In applications where confidentiality is not required or not sanctioned by government
encryption restrictions, an
AH
can be employed to ensure integrity. This type of
implementation does not protect the information from dissemination but will allow for
verification of the integrity of the information and authentication of the originator.
14.2.2 ESP (Encapsulating Security Payload) Protocol
The
ESP
protocol (RFC 2406) provides encryption as well as the services offered by
AH
.
ESP
authenticating properties are limited compared to the
AH
due to the non-inclusion of the IP
header information during the authentication process. However,
ESP
is sufficient if only the
upper layer protocols need to be authenticated.
An added feature of the
ESP
is payload padding, which further protects communications by
concealing the size of the packet being transmitted.
Содержание ZyWALL 70
Страница 1: ...ZyWALL 70 Internet Security Appliance User s Guide Version 3 64 3 2005 ...
Страница 2: ......
Страница 38: ...ZyWALL 70 User s Guide 38 List of Figures ...
Страница 46: ...ZyWALL 70 User s Guide 46 List of Tables ...
Страница 74: ...ZyWALL 70 User s Guide 74 Chapter 2 Introducing the Web Configurator ...
Страница 92: ...ZyWALL 70 User s Guide 92 Chapter 3 Wizard Setup ...
Страница 102: ...ZyWALL 70 User s Guide 102 Chapter 4 LAN Screens ...
Страница 108: ...ZyWALL 70 User s Guide 108 Chapter 5 Bridge Screens ...
Страница 130: ...ZyWALL 70 User s Guide 130 Chapter 6 Wireless LAN ...
Страница 136: ...ZyWALL 70 User s Guide 136 Chapter 7 WAN Screens Figure 45 WAN General ...
Страница 155: ...ZyWALL 70 User s Guide Chapter 7 WAN Screens 155 Figure 55 Dial Backup Setup ...
Страница 188: ...ZyWALL 70 User s Guide 188 Chapter 10 Firewall Screens Figure 71 Creating Editing A Firewall Rule ...
Страница 193: ...ZyWALL 70 User s Guide Chapter 10 Firewall Screens 193 Figure 76 My Service Rule Configuration ...
Страница 234: ...ZyWALL 70 User s Guide 234 Chapter 13 Introduction to IPSec ...
Страница 246: ...ZyWALL 70 User s Guide 246 Chapter 14 VPN Screens Figure 112 VPN Rules IKE Gateway Policy Edit ...
Страница 252: ...ZyWALL 70 User s Guide 252 Chapter 14 VPN Screens Figure 113 VPN Rules IKE Network Policy Edit ...
Страница 275: ...ZyWALL 70 User s Guide Chapter 15 Certificates 275 Figure 125 My Certificate Details ...
Страница 294: ...ZyWALL 70 User s Guide 294 Chapter 16 Authentication Server Figure 136 Local User Database ...
Страница 314: ...ZyWALL 70 User s Guide 314 Chapter 17 Network Address Translation NAT ...
Страница 318: ...ZyWALL 70 User s Guide 318 Chapter 18 Static Route ...
Страница 324: ...ZyWALL 70 User s Guide 324 Chapter 19 Policy Route ...
Страница 340: ...ZyWALL 70 User s Guide 340 Chapter 20 Bandwidth Management ...
Страница 376: ...ZyWALL 70 User s Guide 376 Chapter 22 Remote Management ...
Страница 390: ...ZyWALL 70 User s Guide 390 Chapter 24 Logs Screens Figure 194 Log Settings ...
Страница 413: ...ZyWALL 70 User s Guide Chapter 25 Maintenance 413 Figure 216 Restart Screen ...
Страница 414: ...ZyWALL 70 User s Guide 414 Chapter 25 Maintenance ...
Страница 440: ...ZyWALL 70 User s Guide 440 Chapter 28 WAN and Dial Backup Setup ...
Страница 456: ...ZyWALL 70 User s Guide 456 Chapter 31 DMZ Setup ...
Страница 460: ...ZyWALL 70 User s Guide 460 Chapter 32 Route Setup ...
Страница 470: ...ZyWALL 70 User s Guide 470 Chapter 33 Remote Node Setup ...
Страница 522: ...ZyWALL 70 User s Guide 522 Chapter 39 System Information Diagnosis ...
Страница 538: ...ZyWALL 70 User s Guide 538 Chapter 40 Firmware and Configuration File Maintenance ...
Страница 550: ...ZyWALL 70 User s Guide 550 Chapter 42 Remote Management ...
Страница 558: ...ZyWALL 70 User s Guide 558 Chapter 43 IP Policy Routing ...
Страница 573: ...ZyWALL 70 User s Guide Chapter 45 Troubleshooting 573 Figure 360 Java Sun ...
Страница 574: ...ZyWALL 70 User s Guide 574 Chapter 45 Troubleshooting ...
Страница 582: ...ZyWALL 70 User s Guide 582 Appendix B Removing and Installing a Fuse ...
Страница 602: ...ZyWALL 70 User s Guide 602 Appendix D IP Subnetting ...
Страница 608: ...ZyWALL 70 User s Guide 608 Appendix F PPTP ...
Страница 626: ...ZyWALL 70 User s Guide 626 Appendix H Triangle Route ...
Страница 656: ...ZyWALL 70 User s Guide 656 Appendix K Importing Certificates ...
Страница 658: ...ZyWALL 70 User s Guide 658 Appendix L Command Interpreter ...
Страница 664: ...ZyWALL 70 User s Guide 664 Appendix M Firewall Commands ...
Страница 668: ...ZyWALL 70 User s Guide 668 Appendix N NetBIOS Filter Commands ...
Страница 674: ...ZyWALL 70 User s Guide 674 Appendix P Brute Force Password Guessing Protection ...
Страница 696: ...ZyWALL 70 User s Guide 696 Appendix R Log Descriptions ...