ZyXEL Communications 50 User Manual
ZyWALL 50 Internet Security Gateway
22-2
Introduction to IPSec
Figure 22-1 Encryption and Decryption
Data Confidentiality
The IPSec sender can encrypt packets before transmitting them across a network.
Data Integrity
The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been
altered during transmission.
altered during transmission.
Data Origin Authentication
The IPSec receiver can verify the source of IPSec packets. This service depends on the data integrity
service.
service.
22.1.5 VPN Applications
The ZyWALL 50 supports 50 Security Associations (SAs).
Linking Two or More Private Networks Together
Connect branch offices and business partners over the Internet with significant cost savings and
improved performance when compared to leased lines between sites.
improved performance when compared to leased lines between sites.
Accessing Network Resources When NAT Is Enabled
When NAT is enabled, remote users are not able to access hosts on the LAN unless the host is
designated a public LAN server for that specific protocol. Since the VPN tunnel terminates inside
the LAN, remote users will be able to access all computers that use private IP addresses on the
LAN.
designated a public LAN server for that specific protocol. Since the VPN tunnel terminates inside
the LAN, remote users will be able to access all computers that use private IP addresses on the
LAN.
Unsupported IP Applications
A VPN tunnel may be created to add support for unsupported emerging IP applications.