ZyXEL Communications 5 Series User Manual
Chapter 19 IPSec VPN
ZyWALL 5/35/70 Series User’s Guide
359
Figure 207 Gateway and Network Policies
This figure helps explain the main fields in the VPN setup.
Figure 208 IPSec Fields Summary
Negotiation Mode
It takes several steps to establish an IKE SA. The negotiation mode determines the number of
steps to use. There are two negotiation modes--main mode and aggressive mode. Main mode
provides better security, while aggressive mode is faster.
steps to use. There are two negotiation modes--main mode and aggressive mode. Main mode
provides better security, while aggressive mode is faster.
"
Both routers must use the same negotiation mode.
These modes are discussed in more detail in
Negotiation Mode on page 391
. Main mode is
used in various examples in the rest of this section.
IP Addresses of the ZyWALL and Remote IPSec Router
In the ZyWALL, you have to specify the IP addresses of the ZyWALL and the remote IPSec
router to establish an IKE SA.
router to establish an IKE SA.