ZyXEL Communications max208m User Manual
Chapter 8 Security
WiMAX Device Configuration User’s Guide
144
8.12 Technical Reference
This section provides some technical background information about the topics covered in this
section.
section.
8.12.1 IPSec Architecture
The overall IPSec architecture is shown as follows.
Figure 80
IPSec Architecture
IPSec Algorithms
The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header)
protocol (RFC 2402) describe the packet formats and the default standards for packet structure
(including implementation algorithms).
protocol (RFC 2402) describe the packet formats and the default standards for packet structure
(including implementation algorithms).
The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption
Standard) and Triple DES algorithms.
Standard) and Triple DES algorithms.
Perfect
Forward
Secrecy (PFS)
Select whether or not you want to enable Perfect Forward Secrecy (PFS).
PFS changes the root key that is used to generate encryption keys for each IPSec
SA. The longer the key, the more secure the encryption, but also the longer it
takes to encrypt and decrypt information. Both routers must use the same DH
key group.
SA. The longer the key, the more secure the encryption, but also the longer it
takes to encrypt and decrypt information. Both routers must use the same DH
key group.
Save
Click Apply to save your changes back to the WiMAX Device.
Cancel
Click Cancel to restore your previous settings.
Table 60
IPSec VPN: Add (continued)
LABEL
DESCRIPTION