ZyXEL Communications P-334 User Manual
Prestige 334 User’s Guide
327
Chapter 35 SA Monitor
Figure 182 Menu 27.2 SA Monitor
The following table describes the fields in this menu.
Menu 27.2 - SA Monitor
#
---
001
002
003
004
005
006
007
008
009
010
---
001
002
003
004
005
006
007
008
009
010
Name
--------------------------------
Taiwan : 3.3.3.1 – 3.3.3.3.100
--------------------------------
Taiwan : 3.3.3.1 – 3.3.3.3.100
Encap.
---------
Tunnel
---------
Tunnel
IPSec ALgorithm
----------------
ESP DES MD5
----------------
ESP DES MD5
Select Command= Refresh
Select Connection= N/A
Press ENTER to Confirm or ESC to Cancel:
Select Connection= N/A
Press ENTER to Confirm or ESC to Cancel:
Table 109 Menu 27.2 SA Monitor
FIELD
DESCRIPTION
#
This is the security association index number.
Name
This field displays the identification name for this VPN policy. This name is unique for
each connection where the secure gateway IP address is a public static IP address.
When the secure gateway IP address is 0.0.0.0 (as discussed in the last chapter), there
may be different connections using this same VPN rule. In this case, the name is followed
by the remote IP address as configured in Menu 27.1.1. – IPSec Setup. Individual
connections using the same VPN rule may be terminated without affecting other
connections using the same rule.
each connection where the secure gateway IP address is a public static IP address.
When the secure gateway IP address is 0.0.0.0 (as discussed in the last chapter), there
may be different connections using this same VPN rule. In this case, the name is followed
by the remote IP address as configured in Menu 27.1.1. – IPSec Setup. Individual
connections using the same VPN rule may be terminated without affecting other
connections using the same rule.
Encap.
This field displays Tunnel mode or Transport mode. See previous for discussion.
IPSec
ALgorithm
This field displays the security protocols used for an SA. ESP provides confidentiality and
integrity of data by encrypting the data and encapsulating it into IP packets. Encryption
methods include 56-bit DES and 168-bit 3DES. NULL denotes a tunnel without encryp-
tion.
An incoming SA may have an AH in addition to ESP. The Authentication Header provides
strong integrity and authentication by adding authentication information to IP packets.
This authentication information is calculated using header and payload data in the IP
packet. This provides an additional level of security. AH choices are MD5 (default - 128
bits) and SHA -1(160 bits).
Both AH and ESP increase Prestige processing requirements and communications
latency (delay).
integrity of data by encrypting the data and encapsulating it into IP packets. Encryption
methods include 56-bit DES and 168-bit 3DES. NULL denotes a tunnel without encryp-
tion.
An incoming SA may have an AH in addition to ESP. The Authentication Header provides
strong integrity and authentication by adding authentication information to IP packets.
This authentication information is calculated using header and payload data in the IP
packet. This provides an additional level of security. AH choices are MD5 (default - 128
bits) and SHA -1(160 bits).
Both AH and ESP increase Prestige processing requirements and communications
latency (delay).