ZyXEL Communications P-6600HW-Tx v3 User Manual
Appendix E Command Interpreter
P-660HW-Tx v3 User’s Guide
353
Figure 241 Backup Gateway
Updating the ARP entries could increase the danger of spoofing attacks. It is only
recommended that you turn on ackGratuitous and force update if you need it like in the
previous backup gateway example. Turning on the force updates option is more dangerous
than leaving it off because the ZyXEL Device updates the ARP table even when there is an
existing entry.
recommended that you turn on ackGratuitous and force update if you need it like in the
previous backup gateway example. Turning on the force updates option is more dangerous
than leaving it off because the ZyXEL Device updates the ARP table even when there is an
existing entry.
Setting the Key Length for Phase 2 IPSec AES Encryption
By default the ZyXEL Device uses a 128 bit AES encryption key for phase 2 IPSec tunnels.
Use this command to edit an existing VPN rule to use a longer AES encryption key.
See the following example. Say you have a VPN rule one that uses AES for the phase 2
encryption and you want it to use 192 bit encryption.
Use this command to edit an existing VPN rule to use a longer AES encryption key.
See the following example. Say you have a VPN rule one that uses AES for the phase 2
encryption and you want it to use 192 bit encryption.
• Use the first line to start editing the VPN rule.
• The second line sets VPN rule one to use 192 bit AES for the phase 2 encryption.
• The third line displays the results.
• The second line sets VPN rule one to use 192 bit AES for the phase 2 encryption.
• The third line displays the results.
Syntax:
ipsec ipsecConfig encryKeyLen <0:128 | 1:192 | 2:256>