ZyXEL 202H 91-003-194001B User Manual
Product codes
91-003-194001B
P-202H Plus v2 User’s Guide
111
Chapter 10 Introduction to IPSec
Figure 46 Encryption and Decryption
10.1.3.2 Data Confidentiality
The IPSec sender can encrypt packets before transmitting them across a network.
10.1.3.3 Data Integrity
The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not
been altered during transmission.
been altered during transmission.
10.1.3.4 Data Origin Authentication
The IPSec receiver can verify the source of IPSec packets. This service depends on the data
integrity service.
integrity service.
10.1.4 VPN Applications
The ZyXEL Device supports the following VPN applications.
• Linking Two or More Private Networks Together
Connect branch offices and business partners over the Internet with significant cost
savings and improved performance when compared to leased lines between sites.
savings and improved performance when compared to leased lines between sites.
• Accessing Network Resources When NAT Is Enabled
When NAT is enabled, remote users are not able to access hosts on the LAN unless the
host is designated a public LAN server for that specific protocol. Since the VPN tunnel
terminates inside the LAN, remote users will be able to access all computers that use
private IP addresses on the LAN.
host is designated a public LAN server for that specific protocol. Since the VPN tunnel
terminates inside the LAN, remote users will be able to access all computers that use
private IP addresses on the LAN.
• Unsupported IP Applications
A VPN tunnel may be created to add support for unsupported emerging IP applications.
See
See
for an example of a VPN application.
10.2 IPSec Architecture
The overall IPSec architecture is shown as follows.