ZyXEL Communications FMG3025-D10A ユーザーズマニュアル

 Chapter 17 VPN

FMG3024-D10A / FMG3025-D10A Series User’s Guide

Use this screen to view active VPN connections. The following figure helps explain the main fields in 
the web configurator.

Click Security > VPN > Monitor to open this screen as shown next.

Monitor  

This screen contains the following fields:

This section provides some technical background information about the topics covered in this 
section.

The overall IPSec architecture is shown as follows.

Perfect 

Forward 

Secrecy (PFS)

Select whether or not you want to enable Perfect Forward Secrecy (PFS)

PFS changes the root key that is used to generate encryption keys for each IPSec 
SA. The longer the key, the more secure the encryption, but also the longer it 
takes to encrypt and decrypt information. Both routers must use the same DH 
key group. Choices are:

Diffie-Hellman Group2 - use a 1024-bit random number

Diffie-Hellman Group5 - use a 1536-bit random number

Diffie-Hellman Group14 - use a 2048-bit random number

DPD Active 

Enable Dead Peer Detection (DPD) Active check box if you want the Device to 
make sure the remote IPSec router is there before it transmits data through the 
IKE SA. The remote IPSec router must support DPD.  If the remote IPSec router 
does not respond, the Device shuts down the IKE SA.

IPSec VPN: Add

Monitor  

#

This is the VPN policy index number. 

Status

This displays if the VPN policy is connected.

Tunnel Name

Enter the name of the VPN connection.

IPSec Algorithm

This displays the encryption algorithm being used for the VPN connection.

Refresh

Click this button to refresh the information on the screen.