ZyXEL Communications NBG420N Manual Do Utilizador
Chapter 15 IPSec VPN
NBG420N User’s Guide
173
15.2.2 VPN Rule Setup (Advanced)
Click the Advanced... button in the Rule Setup screen to open this screen.
Use this screen to configure a VPN rule.
Use this screen to configure a VPN rule.
Pre-Shared Key
Type your pre-shared key in this field. A pre-shared key identifies a
communicating party during a phase 1 IKE negotiation. It is called "pre-shared"
because you have to share it with another party before you can communicate
with them over a secure connection.
Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal
Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal
("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x” (zero
x), which is not counted as part of the 16 to 62 character range for the key. For
example, in "0x0123456789ABCDEF", “0x” denotes that the key is hexadecimal
and “0123456789ABCDEF” is the key itself.
Both ends of the VPN tunnel must use the same pre-shared key. You will receive
Both ends of the VPN tunnel must use the same pre-shared key. You will receive
a “PYLD_MALFORMED” (payload malformed) packet if the same pre-shared key
is not used on both ends.
Encryption
Algorithm
Select which key size and encryption algorithm to use for data communications.
Choices are:
DES - a 56-bit key with the DES encryption algorithm
3DES - a 168-bit key with the DES encryption algorithm
The NBG420N and the remote IPSec router must use the same algorithms and
DES - a 56-bit key with the DES encryption algorithm
3DES - a 168-bit key with the DES encryption algorithm
The NBG420N and the remote IPSec router must use the same algorithms and
key , which can be used to encrypt and decrypt the message or to generate and
verify a message authentication code. Longer keys require more processing
power, resulting in increased latency and decreased throughput.
Authentication
Algorithm
Select which hash algorithm to use to authenticate packet data. Choices are
SHA1 and MD5. SHA1 is generally considered stronger than MD5, but it is also
slower.
Advanced...
Click Advanced... to configure more detailed settings of your IKE key
management.
Apply
Click Apply to save your changes back to the NBG420N.
Reset
Click Reset to begin configuring this screen afresh.
Cancel
Click Cancel to exit the screen without making any changes.
Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) (continued)
LABEL
DESCRIPTION