ZyXEL Prestige 792H SDSL Router 91-004-342004B Manual Do Utilizador
Códigos do produto
91-004-342004B
Prestige 792H G.SHDSL Router
14-2
VPN
Screens
Table 14-1 AH and ESP
ESP AH
DES (default)
Data Encryption Standard (DES) is a widely used method
of data encryption using a private (secret) key. DES
applies a 56-bit key to each 64-bit block of data.
Data Encryption Standard (DES) is a widely used method
of data encryption using a private (secret) key. DES
applies a 56-bit key to each 64-bit block of data.
MD5 (default)
MD5 (Message Digest 5) produces a 128-bit
digest to authenticate packet data.
MD5 (Message Digest 5) produces a 128-bit
digest to authenticate packet data.
3DES
Triple DES (3DES) is a variant of DES, which iterates
three times with three separate keys (3 x 56 = 168 bits),
effectively doubling the strength of DES.
Triple DES (3DES) is a variant of DES, which iterates
three times with three separate keys (3 x 56 = 168 bits),
effectively doubling the strength of DES.
SHA1
SHA1 (Secure Hash Algorithm) produces a
160-bit digest to authenticate packet data.
SHA1 (Secure Hash Algorithm) produces a
160-bit digest to authenticate packet data.
Select DES for minimal security and 3DES for maximum.
Select NULL to set up a tunnel without encryption.
Select NULL to set up a tunnel without encryption.
Select MD5 for minimal security and SHA-1 for
maximum security.
maximum security.
14.3 My IP Address
My IP Address is the WAN IP address of the Prestige. If this field is configured as 0.0.0.0, then the Prestige
will use the current Prestige WAN IP address (static or dynamic) to set up the VPN tunnel. The Prestige has
to rebuild the VPN tunnel if the My IP Address changes after setup.
will use the current Prestige WAN IP address (static or dynamic) to set up the VPN tunnel. The Prestige has
to rebuild the VPN tunnel if the My IP Address changes after setup.
14.4 Secure Gateway Address
Secure Gateway Address is the WAN IP address or domain name of the remote IPSec router (secure
gateway).
If the remote secure gateway has a static WAN IP address, enter it in the Secure Gateway Address field.
You may alternatively enter the remote secure gateway’s domain name (if it has one) in the Secure Gateway
Address field.
You can also enter a remote secure gateway’s domain name in the Secure Gateway Address field if the
remote secure gateway has a dynamic WAN IP address and is using DDNS. The Prestige has to rebuild the
VPN tunnel each time the remote secure gateway’s WAN IP address changes (there may be a delay until the
DDNS servers are updated with the remote gateway’s new WAN IP address).
gateway).
If the remote secure gateway has a static WAN IP address, enter it in the Secure Gateway Address field.
You may alternatively enter the remote secure gateway’s domain name (if it has one) in the Secure Gateway
Address field.
You can also enter a remote secure gateway’s domain name in the Secure Gateway Address field if the
remote secure gateway has a dynamic WAN IP address and is using DDNS. The Prestige has to rebuild the
VPN tunnel each time the remote secure gateway’s WAN IP address changes (there may be a delay until the
DDNS servers are updated with the remote gateway’s new WAN IP address).
14.4.1 Dynamic Secure Gateway Address
If the remote secure gateway has a dynamic WAN IP address and does not use DDNS, enter 0.0.0.0 as the
secure gateway’s address. In this case only the remote secure gateway can initiate SAs. This may be useful
for telecommuters initiating a VPN tunnel to the company network. See section 14.16 for configuration
examples.
secure gateway’s address. In this case only the remote secure gateway can initiate SAs. This may be useful
for telecommuters initiating a VPN tunnel to the company network. See section 14.16 for configuration
examples.