P-661H/HW Series User’s Guide
Table of Contents 17
12.1.3.1 Encryption ...................................................................................197
12.1.3.2 Data Confidentiality .....................................................................198
12.1.3.3 Data Integrity ...............................................................................198
12.1.3.4 Data Origin Authentication ..........................................................198
12.1.4 VPN Applications ..................................................................................198
12.2 IPSec Architecture .........................................................................................199
12.2.1 IPSec Algorithms ..................................................................................199
12.2.2 Key Management ..................................................................................199
12.3 Encapsulation .................................................................................................199
12.3.1 Transport Mode ....................................................................................200
12.3.2 Tunnel Mode ........................................................................................200
12.4 IPSec and NAT ...............................................................................................200
Chapter 13
VPN Screens......................................................................................................... 203
13.1 VPN/IPSec Overview .....................................................................................203
13.2 IPSec Algorithms ............................................................................................203
13.2.1 AH (Authentication Header) Protocol ....................................................203
13.2.2 ESP (Encapsulating Security Payload) Protocol ..................................203
13.3 My IP Address ................................................................................................204
13.4 Secure Gateway Address ..............................................................................205
13.4.1 Dynamic Secure Gateway Address ......................................................205
13.5 VPN Setup Screen .........................................................................................205
13.6 Keep Alive ......................................................................................................207
13.7 VPN, NAT, and NAT Traversal .......................................................................207
13.8 Remote DNS Server ......................................................................................208
13.9 ID Type and Content ......................................................................................209
13.9.1 ID Type and Content Examples ............................................................210
13.10 Pre-Shared Key ............................................................................................211
13.11 Editing VPN Policies .....................................................................................211
13.12 IKE Phases ..................................................................................................216
13.12.1 Negotiation Mode ................................................................................217
13.12.2 Diffie-Hellman (DH) Key Groups .........................................................218
13.12.3 Perfect Forward Secrecy (PFS) .........................................................218
13.13 Configuring Advanced IKE Settings .............................................................218
13.14 Manual Key Setup ........................................................................................221
13.14.1 Security Parameter Index (SPI) .........................................................221
13.15 Configuring Manual Key ...............................................................................221
13.16 Viewing SA Monitor ......................................................................................224
13.17 Configuring Global Setting ...........................................................................225
13.18 Telecommuter VPN/IPSec Examples ...........................................................226
13.18.1 Telecommuters Sharing One VPN Rule Example ..............................226
13.18.2 Telecommuters Using Unique VPN Rules Example ...........................227