Zyxel ZyWALL 2WG Guia De Inicio Rapido página 13

Tabla de contenido
Idiomas disponibles
  • ES

Idiomas disponibles

  • ESPAÑOL, página 34
3 Use this screen to configure the network policy.
Leave the Active check box selected.
Name: Enter a name to identify the network policy.
Select Single and enter an IP address for a single IP
address.
Select Range IP and enter starting and ending IP
addresses for a specific range of IP addresses.
Select Subnet and enter an IP address and subnet
mask to specify IP addresses on a network by their
subnet mask.
Make sure that the remote IPSec router uses the same security settings that you configure in
the next two screens.
Negotiation Mode: Select Main Mode for identity protection. Select Aggressive Mode to allow more incoming
connections from dynamic IP addresses to use separate passwords.
Multiple SAs (security associations) connecting through a secure gateway must have the
same negotiation mode.
Encryption Algorithm: Select 3DES or AES for stronger (and slower) encryption.
Authentication Algorithm: Select MD5 for minimal security or SHA-1 for higher security.
Key Group: Select DH2 for higher security.
SA Life Time: Set how often the ZyWALL renegotiates the IKE SA (minimum 180 seconds). A short SA life
time increases security, but renegotiation temporarily disconnects the VPN tunnel.
Pre-Shared Key: Use 8 to 31 case-sensitive ASCII characters or 16 to 62 hexadecimal ("0-9", "A-F")
characters. Precede a hexadecimal key with a "0x" (zero x), which is not counted as part of the 16 to 62
character range for the key.
Encapsulation Mode: Tunnel is compatible with NAT, Transport is not.
IPSec Protocol: ESP is compatible with NAT, AH is not.
Perfect Forward Secrecy (PFS): None allows faster IPSec setup, but DH1 and DH2 are more secure.
ENGLISH
12
Tabla de contenido
loading

Tabla de contenido