ZyXEL NBG420N Manuel d'utilisateur Page 189
- Page / 340
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Chapter 15 IPSec VPN
NBG420N User’s Guide
189
These modes are illustrated below.
In tunnel mode, the NBG420N uses the IPSec protocol to encapsulate the entire IP packet. As
a result, there are two IP headers:
• Outside header: The outside IP header contains the IP address of the NBG420N or remote
IPSec router, whichever is the destination.
• Inside header: The inside IP header contains the IP address of the computer behind the
NBG420N or remote IPSec router. The header for the IPSec protocol (AH or ESP)
appears between the IP headers.
In transport mode, the encapsulation depends on the IPSec protocol. With AH, the NBG420N
includes part of the original IP header when it encapsulates the packet. With ESP, however, the
NBG420N does not include the IP header when it encapsulates the packet, so it is not possible
to verify the integrity of the source IP address.
IPSec SA Proposal and Perfect Forward Secrecy
An IPSec SA proposal is similar to an IKE SA proposal (see IKE SA Proposal on page 185),
except that you also have the choice whether or not the NBG420N and remote IPSec router
perform a new DH key exchange every time an IPSec SA is established. This is called Perfect
Forward Secrecy (PFS).
If you enable PFS, the NBG420N and remote IPSec router perform a DH key exchange every
time an IPSec SA is established, changing the root key from which encryption keys are
generated. As a result, if one encryption key is compromised, other encryption keys remain
secure.
If you do not enable PFS, the NBG420N and remote IPSec router use the same root key that
was generated when the IKE SA was established to generate encryption keys.
The DH key exchange is time-consuming and may be unnecessary for data that does not
require such security.
Figure 115 VPN: Transport and Tunnel Mode Encapsulation
Original Packet IP Header TCP
Header
Data
Transport Mode Packet IP Header AH/ESP
Header
TCP
Header
Data
Tunnel Mode Packet IP Header AH/ESP
Header
IP Header TCP
Header
Data
- User’s Guide 1
- About This User's Guide 3
- Document Conventions 4
- Icons Used in Figures 5
- Safety Warnings 6
- Safety Warnings 7
- Contents Overview 10
- NBG420N User’s Guide 10
- Table of Contents 11
- Chapter 7 13
- List of Figures 19
- List of Tables 25
- Introduction 29
- CHAPTER 1 31
- 1.3 AP Mode 32
- 1.7 LEDs 33
- CHAPTER 2 35
- Chapter 2 The WPS Button 36
- CHAPTER 3 37
- Chapter 23 on page 257 38
- 3.3 Resetting the NBG420N 39
- 3.5.1 Navigation Panel 42
- Table 5 Screens Summary 43
- 3.5.2 Summary: Any IP Table 44
- Table 6 Summary: DHCP Table 45
- 3.5.6 Summary: VPN Monitor 47
- CHAPTER 4 49
- 4.2.1 System Name 50
- 4.2.2 Domain Name 51
- Chapter 4 Connection Wizard 52
- 4.3.1 Basic (WEP) Security 53
- 4.4.1 Ethernet Connection 55
- 4.4.2 PPPoE Connection 55
- 4.4.3 PPTP Connection 56
- Chapter 4 Connection Wizard 57
- 4.4.4 Your IP Address 58
- 4.4.9 WAN MAC Address 61
- CHAPTER 5 65
- Chapter 5 AP Mode 66
- Figure 32 Status: AP Mode 66
- Chapter 5 AP Mode 67
- 5.3.1 Navigation Panel 68
- 5.4.1 LAN Settings 69
- CHAPTER 6 73
- Chapter 6 Tutorials 74
- Wireless Client 75
- NBG420N 75
- SSID SSID_Example3 76
- Chapter 6 Tutorials 77
- Figure 39 Status: AP Mode 78
- Figure 45 Property 81
- Figure 46 Local Policy 81
- Figure 47 Remote Policy 82
- Figure 49 IPSec Algorithm 82
- Figure 55 IPSec Algorithm 84
- Figure 56 VPN Summary 84
- Figure 58 SA Monitor 85
- CHAPTER 7 89
- 7.2.1 SSID 90
- 7.2.2 MAC Address Filter 90
- 7.2.3 User Authentication 90
- 7.2.4 Encryption 91
- 7.3 Roaming 92
- 7.4 Quality of Service 93
- 7.4.1 WMM QoS 94
- 7.5.1 No Security 96
- 7.5.2 WEP Encryption 96
- 7.5.3 WPA-PSK/WPA2-PSK 98
- 7.5.4 WPA/WPA2 99
- Chapter 7 Wireless LAN 100
- 7.6 MAC Filter 101
- Chapter 7 Wireless LAN 103
- 7.9 WiFi Protected Setup 106
- 7.9.2 WPS Station Screen 107
- 7.9.3 Scheduling 107
- Figure 72 Scheduling 108
- Table 39 Scheduling 108
- 7.10.1 Login Screen 109
- 7.10.2 System Status 110
- 7.10.3 WPS in Progress 112
- 7.10.4 Port Forwarding 113
- Figure 76 Port Forwarding 114
- Table 42 Port Forwarding 114
- Figure 77 Login Screen 115
- CHAPTER 8 117
- 8.4 Internet Connection 118
- 8.4.2 PPPoE Encapsulation 119
- Chapter 8 WAN 120
- Chapter 8 WAN 121
- 8.4.3 PPTP Encapsulation 122
- 8.5 Advanced WAN Screen 125
- Table 46 WAN > Advanced 126
- CHAPTER 9 127
- 9.2.3 Multicast 128
- 9.2.4 Any IP 128
- Chapter 9 LAN 129
- Figure 82 Any IP Example 129
- 9.3 LAN IP Screen 130
- 9.4 LAN IP Alias 130
- 9.5 Advanced LAN Screen 131
- Chapter 9 LAN 132
- CHAPTER 10 133
- Chapter 10 DHCP 134
- 10.4 Client List Screen 135
- CHAPTER 11 137
- 11.3 General NAT Screen 138
- Table 54 NAT Application 140
- 11.4.1 Game List Example 141
- Figure 92 Game List Example 142
- 11.6 NAT Advanced Screen 143
- CHAPTER 12 147
- Chapter 12 Dynamic DNS 148
- Figure 95 Dynamic DNS 148
- Table 56 Dynamic DNS 148
- Chapter 12 Dynamic DNS 149
- PART III 151
- CHAPTER 13 153
- 13.2 Triangle Routes 154
- Chapter 13 Firewall 155
- 13.4 Services Screen 156
- Chapter 13 Firewall 158
- CHAPTER 14 161
- Chapter 14 Content Filtering 162
- 14.5 Schedule 163
- CHAPTER 15 165
- Chapter 15 IPSec VPN 166
- 15.2 The General Screen 167
- Chapter 15 IPSec VPN 169
- 15.3 The SA Monitor Screen 183
- IKE SA Proposal 185
- Authentication 186
- Negotiation Mode 187
- VPN, NAT, and NAT Traversal 187
- IPSec Protocol 188
- Encapsulation 188
- Additional IPSec VPN Topics 190
- Management 193
- CHAPTER 16 195
- CHAPTER 17 199
- Advanced screen 203
- CHAPTER 18 209
- 18.2 WWW Screen 210
- 18.3 Telnet 211
- 18.4 Telnet Screen 211
- 18.5 FTP Screen 212
- 18.6 DNS Screen 212
- Chapter 18 Remote Management 213
- Chapter 18 Remote Management 214
- CHAPTER 19 215
- 19.2 UPnP and ZyXEL 216
- 19.3 UPnP Screen 216
- Figure 140 System Tray Icon 223
- Network 224
- Maintenance and 227
- Troubleshooting 227
- CHAPTER 20 229
- 20.3 Time Setting Screen 230
- Chapter 20 System 231
- Chapter 20 System 232
- CHAPTER 21 233
- 21.2 Log Settings 234
- Chapter 21 Logs 235
- Chapter 21 Logs 236
- 21.3 Log Descriptions 237
- Table 89 System Error Logs 238
- Table 91 TCP Reset Logs 238
- Table 92 Packet Filter Logs 239
- Table 93 ICMP Logs 239
- Table 98 Attack Logs 241
- Table 99 IPSec Logs 242
- Table 100 IKE Logs 242
- Table 101 PKI Logs 245
- Table 102 802.1X Logs 246
- Table 103 ACL Setting Notes 247
- Table 104 ICMP Notes 247
- Table 105 Syslog Logs 248
- CHAPTER 22 251
- 22.2 Configuration Screen 252
- 22.2.1 Backup Configuration 253
- 22.2.2 Restore Configuration 253
- 22.3 Restart Screen 254
- 22.4 Wake On LAN 255
- Chapter 22 Tools 256
- CHAPTER 23 257
- Chapter 23 Configuration Mode 258
- CHAPTER 24 259
- Internet 260
- Chapter 24 Sys Op Mode 262
- CHAPTER 25 263
- Chapter 25 Language 264
- CHAPTER 26 265
- V I forgot the password 266
- FTP to upload new firmware 267
- 26.3 Internet Access 268
- AP or router) 269
- 26.6 Advanced Features 270
- Appendices and 271
- APPENDIX A 273
- Table 114 Firmware Features 274
- Wall-mounting Instructions 276
- APPENDIX B 279
- JavaScripts 282
- Java Permissions 283
- JAVA (Sun) 284
- APPENDIX C 285
- Subnet Masks 286
- Notation 287
- Subnetting 288
- Example: Four Subnets 289
- Example: Eight Subnets 290
- Subnet Planning 291
- Configuring IP Addresses 292
- APPENDIX D 293
- Installing Components 294
- Configuring 295
- Windows 2000/NT/XP 296
- Macintosh OS 8/9 301
- Macintosh OS X 303
- Verifying Settings 304
- Using Configuration Files 307
- 26.6.1 Verifying Settings 308
- APPENDIX E 309
- Appendix E Wireless LANs 310
- Appendix E Wireless LANs 311
- Fragmentation Threshold 312
- Preamble Type 313
- IEEE 802.1x 313
- Types of RADIUS Messages 314
- Types of Authentication 315
- PEAP (Protected EAP) 316
- Dynamic WEP Key Exchange 316
- Encryption 317
- Security Parameters Summary 319
- APPENDIX F 321
- Appendix F Services 322
- Appendix F Services 323
- APPENDIX G 325
- ZyXEL Limited Warranty 327
- Appendix G Legal Information 328
- APPENDIX H 329
- Appendix H Customer Support 330
- Appendix H Customer Support 331
Produits connexes et manuels pour Routeurs ZyXEL NBG420N
Routeurs ZyXEL NBG4115 Manuel d'utilisateur
(274 pages)
(274 pages)
Routeurs ZyXEL P-661H-D Manuel d'utilisateur
(113 pages)
(113 pages)
Routeurs ZyXEL ADSL2+ Manuel d'utilisateur
(302 pages)
(302 pages)
Routeurs ZyXEL B-500 Manuel d'utilisateur
(209 pages)
(209 pages)
(126 pages)
Routeurs ZyXEL ZYAIR B-1000 Manuel d'utilisateur
(231 pages)
(231 pages)
Routeurs ZyXEL AMG1302 Manuel d'utilisateur
(320 pages)
(320 pages)
Routeurs ZyXEL Prestige 643 Manuel d'utilisateur
(179 pages)
(179 pages)
Routeurs ZyXEL P-2302R Manuel d'utilisateur
(384 pages)
(384 pages)
Routeurs ZyXEL EMG5324-D10A Manuel d'utilisateur
(382 pages)
(382 pages)
Routeurs ZyXEL NBG4615 Manuel d'utilisateur
(364 pages)
(364 pages)
Routeurs ZyXEL 100 Series Manuel d'utilisateur
(902 pages)
(902 pages)
Routeurs ZyXEL ZyWALL 2WG Manuel d'utilisateur
(264 pages)
(264 pages)
© 2020, manymanuals.fr. Tous droits réservés | 0.140 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels