beautypg.com

Figure 263 menu 27.2 sa monitor, Table 138 menu 27.2 sa monitor – ZyXEL Communications ADSL VoIP IAD with 802.11g Wireless 2602HW Series User Manual

Page 416

background image

Prestige 2602HW Series User’s Guide

416

Chapter 43 SA Monitor

Figure 263 Menu 27.2 SA Monitor

The following table describes the fields in this menu.

Menu 27.2 - SA Monitor

#

Name

Encap.

IPSec ALgorithm

---

--------------------------------

---------

----------------

001

Taiwan : 3.3.3.1 – 3.3.3.3.100

Tunnel

ESP DES MD5

002

003

004

005

006

007

008

009

010

Select Command= Refresh

Select Connection= N/A

Press ENTER to Confirm or ESC to Cancel:

Table 138 Menu 27.2 SA Monitor

FIELD

DESCRIPTION

#

This is the security association index number.

Name

This field displays the identification name for this VPN policy. This name is unique for

each connection where the secure gateway IP address is a public static IP address.
When the secure gateway IP address is 0.0.0.0 (as discussed in the last chapter), there

may be different connections using this same VPN rule. In this case, the name is

followed by the remote IP address as configured in Menu 27.1.1. – IPSec Setup.

Individual connections using the same VPN rule may be terminated without affecting

other connections using the same rule.

Encap.

This field displays Tunnel mode or Transport mode. See previous for discussion.

IPSec

Algorithm

This field displays the security protocols used for an SA. ESP provides confidentiality

and integrity of data by encrypting the data and encapsulating it into IP packets.

Encryption methods include 56-bit DES and 168-bit 3DES. NULL denotes a tunnel

without encryption.
An incoming SA may have an AH in addition to ESP. The Authentication Header

provides strong integrity and authentication by adding authentication information to IP

packets. This authentication information is calculated using header and payload data in

the IP packet. This provides an additional level of security. AH choices are MD5 (default

- 128 bits) and SHA -1(160 bits).
Both AH and ESP increase Prestige processing requirements and communications

latency (delay).