Ipsec settings – D-Link DFL-600 User Manual
Page 74
IPSec Settings
IPSec (IP Secure) is a group of IP extensions developed by the Internet
Engineering Task Force (IETF) to provide security services that are
compatible with the existing IP standard. IPSec provides authentication,
integrity, access control, and confidentially. The data and information
exchanged between two ends of an IPSec connection can be encrypted and
verified. Virtual Private Network (VPN) Tunnels can be created to allow
encrypted and secured communication across networks or the Internet.
The two protocols provided by IPSec are Authentication Header (AH) and
Encapsulated Security Payload (ESP).
The AH (Authentication Header) addresses data origin authentication, data
integrity, and replay protection. The ESP (Encapsulating Security Payload)
header addresses the same features and also includes data confidentiality or
encryption capabilities. By default, IPSec uses the AH as a minimum
security level. If data confidentiality is desired, the AH is replaced with an
ESP header for the encryption feature and the authentication and data
integrity components that the AH offer as well.
The DFL-600 can be configured to either establish and maintain an IPSec
connection with a remote workstation, or to simply allow the IPSec packets
to pass through it. The IPSec Passthrough mode allows the IPSec packets to
be forwarded to a PC on the LAN side of the DFL-600. This PC should then
have the appropriate software running on it to establish and maintain the
IPSec connection.
To enable IPSec Passthrough, click on the VPN-IPSec button to open the
IPSec Settings page, as shown below.