Chapter 4 Quick Setup Wizards
ZyWALL ATP Series User’s Guide
94
Figure 75
VPN for Configuration Provisioning Advanced Wizard: Scenario Settings
•
IKE
(Internet Key Exchange) is a protocol used in security associations to send data securely. IKE uses
certificates or pre-shared keys for authentication and a Diffie–Hellman key exchange to set up a
shared session secret from which encryption keys are derived.
•
IKEv2
supports Extended Authentication Protocol (EAP) authentication, and IKEv1 supports X-Auth.
EAP is important when connecting to existing enterprise authentication systems.
•
Rule Name
: Type the name used to identify this VPN connection (and VPN gateway). You may use 1-
31 alphanumeric characters, underscores (
_
), or dashes (-), but the first character cannot be a
number. This value is case-sensitive.
•
Application Scenario
: Only the
Remote Access (Server Role)
is allowed in this wizard. It allows
incoming connections from the Zyxel Device IPSec VPN Client.
Click
Next
to continue the wizard.
4.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase
1 Settings
There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and
phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA (Security Association).