P-661H-D Series Support Notes
2. What kind of VPN protocols are supported on P-661H-D?
All P-661H-D series support IPSec VPN, in other words, we can build IPSec
VPN on P-661H-D.
And also note that P-661H-D is of VPN (IPSec, PPTP) passthrough supported
NAT.
3. What types of encryption does P-661H-D VPN support?
P-661H-D supports DES
/
3DES
/AES encryption
.
4. What types of authentication does P-661H-D VPN support?
VPN vendors support a number of different authentication methods. P-661H-D
VPN supports both SHA1 and MD5.
AH provides authentication, integrity, and replay protection (but not
confidentiality). Its main difference with ESP is that AH also secures parts of
the IP header of the packet (like the source/destination addresses), but ESP
does not.
ESP can provide authentication, integrity, replay protection, and confidentiality
of the data (it secures everything in the packet that follows the header). Replay
protection requires authentication and integrity (these two go always together).
Confidentiality
(encryption) can be used with or without authentication/integrity. Similarly, one
could use authentication/integrity with or without confidentiality.
5. I am planning my P-661H-D VPN configuration. What do I need to
know?
You can find the VPN options in Web Configurator, Advanced Setup,
Security
-> VPN.
For configuring a 'box-to-box VPN', there are some tips:
(1) If there is a NAT router running in the front of P-661H-D, please make
sure the NAT router supports IPSec passthrough.
(2) In NAT case, only IPSec tunneling mode is supported. Here’s a brief
summary for IPSec and NAT:
NAT Condition
Supported IPSec Protocol
VPN Gateway embedded NAT
AH Tunnel mode,
ESP Tunnel mode
32
All contents copyright © 2006 ZyXEL Communications Corporation.