User manual ZYXEL P-334U
Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual ZYXEL P-334U. We hope that this ZYXEL P-334U user guide will be useful to you.
Lastmanuals help download the user guide ZYXEL P-334U.
You may also download the following manuals related to this product:
ZYXEL P-334U V3.60 (15064 ko)
ZYXEL P-334U DATASHEET (256 ko)
Manual abstract: user guide ZYXEL P-334U
Detailed instructions for use are in the User's Guide.
[. . . ] P-334U/P-335U
802. 11a/g Wireless Router
User's Guide
Version 3. 60 Edition 2 11/2006
P-334U/P-335U User's Guide
Copyright
Copyright © 2006 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. [. . . ] It also finishes the Diffie-Hellman key exchange, authenticates the ZyXEL Device, and sends its (unencrypted) identity to the ZyXEL Device for authentication. Step 3: The ZyXEL Device authenticates the remote IPSec router and confirms that the IKE SA is established. Aggressive mode does not provide as much security as main mode because the identity of the ZyXEL Device and the identity of the remote IPSec router are not encrypted. It is usually used when the address of the initiator is not known by the responder and both parties want to use pre-shared keys for authentication (for example, telecommuters). 13. 1. 2. 5 VPN, NAT, and NAT Traversal In the following example, there is another router (A) between router X and router Y.
Figure 87 VPN/NAT Example
If router A does NAT, it might change the IP addresses, port numbers, or both. If router X and router Y try to establish a VPN tunnel, the authentication fails because it depends on this information. The routers cannot establish a VPN tunnel.
Chapter 13 IPSec VPN
143
P-334U/P-335U User's Guide
Most routers like router A now have an IPSec pass-through feature. This feature helps router A recognize VPN packets and route them appropriately. If router A has this feature, router X and router Y can establish a VPN tunnel as long as the IPSec protocol is ESP. (See IPSec Protocol on page 144 for more information about active protocols. ) If router A does not have an IPSec pass-through or if the IPSec protocol is AH, you can solve this problem by enabling NAT traversal. In NAT traversal, router X and router Y add an extra header to the IKE SA and IPSec SA packets. If you configure router A to forward these packets unchanged, router X and router Y can establish a VPN tunnel. You have to do the following things to set up NAT traversal. · Enable NAT traversal on the ZyXEL Device and remote IPSec router. · Configure the NAT router to forward packets with the extra header unchanged. The extra header may be UDP port 500 or UDP port 4500, depending on the standard(s) the ZyXEL Device and remote IPSec router support.
13. 1. 3 IPSec SA (IKE Phase 2) Overview
Once the ZyXEL Device and remote IPSec router have established the IKE SA, they can securely negotiate an IPSec SA through which to send data between computers on the networks. Note: The IPSec SA stays connected even if the underlying IKE SA is not available anymore. This section introduces the key components of an IPSec SA.
13. 1. 3. 1 Local Network and Remote Network
In an IPSec SA, the local network consists of devices connected to the ZyXEL Device and may be called the local policy. Similarly, the remote network consists of the devices connected to the remote IPSec router and may be called the remote policy. Note: It is not recommended to set a VPN rule's local and remote network settings both to 0. 0. 0. 0 (any). This causes the ZyXEL Device to try to forward all access attempts (to the local network, the Internet or even the ZyXEL Device) to the remote IPSec router. In this case, you can no longer manage the ZyXEL Device.
13. 1. 3. 2 IPSec Protocol
The IPSec protocol controls the format of each packet. [. . . ] 2 The Prestige reroutes the SYN packet through Gateway B on the LAN to the WAN. 3 The reply from the WAN goes directly to the computer on the LAN without going through the Prestige. As a result, the Prestige resets the connection, as the connection has not been acknowledged.
Appendix I Triangle Route
329
P-334U/P-335U User's Guide Figure 202 "Triangle Route" Problem
The "Triangle Route" Solutions
This section presents you two solutions to the "triangle route" problem.
IP Aliasing
IP alias allows you to partition your network into logical sections over the same Ethernet interface. Your Prestige supports up to three logical LAN interfaces with the Prestige being the gateway for each logical network. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE ZYXEL P-334U Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service. Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual ZYXEL P-334U will begin.