1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. ZyWALL-USG50
    5. /
  5. 81
Page 401 / 944 Scroll up to view Page 396 - 400
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
401
keys for the IKE SA and IPSec SA. In main mode, this is done in steps 3 and 4, as
illustrated next.
Figure 235
IKE SA: Main Negotiation Mode, Steps 3 - 4: DH Key Exchange
DH public-key cryptography is based on DH key groups. Each key group is a fixed
number of bits long. The longer the key, the more secure the encryption, but also
the longer it takes to encrypt and decrypt information. For example, DH2 keys
(1024 bits) are more secure than DH1 keys (768 bits), but DH2 keys take longer
to encrypt and decrypt.
Authentication
Before the ZyWALL and remote IPSec router establish an IKE SA, they have to
verify each other’s identity. This process is based on pre-shared keys and router
identities.
In main mode, the ZyWALL and remote IPSec router authenticate each other in
steps 5 and 6, as illustrated below. The identities are also encrypted using the
encryption algorithm and encryption key the ZyWALL and remote IPSec router
selected in previous steps.
Figure 236
IKE SA: Main Negotiation Mode, Steps 5 - 6: Authentication (continued)
You have to create (and distribute) a pre-shared key. The ZyWALL and remote
IPSec router use it in the authentication process, though it is not actually
transmitted or exchanged.
Note: The ZyWALL and the remote IPSec router must use the same pre-shared key.
Diffie-Hellman key exchange
3
4
X
Y
Step 5:
pre-shared key
ZyWALL identity, consisting of
- ID type
- content
Step 6:
pre-shared key
Remote IPSec router identity, consisting of
- ID type
- content
Page 402 / 944
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
402
Router identity consists of ID type and content. The ID type can be domain name,
IP address, or e-mail address, and the content is a (properly-formatted) domain
name, IP address, or e-mail address. The content is only used for identification.
Any domain name or e-mail address that you enter does not have to actually
exist. Similarly, any domain name or IP address that you enter does not have to
correspond to the ZyWALL’s or remote IPSec router’s properties.
The ZyWALL and the remote IPSec router have their own identities, so both of
them must store two sets of information, one for themselves and one for the other
router. Local ID type and content refers to the ID type and content that applies to
the router itself, and peer ID type and content refers to the ID type and content
that applies to the other router.
Note: The ZyWALL’s local and peer ID type and content must match the remote
IPSec router’s peer and local ID type and content, respectively.
For example, in
Table 117 on page 402
, the ZyWALL and the remote IPSec router
authenticate each other successfully. In contrast, in
Table 118 on page 402
, the
ZyWALL and the remote IPSec router cannot authenticate each other and,
therefore, cannot establish an IKE SA.
It is also possible to configure the ZyWALL to ignore the identity of the remote
IPSec router. In this case, you usually set the peer ID type to
Any
. This is less
secure, so you should only use this if your ZyWALL provides another way to check
Table 117
VPN Example: Matching ID Type and Content
ZYWALL
REMOTE IPSEC ROUTER
Local ID type: E-mail
Local ID type: IP
Local ID content: [email protected]
Local ID content: 1.1.1.2
Peer ID type: IP
Peer ID type: E-mail
Peer ID content: 1.1.1.2
Peer ID content: [email protected]
Table 118
VPN Example: Mismatching ID Type and Content
ZYWALL
REMOTE IPSEC ROUTER
Local ID type: E-mail
Local ID type: IP
Local ID content: [email protected]
Local ID content: 1.1.1.2
Peer ID type: IP
Peer ID type: E-mail
Peer ID content: 1.1.1.20
Peer ID content: [email protected]
5
6
X
Y
Page 403 / 944
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
403
the identity of the remote IPSec router (for example, extended authentication) or
if you are troubleshooting a VPN tunnel.
Additional Topics for IKE SA
This section provides more information about IKE SA.
Negotiation Mode
There are two negotiation modes--main mode and aggressive mode. Main mode
provides better security, while aggressive mode is faster.
Main mode takes six steps to establish an IKE SA.
Steps 1 - 2: The ZyWALL sends its proposals to the remote IPSec router. The
remote IPSec router selects an acceptable proposal and sends it back to the
ZyWALL.
Steps 3 - 4: The ZyWALL and the remote IPSec router exchange pre-shared keys
for authentication and participate in a Diffie-Hellman key exchange, based on the
accepted DH key group, to establish a shared secret.
Steps 5 - 6: Finally, the ZyWALL and the remote IPSec router generate an
encryption key (from the shared secret), encrypt their identities, and exchange
their encrypted identity information for authentication.
In contrast, aggressive
mode only takes three steps to establish an IKE SA.
Aggressive mode does not provide as much security because the identity of the
ZyWALL and the identity of the remote IPSec router are not encrypted. It is
usually used in remote-access situations, where the address of the initiator is not
known by the responder and both parties want to use pre-shared keys for
authentication. For example, the remote IPSec router may be a telecommuter who
does not have a static IP address.
VPN, NAT, and NAT Traversal
In the following example, there is another router (
A
) between router
X
and router
Y
.
Figure 237
VPN/NAT Example
A
X
Y
Page 404 / 944
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
404
If router
A
does NAT, it might change the IP addresses, port numbers, or both. If
router
X
and router
Y
try to establish a VPN tunnel, the authentication fails
because it depends on this information. The routers cannot establish a VPN tunnel.
Most routers like router
A
now have an IPSec pass-thru feature. This feature helps
router
A
recognize VPN packets and route them appropriately. If router
A
has this
feature, router
X
and router
Y
can establish a VPN tunnel as long as the active
protocol is ESP. (See
Active Protocol on page 405
for more information about
active protocols.)
If router A does not have an IPSec pass-thru or if the active protocol is AH, you
can solve this problem by enabling NAT traversal. In NAT traversal, router
X
and
router
Y
add an extra header to the IKE SA and IPSec SA packets. If you configure
router
A
to forward these packets unchanged, router
X
and router
Y
can establish
a VPN tunnel.
You have to do the following things to set up NAT traversal.
Enable NAT traversal on the ZyWALL and remote IPSec router.
Configure the NAT router to forward packets with the extra header unchanged.
(See the field description for detailed information about the extra header.)
The extra header may be UDP port 500 or UDP port 4500, depending on the
standard(s) the ZyWALL and remote IPSec router support.
Extended Authentication
Extended authentication is often used when multiple IPSec routers use the same
VPN tunnel to connect to a single IPSec router. For example, this might be used
with telecommuters.
In extended authentication, one of the routers (the ZyWALL or the remote IPSec
router) provides a user name and password to the other router, which uses a local
user database and/or an external server to verify the user name and password. If
the user name or password is wrong, the routers do not establish an IKE SA.
You can set up the ZyWALL to provide a user name and password to the remote
IPSec router, or you can set up the ZyWALL to check a user name and password
that is provided by the remote IPSec router.
If you use extended authentication, it takes four more steps to establish an IKE
SA. These steps occur at the end, regardless of the negotiation mode (steps 7-10
in main mode, steps 4-7 in aggressive mode).
Page 405 / 944
Chapter 23 IPSec VPN
ZyWALL USG 50 User’s Guide
405
Certificates
It is possible for the ZyWALL and remote IPSec router to authenticate each other
with certificates. In this case, you do not have to set up the pre-shared key, local
identity, or remote identity because the certificates provide this information
instead.
Instead of using the pre-shared key, the ZyWALL and remote IPSec router check
the signatures on each other’s certificates. Unlike pre-shared keys, the
signatures do not have to match.
The local and peer ID type and content come from the certificates.
Note: You must set up the certificates for the ZyWALL and remote IPSec router first.
IPSec SA Overview
Once the ZyWALL and remote IPSec router have established the IKE SA, they can
securely negotiate an IPSec SA through which to send data between computers on
the networks.
Note: The IPSec SA stays connected even if the underlying IKE SA is not available
anymore.
This section introduces the key components of an IPSec SA.
Local Network and Remote Network
In an IPSec SA, the local network, the one(s) connected to the ZyWALL, may be
called the local policy. Similarly, the remote network, the one(s) connected to the
remote IPSec router, may be called the remote policy.
Active Protocol
The active protocol controls the format of each packet. It also specifies how much
of each packet is protected by the encryption and authentication algorithms. IPSec
VPN includes two active protocols, AH (Authentication Header, RFC 2402) and ESP
(Encapsulating Security Payload, RFC 2406).
Note: The ZyWALL and remote IPSec router must use the same active protocol.
Usually, you should select ESP. AH does not support encryption, and ESP is more
suitable with NAT.

Rate

4.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top