Zyxel-communications 5 Series Bedienungsanleitung PDF herunterladen (Seite 805)

100

101

ZyWALL 5/35/70 Series User’s Guide

Appendix K Command Interpreter 805

Setting the Key Length for Phase 2 IPSec AES Encryption

By default the ZyWALL uses a 128 bit AES encryption key for phase 2 IPSec tunnels. Use

this command to edit an existing VPN rule to use a longer AES encryption key.

See the following example. Say you have a VPN rule one that uses AES for the phase 2

encryption and you want it to use 192 bit encryption.

• Use the first line to start editing the VPN rule.

• The second line sets VPN rule one to use 192 bit AES for the phase 2 encryption.

• The third line displays the results.

Figure 532 Routing Command Example

Syntax:

ipsec ipsecConfig encryKeyLen <0:128 | 1:192 | 2:256>

ras> ipsec ipsecEdit 1

ras> ipsec ipsecConfig encryKeyLen 1

ras> ipsec ipsecDisplay

---------- IPSec Setup ----------

Index #= 1 Active= No Multi Pro = No Protocol= 0 Global SW= 0xA

Bound IKE 9999 NailUp = No Netbios = No Name= test

ControlPing = No LogControlPing = No Control ping address = 0.0.0.0

Local: Addr Type= SINGLE Port Start= 0 End= N/A

IP Addr Start= 0.0.0.0 Mask= N/A

Remote: Addr Type= SINGLE Port Start= 0 End= N/A

IP Addr Start= 0.0.0.0 Mask= N/A

Enable Replay Detection= No Key Management= IKE

Phase 2 - Active Protocol= ESP

Encryption Algorithm= AES Authentication Algorithm= SHA1

Encryption Key Length = 192

SA Life Time (Seconds)= 28800

Encapsulation= Tunnel Perfect Forward Secrecy (PFS)= None

ras>

1 2 ... 800 801 802 803 804 805 806 807 808 809 810 ... 834 835

Kommentare zu diesen Handbüchern

Keine Kommentare

Zyxel-communications 5 Series Bedienungsanleitung Seite 805

Kommentare zu diesen Handbüchern

Verwandte Produkte und Handbücher für Hardware Zyxel-communications 5 Series