- +86 13512168749 +86 13917450280
- oversea@zlmcu.com carol@p2p-zlan.com
- Buy Online
关注官方微信
VPN (Virtual Private Network, Virtual private Network) is a technology that can establish a private network on a public network.
A VPN is a technology that establishes a temporary and secure connection through a public network, such as the Internet. It can create a secure communication tunnel on an insecure public network, enabling remote users, branches, business partners, etc. to securely access the internal network resources of an enterprise as if they were directly connected to the enterprise's internal network.
VPN mainly utilizes encryption technology and tunneling protocols to achieve secure communication. When a user initiates a connection request through a VPN client, the VPN client will negotiate with the VPN server to establish an encrypted tunnel. Before being sent to the public network, users' data will be encrypted into ciphertext and transmitted through this tunnel to the VPN server. After receiving the ciphertext, the VPN server decrypts it and then forwards the data to the internal network of the target enterprise. Conversely, the data returned by the enterprise's internal network will also go through a similar encryption and decryption process and be transmitted back to the user end through a VPN tunnel.
(1)L2TP/IPSEC The configuration page of 9809M is shown in the following figure
VPN type: Display the currently selected VPN protocol type. Select "L2TP/IPSEC". L2TP (Layer 2 Tunneling Protocol, the second layer tunneling Protocol) and IPSec (Internet Protocol Security, Internet Protocol Security) are commonly used combinations of VPN protocols to establish secure tunnel connections over IP networks.
VPN server address (IP or domain name) : It is used to enter the IP address or domain name of the VPN server. This is the key information required for the client to connect to the VPN server. Only by entering the correct address can the client find and connect to the designated VPN server.
Pre-shared key: In the IPSec protocol, a pre-shared key is a type of key used for authentication. Both the client and the VPN server need to be configured with the same pre-shared key to perform authentication when establishing a connection and ensure the security of the connection.
Username: The login username of the user on the VPN server. For identity verification, the VPN server will identify and verify the client's identity based on this username.
Password: The password corresponding to the username, also used for identity verification. The password is an important credential for protecting the security of user accounts, ensuring that only authorized users can connect to the VPN server.
Encryption method: Display the currently selected encryption method, which is "Auto" here, indicating that the encryption method is automatically selected. VPN connections typically employ encryption technology to safeguard the security of data during transmission. The automatic selection of encryption methods enables the system to choose the most suitable encryption algorithm based on the actual situation.
VPN IP: After a successful VPN connection, the VPN IP address assigned to the client will be displayed here. Current status: Displays the current status of the VPN connection.
Enable: Used to enable or disable the IPSec function. IKE version: IKE (Internet Key Exchange, Internet Key Exchange) is a protocol used to negotiate security associations (SA) between the two communicating parties in IPSec. You can choose the version of IKE, which supports IKEv1 and IKEv2.
Mode: The working mode of IPSec, supporting tunnel mode and transport mode. Tunnel mode is used to establish a secure tunnel between two networks, while transport mode is used to protect end-to-end communication. Authentication method: A method used to verify the identities of both communicating parties, supporting Pre-Shared Key (PSK). Key: Pre-shared key. You need to enter the key here. Local IP: The IP address of the local network. Local subnet: The subnet mask of the local network. Local identifier (ID) : An ID used to identify the local network or device, which can be an IP address or other identifiers. Remote IP: The IP address of the remote network.
Remote terminal network: The subnet mask of the remote network.
Remote Identifier (ID) : An ID used to identify a remote network or device, which can be an IP address or other identifiers.
Barbaric mode: A working mode of IKE. Compared with the main mode, barbaric mode can reduce the number of message exchanges during the negotiation process and is suitable for certain special scenarios.
IKE lifetime (seconds) : The survival time of IKE SA, measured in seconds. After this time, IKE SA will be renegotiated.
IKE encryption algorithm: An algorithm used to encrypt data during the IKE negotiation process. Common ones include AES128, AES256, etc.
IKE verification algorithm: An algorithm used to verify the integrity of data during the IKE negotiation process. Common ones include SHA1, SHA256, etc.
DH group: The group used in the Diffie-Hellman key exchange algorithm, with different groups providing different levels of security.
ESP Lifetime(s) : The lifetime of ESP (Encapsulating Security Payload, Encapsulating the security payload) SA, in seconds.
ESP encryption algorithm: An algorithm used to encrypt ESP data, with common ones including AES128, AES256, etc.
ESP verification algorithm: An algorithm used to verify the integrity of ESP data, with common ones including SHA1, SHA256, etc.
PFS: Perfect Forward Secrecy, perfect forward secrecy, ensures that even if the long-used key is cracked, the past communication content will not be leaked.
DPD Detection period (seconds) : Dead Peer Detection, the period used to determine whether a peer is still online, measured in seconds.
DPD timeout (seconds) : The timeout for waiting if no response from the peer is received within the DPD detection cycle, measured in seconds.
DPD operation: The operation when the peer is detected to be offline, common ones include clearing and restarting, etc. Auto Reconnection: Used to set whether to automatically re-establish a connection after it is disconnected.
