- +86 13512168749 +86 13917450280
- oversea@zlmcu.com carol@p2p-zlan.com
- Buy Online
关注官方微信
VPN (Virtual Private Network, virtual private network) is a technology that can establish a private network on a public network.
Definition:
VPN is a technology that establishes temporary and secure connections through public networks such as the Internet. It can create a secure communication tunnel on an insecure public network, enabling remote users, branches, business partners, etc. to access the internal network resources of an enterprise securely as if they were directly connected to the internal network of the enterprise.
Working principle:
VPN mainly utilizes encryption technology and tunnel protocols to achieve secure communication. When a user initiates a connection request through the VPN client, the VPN client will negotiate with the VPN server to establish an encrypted tunnel. Before the user's data is sent to the public network, it will be encrypted into ciphertext and transmitted through this tunnel to the VPN server. After receiving the ciphertext, the VPN server decrypts it and then forwards the data to the internal network of the target enterprise. Conversely, the data returned by the enterprise's internal network will also go through a similar encryption and decryption process and be transmitted back to the user end through a VPN tunnel.
Click on the picture to go and purchase
(1) The L2TP/IPSEC 9809M configuration page is shown in the following figure
VPN type: Display the currently selected VPN protocol type. Select "L2TP/IPSEC". L2TP (Layer 2 Tunneling Protocol, the second layer tunneling Protocol) and IPSec (Internet Protocol Security, Internet Protocol Security) are commonly used combinations of VPN protocols for establishing secure tunnel connections on IP networks.
VPN server address (IP or domain name) : Used to enter the IP address or domain name of the VPN server. This is the key information required for the client to connect to the VPN server. Only by entering the correct address can the client find and connect to the designated VPN server.
Pre-shared key: In the IPSec protocol, a pre-shared key is a key used for authentication. Both the client and the VPN server need to be configured with the same pre-shared key to authenticate when establishing a connection and ensure the security of the connection.
Username: The login username of the user on the VPN server. For identity verification, the VPN server will identify and verify the identity of the client based on this username.
Password: The password corresponding to the username, which is also used for authentication. The password is an important credential for protecting the security of user accounts, ensuring that only authorized users can connect to the VPN server.
Encryption method: Display the currently selected encryption method. Here, it is "Auto", indicating that the encryption method is automatically selected. VPN connections typically employ encryption technology to safeguard the security of data during transmission. Automatically selecting the encryption method enables the system to choose the most appropriate encryption algorithm based on the actual situation.
VPN IP: After a successful VPN connection, the VPN IP address assigned to the client will be displayed here.
Current status: Displays the current status of the VPN connection.
(2).IPSEC VPN
Enable: Used to enable or disable the IPSec function.
IKE version: IKE (Internet Key Exchange, Internet Key Exchange) is a protocol used to negotiate security association (SA) between the two parties of IPSec communication. You can choose the IKE version, which supports IKEv1 and IKEv2.
Mode: The working mode of IPSec, supporting tunnel mode and transport mode. Tunnel mode is used to establish a secure tunnel between two networks, and transport mode is used to protect end-to-end communication.
Authentication method: A method used to verify the identities of both communicating parties, supporting Pre-Shared Key (PSK).
Key: Pre-shared key. You need to enter the key here.
Local IP: The IP address of the local network.
Local subnet: The subnet mask of the local network.
Local Identifier (ID) : An ID used to identify the local network or device, which can be an IP address or other identifier.
Remote IP: The IP address of the remote network.
Remote terminal network: The subnet mask of the remote network.
Remote Identifier (ID) : An ID used to identify a remote network or device, which can be an IP address or other identifier.
Savage Mode: A working mode of IKE. Compared with the main mode, Savage Mode can reduce the number of message exchanges during the negotiation process and is suitable for certain special scenarios.
IKE Lifetime (seconds) : The lifetime time of IKE SA, with the unit being seconds. After this time, IKE SA will be renegotiated.
IKE encryption algorithm: An algorithm used to encrypt data during the IKE negotiation process. Common ones include AES128, AES256, etc.
IKE verification algorithm: An algorithm used to verify the integrity of data during IKE negotiation. Common ones include SHA1, SHA256, etc.
DH group: The group used in the Diffie-Hellman key exchange algorithm, and different groups provide different levels of security.
ESP Lifetime(s) : The lifetime of an ESP (Encapsulating Security Payload) SA, measured in seconds.
ESP encryption algorithm: An algorithm used to encrypt ESP data, with common ones including AES128, AES256, etc.
ESP verification algorithm: An algorithm used to verify the integrity of ESP data. Common ones include SHA1, SHA256, etc.
PFS: Perfect Forward Secrecy, which ensures that even if a long-used key is cracked, past communication contents will not be leaked.
DPD Detection cycle (seconds) : Dead Peer Detection, the cycle used to detect whether a peer is still online, with the unit being seconds.
DPD timeout period (seconds) : The waiting timeout period if no response from the peer is received within the DPD detection cycle, with the unit being seconds.
DPD operation: The operation when a peer is detected to be offline. Common ones include clearing and restarting, etc.
Automatic reconnection: Used to set whether to automatically re-establish a connection after it is disconnected.
