Best Practice USG2+ with USG60W
Options
Ally Member
Hello ZyxEL guy's 
.
.is there a best practice esisting to create a site-2-site between a USG2+ and a USN60W ?
USG60W has allready a Server role for IPSEC configured (mobile devices)
also a SSL VPN area to get connected trough SSL-VPN and Windows devices.
USG60W has allready a Server role for IPSEC configured (mobile devices)
also a SSL VPN area to get connected trough SSL-VPN and Windows devices.
The next challage to configure a USG2+ with the best and possible configuration options to have a secure and stable site-2-site between remote and branch location.
Thanks forward for recommendation or experience.
Regards
Christian
Christian
0
Comments
-
Hi @ChristianG,
The configuration as below, did you encounter any IOP or stability issue on VPN connection?1. Phase 1 configuration
2. Create phase 2 configuration
3. Phase 2 configuration
0 -
no issue actualy, but the device is since a vew days old, and it should establish a IPSEC connectivity to my USG60 without any interactivity by useing a SSL VPN Client in WIndows10, to avoid issues, if there is a Feature Uodate Release that require a new or updated, certified device driver for the IPSEC Client Software
The secondary site is 100% Windows10 and non mobile users, but they require a stable and availible Client-2-Site connectivity, to use the storage at the main site. that's my reason to ask about the best and secure practice to establish a client-2-site connectivity by a USG2plus, and the WAN IP at the main site is in use for dailin by IPSEC and SSL VPN Client.
Is DES and MD5 th highest level of secureity for a successful Client-to-Site connectivty from the 2plus to a USG60W ?
Result of this requestConfigure a Client-to-Site dial in (Client = USG2plus and Site = USG60W) in acording with the possible max. level of secureity (e.g. AES128/256 with SHA1, avoid MD5/DES and avoid a software client on the windows10 client at the remote site).Thanks for the quit responseRegardsChristian0 -
Hi @ChristianG,
It's not highest level of security for VPN connection. you also can use AES256+SHA1.
Here is Zywall2+ VPN encryption and authentication list for your reference.
Encryption : DES、3DES、 SHA128、 SHA192 、SHA256
Authentication : MD5、 SHA1
0
Zyxel Employee
Categories
- All Categories
- 383 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 200 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight
