ZXR10 ZSR V2 Series Router Product Description
26 ZTE Confidential & Proprietary
Authentication: It means confirming the identity of communicating parties.
ZXR10 ZSR V2 supports the pre-shared key authentication. An
authenticator generates a key, and Different authenticators cannot
generate the same key on both sides.
Identity protection: After a key is generated, identity data is encrypted for
protection in the transport.
Support AH and ESP protocols and their mixed use.
Transmit a packet in tunnel mode or transfer mode.
Provide two general hash algorithms to ensure that no data is modified in the
transport.
HMAC-MD5: Use 128-bit shared key for hash calculation.
HMAC-SHA-1: Use 160-bit shared key for hash calculation.
Support such encryption algorithms as DES-CBC, 3DES-CBC, AES-128-CBC,
AES-192-CBC, and AES-256-CBC.
Support IPSec DPD detection.
Support IPSec NAT traversal.
Support IPSec+GRE networking.
Support IPSec and VRF association.
3.5.2 IPSec NAT traversal
In network applications, if there is a routing equipment between two IPSec routers, the
IPSec router have to support NAT traversal. The NAT traversal mainly includes NAT-T
negotiation in IKE and using UDP to encapsulate and decapsulate the ESP packet.
To Next Page
Loading...
