Cisco Systems RVL200 manual Chapter Introduction, Introduction to the Router

Page 9

Chapter 1

Chapter 1:

Introduction

Introduction to the Router

Thank you for choosing the Linksys 4-Port SSL/IPSec VPN Router. The Router is an advanced Internet-sharing network solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection. It features a built-in, 4-port, full- duplex, 10/100 Ethernet switch to connect four computers directly, or you can connect more switches to create as big a network as you need. If you have multiple routers in your Local Area Network (LAN), you can use the Router’s multiple subnet feature to support those routers.

The five Secure Sockets Layer (SSL) Virtual Private Network (VPN) tunnels gives your mobile workers a secure and easy way to stay connected. Additionally, an IPSec (Internet Protocol Security), gateway-to-gateway VPN tunnel facilitates branch office connectivity. As an essential element of your business, the Router provides security functions for authentication, encryption, and firewall. Additional security features includes Denial of Service (DoS) prevention and HTTPS management, while the Quality of Service (QoS) features provide consistent voice and video quality throughout your business.

Use the browser-based utility to configure settings and run convenient wizards that will help you set up the Router and its access rules.

Introduction to Virtual Private Networks (VPNs)

A VPN is a connection between two endpoints—a VPN Router, for instance—in different networks that allows private data to be sent securely over a shared or public network, such as the Internet. This establishes a private network that can send data securely between these two locations or networks.

The private network is established by creating a“tunnel”. A VPN tunnel connects the two computers or networks and allows data to be transmitted over the Internet as if it were still within those networks. A VPN tunnel uses industry- standard encryption and authentication techniques to secure the data sent between the two networks.

Virtual Private Networking was created as a cost-effective alternative to using a private, dedicated, leased line for a private network. It can be used to create secure networks linking a central office with branch offices, telecommuters, and/or professionals on the road. The 4-Port SSL/IPSec

Introduction

VPN Router supports two of the most popular VPN tunnel types, SSL and IPSec.

There are two basic ways to create a VPN connection:

VPN Router to VPN Router

computer (using SSL VPN client software) to VPN Router

NOTE: The 4-Port SSL/IPSec VPN Router does not support IPSec VPN client software.

The VPN Router creates a“tunnel”or channel between two endpoints, so that data transmissions between them are secure. A computer with SSL or IPSec VPN client software can be one of the two endpoints.

For an IPSec VPN tunnel, any computer with the built-in IPSec Security Manager (Windows 2000 and XP) allows the VPN Router to create a VPN tunnel using IPSec (Windows Vista uses a similar utility). Other Windows operating systems require additional, third-party VPN client software applications that support IPSec to be installed.

For an SSL VPN tunnel, a computer can download the Virtual Passage SSL VPN client software during first-time connection to the SSL VPN Portal. (See“Appendix B: Virtual Passage SSL VPN Client.”)

VPN Router to VPN Router

An example of a VPN Router-to-VPN Router VPN would be as follows. At home, a telecommuter uses his VPN Router for his always-on Internet connection. His Router is configured with his office’s VPN settings. When he connects to his office’s router, the two routers create a VPN tunnel, encrypting and decrypting data. As VPNs utilize the Internet, distance is not a factor. Using the VPN, the telecommuter now has a secure connection to the central office’s network, as if he were physically connected.

4-Port SSL/IPSec VPN Router



Image 9
Contents Port SSL/IPSec VPN Router About This Guide About This GuideTable of Contents Ddns IPSec VPN Gateway to Gateway Appendix C Bandwidth Management Appendix D Active Directory ServerAppendix E User for the Active Directory Server Appendix I Gateway-to-Gateway VPN Tunnel Appendix J IPSec NAT TraversalAppendix L Multiple VLANs with Computers Appendix P Battery Replacement Appendix O Firmware UpgradeAppendix Q Specifications Appendix M Multiple VLANs and SubnetsChapter Introduction ChapterIntroduction Introduction to the RouterComputer using SSL VPN client software to VPN Router Product Overview Chapter Product OverviewFront Panel Back PanelChapter Installation InstallationPhysical Installation Cable Connection Advanced Configuration Chapter Advanced ConfigurationOverview Before You BeginClick Security Select Use SSL 2.0 and Use SSL How to Access the Web-Based UtilitySystem Information System SummaryFirewall Setting Status Network Setting StatusIPSec VPN Setting Status SSL VPN Setting StatusLAN Setting Setup Tab NetworkNetwork WAN Connection TypePPPoE Point-to-Point Protocol over Ethernet Static IPPptp Point-to-Point Tunneling Protocol Setup PasswordSetup DMZ Host Setup TimePassword TimeForwarding Setup Tab ForwardingPort Range Forwarding Port TriggeringUPnP Setup UPnPSetup One-to-One NAT Setup MAC CloneOne-to-One NAT Setup Advanced Routing Setup DdnsMAC Clone Advanced RoutingStatic Routing Dhcp SetupSetup Dynamic IPStatic IP Status Dhcp StatusDhcp Multiple VLANs Multiple VLANsDiagnostic System Management DiagnosticDhcp Inter-VLAN Routing Inter-VLAN RoutingFirmware Upgrade Factory DefaultSystem Management Restart Firmware DownloadExport Configuration File Import Configuration FileSystem Management Port Mirroring RestartBasic Per Port Config Port Management Port SetupPort Management Port Status Port StatusPort Setting Port Management Port SettingPort Management Create Vlan Create VlanQoS Bandwidth Management Vlan MembershipBandwidth Management Priority Rate ControlQoS Setup QoS QoS SetupQoS Mode Trust Mode Default CoSQoS Dscp Settings QoS Queue SettingsQueue Settings CoS SettingsFirewall General Dscp SettingsGeneral Dscp to QueueFirewall Access Rules Access RulesRestrict WEB Features Services Add a New Access RuleContent Filter Firewall Content FilterScheduling IP/MAC GroupForbidden Domains IPSec VPN SummaryWebsite Blocking by Keywords IP AddressIPSec VPN Gateway to Gateway Local Group SetupSummary Add a New TunnelRemote Group Setup Local Security Group TypeRemote Security Gateway Type Remote Security Group Type IKE with Preshared Key IPSec SetupAdvanced SSL VPN Summary IPSec VPN VPN Pass ThroughSSL VPN Certificate Management VPN Pass ThroughSSL VPN User Management Authentication TypeUser Management Edit GroupEdit User SSL VPN Virtual PassageSnmp Global Parameters Virtual PassageGlobal Parameters Snmp Group Profile Snmp ViewsViews Group ProfileSnmp Communities Snmp Group MembershipGroup Membership CommunitiesNotification Recipient Snmp Notification RecipientSystem Log Log System LogLog System Statistics Log SettingAlert Log General LogWizard Basic SetupPPPoE Obtain an IP automaticallyAccess Rule Setup Select the Service Logout SupportManual Linksys Web SiteLogout Appendix a Troubleshooting TroubleshootingAppendix a Appendix B Appendix B Virtual Passage SSL VPN ClientBefore You Begin Windows OS Click Trusted sites Make the SSL VPN Portal a Trusted Site Windows OSLogin for the SSL VPN Portal Windows OS Installation of the Virtual Passage Client Windows OSClick Continue Anyway When you right-click the icon, you have three optionsInstallation of the Virtual Passage Client Mac OS Login for the SSL VPN Portal Mac OSWindows Vista Usage Click Continue Removal of the Virtual Passage Client Mac OSInstallation of the Virtual Passage Client Linux OS Login for the SSL VPN Portal Linux OSBefore You Begin Linux OS Removal of the Virtual Passage Client Linux OS Appendix C Creation of New ServicesAppendix C Bandwidth Management Bandwidth ManagementCreation of New Bandwidth Management Rules Click Save SettingsAppendix D Appendix D Active Directory ServerActive Directory Server Select Domain in a new forest, and then click Next Enter a domain name, and then click Next Active Directory Server Troubleshooting Appendix E User for the Active Directory Server Appendix EUser for the Active Directory Server Appendix F Appendix F Internet Authentication Service IAS ServerInternet Authentication Service IAS Server Select Unencrypted authentication. Click Apply Click Finish Welcome to the New Connection Request Policy Wizard Click Edit Profile Click the User Management tab Appendix GAppendix H Select HTTPSTCP/443~443 from the Service drop- down menuAppendix H Deployment in an Existing Network LAN-to-LAN ConnectionWAN-to-LAN Connection Appendix Configuration of the RVL200Appendix Gateway-to-Gateway VPN Tunnel Click the Gateway to Gateway tabConfiguration of PC 1 and PC Configuration of the RV082RV082 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix Configuration of Router a Configuration of ScenarioAppendix J Appendix J IPSec NAT TraversalIPSec NAT Traversal Configuration of Router BOne-to-One NAT Rule on NAT 1 RV042 One-to-One NAT Rule on NAT 2 RV042Configuration of Router a RVL200-to-RV042 Configuration Configuration of MultipleAppendix K Appendix KRV042 #1 Configuration Click Save SettingClick the Advanced Routing tab RV042 #2 Configuration Appendix L RVL200-to-SRW2048 ConfigurationAppendix L Multiple VLANs with Computers Click the Port Management tabSRW2048 Configuration Select Enable VlanClick Save Settings Click the Vlan Membership tab Appendix M RVL200 ConfigurationAppendix M Multiple VLANsClick the Inter-VLAN Routing tab Inter-VLAN Routing OptionAppendix N Access of Multiple VLANsAppendix N Over a SSL VPN TunnelAppendix O Firmware Upgrade Firmware UpgradeAppendix O Click the Firmware Upgrade tab Upgrade the FirmwareBattery Replacement Appendix P Battery ReplacementReplace the Lithium Battery Appendix PAppendix Q Specifications SpecificationsAppendix Q Warranty Information Limited WarrantyAppendix R Regulatory Information Appendix SDansk Danish Miljøinformation for kunder i EU Port SSL/IPSec VPN Router 106 Norsk Norwegian Miljøinformasjon for kunder i EU Port SSL/IPSec VPN Router 108 Contact Information Appendix T