Cisco Systems WRV54G manual Manual Key Management

Page 36

Wireless-G VPN Broadband Router

settings of the remote VPN device. Make sure that you have entered the IP Address correctly, or the connection cannot be made. Remember, this is NOT the IP Address of the local VPN Router, but the IP Address of the remote VPN Router or device with which you wish to communicate.

Encryption. Using Encryption also helps make your connection more secure. There are two different types of encryption: DES or 3DES (3DES is recommended because it is more secure). You may choose either of these, but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose not to encrypt by selecting Disable. In Figure 6-18, DES (which is the default) has been selected.

Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA is recommended because it is more secure). As with encryption, either of these may be selected, provided that the VPN device at the other end of the tunnel is using the same type of authentication. Or, both ends of the tunnel may choose to Disable authentication. In Figure 6-18, MD5 (the default) has been selected.

Key Management. Key Exchange Method. Select Auto (IKE) or Manual for the Key Exchange Method. The two methods are described below.

Auto (IKE)

Select Auto (IKE) and enter a series of numbers or letters in the Pre-shared Key field. Check the box next to PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure. Based on this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed. In the Key Lifetime field, you may optionally select to have the key expire at the end of a time period of your choosing. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely.

Manual (See Figure 6-18.)

Select Manual, then select the Encryption Algorithm from the drop-down menu. Enter the Encryption Key in the field (If, for your Encryption Algorithm, you chose DES, enter 16 hexadecimal characters. If you chose 3DES, enter 48 hexadecimal characters.) Select the Authentication Algorithm from the drop-down menu. Enter the Authentication Key in the field (If, for your Authentication Algorithm, you chose MD5, enter 32 hexadecimal characters. If you chose SHA1, enter 40 hexadecimal characters.) . Enter the Inbound and Outbound SPIs in the respective fields.

Status. Click the Advanced VPN Tunnel Setup key and the Advanced VPN Tunnel Setup screen will appear. See Figure 6-19.

Chapter 6: Configuring the Router

Figure 6-18: Manual Key Management

32

The Security Tab

Page 35 Page 37
Image 36
Page 35 Page 37
Contents 802 GHz .11g Wireless- G How to Use this Guide Copyright and TrademarksWord definition Table of Contents Wireless Security Frequently Asked QuestionsIntroduction WelcomeWhat’s in this Guide? Wireless-G Broadband VPN Router Planning your Wireless Network Router’s FunctionsIP Addresses What’s an IP Address?Why do I need a VPN? Dhcp Dynamic Host Configuration Protocol ServersDynamic IP Addresses What is a VPN? VPN Router to VPN Router Wireless-G VPN Broadband Router Getting to Know the Wireless-G VPN Broadband Router Back PanelFront Panel DMZConnecting the Wireless-G Broadband Router OverviewWired Connection to a PC Wireless Connection to a PCWireless-G VPN Broadband Router Configuring the PCs Configuring Windows 98 and Millennium PCsConfiguring Windows 2000 PCs PropertiesConfiguring Windows XP PCs Configuring the Router SetupWireless Access Restrictions AdministrationSecurity Applications & GamingHow to Access the Web-based Utility Setup TabBasic Setup Tab Internet SetupStatic Internet Connection Type Optional Settings Required by some ISPs Pptp Internet Connection TypeNetwork Setup Ddns Tab DynDNS.orgMAC Address Clone Tab See Figure Advanced Routing TabMAC Clone Advanced RoutingStatic Routing 10 Routing TableWireless Tab Basic Wireless Settings See FigureWireless Network Wireless Security WEP See FigureWireless Network Access See Figure 13 Wireless Network Access Advanced Wireless Settings See Figure 15 Advanced Wireless SettingsSecurity Tab FirewallVPN 18 Manual Key Management 19 Advanced VPN Tunnel Setup WEP Access Restrictions Tab Access Restriction23 Internet Filter Summary Applications and Gaming Tab Port Range ForwardingPort Triggering 27 Port TriggeringUPnP Forwarding 28 UPnP ForwardingDMZ Administration Tab Router PasswordManagement Log UPnPEmail Alert Syslog NotificationDiagnostics Notification Queue LengthAlert Log General Log33 Factory Default Status RouterInformation WAN ConnectionsLocal Network 36 Local Network38 Wireless System PerformanceAppendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router TCP UDP Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnecting Power LED flashes continuouslyFrequently Asked Questions Where is the Router installed on the network?Is IPSec Pass-Through supported by the Router? Does the Router support IPX or AppleTalk?What is Network Address Translation and what is it used for? Does the Router support ICQ send file?How can I block corrupted FTP downloads? What is DMZ Hosting? What are the advanced features of the Router?Is the Router cross-platform compatible? How many ports can be simultaneously forwarded?What is the Ieee 802.11g standard? What Ieee 802.11b features are supported?What is ad-hoc mode? What is infrastructure mode?What is ISM band? What is Spread Spectrum?What is DSSS? What is FHSS? And what are their differences? What is WEP?How do I reset the Router? How do I resolve issues with signal loss?Have excellent signal strength, but I cannot see my network Appendix B Wireless Security Brief OverviewWhat Are The Risks? Passive Attacks Jamming AttacksMaximizing Wireless Security Active AttacksDictionary-Building or Table Attacks Man-in-the-Middle Attacks5SSID 8WEP Wireless-G VPN Broadband Router 4GHz/802.11b and 802.11g WEP Encryption Figure B-2 WEPEnvironment WRV54GHow to Establish a Secure IPSec Tunnel Create an IPSec PolicyBuild Filter Lists Filter List 1 win-routerFilter List 2 router-win Figure C-4 IP Filter ListFigure C-7 IP Filter List Configure Individual Tunnel Rules Tunnel 1 win-routerFigure C-13 Authentication Methods Figure C-16 Tunnel Setting Tab Tunnel 2 router-winFigure C-19 IP Filter List Tab Figure C-22 Preshared Key Assign New IPSec Policy Figure C-25 Connection TypeCreate a Tunnel Through the Web-Based Utility Figure C-28 VPN TabFigure D-1 IP Configuration Screen Windows 98 or Me InstructionsWindows 2000 or XP Instructions Figure D-3 MAC Address/Physical AddressAppendix E Snmp Functions Figure F-1 Upgrade Firmware Appendix F Upgrading FirmwareAppendix G Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Appendix H Glossary Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Appendix I Specifications Transmit Power 19dBm LEDsUp to 54Mbps wireless, up to 100 Mbps LAN Appendix J Regulatory Information FCC StatementFCC Part 68 Statement Safety Notices Appendix K Warranty Information Limited WarrantyAppendix L Contact Information
Top Page Image Contents