Cisco Systems WRV54G manual How to Establish a Secure IPSec Tunnel, Create an IPSec Policy

Page 75

Wireless-G VPN Boradband Router

How to Establish a Secure IPSec Tunnel

Step 1: Create an IPSec Policy

1.Click the Start button, select Run, and type secpol.msc in the Open field. The Local Security Setting screen will appear as shown in Figure C-1.

2.Right-click IP Security Policies on Local Computer, and click Create IP Security Policy.

3.Click the Next button, and then enter a name for your policy (for example, to_router). Then, click Next.

4.Deselect the Activate the default response rule check box, and then click the Next button.

5.Click the Finish button, making sure the Edit check box is checked.

Figure C-1: Password Screen

NOTE: The references in this section to “win” are references to Windows 2000 and XP.

Step 2: Build Filter Lists

Filter List 1: win->router

1.In the new policy’s properties screen, verify that the Rules tab is selected, as shown in Figure C-2. Deselect the Use Add Wizard check box, and click the Add button to create a new rule.

2.Make sure the IP Filter List tab is selected, and click the Add button. (See Figure C-3.)

Appendix C: Configuring IPSec between a Windows 2000 PC and the Router

Figure C-2: Setup Tab

Figure C-3: IP Filter List Tab

71

How to Establish a Secure IPSec Tunnel

Image 75

Contents 802 GHz .11g Wireless- G How to Use this Guide Copyright and TrademarksWord definition Table of Contents Frequently Asked Questions Wireless SecurityWelcome IntroductionWhat’s in this Guide? Wireless-G Broadband VPN Router What’s an IP Address? Planning your Wireless NetworkRouter’s Functions IP AddressesWhy do I need a VPN? Dhcp Dynamic Host Configuration Protocol ServersDynamic IP Addresses What is a VPN? VPN Router to VPN Router Wireless-G VPN Broadband Router Back Panel Getting to Know the Wireless-G VPN Broadband RouterDMZ Front PanelOverview Connecting the Wireless-G Broadband RouterWireless Connection to a PC Wired Connection to a PCWireless-G VPN Broadband Router Configuring Windows 98 and Millennium PCs Configuring the PCsProperties Configuring Windows 2000 PCsConfiguring Windows XP PCs Configuring the Router SetupWireless Applications & Gaming Access RestrictionsAdministration SecurityInternet Setup How to Access the Web-based UtilitySetup Tab Basic Setup TabStatic Internet Connection Type Pptp Internet Connection Type Optional Settings Required by some ISPsNetwork Setup DynDNS.org Ddns TabAdvanced Routing MAC Address Clone Tab See FigureAdvanced Routing Tab MAC Clone10 Routing Table Static RoutingWireless Tab Basic Wireless Settings See FigureWireless Network WEP See Figure Wireless Security13 Wireless Network Access Wireless Network Access See Figure15 Advanced Wireless Settings Advanced Wireless Settings See FigureFirewall Security TabVPN 18 Manual Key Management 19 Advanced VPN Tunnel Setup WEP Access Restriction Access Restrictions Tab23 Internet Filter Summary Port Range Forwarding Applications and Gaming Tab27 Port Triggering Port Triggering28 UPnP Forwarding UPnP ForwardingDMZ Administration Tab Router PasswordManagement Syslog Notification LogUPnP Email AlertGeneral Log DiagnosticsNotification Queue Length Alert Log33 Factory Default WAN Connections StatusRouter Information36 Local Network Local NetworkSystem Performance 38 WirelessAppendix a Troubleshooting Common Problems and SolutionsNeed to set a static IP address on a PC Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router TCP UDP Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Need to upgrade the firmwareFirmware upgrade failed, and/or the Power LED is flashing Power LED flashes continuously My DSL service’s PPPoE is always disconnectingDoes the Router support IPX or AppleTalk? Frequently Asked QuestionsWhere is the Router installed on the network? Is IPSec Pass-Through supported by the Router?Does the Router support ICQ send file? What is Network Address Translation and what is it used for?How can I block corrupted FTP downloads? How many ports can be simultaneously forwarded? What is DMZ Hosting?What are the advanced features of the Router? Is the Router cross-platform compatible?What is infrastructure mode? What is the Ieee 802.11g standard?What Ieee 802.11b features are supported? What is ad-hoc mode?What is WEP? What is ISM band?What is Spread Spectrum? What is DSSS? What is FHSS? And what are their differences?How do I reset the Router? How do I resolve issues with signal loss?Have excellent signal strength, but I cannot see my network Appendix B Wireless Security Brief OverviewWhat Are The Risks? Jamming Attacks Passive AttacksMan-in-the-Middle Attacks Maximizing Wireless SecurityActive Attacks Dictionary-Building or Table Attacks5SSID 8WEP Wireless-G VPN Broadband Router Figure B-2 WEP 4GHz/802.11b and 802.11g WEP EncryptionWRV54G EnvironmentFilter List 1 win-router How to Establish a Secure IPSec TunnelCreate an IPSec Policy Build Filter ListsFigure C-4 IP Filter List Filter List 2 router-winFigure C-7 IP Filter List Tunnel 1 win-router Configure Individual Tunnel RulesFigure C-13 Authentication Methods Tunnel 2 router-win Figure C-16 Tunnel Setting TabFigure C-19 IP Filter List Tab Figure C-22 Preshared Key Figure C-25 Connection Type Assign New IPSec PolicyFigure C-28 VPN Tab Create a Tunnel Through the Web-Based UtilityWindows 98 or Me Instructions Figure D-1 IP Configuration ScreenFigure D-3 MAC Address/Physical Address Windows 2000 or XP InstructionsAppendix E Snmp Functions Appendix F Upgrading Firmware Figure F-1 Upgrade FirmwareAppendix G Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Appendix H Glossary Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Wireless-G VPN Broadband Router Appendix I Specifications Transmit Power 19dBm LEDsUp to 54Mbps wireless, up to 100 Mbps LAN FCC Statement Appendix J Regulatory InformationFCC Part 68 Statement Safety Notices Limited Warranty Appendix K Warranty InformationAppendix L Contact Information