Linksys WAG54G manual Manual Key Management

Page 37

Wireless-G ADSL Gateway

correctly, or the connection cannot be made. Remember, this is NOT the IP Address of the local VPN Gateway, but the IP Address of the remote VPN Gateway or device with which you wish to communicate. If you enter an IP address, only the specific IP Address will be able to acess the tunnel. If you select Any, any IP Address can access the tunnel.

Encryption. Using Encryption also helps make your connection more secure. There are two different types of encryption: DES or 3DES (3DES is recommended because it is more secure). You may choose either of these, but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose not to encrypt by selecting Disable. In Figure 5-19, DES (which is the default) has been selected.

Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA is recommended because it is more secure). As with encryption, either of these may be selected, if the VPN device at the other end of the tunnel is using the same type of authentication. Or, both ends of the tunnel may choose to Disable authentication. In the Manual Key Management screen, MD5 (the default) has been selected.

Key Management. Select Auto (IKE) or Manual from the drop-down menu. The two methods are described below.

Auto (IKE)

Select Auto (IKE) and enter a series of numbers or letters in the Pre-shared Key field. Based on this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed. In the Key Lifetime field, you may select to have the key expire at the end of a time period. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely. Check the box next to PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure.

Manual

Select Manual, then select the Encryption Algorithm from the drop-down menu. Enter the Encryption Key in the field (if you chose DES for your Encryption Algorithm, enter 16 hexadecimal characters, if you chose 3DES, enter 48 hexadecimal characters). Select the Authentication Algorithm from the drop-down menu. Enter the Authentication Key in the field (if you chose MD5 for your Authentication Algorithm, enter 32 hexadecimal characters, if you chose SHA1, enter 40 hexadecimal characters). Enter the Inbound and Outbound SPIs in the respective fields.

Status. The status of the connection is shown.

Click the Connect button to connect your VPN tunnel. Click View Logs to view system, UPnP, VPN, firewall, access, or all logs.Click the Advanced Settings button and the Advanced IPSec VPN Tunnel Setup screen will appear.

Chapter 5: Configuring the Gateway

Figure 5-24: Manual Key Management

Figure 5-25: System Log

30

The Security Tab

Page 36 Page 38
Image 37
Page 36 Page 38
Contents Wireless- G Copyright and Trademarks How to Use this GuideWord definition Table of Contents Wireless-G Adsl Gateway Computer-to-VPN Gateway Network23 VPN Settings Summary Figure C-9 New Rule Properties Welcome IntroductionWhat’s in this Guide? Wireless-G Adsl Gateway Gateway’s Functions Planning Your NetworkIP Addresses What’s an IP Address?Dhcp Dynamic Host Configuration Protocol Servers What is a VPN?Dynamic IP Addresses VPN Gateway to VPN Gateway Why do I need a VPN?Data Sniffing MAC Address SpoofingBack Panel Getting to Know the Wireless-G Adsl GatewayIndication of any network activity Front PanelWhile establishing the Adsl connection InternetOverview Connecting the Wireless-G Adsl GatewayEthernet Connection Wired Connection to a ComputerWireless Connection to a Computer Setup Configuring the GatewayWireless SecurityAdministration Access RestrictionsApplications & Gaming StatusSetup Tab How to Access the Web-based UtilityInternet Setup Multiplexing Select LLC or VC , depending on your ISPStatic IP RFC 1483 Bridged Dynamic IPVirtual Circuit Enter the VPI and VCI ranges in the fields RFC 2516 PPPoE RFC 1483 RoutedRFC 2364 PPPoA Bridged Mode OnlyNetwork Setup Optional Settings Required by some ISPsDynDNS.org Ddns TabTZO.com Advanced Routing Advanced Routing Tab13 Routing Table Basic Wireless Settings Tab Wireless TabWireless Network 15 WPA Pre-Shared Key Wireless Security Tab17 WEP Wireless Network Access Wireless Access Tab Advanced Wireless Advanced Wireless Settings TabFirewall Security TabAdditional Filters 22 VPN Local Security Gateway24 Manual Key Management Manual26 Advanced VPN Tunnel Setup Advanced VPN Tunnel SetupConfiguring the Gateway Security Tab Internet Access Access Restrictions Tab29 List of PCs Single Port Forwarding Applications and Gaming TabPort Range Forwarding 33 Port Triggering Port TriggeringAdvanced QoS This setting allows you to specify traffic queue priorityApplication-based QoS Gateway Access Administration TabManagement UPnP ReportingEmail Alerts Backup&Restore DiagnosticsFactory Defaults Ping TestReboot Firmware UpgradeUpgrade from LAN Gateway Status TabGateway Information Internet Connections45 Local Network Local Network47 Wireless 49 DSL Connection DSL ConnectionCommon Problems and Solutions Appendix a TroubleshootingNeed to set a static IP address on a computer Want to test my Internet connection Wireless-G Adsl Gateway Wireless-G Adsl Gateway IP Address TCP UDPCan’t get the Internet game, server, or application to work Need to upgrade the firmware To start over, I need to set the Gateway to factory defaultFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnectingPower LED flashes continuously Where is the Gateway installed on the network? Frequently Asked QuestionsIs IPSec Passthrough supported by the Gateway? Does the Gateway support IPX or AppleTalk?Does the Gateway support ICQ send file? What are the advanced features of the Gateway? What is DMZ Hosting?Will the Gateway function in a Macintosh environment? Is the Gateway cross-platform compatible?What Ieee 802.11b and 802.11g features are supported? What is the Ieee 802.11g standard?What is ad-hoc mode? What is infrastructure mode?What is Spread Spectrum? What is the ISM band?What is DSSS? What is FHSS? And what are their differences? What is a MAC Address? What is WEP?How do I reset the Gateway? How do I resolve issues with signal loss?Important Information for Wireless Products Appendix B Wireless SecurityWireless-G Adsl Gateway Wireless-G Adsl Gateway WAG54G EnvironmentCreate an IPSec Policy How to Establish a Secure IPSec TunnelBuild Filter Lists Filter List 1 win-RouterFigure C-4 IP Filter LIst Filter List 2 Router -winFigure C-7 IP Filter List Tunnel 1 win-Router Configure Individual Tunnel RulesFigure C-13 Authentication Methods Tunnel 2 Router-win Figure C-16 Tunnel Setting TabFigure C-19 IP Filter List Tab Figure C-22 Preshared Key Figure C-25 Connection Type Assign New IPSec PolicyFigure C-28 VPN Tab Create a Tunnel Through the Web-Based UtilityWindows 98 or Me Instructions Figure D-1 IP Configuration ScreenFigure D-3 MAC Address/Physical Address Windows 2000 or XP InstructionsAppendix E Upgrading Firmware Upgrade from WANAppendix F Glossary Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Wireless-G Adsl Gateway Standards Appendix G SpecificationsAnnex-B, WAG54G-DE UR-2 Operating Temp 0ºC to 40ºCStorage Humidity Storage Temp 20ºC to 70ºC Operating Humidity10% to 85% Non-Condensing FCC Statement Appendix H Regulatory InformationWireless-G Adsl Gateway Radio EN 300 EMC EN 301 489-1, EN 301 Safety EN Location Frequency Range MHz Power Eirp Applicable Power Levels in FranceBelgium Wireless-G Adsl Gateway Open the Wireless Network Connection window Appendix I Warranty Information Europe Mail Address Appendix J Contact InformationOutside of Europe Mail Address
Top Page Image Contents