Linksys WAG325N manual Phase, Internet Access Policy, Summary

Page 22

Chapter 3

Advanced Configuration

From the Advanced Settings screen you can adjust the settings for specific VPN tunnels.

Phase 1  Phase 1 is used to create a security association (SA), often called the IKE SA. After Phase 1 is completed, Phase 2 is used to create one or more IPSec SAs, which are then used to key IPSec sessions.

Operation Mode  There are two modes: Main and Aggressive, and they exchange the same IKE payloads in different sequences. Main mode is more common; however, some people prefer Aggressive mode because it is faster. Main mode is for normal usage and includes more authentication requirements than Aggressive mode. Main mode is recommended because it is more secure. No matter which mode is selected, the VPN Router will accept both Main and Aggressive requests from the remote VPN device. If a user on one side of the tunnel is using a Unique Firewall Identifier, this should be entered under the User Name field.

Encryption  3DES is used to encrypt/decrypt ESP packets.

Authentication  Select the method used to authenticate ESP packets. There are two choices: MD5 and SHA. SHA is recommended because it is more secure.

Group.  There are two Diffie-Hellman Groups to choose from: 768-bit, 1024-bit, and 1536-bit. Diffie-Hellman refers to a cryptographic technique that uses public and private keys for encryption and decryption.

Key Lifetime  In the Key Lifetime field, you may optionally select to have the key expire at the end of a time period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation between each endpoint is completed.

Phase 2

Group  There are two Diffie-Hellman Groups to choose from: 768-bit, 1024-bit., and 1536-bit Diffie-Hellman refers to a cryptographic technique that uses public and private keys for encryption and decryption.

Key Lifetime  In the Key Lifetime field, you may optionally select to have the key expire at the end of a time period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation between each endpoint is completed.

Click Save Settings to apply your changes, or click Cancel Changes to cancel your changes.

Access Restrictions > Internet Access Policy

The Internet Access Policy screen allows you to block or allow specific kinds of Internet usage and traffic, such as Internet access, designated services, and websites during specific days and times.

Access Restrictions > Internet Access Policy

Internet Access Policy

Internet Access Policy  Access can be managed by a policy. Use the settings on this screen to establish an access policy (after Save Settings is clicked). Selecting a policy from the drop-down menu will display that policy’s settings. To delete a policy, select that policy’s number and click Delete. To view all the policies, click Summary.

Summary

The policies are listed with the following information: No., Policy Name, Days, and Time of Day. To delete a policy, select Delete. To return to the Internet Access Policy screen, click Close.

Summary

Status  Policies are disabled by default. To enable a policy, select the policy number from the drop-down menu, and select Enable.

Wireless-N ADSL2+ Gateway

21

Page 21 Page 23
Image 22
Page 21 Page 23
Contents User Guide Online Resources About This GuideIcon Descriptions Copyright and TrademarksTable of Contents Wireless-N ADSL2+ Gateway Iii LEDs Chapter Product OverviewBack Panel General Network Security Guidelines Chapter Wireless Security ChecklistAdditional Security Tips Setup InstallationConnection Setup Basic Setup Chapter Advanced ConfigurationHow to Access the Web-Based Utility Internet SetupRFC 2364 PPPoA VC SettingsPPPoA Settings RFC 2516 PPPoERFC 1483 Routed PPPoE SettingsIP Settings IPoAOptional Settings Network SetupBridge Mode Only Network Address Server Settings DhcpDdns Service Setup DdnsTime Settings LanguageSetup MAC Address Clone Setup Advanced RoutingAdvanced Routing Wireless Basic Wireless SettingsWireless Network Dynamic RoutingWPA2-Personal Recommended Wireless Wireless SecurityWireless Security WPA2-EnterpriseRadius May affect wireless performance. WPA2 recom- mended WEP May affect wireless performance. WPA2 recommend- ed Wireless Wireless Mac FilterWireless MAC Filter Access RestrictionsWireless Advanced Wireless Settings Advanced WirelessSecurity Firewall Security VPN PassthroughEstablishing a Tunnel Security VPNRemote Security Gateway Advanced VPN Tunnel Setup Key ManagementInternet Access Policy PhaseSummary Applications and Gaming Single Port Forwarding Single Port ForwardingPort Range Forwarding Applications and Gaming Port Range ForwardingApplications & Gaming Port Range Triggering Port Range TriggeringApplications and Gaming DMZ WirelessInternet Access Priority Applications and Gaming QoSOnline Games ApplicationsAdd a New Application MAC AddressLocal Gateway Access Administration ManagementGateway Access Remote Gateway AccessUPnP Administration LogAdministration Diagnostics LogAdministration Backup & Restore Administration Factory DefaultsStatus Gateway Administration Firmware UpgradeStatus Local Network Dhcp Server Status WirelessStatus DSL Connection Dhcp Client TableDSL Connection PVC ConnectionAppendix a Troubleshooting Your computer cannot connect to the InternetAppendix B Specifications WAG325NAppendix C Warranty Information Industry Canada Statement Safety NoticesFCC Statement Avis d’Industrie CanadaПриложими Клаузи Bulgarian National Restrictions CE MarkingDenmark Product Usage Restrictions Technical Documents onDansk Danish Miljøinformation for kunder i EU Regulatory Information Norsk Norwegian Miljøinformasjon for kunder i EU Regulatory Information
Top Page Image Contents