Linksys RV0041 manual IPSec Setup, Manual

Page 50

10/100/1000 4-Port VPN Router

IP + E-mail Addr. (USER FQDN) Authentication: This selection affords a greater amount of security because each side of the tunnel must use the same IP Address as well as the same email. Only one email address can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel. If you know the static IP address of remote VPN device, select IP address from drop-down menu. If you don't know the static IP address of remote VPN device, but the domain name of remote VPN device is known, you can select IP by DNS Resolved, and enter the real domain name on the Internet. RV0041 will get the IP address of remote VPN device by DNS Resolved, and IP address of remote VPN device will be displayed on VPN Status of Summary page.

Dynamic IP + Domain Name (FQDN) Authentication: This setting uses a dynamic IP address, which is constantly changing. In addition, the tunnel is confirmed through use of a domain name. Only one domain name can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel.

Dynamic IP + E-mail Addr.(USER FQDN) Authentication: This setting uses a dynamic IP address, which is constantly changing. In addition, the tunnel is confirmed through use of an email address. Only one email address can be used for one tunnel and may not be applied to another tunnel.These settings must match the Remote Group Setup on the other end of the tunnel.

Remote Security Group Type. Select the local LAN user(s) that can use this VPN tunnel. Remote Security Group Type may be a single IP address, a Subnet or an IP address range. The Remote Secure Group must match the Local Secure Group on the other end of the tunnel. Selecting IP Address allows only one computer, with the spe- cific IP Address, access to the tunnel. (The default IP is 192.168.1.0.) If you select Subnet, all computers on the local subnet can access the tunnel. The default IP is 192.168.1.0, and default Subnet Mask is 255.255.255.192. If you select IP Range, you can specify a range of IP Addresses to access the tunnel. The default IP Range is 192.168.1.0~254.

IPSec Setup

In order for any encryption to occur, the two ends of the tunnel must agree on the type of encryption and the way the data will be decrypted. This is done by sharing a “key” to the encryption code. There are two Keying Modes of key management, Manual and IKE with Preshared Key (automatic).

Manual

If you select Manual, you generate the key yourself, and no key negotiation is needed. Basically, manual key management is used in small static environments or for troubleshooting purposes. Both sides must use the same Key Management method.

Incoming & Outgoing SPI (Security Parameter Index): SPI is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to select the SA, under which a packet should be

Chapter 5: Setting Up and Configuring the Router

Figure 5-41: VPN tab - Gateway to Gateway

IPSec Setup

42

VPN Tab - Gateway to Gateway

Page 49 Page 51
Image 50
Page 49 Page 51
Contents 10/100/1000 4-Port Copyright and Trademarks Word definitionTable of Contents Appendix D Battery Replacement Appendix a TroubleshootingAppendix C Physical Setup of the Router Setting up the Router10/100/1000 4-Port VPN Router VPN Router-to-VPN Router VPN Computer-to-VPN Router VPN24 System Management Tab DNS Name Lookup 54 Basic Setup Wizard Host and Domain Name IP a protocol used to send data over a network IntroductionWelcome What’s in this Guide? Adapter a device that adds network functionality to your PCIntroduction What’s in this Guide? Use of IP Addresses Networking BasicsAn Introduction to LANs Why do I need a VPN? MAC Address SpoofingWhat is a VPN? There are two basic ways to create a VPN connectionVPN Router to VPN Router VPN Router-to-VPN Router VPNGetting to Know the Router SFPForwarding or a new password Reset Button Reset button can be used in one of two waysButton on your PC to reboot it Proceed to Connecting the RouterVPN Router Connecting the RouterOverview Setting Up and Configuring the Router Connection InstructionsSystem Summary Tab Setting Up and Configuring the RouterSetup Tab Port Management Tab Dhcp TabSystem Management Tab Log Tab Firewall TabVPN Tab Wizard TabSystem Summary Tab How to Access the Web-based UtilityConfiguration System InformationPort Statistics Network Setting StatusFirewall Setting Status VPN Setting Status Log Setting StatusNetwork LAN SettingWAN Interface Setting WAN Connection TypePptp Point-to-Point Tunneling Protocol Static IPPPPoE Point-to-Point Protocol over Ethernet most DSL users Time Setup Tab PasswordSetup Tab Time Setup Tab DMZ Host Setup Tab ForwardingPort Triggering Select the Service from the pull-down menu, shown in FigurePort Range Forwarding Setup Tab UPnP Setup Tab One-to-One NATSetup Tab MAC Clone Setup Tab DdnsSetup Tab Advanced Routing Dynamic RoutingStatic Routing Enter the following data to create a static route entryDynamic IP Dhcp Tab SetupSetup Static IPDhcp Tab Status System Management Tab SnmpPing System Management Tab DiagnosticDNS Name Lookup Lookup tool may be used to find the IP addressFirmware Upgrade System Management Tab Factory DefaultSystem Management Tab Firmware Upgrade Firmware DownloadExport Configuration File System Management Tab Setting BackupImport Configuration File System Management Tab RestartPort Management Tab Port Setup Basic Per Port ConfigPort Management Tab Port Status 32 Port Management Tab Port StatusFirewall Tab General 33 Firewall Tab GeneralFirewall Tab Access Rules 34 Firewall Tab Access RulesScheduling Add a New Access RuleServices Forbidden Domains Firewall Tab Content FilterEditing an Access Rule SchedulingTunnel Status VPN Tab SummarySummary GroupVPN Status 37 VPN Tab Summary DetailLocal Group Setup VPN Tab Gateway to GatewayRemote Group Setup 40 VPN tab Gateway to Gateway Remote Group SetupIPSec Setup ManualIKE with Preshared Key automatic 10/100/1000 4-Port VPN Router Advanced 42 VPN tab Gateway to Gateway AdvancedWith Tunnel Enabled VPN Tab Client to Gateway45 VPN tab Client to Gateway Remote Group Setup With Group VPN enabled 46 VPN tab Client to Gateway IPSec Setup IKE with Preshared Key automatic Tunnel mode, it will also be limited as Aggressive Mode 47 VPN tab Client to Gateway AdvancedVPN Tab VPN Pass Through Compress Support IP Payload compression Protocol IP CompSyslog Log SettingLog Tab System Log MailLog Tab System Statistics 51 Log tab System StatisticsBasic Setup Wizard Tab55 Basic Setup Wizard Selecting WAN Connection Types Access Rule Setup 57 Access Rule Wizard What is Access Rules59 Access Rule Wizard Select the Service 61 Access Rule Wizard Select the Destination On Line Manual Support TabLogout Tab Linksys Web SiteFor Windows 98 and Millennium Appendix a TroubleshootingCommon Problems and Solutions Need to set a static IP address on a PCFor Windows For Windows XPFor Windows 98 and Millennium 10/100/1000 4-Port VPN Router Am not able to access the Router’s Web-based Utility Setup Need to set up a server behind my RouterApplication Start and End Protocol IP Address Enable Web server 80 to Both 192.168.1.100 FTP server 21 toCan’t get the Internet game, server, or application to work Application Start and End Protocol IP Address Enabled500 to Click the DMZ Host tabFor Microsoft Internet Explorer 5.0 or higher To start over, I need to set the Router to factory defaultNeed to upgrade the firmware For Netscape 4.7 or higherFirmware upgrade failed My DSL service’s PPPoE is always disconnectingNeed to use port triggering Router will support up to 253 IP addresses Frequently Asked QuestionsWhere is the Router installed on the network? Is IPSec Passthrough supported by the Router?How can I block corrupted FTP downloads? Is the Router cross-platform compatible? What is DMZ Hosting?Router allows Pptp packets to pass through How can I check whether I have static or Dhcp IP addresses? How many ports can be simultaneously forwarded?Which modems are compatible with the Router? Ask your ISP to find outWindows 98 or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure B-3 MAC Address/Physical AddressPlacement of the Router Appendix C Physical Setup of the RouterSetting up the Router Rack-Mounting the Router10/100/1000 4-Port VPN Router Wall-Mounting the Router Figure C-3 Wall-Mounting the RouterFigure C-4 Wall-Mounting Hardware This section instructs the user on battery replacement Appendix D Battery ReplacementReplacing a Lithium Battery Figure E-1 Upgrade Firmware Appendix E Upgrading FirmwareNetwork Neighborhood/My Network Places Appendix F Windows HelpShared Resources Appendix G Glossary 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router SFP Port Appendix H SpecificationsStandards Ieee 802.3, 802.3u Ports 10/100/100 Gigabit Ports, 1 10/100 RJ-45 Internet PortAppendix I Warranty Information Limited WarrantyAppendix J Regulatory Information FCC StatementInformation section in this Guide Appendix K Contact InformationNeed to contact Linksys? Linksys
Top Page Image Contents