Linksys RV0041 manual IKE with Preshared Key automatic

Page 51

10/100/1000 4-Port VPN Router

processed. The hexadecimal values is acceptable, and the valid range is 100~ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels share the same SPI. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa

Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES is recommended because it is more secure, and both sides must use the same Encryption method.

Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more secure, and both sides must use the same Authentication method.

Encryption Key: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption Key. If DES is selected, the Encryption Key is 16-bit. If users do not fill up to 16-bit, this field will be filled up to 16-bit automatically by 0. If 3DES is selected, the Encryption Key is 48-bit. If users do not fill up to 48-bit, this field will be filled up to 48-bit automatically by 0.

Authentication Key: This field specifies a key used to authenticate IP traffic and the Authentication Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Authentication key. If MD5 is selected, the Authentication Key is 32-bit. If users do not fill up to 32-bit, this field will be filled up to 32-bit automatically by 0. If SHA1 is selected, the Authentication Key is 40-bit. If users do not fill up to 40-bit, this field will be filled up to 40-bit automatically by 0.

IKE with Preshared Key (automatic)

IKE is an Internet Key Exchange protocol that used to negotiate key material for SA (Security Association). IKE uses the Pre-shared Key field to authenticate the remote IKE peer.

Phase 1 DH Group: Phase 1 is used to create a security association (SA). DH (Diffie-Hellman) is a key exchange protocol that used during phase 1 of the authentication process to establish pre-shared keys. There are three groups of different prime key lengths. Group 1 is 768 bits, Group 2 is 1,024 bits and Group 5 is 1,536 bits. If network speed is preferred, select Group 1. If network security is preferred, select Group 5.

Phase 1 Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. Both sides must use the same Encryption method. 3DES is recommended because it is more secure.

Chapter 5: Setting Up and Configuring the Router

43

VPN Tab - Gateway to Gateway

Page 50 Page 52
Image 51
Page 50 Page 52
Contents 10/100/1000 4-Port Word definition Copyright and TrademarksTable of Contents Setting up the Router Appendix a TroubleshootingAppendix C Physical Setup of the Router Appendix D Battery Replacement10/100/1000 4-Port VPN Router Computer-to-VPN Router VPN VPN Router-to-VPN Router VPN24 System Management Tab DNS Name Lookup 54 Basic Setup Wizard Host and Domain Name Introduction WelcomeIP a protocol used to send data over a network Adapter a device that adds network functionality to your PC What’s in this Guide?Introduction What’s in this Guide? Networking Basics An Introduction to LANsUse of IP Addresses MAC Address Spoofing Why do I need a VPN?There are two basic ways to create a VPN connection What is a VPN?VPN Router-to-VPN Router VPN VPN Router to VPN RouterSFP Getting to Know the RouterProceed to Connecting the Router Reset Button Reset button can be used in one of two waysButton on your PC to reboot it Forwarding or a new passwordConnecting the Router OverviewVPN Router Connection Instructions Setting Up and Configuring the RouterSetting Up and Configuring the Router Setup TabSystem Summary Tab Dhcp Tab System Management TabPort Management Tab Wizard Tab Firewall TabVPN Tab Log TabSystem Information How to Access the Web-based UtilityConfiguration System Summary TabNetwork Setting Status Firewall Setting StatusPort Statistics Log Setting Status VPN Setting StatusWAN Connection Type LAN SettingWAN Interface Setting NetworkStatic IP PPPoE Point-to-Point Protocol over Ethernet most DSL usersPptp Point-to-Point Tunneling Protocol Setup Tab Password Setup Tab TimeTime Setup Tab Forwarding Setup Tab DMZ HostSelect the Service from the pull-down menu, shown in Figure Port Range ForwardingPort Triggering Setup Tab One-to-One NAT Setup Tab UPnPSetup Tab Ddns Setup Tab MAC CloneDynamic Routing Setup Tab Advanced RoutingEnter the following data to create a static route entry Static RoutingStatic IP Dhcp Tab SetupSetup Dynamic IPSystem Management Tab Snmp Dhcp Tab StatusLookup tool may be used to find the IP address System Management Tab DiagnosticDNS Name Lookup PingFirmware Download System Management Tab Factory DefaultSystem Management Tab Firmware Upgrade Firmware UpgradeSystem Management Tab Restart System Management Tab Setting BackupImport Configuration File Export Configuration FileBasic Per Port Config Port Management Tab Port Setup32 Port Management Tab Port Status Port Management Tab Port Status33 Firewall Tab General Firewall Tab General34 Firewall Tab Access Rules Firewall Tab Access RulesAdd a New Access Rule ServicesScheduling Scheduling Firewall Tab Content FilterEditing an Access Rule Forbidden DomainsVPN Tab Summary SummaryTunnel Status 37 VPN Tab Summary Detail GroupVPN StatusVPN Tab Gateway to Gateway Local Group Setup40 VPN tab Gateway to Gateway Remote Group Setup Remote Group SetupManual IPSec SetupIKE with Preshared Key automatic 10/100/1000 4-Port VPN Router 42 VPN tab Gateway to Gateway Advanced AdvancedVPN Tab Client to Gateway With Tunnel Enabled45 VPN tab Client to Gateway Remote Group Setup With Group VPN enabled 46 VPN tab Client to Gateway IPSec Setup IKE with Preshared Key automatic 47 VPN tab Client to Gateway Advanced Tunnel mode, it will also be limited as Aggressive ModeCompress Support IP Payload compression Protocol IP Comp VPN Tab VPN Pass ThroughMail Log SettingLog Tab System Log Syslog51 Log tab System Statistics Log Tab System StatisticsWizard Tab Basic Setup55 Basic Setup Wizard Selecting WAN Connection Types 57 Access Rule Wizard What is Access Rules Access Rule Setup59 Access Rule Wizard Select the Service 61 Access Rule Wizard Select the Destination Linksys Web Site Support TabLogout Tab On Line ManualNeed to set a static IP address on a PC Appendix a TroubleshootingCommon Problems and Solutions For Windows 98 and MillenniumFor Windows XP For WindowsFor Windows 98 and Millennium 10/100/1000 4-Port VPN Router Need to set up a server behind my Router Am not able to access the Router’s Web-based Utility SetupWeb server 80 to Both 192.168.1.100 FTP server 21 to Application Start and End Protocol IP Address EnableClick the DMZ Host tab Application Start and End Protocol IP Address Enabled500 to Can’t get the Internet game, server, or application to workFor Netscape 4.7 or higher To start over, I need to set the Router to factory defaultNeed to upgrade the firmware For Microsoft Internet Explorer 5.0 or higherMy DSL service’s PPPoE is always disconnecting Firmware upgrade failedNeed to use port triggering Is IPSec Passthrough supported by the Router? Frequently Asked QuestionsWhere is the Router installed on the network? Router will support up to 253 IP addressesHow can I block corrupted FTP downloads? What is DMZ Hosting? Router allows Pptp packets to pass throughIs the Router cross-platform compatible? Ask your ISP to find out How many ports can be simultaneously forwarded?Which modems are compatible with the Router? How can I check whether I have static or Dhcp IP addresses?Windows 2000 or XP Instructions Windows 98 or Me InstructionsFigure B-3 MAC Address/Physical Address For the Router’s Web-based UtilityRack-Mounting the Router Appendix C Physical Setup of the RouterSetting up the Router Placement of the Router10/100/1000 4-Port VPN Router Figure C-3 Wall-Mounting the Router Wall-Mounting the RouterFigure C-4 Wall-Mounting Hardware Appendix D Battery Replacement Replacing a Lithium BatteryThis section instructs the user on battery replacement Appendix E Upgrading Firmware Figure E-1 Upgrade FirmwareAppendix F Windows Help Shared ResourcesNetwork Neighborhood/My Network Places Appendix G Glossary 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/100 Gigabit Ports, 1 10/100 RJ-45 Internet Port Appendix H SpecificationsStandards Ieee 802.3, 802.3u Ports SFP PortLimited Warranty Appendix I Warranty InformationFCC Statement Appendix J Regulatory InformationLinksys Appendix K Contact InformationNeed to contact Linksys? Information section in this Guide
Top Page Image Contents