Linksys RV0041 manual IKE with Preshared Key automatic

Page 58

10/100/1000 4-Port VPN Router

Encryption Key: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption Key. If DES is selected, the Encryption Key is 16-bit. If users do not fill up to 16-bit, this field will be filled up to 16-bit automatically by 0. If 3DES is selected, the Encryption Key is 48-bit. If users do not fill up to 48-bit, this field will be filled up to 48-bit automatically by 0.

Authentication Key: This field specifies a key used to authenticate IP traffic and the Authentication Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Authentication key. If MD5 is selected, the Authentication Key is 32-bit. If users do not fill up to 32-bit, this field will be filled up to 32-bit automatically by 0. If SHA1 is selected, the Authentication Key is 40-bit. If users do not fill up to 40-bit, this field will be filled up to 40-bit automatically by 0.

IKE with Preshared Key (automatic)

IKE is an Internet Key Exchange protocol that is used to negotiate key material for SA (Security Association). IKE uses the Pre-shared Key field to authenticate the remote IKE peer.

Phase 1 DH Group: Phase 1 is used to create a security association (SA). DH (Diffie-Hellman) is a key exchange protocol that is used during phase 1 of the authentication process to establish pre-shared keys. There are three groups of different prime key lengths. Group 1 is 768 bits, Group 2 is 1,024 bits and Group 5 is 1,536 bits. If network speed is preferred, select Group 1. If network security is preferred, select Group 5.

Phase 1 Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. Both sides must use the same Encryption method. 3DES is recommended because it is more secure.

Phase 1 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. Both sides must use the same Authentication method. MD5 is a one-way hashing algorithm that produces a 128-bit digest.

SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more secure, and both sides must use the same Authentication method.

Phase 1 SA Life Time: This field allows you to configure the length of time a VPN tunnel is active in Phase 1. The default value is 28,800 seconds.

Perfect Forward Secrecy: If PFS is enabled, IKE Phase 2 negotiation will generate a new key material for IP traffic encryption and authentication. If PFS is enabled, a hacker using brute force to break encryption keys is not able to obtain other or future IPSec keys.

Chapter 5: Setting Up and Configuring the Router

50

VPN Tab - Client to Gateway

Page 57 Page 59
Image 58
Page 57 Page 59
Contents 10/100/1000 4-Port Copyright and Trademarks Word definitionTable of Contents Appendix D Battery Replacement Appendix a TroubleshootingAppendix C Physical Setup of the Router Setting up the Router10/100/1000 4-Port VPN Router VPN Router-to-VPN Router VPN Computer-to-VPN Router VPN24 System Management Tab DNS Name Lookup 54 Basic Setup Wizard Host and Domain Name Welcome IntroductionIP a protocol used to send data over a network What’s in this Guide? Adapter a device that adds network functionality to your PCIntroduction What’s in this Guide? An Introduction to LANs Networking BasicsUse of IP Addresses Why do I need a VPN? MAC Address SpoofingWhat is a VPN? There are two basic ways to create a VPN connectionVPN Router to VPN Router VPN Router-to-VPN Router VPNGetting to Know the Router SFPForwarding or a new password Reset Button Reset button can be used in one of two waysButton on your PC to reboot it Proceed to Connecting the RouterOverview Connecting the RouterVPN Router Setting Up and Configuring the Router Connection InstructionsSetup Tab Setting Up and Configuring the RouterSystem Summary Tab System Management Tab Dhcp TabPort Management Tab Log Tab Firewall TabVPN Tab Wizard TabSystem Summary Tab How to Access the Web-based UtilityConfiguration System InformationFirewall Setting Status Network Setting StatusPort Statistics VPN Setting Status Log Setting StatusNetwork LAN SettingWAN Interface Setting WAN Connection TypePPPoE Point-to-Point Protocol over Ethernet most DSL users Static IPPptp Point-to-Point Tunneling Protocol Setup Tab Time Setup Tab PasswordTime Setup Tab DMZ Host Setup Tab ForwardingPort Range Forwarding Select the Service from the pull-down menu, shown in FigurePort Triggering Setup Tab UPnP Setup Tab One-to-One NATSetup Tab MAC Clone Setup Tab DdnsSetup Tab Advanced Routing Dynamic RoutingStatic Routing Enter the following data to create a static route entryDynamic IP Dhcp Tab SetupSetup Static IPDhcp Tab Status System Management Tab SnmpPing System Management Tab DiagnosticDNS Name Lookup Lookup tool may be used to find the IP addressFirmware Upgrade System Management Tab Factory DefaultSystem Management Tab Firmware Upgrade Firmware DownloadExport Configuration File System Management Tab Setting BackupImport Configuration File System Management Tab RestartPort Management Tab Port Setup Basic Per Port ConfigPort Management Tab Port Status 32 Port Management Tab Port StatusFirewall Tab General 33 Firewall Tab GeneralFirewall Tab Access Rules 34 Firewall Tab Access RulesServices Add a New Access RuleScheduling Forbidden Domains Firewall Tab Content FilterEditing an Access Rule SchedulingSummary VPN Tab SummaryTunnel Status GroupVPN Status 37 VPN Tab Summary DetailLocal Group Setup VPN Tab Gateway to GatewayRemote Group Setup 40 VPN tab Gateway to Gateway Remote Group SetupIPSec Setup ManualIKE with Preshared Key automatic 10/100/1000 4-Port VPN Router Advanced 42 VPN tab Gateway to Gateway AdvancedWith Tunnel Enabled VPN Tab Client to Gateway 45 VPN tab Client to Gateway Remote Group Setup With Group VPN enabled 46 VPN tab Client to Gateway IPSec Setup IKE with Preshared Key automatic Tunnel mode, it will also be limited as Aggressive Mode 47 VPN tab Client to Gateway AdvancedVPN Tab VPN Pass Through Compress Support IP Payload compression Protocol IP CompSyslog Log SettingLog Tab System Log MailLog Tab System Statistics 51 Log tab System StatisticsBasic Setup Wizard Tab55 Basic Setup Wizard Selecting WAN Connection Types Access Rule Setup 57 Access Rule Wizard What is Access Rules59 Access Rule Wizard Select the Service 61 Access Rule Wizard Select the Destination On Line Manual Support TabLogout Tab Linksys Web SiteFor Windows 98 and Millennium Appendix a TroubleshootingCommon Problems and Solutions Need to set a static IP address on a PCFor Windows For Windows XPFor Windows 98 and Millennium 10/100/1000 4-Port VPN Router Am not able to access the Router’s Web-based Utility Setup Need to set up a server behind my RouterApplication Start and End Protocol IP Address Enable Web server 80 to Both 192.168.1.100 FTP server 21 toCan’t get the Internet game, server, or application to work Application Start and End Protocol IP Address Enabled500 to Click the DMZ Host tabFor Microsoft Internet Explorer 5.0 or higher To start over, I need to set the Router to factory defaultNeed to upgrade the firmware For Netscape 4.7 or higherFirmware upgrade failed My DSL service’s PPPoE is always disconnectingNeed to use port triggering Router will support up to 253 IP addresses Frequently Asked QuestionsWhere is the Router installed on the network? Is IPSec Passthrough supported by the Router?How can I block corrupted FTP downloads? Router allows Pptp packets to pass through What is DMZ Hosting?Is the Router cross-platform compatible? How can I check whether I have static or Dhcp IP addresses? How many ports can be simultaneously forwarded?Which modems are compatible with the Router? Ask your ISP to find outWindows 98 or Me Instructions Windows 2000 or XP InstructionsFor the Router’s Web-based Utility Figure B-3 MAC Address/Physical AddressPlacement of the Router Appendix C Physical Setup of the RouterSetting up the Router Rack-Mounting the Router10/100/1000 4-Port VPN Router Wall-Mounting the Router Figure C-3 Wall-Mounting the RouterFigure C-4 Wall-Mounting Hardware Replacing a Lithium Battery Appendix D Battery ReplacementThis section instructs the user on battery replacement Figure E-1 Upgrade Firmware Appendix E Upgrading FirmwareShared Resources Appendix F Windows HelpNetwork Neighborhood/My Network Places Appendix G Glossary 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router SFP Port Appendix H SpecificationsStandards Ieee 802.3, 802.3u Ports 10/100/100 Gigabit Ports, 1 10/100 RJ-45 Internet PortAppendix I Warranty Information Limited WarrantyAppendix J Regulatory Information FCC StatementInformation section in this Guide Appendix K Contact InformationNeed to contact Linksys? Linksys
Top Page Image Contents