Linksys RV0041 manual Tunnel mode, it will also be limited as Aggressive Mode

Page 59

10/100/1000 4-Port VPN Router

Phase 2 DH Group: There are three groups of different prime key lengths. Group1 is 768 bits, Group2 is 1,024 bits and Group 5 is 1,536 bits. If network speed is preferred, select Group 1. If network security is preferred, select Group 5. You can choose the different Group with the Phase 1 DH Group you chose. If Perfect Forward Secrecy is disabled, there is no need to setup the Phase 2 DH Group since no new key generated, and the key of Phase 2 will be the same with the key in Phase 1.

Phase 2 Encryption: Phase 2 is used to create one or more IPSec SAs, which are then used to key IPSec sessions. There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. Both sides must use the same Encryption method. If users enable the AH Hash Algorithm in Advanced, then it is recommended to select Null to disable encrypting/decrypting ESP packets in Phase 2, but both sides of the tunnel must use the same setting.

Phase 2 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. Both sides must use the same Authentication method. MD5 is a one-way hashing algorithm that produces a 128-bit digest. If users enable the AH Hash Algorithm in Advanced, then it is recommended to select Null to disable authenticating ESP packets in Phase 2, but both sides of the tunnel must use the same setting.

Phase 2 SA Life Time: This field allows you to configure the length of time a VPN tunnel is active. The default value is 3,600 seconds.

Preshared Key: Character and hexadecimal values are acceptable in this field, e.g. “My_@123” or “4d795f40313233.” The max entry of this field is 30-digit. Both sides must use the same Pre-shared Key. It’s recommended to change Preshared keys regularly to maximize VPN security.

Click the Save Settings button to save the settings or click the Cancel Changes button to undo the changes.

Advanced

For most users, the settings on the VPN page should be satisfactory. This device provides an advanced IPSec setting page for some special users such as reviewers. Click the Advanced button to link you to that page. Advanced settings are only for IKE with Preshared Key mode of IPSec.

Aggressive Mode: There are two types of Phase 1 exchanges: Main mode and Aggressive mode.

Aggressive Mode requires half of the main mode messages to be exchanged in Phase 1 of the SA exchange. If

Figure 5-47: VPN tab - Client to Gateway Advanced

 

network security is preferred, select Main mode. If network speed is preferred, select Aggressive mode. When

 

Group VPN is enabled, it will be limited as Aggressive Mode. If you select Dynamic IP in Remote Client Type in

 

tunnel mode, it will also be limited as Aggressive Mode.

 

Chapter 5: Setting Up and Configuring the Router

51

VPN Tab - Client to Gateway

Page 58 Page 60
Image 59
Page 58 Page 60
Contents 10/100/1000 4-Port Word definition Copyright and TrademarksTable of Contents Setting up the Router Appendix a TroubleshootingAppendix C Physical Setup of the Router Appendix D Battery Replacement10/100/1000 4-Port VPN Router Computer-to-VPN Router VPN VPN Router-to-VPN Router VPN24 System Management Tab DNS Name Lookup 54 Basic Setup Wizard Host and Domain Name IP a protocol used to send data over a network IntroductionWelcome Adapter a device that adds network functionality to your PC What’s in this Guide?Introduction What’s in this Guide? Use of IP Addresses Networking BasicsAn Introduction to LANs MAC Address Spoofing Why do I need a VPN?There are two basic ways to create a VPN connection What is a VPN?VPN Router-to-VPN Router VPN VPN Router to VPN RouterSFP Getting to Know the RouterProceed to Connecting the Router Reset Button Reset button can be used in one of two waysButton on your PC to reboot it Forwarding or a new passwordVPN Router Connecting the RouterOverview Connection Instructions Setting Up and Configuring the RouterSystem Summary Tab Setting Up and Configuring the RouterSetup Tab Port Management Tab Dhcp TabSystem Management Tab Wizard Tab Firewall TabVPN Tab Log TabSystem Information How to Access the Web-based UtilityConfiguration System Summary TabPort Statistics Network Setting StatusFirewall Setting Status Log Setting Status VPN Setting StatusWAN Connection Type LAN SettingWAN Interface Setting NetworkPptp Point-to-Point Tunneling Protocol Static IPPPPoE Point-to-Point Protocol over Ethernet most DSL users Time Setup Tab PasswordSetup Tab Time Setup Tab Forwarding Setup Tab DMZ HostPort Triggering Select the Service from the pull-down menu, shown in FigurePort Range Forwarding Setup Tab One-to-One NAT Setup Tab UPnPSetup Tab Ddns Setup Tab MAC CloneDynamic Routing Setup Tab Advanced RoutingEnter the following data to create a static route entry Static RoutingStatic IP Dhcp Tab SetupSetup Dynamic IPSystem Management Tab Snmp Dhcp Tab StatusLookup tool may be used to find the IP address System Management Tab DiagnosticDNS Name Lookup PingFirmware Download System Management Tab Factory DefaultSystem Management Tab Firmware Upgrade Firmware UpgradeSystem Management Tab Restart System Management Tab Setting BackupImport Configuration File Export Configuration FileBasic Per Port Config Port Management Tab Port Setup32 Port Management Tab Port Status Port Management Tab Port Status33 Firewall Tab General Firewall Tab General34 Firewall Tab Access Rules Firewall Tab Access RulesScheduling Add a New Access RuleServices Scheduling Firewall Tab Content FilterEditing an Access Rule Forbidden DomainsTunnel Status VPN Tab SummarySummary 37 VPN Tab Summary Detail GroupVPN StatusVPN Tab Gateway to Gateway Local Group Setup40 VPN tab Gateway to Gateway Remote Group Setup Remote Group SetupManual IPSec SetupIKE with Preshared Key automatic 10/100/1000 4-Port VPN Router 42 VPN tab Gateway to Gateway Advanced AdvancedVPN Tab Client to Gateway With Tunnel Enabled45 VPN tab Client to Gateway Remote Group Setup With Group VPN enabled 46 VPN tab Client to Gateway IPSec Setup IKE with Preshared Key automatic 47 VPN tab Client to Gateway Advanced Tunnel mode, it will also be limited as Aggressive ModeCompress Support IP Payload compression Protocol IP Comp VPN Tab VPN Pass ThroughMail Log SettingLog Tab System Log Syslog51 Log tab System Statistics Log Tab System StatisticsWizard Tab Basic Setup55 Basic Setup Wizard Selecting WAN Connection Types 57 Access Rule Wizard What is Access Rules Access Rule Setup59 Access Rule Wizard Select the Service 61 Access Rule Wizard Select the Destination Linksys Web Site Support TabLogout Tab On Line ManualNeed to set a static IP address on a PC Appendix a TroubleshootingCommon Problems and Solutions For Windows 98 and MillenniumFor Windows XP For WindowsFor Windows 98 and Millennium 10/100/1000 4-Port VPN Router Need to set up a server behind my Router Am not able to access the Router’s Web-based Utility SetupWeb server 80 to Both 192.168.1.100 FTP server 21 to Application Start and End Protocol IP Address EnableClick the DMZ Host tab Application Start and End Protocol IP Address Enabled500 to Can’t get the Internet game, server, or application to workFor Netscape 4.7 or higher To start over, I need to set the Router to factory defaultNeed to upgrade the firmware For Microsoft Internet Explorer 5.0 or higherMy DSL service’s PPPoE is always disconnecting Firmware upgrade failedNeed to use port triggering Is IPSec Passthrough supported by the Router? Frequently Asked QuestionsWhere is the Router installed on the network? Router will support up to 253 IP addressesHow can I block corrupted FTP downloads? Is the Router cross-platform compatible? What is DMZ Hosting?Router allows Pptp packets to pass through Ask your ISP to find out How many ports can be simultaneously forwarded?Which modems are compatible with the Router? How can I check whether I have static or Dhcp IP addresses?Windows 2000 or XP Instructions Windows 98 or Me InstructionsFigure B-3 MAC Address/Physical Address For the Router’s Web-based UtilityRack-Mounting the Router Appendix C Physical Setup of the RouterSetting up the Router Placement of the Router10/100/1000 4-Port VPN Router Figure C-3 Wall-Mounting the Router Wall-Mounting the RouterFigure C-4 Wall-Mounting Hardware This section instructs the user on battery replacement Appendix D Battery ReplacementReplacing a Lithium Battery Appendix E Upgrading Firmware Figure E-1 Upgrade FirmwareNetwork Neighborhood/My Network Places Appendix F Windows HelpShared Resources Appendix G Glossary 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/1000 4-Port VPN Router 10/100/100 Gigabit Ports, 1 10/100 RJ-45 Internet Port Appendix H SpecificationsStandards Ieee 802.3, 802.3u Ports SFP PortLimited Warranty Appendix I Warranty InformationFCC Statement Appendix J Regulatory InformationLinksys Appendix K Contact InformationNeed to contact Linksys? Information section in this Guide
Top Page Image Contents