Linksys BEFSX41 manual Other Settings, Password

Page 29

Instant Broadband® Series

Phase 2

Group

There are two Diffie-Hellman Groups to choose from: 768-bit and 1024-bit. Diffie-Hellman refers to a cryptographic technique that uses public and private keys for encryption and decryption.

Key Lifetime

In the Key Lifetime field, you may optionally select to have the key expire at the end of a time period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation between each endpoint is completed.

Other Settings

NetBIOS broadcast

Check the box next to NetBIOS broadcast to enable NetBIOS traffic to pass through the VPN tunnel.

Anti-replay

Check the box next to Anti-replay to enable the Anti-replay protection. This feature keeps track of sequence numbers as packets arrive, ensuring security at the IP packet-level.

Keep-Alive

Check the box next to Keep-Alive to re-establish the VPN tunnel connection whenever it is dropped. Once the tunnel is initialized, this feature will keep the tunnel connected for the specified amount of idle time.

Unauthorized IP Blocking

Check this box to block unauthorized IP addresses. Complete the on-screen sentence to specify how many times IKE must fail before blocking that unau- thorized IP address for a length of time that you specify (in seconds).

EtherFast® Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint

Password

Figure 7-26

The Password screen, shown in Figure 7-26, allows you to change the password, set SNMP Community names, enable UPnP Services, and restore default set- tings on the Router.

Router Password It is strongly recommended that you set a password for the Router. The default password is admin. If you don’t change the password, all users on your network will be able to access the Router using the default pass- word admin.

SNMP Community Each SNMP Community field allows a name to be assigned to any SNMP community that has been set up in the network. Four different communities can be defined, including the two default communities, public and private. For each SNMP Community name, you can configure each community’s accessibility, making it either Read-Onlyor Read-Write.

Restore Factory Defaults If you select the Restore Factory Defaults option and click the Apply button, you will clear all of the Router’s settings.

50

51

Image 29

Contents User Guide Copyright & Trademarks Table of Contents Environmental 139 FeaturesIntroduction IP Addresses An Introduction to LANs and WANsYour Virtual Private Network VPN Network Setup OverviewWhy Do I Need a VPN? Firewall Router to Firewall Router What is a Virtual Private Network?Router’s Back Panel PowerModem connection will not work from any other port PortsProceed to Connect the Router WAN and LAN LEDsRouter’s Front Panel LEDs Router’s hardware installation is now complete Connecting Your Hardware Together and Booting UpConnect the Router OverviewConfiguring Windows 95, 98, and Millennium PCs Configure the PCsConfiguring Windows 2000 PCs Go to Configure the RouterConfiguring Windows XP PCs Configure the Router Static IP Address Obtain an IP Address AutomaticallyAdvanced Proxies. Click Direct Connection to the Internet Enter the Gateway AddressRAS PPPoECable/DSL Firewall Router’s Web-based Utility Quick and Easy Router AdministrationSetup Static IP User Name and PasswordWAN IP Firewall Block WAN Request Remote UpgradeMulticast Pass Through IPSec Pass ThroughVPN Establishing a TunnelLocal Secure Group and Remote Secure Group Remote Security Gateway Key Management AuthenticationEncryption Instant Broadband Series Phase Advanced Settings for Selected IPSec TunnelPassword Other SettingsStatus Dhcp Log Help Filters AdvancedInstant Broadband Series Forwarding UPnP Forwarding Port Triggering Static Routing Dynamic RoutingDMZ Host Address DMZ HostDMZ Port MAC Address Clone Current DMZ HostDdns DynDNS.orgTZO.com Appendix a TroubleshootingCommon Problems and Solutions For Windows 95, 98, and Me For Windows NTFor Windows XP For Windows XP Am not able to access the Router’s web interface Setup Can’t get the Internet game, server, or application to work To start over, I need to set the Router to factory default Need to use port triggering Click the Advanced = Filter tabFrequently Asked Questions TCP/IP is compatible with the Router Appendix B Maximizing VPN Security Environment IntroductionWindows 2000 or Windows XP Step One Create an IPSec PolicyIP Address Filter List 1 win-routerStep Two Build Filter Lists Figure C-6 Filter List 2 router=winTunnel 1 win-router Step Three Configure Individual Tunnel RulesString to Protect Negotiate Security Key exchange pre Respond Using IPSec XYZ12345. ClickShared key, as shown AcceptTunnel 2 router-win Key Exchange Action Require Security This string to protectPreshared key, XYZ12345Step Four Assign New IPSec Policy Figure C-24Figure C-28 Step Five Create a Tunnel Through the Web-based UtilityAppendix D Snmp Functions Appendix E How to Ping Your ISP’s E-mail & Web AddressesFigure E-1 TCP/IP installation is now complete Appendix F Installing the TCP/IP ProtocolFor Windows NT, 2000, and XP Figure G-1Figure G-5 Appendix H Glossary 129 131 133 135 137 Environmental Appendix I SpecificationsAppendix K Contact Information Appendix J Warranty InformationSales Information Web FTP SiteCopyright 2003 Linksys, All Rights Reserved