Instant Broadband® Series
Appendix C: Configuring IPSec between a Windows 2000 or XP PC and the Firewall Router
Introduction
This document demonstrates how to establish a secure IPSec tunnel using pre- shared keys to join a private network inside the Firewall Router and a Microsoft Windows 2000 or XP PC. You can find detailed information on configuring the Microsoft Windows 2000 server at the Microsoft website:
Microsoft KB Q252735 - How to Configure IPSec Tunneling in Windows 2000 http://support.microsoft.com/support/kb/articles/Q252/7/35.asp
Microsoft KB Q257225 - Basic IPSec Troubleshooting in Windows 2000 http://support.microsoft.com/support/kb/articles/Q257/2/25.asp
Environment
The IP addresses and other specifics mentioned in this appendix are for illus- tration purposes only.
Windows 2000 or Windows XP
IP Address: 140.111.1.2 <= User ISP provides IP Address; this is only an example.
Subnet Mask: 255.255.255.0
BEFSX41
WAN IP Address: 140.111.1.1 <= User ISP provides IP Address; this is only an example.
Subnet Mask: 255.255.255.0
LAN IP Address: 192.168.1.1
Subnet Mask: 255.255.255.0
EtherFast® Cable/DSL Firewall Router with
Note: Keep a record of any changes you make. Those changes will be identical in the Windows “secpol” application and the Router’s Web- Based Utility.
Step One: Create an IPSec Policy
1.Click the Start button, select Run, and type secpol.msc in the Open field. The Local Security Setting screen will appear as shown in Figure
Figure C-1
2.
3.Click the Next button, and then enter a name for your policy (for example, to_router). Then, click Next.
4.Deselect the Activate the default response rule check box, and then click the Next button.
5.Click the Finish button, making sure the Edit check box is checked.
98 | 99 |