Linksys AG241 manual 15 VPN

Page 29

ADSL2 Gateway with 4-Port Switch

multiple tunnels and does not have to match the name used at the other end of the tunnel. To delete a tunnel entry, select the tunnel, then click Delete. To view a summary of the settings, click Summary.

Local Secure Group and Remote Secure Group. The Local Secure Group is the computer(s) on your LAN that can access the tunnel. The Remote Secure Group is the computer(s) on the remote end of the tunnel that can access the tunnel. These computers can be specified by a Subnet, specific IP address, or range.

Local Security Gateway.

Remote Security Gateway. The Remote Security Gateway is the VPN device, such as a second VPN Gateway, on the remote end of the VPN tunnel. Enter the IP Address or Domain of the VPN device at the other end of the tunnel. The remote VPN device can be another VPN Gateway, a VPN Server, or a computer with VPN client software that supports IPSec. The IP Address may either be static (permanent) or dynamic (changing), depending on the settings of the remote VPN device. Make sure that you have entered the IP Address correctly, or the connection cannot be made. Remember, this is NOT the IP Address of the local VPN Gateway, but the IP Address of the remote VPN Gateway or device with which you wish to communicate. If you enter an IP address, only the specific IP Address will be able to acess the tunnel. If you select Any, any IP Address can access the tunnel.

Encryption. Using Encryption also helps make your connection more secure. There are two different types of encryption: DES or 3DES (3DES is recommended because it is more secure). You may choose either of these, but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose not to encrypt by selecting Disable. In Figure 5-19, DES (which is the default) has been selected.

Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA is recommended because it is more secure). As with encryption, either of these may be selected, if the VPN device at the other end of the tunnel is using the same type of authentication. Or, both ends of the tunnel may choose to Disable authentication. In the Manual Key Management screen, MD5 (the default) has been selected.

Key Management. Select Auto (IKE) or Manual from the drop-down menu. The two methods are described below.

Auto (IKE)

Select Auto (IKE) and enter a series of numbers or letters in the Pre-shared Key field. Based on this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed. In the Key Lifetime field, you may select to have the key expire at the end of a time period. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely. Check the box next to PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure.

Chapter 5: Configuring the Gateway

Figure 5-15: VPN

Figure 5-16: VPN Settings Summary

24

The Security Tab

Page 28 Page 30
Image 29
Page 28 Page 30
Contents ADSL2 Gateway Word definition How to Use this GuideCopyright and Trademarks Table of Contents 2Computer-to-VPN Gateway Network21 Internet Policy Summary Figure B-11 Filter Acton Tab Welcome IntroductionWhat’s in this Guide? ADSL2 Gateway with 4-Port Switch Gateway’s Functions Planning Your NetworkIP Addresses What’s an IP Address?Dynamic IP Addresses What is a VPN?Dhcp Dynamic Host Configuration Protocol Servers VPN Gateway to VPN Gateway Why do I need a VPN?VPN Gateway-to-VPN Gateway Line Getting to Know the ADSL2 Gateway with 4- Port SwitchDSL Connection to a Computer Connecting the ADSL2 Gateway with 4-Port SwitchOverview Adsl Connection Setup Configuring the GatewayAccess Restrictions SecurityStatus AdministrationApplications & Gaming Setup Tab How to Access the Web-based UtilityBasic Setup Tab Internet SetupStatic IP RFC 1483 Bridged Dynamic IPRFC 2516 PPPoE IPoARFC 2364 PPPoA Bridged Mode OnlyNetwork Setup Optional Settings Required by some ISPsTZO.com Ddns TabDynDNS.org Advanced Routing Advanced Routing TabFirewall Security TabVPN 15 VPN Manual Advanced VPN Tunnel Setup19 Advanced VPN Tunnel Setup Internet Access Access Restrictions Tab22 List of PCs Port Range Forwarding Applications and Gaming TabSingle Port Forwarding DMZ Port TriggeringApplication-based QoS Advanced QoSManagement Administration TabGateway Access Email Alerts ReportingUPnP Ping Test DiagnosticsBackup&Restore Upgrade from LAN Factory DefaultsFirmware Upgrade 36 Reboot RebootGateway Status TabGateway Information Internet Connections40 DSL Connection DSL ConnectionNeed to set a static IP address on a computer Appendix a TroubleshootingCommon Problems and Solutions Want to test my Internet connection ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch TCP UDP Can’t get the Internet game, server, or application to work Need to upgrade the firmware To start over, I need to set the Gateway to factory defaultFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnectingPower LED flashes continuously Where is the Gateway installed on the network? Frequently Asked QuestionsIs IPSec Passthrough supported by the Gateway? Does the Gateway support IPX or AppleTalk?Does the Gateway support ICQ send file? What are the advanced features of the Gateway? What is DMZ Hosting?Will the Gateway function in a Macintosh environment? Is the Gateway cross-platform compatible?How do I reset the Gateway? What is a MAC Address?How do I get mIRC to work with the Gateway? Can the Gateway act as my Dhcp server?WAG54G EnvironmentCreate an IPSec Policy How to Establish a Secure IPSec TunnelBuild Filter Lists Filter List 1 win-RouterFigure B-4 IP Filter LIst Filter List 2 Router -winFigure B-7 IP Filter List Tunnel 1 win-Router Configure Individual Tunnel RulesFigure B-13 Authentication Methods Tunnel 2 Router-win Figure B-16 Tunnel Setting TabFigure B-19 IP Filter List Tab Figure B-22 Preshared Key Figure B-25 Connection Type Assign New IPSec PolicyFigure B-28 VPN Tab Create a Tunnel Through the Web-Based UtilityWindows 98 or Me Instructions Figure C-1 IP Configuration ScreenFigure C-3 MAC Address/Physical Address Windows 2000 or XP InstructionsAppendix D Upgrading Firmware Figure D-1 Upgrade FirmwareAppendix E Glossary ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch ADSL2 Gateway with 4-Port Switch Appendix F Specifications ADSL2 Gateway with 4-Port Switch FCC Statement Appendix G Regulatory InformationAppendix H Warranty Information Outside of Europe Mail Address Appendix I Contact InformationEurope Mail Address
Related manuals
Manual 41 pages 20.83 Kb
Top Page Image Contents