Linksys AG041 manual VPN with Manual Key Management

Page 31

ADSL Gateway with 4-Port Switch

type of encryption that is being used by the VPN device at the other end of the tunnel. Or, you may choose not to encrypt by selecting Disable. In the screen shown, DES (which is the default) has been selected.

Authentication. Authentication acts as another level of security. There are two types of authentication: MD5 and SHA (SHA being more secure). As with encryption, either of these may be selected, if the VPN device at the other end of the tunnel is using the same type of authentication. Or, both ends of the tunnel may choose to Disable authentication. In the screen shown, MD5 (the default) has been selected.

Key Management. Select Auto (IKE) or Manual from the drop-down menu. The two methods are described below.

Auto (IKE)

Select Auto (IKE) and enter a series of numbers or letters in the Pre-shared Key field. Based on this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated to scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed. In the Key Lifetime field, you may select to have the key expire at the end of a time period. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last indefinitely. Check the box next to PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure.

Manual

Select Manual, then select the Encryption Algorithm from the drop-down menu. Enter the Encryption Key in the field (if you chose DES for your Encryption Algorithm, enter 16 hexadecimal characters, if you chose 3DES, enter 48 hexadecimal characters). Select the Authentication Algorithm from the drop-down menu. Enter the Authentication Key in the field (if you chose MD5 for your Authentication Algorithm, enter 32 hexadecimal characters, if you chose SHA1, enter 40 hexadecimal characters). Enter the Inbound and Outbound SPIs in the respective fields.

Status. The status of the connection is shown.

Click the Connect button to connect your VPN tunnel. Click the View Logs button to view logs. Click the Advanced Setting button and the Advanced IPSec VPN Tunnel Setup screen will appear.

When finished making your changes on this tab, click the Save Settings button to save these changes, or click the Cancel Changes button to undo your changes.

Chapter 5: Configuring the ADSL Gateway

Figure 5-15: VPN with Manual Key Management

24

The Security Tab

Image 31
Contents Adsl Gateway Copyright and Trademarks How to Use this GuideWord definition Table of Contents Adsl Gateway with 4-Port Switch A Network with the Gateway List of Figures23 Applications & Gaming Port Triggering Figure B-23 New Preshared Key Welcome IntroductionWhat’s in this Guide? Adsl Gateway with 4-Port Switch What’s an IP Address? Planning your NetworkGateway’s Functions IP AddressesEncryption encoding data transmitted in a network What is a VPN?Dhcp Dynamic Host Configuration Protocol Servers Dynamic IP AddressesVPN Gateway to VPN Gateway Why do I need a VPN?VPN Gateway-to-VPN Gateway Back Panel Getting to Know the Adsl GatewayDSL Front PanelOverview Connecting the Adsl GatewayConnecting to a Computer ISP a company that provides access to the InternetConnect power Security Configuring the Adsl GatewaySetup Access RestrictionsStatus How to Access the Web-based UtilityAdministration Applications & GamingBasic Setup Setup TabInternet Setup Static IP RFC 1483 Bridged Dynamic IPRFC 2516 PPPoE RFC 1483 RoutedRFC 2364 PPPoA Bridged Mode OnlyNetwork Setup Optional Settings Required by some ISPsDynDNS.org DdnsAdvanced Routing Advanced RoutingStatic Routing 12 Routing Table Firewall Security TabSoftware instructions for the computer VPN15 VPN with Manual Key Management Phase Advanced VPN Tunnel SetupConfiguring the Adsl Gateway Security Tab Internet Access Access Restrictions Tab19 List of PCs Single Port Forwarding Applications and Gaming TabPort Triggering Port Range ForwardingDMZ Gateway Access Administration TabManagement UPnP Smtp the standard e-mail protocol on the Internet ReportingLog Email AlertsFactory Defaults DiagnosticsPing Test Ping Test Parameters 29 Administration tab Firmware Upgrade Firmware UpgradeInternet Connections Status TabGateway Gateway InformationDSL Connection Local NetworkCommon Problems and Solutions Appendix a TroubleshootingNeed to set a static IP address on a computer Want to test my Internet connection Open a command prompt. For Windows 98 and Me Adsl Gateway with 4-Port Switch TCP UDP Can’t get the Internet game, server, or application to work VPN IpsecNeed to upgrade the firmware To start over, I need to set the Gateway to factory defaultFirmware upgrade failed, and/or the Power LED is flashing My DSL service’s PPPoE is always disconnecting Is IPSec Passthrough supported by the Gateway? Frequently Asked QuestionsPower LED flashes continuously Where is the Gateway installed on the network?Does the Gateway support ICQ send file? What is Network Address Translation and what is it used for?What is DMZ Hosting? Is the Gateway cross-platform compatible? What are the advanced features of the Gateway?What is a MAC Address? How do I reset the Gateway?Environment IntroductionFilter List 1 win-Router How to Establish a Secure IPSec TunnelCreate an IPSec Policy Build Filter ListsFigure B-4 IP Filter LIst Filter List 2 Router -winFigure B-7 IP Filter List Tunnel 1 win-Router Configure Individual Tunnel RulesFigure B-13 Authentication Methods Tunnel 2 Router-win Figure B-16 Tunnel Setting TabFigure B-19 IP Filter List Tab Figure B-22 Preshared Key Figure B-25 Connection Type Assign New IPSec PolicyFigure B-28 VPN Tab Create a Tunnel Through the Web-Based UtilityWindows 98 or Me Instructions Figure C-1 IP Configuration ScreenFigure C-3 MAC Address/Physical Address Windows 2000 or XP InstructionsAppendix D Upgrading Firmware Figure D-1 Upgrade FirmwareShared Resources Appendix E Windows HelpNetwork Neighborhood/My Network Places Appendix F Glossary Adsl Gateway with 4-Port Switch Adsl Gateway with 4-Port Switch Adsl Gateway with 4-Port Switch Standards Appendix G SpecificationsLimited Warranty Appendix H Warranty InformationFCC Statement Appendix I Regulatory InformationEurope Mail Address Appendix J Contact InformationOutside of Europe Mail Address