Cisco Systems RV042RF manual VPN VPN Pass Through, VPN Client Access, VPN Client Users

Page 54

Chapter 4

Advanced Configuration

VPN > VPN Client Access

VPN Client Access

For each QuickVPN client, do the following:

1.Export a client certificate.

2.Configure a user name and password.

3.Add the QuickVPN client to the list.

VPN Client Users

User Name  Enter the user name.

New Password  Enter the new password.

Confirm New Password  Re-enter the new password.

Change Password Allowed  To allow the user to change his or her password, select Yes. Otherwise, keep the default, No.

Active  To activate the new user, select Active. To add the new user to the list, click Add to list.

After a user has been added, you can change the user’s settings. Select the user from the list, and make your changes. Then click Update this user.

To delete a user, select the user from the list, and then click Delete selected users.

Certificate Management

Manage the certificate for securing communication between the Router and QuickVPN clients.

Generate New Certificate  To generate a new certificate to replace the existing certificate on the Router, click Generate. After clicking the button, a confirmation screen appears. Click OK to continue.

Generate Certificate Confirmation

Export Certificate for Administrator  The certificate for the administrator contains the private key and should be stored in a safe place as a backup. If you reset the Router to its factory defaults, then you can import the certificate and restore it on the Router.

To save the certificate as a file, click Export for Admin. By default, the certificate file is named RV042_<MMDD>_ <HHMM>.pem, which you can rename. (MMDD stands for month and day; HHMM stands for hours and minutes.) Follow the on-screen instructions to select the location where you want to store your certificate.

Export Certificate for Client  The certificate for the client must be placed in the install directory of the QuickVPN client software.

To save the certificate as a file, click Export for Client. Then follow the on-screen instructions. By default, the certificate file is named RV042_<MMDD>_<HHMM>_ Client.pem, which you can rename. (MMDD stands for month and day; HHMM stands for hours and minutes.) Follow the on-screen instructions to save the file in the install directory of the QuickVPN client software.

Import Certificate  To specify the location of the administrator certificate, click Browse and follow the onscreen instructions. (This is the file you previously saved using the Export Certificate for Administrator option.) After you have selected the file, click Import.

ExistingCertificate  Thefilenameofthecurrentcertificate is displayed.

Click Save Settings to save your changes, or click Cancel Changes to undo them.

When you first save these settings, a message will appear, asking if you would like the Router to automatically change the LAN IP address to prevent conflicting IP addresses. To change the LAN IP address, click Yes. If an IP conflict occurs, the QuickVPN client will not connect to the Router.

VPN > VPN Pass Through

The VPN Pass Through screen allows you to enable or disable passthrough for a variety of VPN methods.

NOTE: VPN passthrough is enabled so that VPN clients in the LAN of the Router can reach the VPN server on the Internet.

10/100 4-Port VPN Router

47

Image 54
Contents 10/100 4-Port VPN Router Icon Descriptions About This GuideAbout This Guide Online ResourcesTable of Contents Ddns Appendix a Troubleshooting Appendix B Linksys QuickVPN for Windows 2000, XP, or VistaAppendix G Trend Micro ProtectLink Gateway Service Appendix F Firmware UpgradeAppendix H Specifications Appendix D IPSec NAT TraversalAppendix I Warranty Information Appendix K Regulatory InformationAppendix L Contact Information Chapter Chapter IntroductionIntroduction Computer using VPN client software to VPN Router Chapter Product Overview Product OverviewPhysical Installation Chapter InstallationInstallation Cable ConnectionsInstallation How to Access the Web-Based Utility Chapter Advanced ConfigurationAdvanced Configuration OverviewPort Statistics ConfigurationSystem Information Trend Micro ProtectLink GatewayVPN Setting Status Network Setting StatusFirewall Setting Status Log Setting StatusSetup Tab Network LAN SettingNetwork Dual-WAN/DMZ Setting WAN Connection TypePPPoE Point-to-Point Protocol over Ethernet Pptp Point-to-Point Tunneling ProtocolSetup Password Heart Beat SignalPassword Setup TimeSetup DMZ Host TimePort Range Forwarding Setup Tab ForwardingForwarding Port TriggeringSetup UPnP UPnPOne-to-One NAT Setup One-to-One NATSetup MAC Clone Add RangeWAN1/2 Setup DdnsMAC Clone DynDNS.orgDynamic Routing Setup Advanced RoutingAdvanced Routing Oray.net PeanutHull DdnsDhcp Setup Static RoutingSetup Dynamic IPStatic IP Status Smart Link BackupDhcp Status Dual-WANNetwork Service Detection Load BalanceSystem Management Bandwidth Management Bandwidth WAN1/2Protocol Binding Bandwidth Management Type Bandwidth ManagementMaximum Bandwidth provided by ISP Rate ControlSystem Management Snmp PriorityDNS Name Lookup System Management DiagnosticDiagnostic PingSystem Management Restart Factory DefaultFirmware Upgrade Firmware DownloadExport Configuration File Port Management Port SetupImport Configuration File Basic Per Port ConfigPort Status Port Management Port StatusFirewall General GeneralFirewall Access Rules Restrict WEB FeaturesAccess Rules Add a New Access RuleServices Firewall Content Filter SchedulingVPN Summary Content FilterProtectLink SummaryGroupVPN Status Gateway to GatewayClient to Gateway Add a New Tunnel Local Group SetupVPN Gateway to Gateway VPN Clients StatusLocal Security Group Type Remote Group Setup Remote Security Gateway TypeIPSec Setup IKE with Preshared KeyRemote Security Group Type Keying Mode Manual VPN Client to Gateway AdvancedTunnel Tunnel No The tunnel number is automatically generatedRemote Client Setup Remote ClientGroup VPN Default is Domain NameFQDN Keying Mode Manual Tunnel Only VPN VPN Client Access VPN Client Users VPN Client AccessVPN VPN Pass Through Certificate ManagementVPN Pass Through VPN Pptp ServerLog System Log Pptp ServerSyslog Log SettingSystem Log MailLog System Statistics Basic Setup WizardObtain an IP automatically PPPoE MinutesAccess Rule Setup Select the Log Rule Manual SupportLogout Linksys Web SiteAppendix a Troubleshooting TroubleshootingAppendix a Linksys QuickVPN for Appendix BAppendix B Windows 2000, XP, or VistaClick the VPN Client Access tab Linksys QuickVPN Client Installation and ConfigurationInstall from the CD-ROM Click Add to list Click Save SettingsDownload from the Internet Install the Client CertificateClick Business Click Router/VPN Solutions Linksys QuickVPN ConnectionConfirm New Password Re-enter your new password Version Number of Linksys QuickVPNAppendix C Gateway-to-Gateway VPN Tunnel Configuration of the RVL200Appendix C Before You BeginConfiguration of the RV042 Configuration of PC 1 and PCRV042 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix C Appendix D Configuration of ScenarioConfiguration of Router a Appendix D IPSec NAT TraversalConfiguration of Router B IPSec NAT TraversalOne-to-One NAT Rule on NAT 2 RV042 One-to-One NAT Rule on NAT 1 RV042Click the One-to-One NAT tab Configuration of Router a Appendix D Appendix E Bandwidth Management Creation of New ServicesAppendix E Bandwidth ManagementCreation of New Bandwidth Management Rules Upgrade the Firmware Appendix F Firmware UpgradeFirmware Upgrade Alternative Firmware Upgrade OptionFirmware Upgrade Appendix G Appendix G Trend Micro ProtectLink Gateway ServiceHow to Purchase, Register, or Activate the Service System SummaryHow to Use the Service ProtectLinkProtectLink Web Protection Web ProtectionEmail Protection ProtectLink Email ProtectionProtectLink License LicenseAppendix G Appendix H Specifications SpecificationsAppendix H Appendix Warranty InformationObtaining Warranty Service Exclusions and LimitationsWarranty Information Technical SupportSoftware in Linksys Products Appendix JAppendix J Software License Agreement Software LicensesSchedule Software License AgreementPreamble Appendix J END of Terms and Conditions OpenSSL License Original SSLeay LicenseAppendix J Appendix K Regulatory InformationDansk Danish Miljøinformation for kunder i EU Appendix K Norsk Norwegian Miljøinformasjon for kunder i EU Appendix K Appendix L Contact Information