Cisco Systems RV042RF manual Appendix C Gateway-to-Gateway VPN Tunnel, Before You Begin

Page 69

Appendix C

Appendix C:

Gateway-to-Gateway VPN

Tunnel

Overview

This appendix explains how to configure an IPSec VPN tunnel between two VPN Routers, using an example. Two computers are used to test the liveliness of the tunnel.

Before You Begin

The following is a list of equipment you need:

•• Two Windows desktop computers (each computer will be connected to a VPN Router)

•• Two VPN Routers that are both connected to the Internet

Any VPN Routers can be deployed; however, this example uses the 4-Port SSL/IPSec VPN Router (model number: RVL200) and the 10/100 4-Port VPN Router (model number: RV042).

Configuration when the Remote Gateway Uses a Static IP Address

This example assumes the Remote Gateway is using a static IP address. If the Remote Gateway uses a dynamic IP address, refer to “Configuration when the Remote Gateway Uses a Dynamic IP Address.”

	RV042	RVL200
		WAN: A.A.A.A
	WAN: B.B.B.B
		LAN: 192.168.5.1
	LAN: 192.168.1.1

Gateway-to-Gateway IPSec VPN Tunnel - Remote Gateway Using

Static IP

NOTE: Each computer must have a network adapter installed.

Gateway-to-Gateway VPN Tunnel

Configuration of the RVL200

Follow these instructions for the first VPN Router, designated RVL200. The other VPN Router is designated the RV042.

1.Launch the web browser for a networked computer, designated PC 1.

2.Access the web-based utility of the RVL200. (Refer to the User Guide of the RVL200 for details.)

3.Click the IPSec VPN tab.

4.Click the Gateway to Gateway tab.

5.Enter a name in the Tunnel Name field.

6.For the VPN Tunnel setting, select Enable.

7.For the Local Security Gateway Type, select IP Only. The WAN IP address (A.A.A.A) of the RVL200 will be automatically detected.

For the Local Security Group Type, select Subnet. Enter the RVL200’s local network settings in the IP Address and Subnet Mask fields.

RVL200 IPSec VPN Settings

8.For the Remote Security Gateway Type, select IP Only. Enter the RV042’s WAN IP address in the IP Address field.

9.For the Remote Security Group Type, select Subnet. Enter the RV042’s local network settings in the IP Address and Subnet Mask fields.

10.In the IPSec Setup section, select the appropriate encryption,authentication,andotherkeymanagement settings.

10/100 4-Port VPN Router

62

Image 69

Contents 10/100 4-Port VPN Router About This Guide About This GuideIcon Descriptions Online ResourcesTable of Contents Ddns Appendix B Linksys QuickVPN for Windows 2000, XP, or Vista Appendix a TroubleshootingAppendix H Specifications Appendix F Firmware UpgradeAppendix G Trend Micro ProtectLink Gateway Service Appendix D IPSec NAT TraversalAppendix I Warranty Information Appendix K Regulatory InformationAppendix L Contact Information Chapter Chapter IntroductionIntroduction Computer using VPN client software to VPN Router Product Overview Chapter Product OverviewInstallation Chapter InstallationPhysical Installation Cable ConnectionsInstallation Advanced Configuration Chapter Advanced ConfigurationHow to Access the Web-Based Utility OverviewSystem Information ConfigurationPort Statistics Trend Micro ProtectLink GatewayFirewall Setting Status Network Setting StatusVPN Setting Status Log Setting StatusSetup Tab Network LAN SettingNetwork WAN Connection Type Dual-WAN/DMZ SettingPptp Point-to-Point Tunneling Protocol PPPoE Point-to-Point Protocol over EthernetHeart Beat Signal Setup PasswordSetup DMZ Host Setup TimePassword TimeForwarding Setup Tab ForwardingPort Range Forwarding Port TriggeringUPnP Setup UPnPSetup MAC Clone Setup One-to-One NATOne-to-One NAT Add RangeMAC Clone Setup DdnsWAN1/2 DynDNS.orgAdvanced Routing Setup Advanced RoutingDynamic Routing Oray.net PeanutHull DdnsStatic Routing Dhcp SetupSetup Dynamic IPStatic IP Dhcp Status Smart Link BackupStatus Dual-WANLoad Balance Network Service DetectionSystem Management Bandwidth Management Bandwidth WAN1/2Protocol Binding Maximum Bandwidth provided by ISP Bandwidth ManagementBandwidth Management Type Rate ControlPriority System Management SnmpDiagnostic System Management DiagnosticDNS Name Lookup PingFirmware Upgrade Factory DefaultSystem Management Restart Firmware DownloadImport Configuration File Port Management Port SetupExport Configuration File Basic Per Port ConfigFirewall General Port Management Port StatusPort Status GeneralRestrict WEB Features Firewall Access RulesAccess Rules Add a New Access RuleServices Scheduling Firewall Content FilterProtectLink Content FilterVPN Summary SummaryGroupVPN Status Gateway to GatewayClient to Gateway VPN Gateway to Gateway Local Group SetupAdd a New Tunnel VPN Clients StatusLocal Security Group Type Remote Security Gateway Type Remote Group SetupIPSec Setup IKE with Preshared KeyRemote Security Group Type Keying Mode Manual Advanced VPN Client to GatewayTunnel No The tunnel number is automatically generated TunnelRemote Client Remote Client SetupGroup VPN Default is Domain NameFQDN Keying Mode Manual Tunnel Only VPN VPN Client Access VPN VPN Pass Through VPN Client AccessVPN Client Users Certificate ManagementLog System Log VPN Pptp ServerVPN Pass Through Pptp ServerSystem Log Log SettingSyslog MailLog System Statistics Wizard Basic SetupObtain an IP automatically Minutes PPPoEAccess Rule Setup Select the Log Rule Logout SupportManual Linksys Web SiteAppendix a Troubleshooting TroubleshootingAppendix a Appendix B Appendix BLinksys QuickVPN for Windows 2000, XP, or VistaInstall from the CD-ROM Linksys QuickVPN Client Installation and ConfigurationClick the VPN Client Access tab Click Add to list Click Save SettingsClick Business Click Router/VPN Solutions Install the Client CertificateDownload from the Internet Linksys QuickVPN ConnectionVersion Number of Linksys QuickVPN Confirm New Password Re-enter your new passwordAppendix C Configuration of the RVL200Appendix C Gateway-to-Gateway VPN Tunnel Before You BeginConfiguration of PC 1 and PC Configuration of the RV042RV042 RVL200 Dynamic IP B.B.B.B with Configuration when Both Gateways Use Dynamic IP Addresses Appendix C Configuration of Router a Configuration of ScenarioAppendix D Appendix D IPSec NAT TraversalIPSec NAT Traversal Configuration of Router BOne-to-One NAT Rule on NAT 2 RV042 One-to-One NAT Rule on NAT 1 RV042Click the One-to-One NAT tab Configuration of Router a Appendix D Appendix E Creation of New ServicesAppendix E Bandwidth Management Bandwidth ManagementCreation of New Bandwidth Management Rules Firmware Upgrade Appendix F Firmware UpgradeUpgrade the Firmware Alternative Firmware Upgrade OptionFirmware Upgrade How to Purchase, Register, or Activate the Service Appendix G Trend Micro ProtectLink Gateway ServiceAppendix G System SummaryProtectLink How to Use the ServiceWeb Protection ProtectLink Web ProtectionProtectLink License ProtectLink Email ProtectionEmail Protection LicenseAppendix G Appendix H Specifications SpecificationsAppendix H Obtaining Warranty Service Warranty InformationAppendix Exclusions and LimitationsTechnical Support Warranty InformationAppendix J Software License Agreement Appendix JSoftware in Linksys Products Software LicensesSoftware License Agreement SchedulePreamble Appendix J END of Terms and Conditions Original SSLeay License OpenSSL LicenseAppendix J Regulatory Information Appendix KDansk Danish Miljøinformation for kunder i EU Appendix K Norsk Norwegian Miljøinformasjon for kunder i EU Appendix K Contact Information Appendix L