As shown above, CWR-854 can store 10 different VPN profiles. We need to enable IPSec VPN and then click on edit to configure the first profile.

-Use any name for the connection.

-Authentication will be through the Pre-Shared Key (PSK). Basically anyone who wants to have VPN connectivity to the router needs to have this key. We will later on use this same key in the client configuration.

-The next step is to enter the IP information for Local and remote sites. For local site choose “Subnet Address” to allow access to the whole LAN network. For remote site, choose “Any Address” so that the router accepts VPN requests from any IP address.

-Both local and remote systems are identified by IP.

-Key management is auto (IKE). Click the advance key to see the settings for phase 1 and 2 negotiations. In phase 1 peers are authenticated to each other and a secure encrypted link is established to start phase 2 which is the actual negotiation of security services for the IPSec-compliant VPN channel. As you can see in the next image, 3DES and MD5 are the chosen encryption and authentication methods and for additional security PFS (Perfect Forward Secrecy) is also selected.

4

www.cnetusa.com

Page 3 Page 5
Page 4
Image 4
CNET CWR-854 manual
Page 3 Page 5
Top Page Image Contents