LevelOne FBR-1404TX Windows Client Configuration

VPN

DH Group Group 1 (768 bit) Must match client PC

IKE SA Life time 28800 Does not have to match client PC. Shorter

period will be used.

IKE PFS Disable Must match client PC

IPSec SA Parameters

IPSec SA Life time 28800 Do not have to match. Shorter period will be

used.

IPSec PFS Disable Must match client PC

AH authentication Disabled AH is rarely used

ESP authentication Enable/MD5 Must match client PC

ESP encryption Enable/DES Must match client PC

Windows Client Configuration

1. Select Start - Programs - Administrative Tools - Local Security Policy.

2. Right click IP Security Policy on Local Machine and select Create IP Security Policy

Figure 64: Windows 2000/XP - Local Security Settings

3. Click "Next", then enter a policy name, for example "DUT To Win2K", then click "Next".

4. Step through the Wizard:

• Deselect Activate the default response rule. Click "Next",

• Leave Edit Properties checked. Click "Finish".

5. The following "Properties - Rules" screen will be displayed.

89

Contents

Main LevelOne FBR-1404TX Broadband VPN Gateway w/ 4-port Switch Users Manual Table of Contents Page Chapter 1 Introduction LevelOne Broadband VPN Gateway Features Internet Access Features Advanced Internet Functions LAN Features Configuration & Management Security Features VPN Gateway Features Package Contents Physical Details Front-mounted LEDs Rear Panel Chapter 2 Installation Requirements Procedure 1. Choose an Installation Site 2. Connect LAN Cables 3. Connect WAN Cable 4. Power Up 5. Check the LEDs Chapter 3 Setup Configuration Program Preparation Using UPnP Using your Web Browser If you can't connect Setup Wizard Common Connection Types Cable Modems DSL Modems Other Modems (e.g. Broadband Wireless) Big Pond Cable (Australia) SingTel RAS Home Screen Navigation & Data Input LAN Screen Data - LAN Screen DHCP What DHCP Does Using the LevelOne Broadband VPN Gateway 's DHCP Server Using another DHCP Server To Configure your PCs to use DHCP Password Screen Chapter 4 PC Configuration Overview Windows Clients TCP/IP Settings - Overview If using a Fixed (specified) IP address, the following changes are re- quired: Checking TCP/IP Settings - Windows 9x/ME: Using DHCP Using "Specify an IP Address" Page Page Obtain an IP address from a DHCP Server Specify an IP Address Page Page Checking TCP/IP Settings - Windows 2000: Using DHCP Using a fixed IP Address ("Use the following IP Address") Checking TCP/IP Settings - Windows XP Using DHCP Using a fixed IP Address ("Use the following IP Address") Internet Access For Windows 9x/ME/2000 For Windows XP Accessing AOL Macintosh Clients Note: Linux Clients Fixed IP Address To act as a DHCP Client (recommended) Operation and Status Operation Status Screen Data - Status Screen Connection Status - PPPoE Data - PPPoE Screen Connection Log Messages Connection Status - PPTP Data - PPTP Screen Connection Status - Telstra Big Pond Data - Telstra Big Pond Screen Connection Details - SingTel RAS Data - SingTel RAS Screen Page Connection Details - Fixed/Dynamic IP Address Data - Fixed/Dynamic IP address Screen Page Chapter 6 Internet Features WAN Port Configuration Screen Data - WAN Port Screen Page Advanced Internet Screen Communication Applications Special Applications Special Applications Screen Data - Special Applications Screen Using a Special Application DMZ URL Filter URL Filter Screen Data - URL Filter Screen Dynamic DNS (Domain Name Server) Dynamic DNS Screen Data - Dynamic DNS Screen Page Virtual Servers IP Address seen by Internet Users Virtual Servers Screen Data - Virtual Servers Screen Defining your own Virtual Servers Connecting to the Virtual Servers Internet Options Data - Options Screen Chapter 7 Security Configuration Access Control To use this feature: Access Control Screen Data - Access Control Screen Page Group Members Screen Access Control Log Firewall Rules Firewall Rules Screen Data - Firewall Rules Screen Page Firewall Rule Data - Firewall Rule Screen Page Logs Data - Logs Screen Page Security Options Data - Security Options Screen Page Scheduling Define Schedule Screen Data - Define Schedule Screen Services Data - Services Screen Page Chapter 8 VPN IPSec IKE Policies VPN Configuration Common VPN Situations VPN Pass-through Client PC to VPN Gateway Connecting 2 LANs via VPN VPN Policies VPN Policies Screen Data - VPN Policies Screen Adding a New Policy Page Page Page Page Page Page Page Certificates Adding a Trusted Certificate Adding a Self Certificate Page Page CRLs To add a New CRL VPN Status Data - VPN Status Screen Examples Example 1: Connecting 2 LevelOne Broadband VPN Gateways Note Configuration Settings Page Example 2: Windows 2000/XP Client to LAN LevelOne Broadband VPN Gateway Configuration Windows Client Configuration Page Page Page Page Page Page Page Page Page Page Page Configuration is now complete. Example 3: Windows 2000 Server to VPN Gateway LevelOne Broadband VPN Gateway Configuration Windows 2000 Server Configuration Chapter 9 Other Features and Settings PC Database PC Database Screen Data - PC Database Screen PC Database (Admin) Data - PC Database ( Admin) Screen Page Remote Administration Data - Remote Administration Screen To connect from a remote PC via the Internet Routing Overview Routing Screen Using this Screen Static Routing Table Data - Routing Screen Configuring Other Routers on your LAN Local Router Other Routers on the Local LAN Static Routing - Example For the LevelOne Broadband VPN Gateway 's Routing Table For Router A's Default Route For Router B's Default Route Upgrade Firmware To perform the Firmware Upgrade: UPnP Data - UPNP Screen A Appendix A Troubleshooting Overview General Problems Internet Access Page B Appendix B Specifications LevelOne Broadband VPN Gateway FCC Statement FCC Radiation Exposure Statement CE Marking Warning