Linksys BEFVP41 VPN Tunnel

Chapter 3 Advanced Configuration

EtherFast Cable/DSL VPN Router with 4-Port Switch

VPN Tunnel

The Router creates a tunnel between two endpoints,

so that the data traveling between these endpoints is

secure.

Select Tunnel Entry Select the tunnel you wish to create.

It is possible to create up to 50 simultaneous tunnels.

Delete To delete a tunnel, select it from the drop-down

menu, and then click Delete.

Summary To view summary information about a tunnel,

select it from the drop-down menu, and then click

Summary.

VPN Tunnel To enable a tunnel, select it from the drop-

down menu, and then click Enabled. To disable a tunnel,

select Disabled.

Tunnel Name Enter a name for this VPN tunnel, such as

Los Angeles Office, Chicago Branch, or New York Division.

This allows you to identify multiple tunnels and does not

have to match the name used at the other end of the

tunnel.

Interface Select the appropriate WAN por t, WAN1 or

WAN2 (available if the Dual WAN feature is enabled).

Enable Check this box to enable a VPN tunnel. (When

you create a VPN tunnel, this check box will be disabled.)

Local Secure Group and Remote Secure Group

A Local Secure Group is a computer(s) on your network

that can access the tunnel. A Remote Secure Group is a

computer(s) on the remote end of the tunnel that can

access the tunnel. For the Local Secure Group, select

Subnet, IP Address, or IP Range. For the Remote Secure

Group, select Subnet, IP Address, IP Range, Host, or

Any.

NOTE: The Local Secure Group you select should

match the Remote Secure Group selected on

the VPN device at the other end of the tunnel.

Local and Remote Secure Group

Subnet

The default is Subnet. All computers on the local subnet

will be able to access the tunnel.

IP and Mask Enter the appropriate addresses. The default

value of 0 should remain in the last fields of the IP and

Mask settings.

IP Address

Only the computer with a specific IP address will be able

to access the tunnel.

IP Addr. Enter the appropriate address.

IP Range

This option is a combination of the Subnet and IP Address

options.

IP Range Specify a range of IP addresses within the

subnet that will have access to the tunnel.

Host and Any are options for the Remote Secure Group

only.

Host

The Remote Secure Group will be the same as the Remote

Security Gateway Setting: IP Address, FQDN (Fully Qualified

Domain Name), or Any.

Any

The local VPN Router will accept a request from any IP

address. Select this option when the other endpoint is

using DHCP or PPPoE on the Internet side.

Remote Security Gateway

The Remote Security Gateway is the VPN device, such as a

second VPN Router, on the remote end of the VPN tunnel.

Select IP Address, FQDN, or Any.

Remote Security Gateway

IP Address

IP Addr. Enter the IP address of the VPN device on the

other end of the tunnel. The remote VPN device can be

another VPN Router, a VPN server, or a computer with VPN

client software that supports IPSec. Make sure that you

have entered the address correctly.

NOTE: Make sure you enter the IP address of the

remote VPN device, NOT the local VPN Router.

FQDN

FQDN Enter the Fully Qualified Domain Name (FQDN) of

the VPN device at the other end of the tunnel. The remote

VPN device can be another VPN Router, a VPN server,

or a computer with VPN client soft ware that supports

IPSec. The FQDN is the host name and domain name