10/100 16-Port VPN Router

Phase 2 (make sure the remote VPN device also has the AH Hash Algorithm enabled). Both ends of the VPN tunnel must use the same Phase 2 Encryption setting: DES, 3DES, or Null.

Phase 2 Authentication. Select a method of authentication, MD5 or SHA. The authentication method determines how the ESP packets are validated. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more secure. If you enable the AH Hash Algorithm on the Advanced screen, then it is recommended to select Null to disable the authentication of ESP packets in Phase 2 (make sure the remote VPN device also has the AH Hash Algorithm enabled). Both ends of the VPN tunnel must use the same Phase 2 Authentication setting: MD5, SHA, or Null.

Phase 2 SA Life Time. Configure the length of time a VPN tunnel is active in Phase 2. The default value is 3600 seconds.

Preshared Key. This specifies the pre-shared key used to authenticate the remote IKE peer. Enter a key of keyboard and hexadecimal characters, e.g., My_@123 or 4d795f40313233. This field allows a maximum of 30 characters and/or hexadecimal values. Both ends of the VPN tunnel must use the same Preshared Key. It is strongly recommended that you change the Preshared Key periodically to maximize VPN security.

Click the Save Settings button to save your changes, or click the Cancel Changes button to undo the changes.

Manual (not applicable to Group VPNs)

Basically, manual key management is used in small static environments or for troubleshooting purposes. If you select Manual, you generate the key yourself, so no key negotiation is needed.

Incoming SPI (Security Parameter Index). SPI is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to send the Security Association (SA), under which a packet should be processed. Hexadecimal values are acceptable, and the valid range of hexadecimal values is from 100 to ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. The Incoming SPI of the Router must match the Outgoing SPI set on the remote VPN device at the other end of the tunnel. For example, if the Incoming SPI is 20123, then the Outgoing SPI would be 32102.

Outgoing SPI (Security Parameter Index). SPI is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to send the SA, under which a packet should be processed. Hexadecimal values are acceptable, and the valid range of hexadecimal values is from 100 to ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. The Outgoing SPI of the Router must match the Incoming SPI set on the remote VPN device at the other end of the tunnel. For example, if the Outgoing SPI is 32102, then the Incoming SPI would be 20123.

Chapter 6: Setting up and Configuring the Router

Figure 6-89: IPSec Setup - Manual

65

VPN Tab - Client to Gateway

Page 75 Page 77
Page 76
Image 76
Linksys RV016 manual Manual not applicable to Group VPNs, IPSec Setup Manual
Page 75 Page 77

RV016 specifications

The Linksys RV016 is a robust VPN router designed for small to medium-sized businesses, providing secure and reliable network connectivity. This device offers versatile features, catering to the demands of advanced users while maintaining ease of use for those less experienced with networking technologies.

One of the standout characteristics of the Linksys RV016 is its ability to handle multiple WAN connections. It features dual WAN ports, which enable load balancing and failover support. This ensures that in the event one internet connection fails, the other takes over seamlessly, minimizing downtime and enhancing productivity. The RV016 is equipped with eight Ethernet ports, providing sufficient connectivity for various devices within an office environment.

Security is a paramount consideration in the design of the RV016. The device supports a robust VPN (Virtual Private Network) capability, allowing secure remote access for employees working from home or traveling. The router supports both IPSec and PPTP VPN protocols, ensuring versatile and secure communication channels. Additionally, it offers advanced firewall features, including stateful packet inspection (SPI) and denial-of-service (DoS) attack prevention, which safeguard the network from unauthorized access and external threats.

Linksys has also incorporated Quality of Service (QoS) features into the RV016, allowing users to prioritize their network traffic. This is particularly useful for businesses that rely on voice over IP (VoIP) services or have high bandwidth applications, ensuring that critical applications receive the necessary bandwidth for optimal performance.

The RV016 supports a variety of network management protocols, including DHCP, DNS, and static routing, making it easy to integrate into existing network infrastructures. Its web-based interface simplifies configuration and management, enabling IT staff to efficiently set up network parameters without the need for extensive training.

In summary, the Linksys RV016 stands out as a feature-rich VPN router that combines security, reliability, and ease of use. Its multiple WAN support, advanced security features, and network management capabilities make it an ideal choice for businesses seeking a dependable networking solution. Whether handling remote access or managing network performance, the RV016 provides the necessary tools to keep business operations running smoothly.
Top Page Image Contents