Manuals / Linksys / Computer Equipment / Network Router

Linksys RV042 manual IPSec Setup, Default is Domain NameFQDN

Models: RV042

1 103
Download 103 pages 23.71 Kb
Page 51
Image 51

Chapter 4

Advanced Configuration

NOTE: The Local Security Group Type you select should match the Remote Security Group Type selected on the remote computer at the other end of the tunnel.

After you have selected the Local Security Group Type, the settings available on this screen may change, depending on which selection you have made.

IP

Only the computer with a specific IP address will be able to access the tunnel.

Local Security Group Type > IP

IP address  Enter the appropriate IP address. The default IP is 192.168.1.0.

Subnet

The default is Subnet. All computers on the local subnet will be able to access the tunnel.

Local Security Group Type > Subnet

IP address  Enter the IP address. The default is 192.168.1.0.

Subnet Mask  Enter the subnet mask. The default is 255.255.255.0.

IP Range

Specify a range of IP addresses within a subnet that will be able to access the tunnel.

Local Security Group Type > IP Range

IP range  Enter the range of IP addresses. The default is 192.168.1.0~254.

Remote Client Setup

Remote Client

Select the type you want to use: Domain Name(FQDN), E-mail Addr.(USER FQDN), or Microsoft XP/2000 VPN Client. Follow the instructions for the type you want to use.

Domain Name(FQDN)

The default is Domain Name(FQDN).

Remote Client > Domain Name(FQDN)

Domain Name  Enter the Fully Qualified Domain Name (FQDN), which is the host name and domain name for a specific computer on the Internet. When the remote computer requests to create a tunnel with the Router, the Router will work as a responder.

E-mail Address(UserFQDN)

Remote Client > E-mail Address(UserFQDN)

E-mail address  Enter the e-mail address of the user FQDN.

Microsoft XP/2000 VPN Client

Dynamic IP users, such as PPPoE or DHCP users, who use the Microsoft VPN client software, can use this option. (The Microsoft VPN client software does not support Aggressive mode and FQDN or User FQDN ID options.)

Remote Client > Microsoft XP/2000 VPN Client

IPSec Setup

In order for any encryption to occur, the two ends of a VPN tunnel must agree on the methods of encryption, decryption, and authentication. This is done by sharing a key to the encryption code. For key management, the default mode is IKE with Preshared Key.

Keying Mode  Select IKE with Preshared Key or Manual. Both ends of a VPN tunnel must use the same mode of key management. After you have selected the mode, the settings available on this screen may change, depending on the selection you have made. Follow the instructions for the mode you want to use. (Manual mode is available for VPN tunnels only, not group VPNs.)

IKE with Preshared Key

IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association (SA). IKE uses the Preshared Key to authenticate the remote IKE peer.

Phase 1 DH Group  Phase 1 is used to create the SA. DH (Diffie-Hellman) is a key exchange protocol used during Phase 1 of the authentication process to establish pre-

10/100 4-Port VPN Router

44

Page 50 Page 52
Page 51
Image 51
Linksys RV042 manual IPSec Setup, Default is Domain NameFQDN
Page 50 Page 52