10/100
Dynamic IP +
Remote Security Group Type. Select the local LAN user(s) that can use this VPN tunnel. Remote Security Group Type may be a single IP address, a Subnet or an IP address range. The Remote Secure Group must match the Local Secure Group on the other end of the tunnel. Selecting IP Address allows only one computer, with the specific IP Address, access to the tunnel. (The default IP is 192.168.1.0.) If you select Subnet, all computers on the local subnet can access the tunnel. The default IP is 192.168.1.0, and default Subnet Mask is 255.255.255.192. If you select IP Range, you can specify a range of IP Addresses to access the tunnel. The default IP Range is 192.168.1.0~254.
With Group VPN enabled:
Further Remote Client Setup options become available when you select GroupVPN. There are three types of
Remote Client: Domain Name (FQDN),
Domain Name (FQDN) (Fully Qualified Domain Name): Enter the Domain Name of the Remote Client. When the Remote Client requests to create a tunnel with the Router, the Router will act as a responder. The Domain Name must match the local settings of the Remote Client.
Microsoft XP/2000 VPN Client: This option is used for Dynamic IP users (e.g. PPPoE or DHCP) which using Microsoft VPN client. The difference between Microsoft and other VPN client is that Microsoft client does not support Aggressive mode and FQDN/USER FQDN ID options.
IPSec Setup
In order for any encryption to occur, the two ends of the tunnel must agree on the type of encryption and the way the data will be decrypted. This is done by sharing a “key” to the encryption code. There are two Keying Modes of key management, Manual and IKE with Preshared Key (automatic). If GroupVPN is enabled, the key management will be IKE with Preshared Key only.
Chapter 5: Setting Up and Configuring the Router | 50 |
VPN Tab - Client to Gateway