10/100 8-Port VPN Router

Manual

If you select Manual, you generate the key yourself, and no key negotiation is needed. Basically, manual key management is used in small static environments or for troubleshooting purposes. Both sides must use the same Key Management method.

Incoming & Outgoing SPI (Security Parameter Index): SPI is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to select the SA, under which a packet should be processed. The hexadecimal values is acceptable, and the valid range is 100~ffffffff. Each tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels share the same SPI. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa

Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES is recommended because it is more secure, and both sides must use the same Encryption method.

Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA is a one-way hashing algorithm that produces a 160-bit digest. SHA is recommended because it is more secure, and both sides must use the same Authentication method.

Encryption Key: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption Key. If DES is selected, the Encryption Key is 16-bit. If users do not fill up to 16-bit, this field will be filled up to 16-bit automatically by 0. If 3DES is selected, the Encryption Key is 48-bit. If users do not fill up to 48-bit, this field will be filled up to 48-bit automatically by 0.

Authentication Key: This field specifies a key used to authenticate IP traffic and the Authentication Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Authentication key. If MD5 is selected, the Authentication Key is 32-bit. If users do not fill up to 32-bit, this field will be filled up to 32-bit automatically by 0. If SHA1 is selected, the Authentication Key is 40-bit. If users do not fill up to 40-bit, this field will be filled up to 40-bit automatically by 0.

IKE with Preshared Key (automatic)

IKE is an Internet Key Exchange protocol that is used to negotiate key material for SA (Security Association). IKE uses the Pre-shared Key field to authenticate the remote IKE peer.

Phase 1 DH Group: Phase 1 is used to create a security association (SA). DH (Diffie-Hellman) is a key exchange protocol that is used during phase 1 of the authentication process to establish pre-shared keys. There are three

Chapter 5: Setting Up and Configuring the Router

Figure 5-52: VPN tab - Client to Gateway

IPSec Setup

51

VPN Tab - Client to Gateway

Page 60
Image 60
Linksys RV082 manual VPN tab Client to Gateway IPSec Setup

RV082 specifications

The Linksys RV082 is a robust dual WAN VPN router that stands out in the market for small to medium-sized businesses seeking reliable network connectivity and security. Designed to meet the demands of a dynamic business environment, the RV082 offers a host of features that enhance both performance and reliability.

One of the primary attributes of the RV082 is its dual WAN capability. This feature allows businesses to connect to two different internet connections simultaneously, ensuring uninterrupted internet access. In case one connection fails, the router can automatically switch to the other, minimizing downtime and maintaining productivity. This failover capability is essential for businesses that rely heavily on internet connectivity.

The RV082 also boasts impressive VPN support, enabling secure communication between remote users and branch offices. With support for up to 50 simultaneous VPN connections, the router accommodates a growing workforce that may require access to the company’s network from remote locations. This is particularly beneficial for businesses with telecommuting employees or those that operate across multiple locations.

Security is a paramount concern for any business, and the RV082 addresses this with various built-in security features. It utilizes advanced firewall capabilities, including Stateful Packet Inspection (SPI) and Denial of Service (DoS) protection, safeguarding internal networks from external threats. The router also supports strong encryption protocols such as IPSec and PPTP, ensuring that sensitive data transmitted over the VPN remains secure.

Performance-wise, the RV082 includes eight switched LAN ports, allowing numerous devices to connect directly to the network without the need for additional hardware. This feature simplifies network management and helps keep connectivity organized. Furthermore, the router supports Quality of Service (QoS) prioritization, which allows businesses to allocate bandwidth effectively among different applications and users, promoting seamless performance even during high traffic periods.

The user-friendly web-based interface facilitates easy configuration and management, making it accessible for users with varying levels of technical expertise. Additionally, the RV082’s compact design ensures that it can fit into nearly any office environment without taking up too much space.

In summary, the Linksys RV082 is an excellent choice for businesses looking for a dependable and secure networking solution. With its dual WAN capabilities, extensive VPN support, robust security features, and user-friendly management tools, the RV082 successfully meets the challenging needs of modern business networking.