Multi-Tech Systems S000573A manual Defining Virtual Private Networks VPNs

Defining Virtual Private Networks (VPNs)

Your router supports VPN tunnels for secure LAN‐to‐LAN access. To set up a VPN through your router:

1.From the navigation pane, select Tunnels, IPsec Tunnels.

2.In the pane that opens, click Add Tunnel. A series of wizard panels helps you configure the connection.

3.In the first panel, enter the following information:

ƒIn the Name field, type a name for the connection.

ƒIf desired, in the Description field, type a description for the connection.

ƒClick Next.

4.In the next panel:

ƒIn the Remote WAN IP field, type the IP address of the remote WAN.

ƒIn the Saved Network drop‐down list, select the desired network. Otherwise you can manually define the network by completing the Network Route and Network Mask fields.

ƒClick Next.

5.In the next panel:

ƒIn the Pre‐Shared Key field type the pre‐shared key that is agreed upon and shared by the VPN endpoints. You must configure this key at both endpoints of the tunnel.

ƒFrom the Encryption Method drop‐down list, select the encryption method. 3DES is recommended. Options include 3DES, AES‐128, AES‐192, AES‐256.

ƒIn the IKE Life Time field, type the duration for which the ISAKMP security association (SA) lasts, from successful negotiation to expiration. The default value is one hour and the maximum is 8 hours.

ƒIn the Key Life field, type the duration for which the IPSec SA lasts, from successful negotiation to expiration. The default value is one hour and the maximum is 24 hours.

ƒIn the Max Retries field, type the number of retries for the IPSec tunnel. Enter zero for unlimited retries.

ƒTo enable the Local ID and Remote ID, check Enable UID (Unique Identifier String) . Then enter local ID and remote string identifiers:

ƒLocal ID, type a string identifier for the local security gateway.

ƒRemote ID, type a string identifier for the remote security gateway.

ƒTo enable IPCOMP, the compression algorithm, check Compression.

ƒTo enable Perfect Forward Secrecy (PFS), a concept in which the newly generated keys are unrelated to the older keys, check Perfect Forward Secrecy.

ƒClick Finish.