10-80 User’s Reference Guide
■The Netopia R910 Router supports 128-bit (“strong”) encryption. If the router you are connecting to does not support 128-bit encryption, the Netopia router will default to 40-bit encryption.
US encryption regulations changed mid-February, 2000, making it possible to include this new encryption feature as a standard part of the firmware. This means that, worldwide, the Netopia R910 Router, because it supports VPN, also supports 128-bit encryption for free, when using PPTP tunnels.
ATMP does not have an option of using 128-bit MPPE. If you are using ATMP between two Netopia routers you can optionally set 56-bit DES encryption.
■Unlike MS-CHAP version 1, which supports one-way authentication, MS-CHAP version 2 supports mutual authentication between connected routers and is incompatible with MS-CHAP version 1 (MS-CHAPv1). When you choose MS-CHAP as the authentication method for a PPTP tunnel, the Netopia router will start negotiating MS-CHAPv2. If the router or VPN adapter client you are connecting to does not support MS-CHAPv2, the Netopia router will fall back to MS-CHAPv1, or, if the router or VPN adapter client you are connecting to does not support MPPE at all, the PPP session will be dropped. This is done automatically and transparently.
About IPsec Tunnels
IPsec stands for IP Security, a set of protocols that supports secure exchange of IP packets at the IP layer. IPsec is deployed widely to implement VPNs.
IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. The more secure Tunnel mode encrypts both the header and the payload. On the receiving side, an IPsec-compliant device decrypts each packet. Netopia Routers support the more secure Tunnel mode. The Netopia R910 offers IPsec DES encryption over the VPN tunnel.
DES stands for Data Encryption Standard, a popular symmetric-key encryption method. DES uses a 56-bit key.
Configuration
IPsec tunnels are defined in the same manner as PPTP tunnels. You configure the Connection Profile as follows.
From the Main Menu navigate to WAN Configuration and then Add Connection Profile.
