Microsoft VPN
Example 2: Windows 2000/XP Client to LAN
In this example, a Windows 2000/XP client connects to
Figure59: Windows 2000/XP Client to VRT-311 / VRT-311S
To use 3DES encryption on Windows 2000, you need Service Pack 3 or later installed.
VRT-311 / VRT-311S Configuration
Setting |
| Value | Notes |
|
|
|
|
Name |
| Win Client | Name does not affect operation. Select a |
|
|
| meaningful name. |
|
|
|
|
Remote Endpoint |
| 172.16.9.10 | Other endpoint's WAN (Internet) IP address. |
|
|
|
|
Local |
| Subnet address: | Allows access to entire LAN. Use a more |
IP addresses |
| 192.168.0.0 | restrictive definition if possible. |
|
| 255.255.255.0 |
|
|
|
|
|
Remote |
| 172.16.9.10 | For a single client, this address is the same as |
IP addresses |
|
| the endpoint address. |
|
|
|
|
Key Exchange |
| IKE | Must match client PC |
|
|
|
|
IKE SA Parameters |
|
| |
|
|
| |
IKE Direction |
| Both ways | Using "Responder only" is not possible. |
|
|
|
|
Local Identity |
| IP address | Required. |
|
|
|
|
Remote Identity |
| IP address | Required |
|
|
|
|
IKE Authentication |
| Certificates are not widely used. | |
method |
|
|
|
|
|
|
|
| Xxxxxxxxxx | Must match client PC | |
|
|
|
|
IKE Authentication |
| Must match client PC | |
algorithm |
|
|
|
|
|
|
|
IKE Encryption |
| 3DES | Must match client PC |
|
|
|
|
IKE Exchange |
| Main Mode | Windows 2000 only supports Main Mode. |
mode |
|
|
|
|
|
|
|
89