Cisco RV042 User Guide - Page 51
IPSec Setup, Remote Client
UPC - 745883560530
View all Cisco RV042 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 51 highlights
Chapter 4 Advanced Configuration NOTE: The Local Security Group Type you select should match the Remote Security Group Type selected on the remote computer at the other end of the tunnel. After you have selected the Local Security Group Type, the settings available on this screen may change, depending on which selection you have made. IP Only the computer with a specific IP address will be able to access the tunnel. Local Security Group Type > IP IP address Enter the appropriate IP address. The default IP is 192.168.1.0. Subnet The default is Subnet. All computers on the local subnet will be able to access the tunnel. Local Security Group Type > Subnet IP address Enter the IP address. The default is 192.168.1.0. Subnet Mask Enter the subnet mask. The default is 255.255.255.0. IP Range Specify a range of IP addresses within a subnet that will be able to access the tunnel. Local Security Group Type > IP Range IP range Enter the range of IP addresses. The default is 192.168.1.0~254. Remote Client Setup Remote Client Select the type you want to use: Domain Name(FQDN), E-mail Addr.(USER FQDN), or Microsoft XP/2000 VPN Client. Follow the instructions for the type you want to use. 10/100 4-Port VPN Router Domain Name(FQDN) The default is Domain Name(FQDN). Remote Client > Domain Name(FQDN) Domain Name Enter the Fully Qualified Domain Name (FQDN), which is the host name and domain name for a specific computer on the Internet. When the remote computer requests to create a tunnel with the Router, the Router will work as a responder. E-mail Address(UserFQDN) Remote Client > E-mail Address(UserFQDN) E-mail address Enter the e-mail address of the user FQDN. Microsoft XP/2000 VPN Client Dynamic IP users, such as PPPoE or DHCP users, who use the Microsoft VPN client software, can use this option. (The Microsoft VPN client software does not support Aggressive mode and FQDN or User FQDN ID options.) Remote Client > Microsoft XP/2000 VPN Client IPSec Setup In order for any encryption to occur, the two ends of a VPN tunnel must agree on the methods of encryption, decryption, and authentication. This is done by sharing a key to the encryption code. For key management, the default mode is IKE with Preshared Key. Keying Mode Select IKE with Preshared Key or Manual. Both ends of a VPN tunnel must use the same mode of key management. After you have selected the mode, the settings available on this screen may change, depending on the selection you have made. Follow the instructions for the mode you want to use. (Manual mode is available for VPN tunnels only, not group VPNs.) IKE with Preshared Key IKE is an Internet Key Exchange protocol used to negotiate key material for Security Association (SA). IKE uses the Preshared Key to authenticate the remote IKE peer. Phase 1 DH Group Phase 1 is used to create the SA. DH (Diffie-Hellman) is a key exchange protocol used during Phase 1 of the authentication process to establish pre- 44