Home » Cisco Manuals » Bridges & Routers » Cisco RV042 » Manual Viewer

Cisco RV042 Administration Guide - Page 134

Preshared Key, Advanced settings for IKE with, Required fields for Manual mode, Incoming - esp

UPC - 745883560530

Add to My Manuals
Save this manual to your list of manuals

Page 134 highlights

VPN Setting Up a Gateway to Gateway (Site to Site) VPN 9 Preshared Key, page 135 and Advanced settings for IKE with Preshared Key, page 136. • Required fields for Manual mode Enter the settings for manual mode. Be sure to enter the same settings when configuring other router for this tunnel. The Incoming / Outgoing SPI settings must be mirrored on the other router. - Incoming / Outgoing SPI: The Security Parameter Index is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to select the security association, under which a packet should be processed. You can enter hexadecimal values from 100~ffffffff. Each tunnel must have a unique Incoming SPI and Outgoing SPI. No two tunnels share the same SPI. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa. - Encryption: Select a method of encryption: DES or 3DES. This setting determines the length of the key used to encrypt or decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES is recommended because it is more secure. - Authentication: Select a method of authentication: MD5 or SHA1. The authentication method determines how the ESP packets are validated. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA1 is a one-way hashing algorithm that produces a 160-bit digest. SHA1 is recommended because it is more secure. Make sure that both ends of the VPN tunnel use the same authentication method. - Encryption Key: Enter a key to use to encrypt and decrypt IP traffic. If you selected DES encryption, enter 16 hexadecimal values. If you selected 3DES encryption enter 40 hexadecimal values. If you do not enter enough hexadecimal values, then zeroes will be appended to the key to meet the required length. - Authentication Key: Enter a key to use to authenticate IP traffic. If you selected MD5 authentication, enter 32 hexadecimal values. If you selected SHA1, enter 40 hexadecimal values. If you do not enter enough hexadecimal values, then zeroes will be appended to the key to meet the required length. Cisco Small Business RV0xx Series Routers Administration Guide 134

Section	Page
Introduction	7
RV0xx Series Router Features	7
Ports	9
Status Lights	10
Other Hardware Features	11
Default Settings	12
Mounting Options	12
Placement Tips	12
Desktop Placement	12
Wall Mounting	13
Rack Mounting RV082 or RV016	14
Connecting the Equipment	15
Getting Started with the Configuration	16
Troubleshooting Tips	17
Features of the User Interface	18
Viewing System Summary Information	20
Setup	26
Setting Up the Network	27
Changing the Administrator Username and Password	40
Setting the System Time	42
Setting Up a DMZ Host	43
Setting Up Port Forwarding and Port Triggering	44
Setting Up Universal Plug and Play (UPnP)	48
Setting Up One-to-One NAT	51
Cloning a MAC Address for the Router	53
Assigning a Dynamic DNS Host Name to a WAN Interface	55
Setting Up Advanced Routing	57
IPv6 Transition	61
DHCP	63
Setting Up the DHCP Server or DHCP Relay	63
Viewing the DHCP Status Information	70
Router Advertisement (IPv6)	71
System Management	73
Setting Up Dual WAN and Multi-WAN Connections	73
Managing the Bandwidth Settings	81
Setting Up SNMP	84
Enabling Device Discovery with Bonjour	85
Using Built-In Diagnostic Tools	87
Restoring the Factory Default Settings	89
Upgrading the Firmware	90
Restarting the Router	91
Backing Up and Restoring the Settings	92
Port Management	95
Configuring the Port Settings	95
Viewing the Status Information for a Port	97
Firewall	99
Configuring the General Firewall Settings	99
Configuring Firewall Access Rules	103
Using Content Filters to Control Internet Access	110
Cisco ProtectLink Web	113
Getting Started with Cisco ProtectLink Web	113
Specifying the Global Settings for Approved URLs and Clients	115
Approved URLs and Approved Clients	116
Enabling Web Protection for URL Filtering	117
Updating the ProtectLink License	120
VPN	122
Introduction to VPNs	122
Site to Site VPN (Gateway To Gateway)	123
Remote Access (Client To Gateway)	123
Remote Access with Cisco QuickVPN	125
Remote Access with PPTP	125
Viewing the Summary Information for VPN	126
Setting Up a Gateway to Gateway (Site to Site) VPN	130
Setting Up a Remote Access Tunnel for VPN Clients (Client To Gateway)	139
Managing VPN Users and Certificates	147
Setting Up VPN Passthrough	149
Setting Up PPTP Server	150
Logging System Statistics	153
Setting Up the System Log and Alerts	153
Viewing the System Log	157
Wizard	159
Glossary	161
Troubleshooting	165
Cisco QuickVPN for Windows	167
Introduction	167
Cisco QuickVPN Client Installation and Configuration	168
Using the Cisco QuickVPN Software	168
Configuring a Gateway-to-Gateway VPN Tunnel Between RV0xx Series Routers	170
Topology Options	170
VPN Hub and Spoke Topology	171
VPN Mesh Topology	172
Other Design Considerations	173
Configuring a VPN Tunnel on a Cisco RV0xx Series Router	175
Example: Sites with Static WAN IP Addresses	176
Example: Site with a Dynamic WAN IP Address	179
IPSec NAT Traversal	183
Overview	183
Bandwidth Management	186
Creation of New Services	186
Creation of New Bandwidth Management Rules	187
Specifications	189
RV042	189
RV042G	191
Cisco RV082	194
Cisco RV016	196

Match case Limit results 1 per page

VPN

Setting Up a Gateway to Gateway (Site to Site) VPN

Cisco Small Business RV0xx Series Routers Administration Guide

134

Preshared Key, page 135

and

Advanced settings for IKE with

Preshared Key, page 136

•

Required fields for Manual mode

Enter the settings for manual mode. Be sure to enter the same settings when

configuring other router for this tunnel. The Incoming / Outgoing SPI settings

must be mirrored on the other router.

Incoming

Outgoing SPI:

The Security Parameter Index is carried in the

ESP (Encapsulating Security Payload Protocol) header and enables the

receiver and sender to select the security association, under which a

packet should be processed. You can enter hexadecimal values from

100~ffffffff. Each tunnel must have a unique Incoming SPI and Outgoing

SPI. No two tunnels share the same SPI. The Incoming SPI here must

match the Outgoing SPI value at the other end of the tunnel, and vice

versa.

Encryption:

Select a method of encryption: DES or 3DES. This setting

determines the length of the key used to encrypt or decrypt ESP

packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES

is recommended because it is more secure.

Authentication:

Select a method of authentication: MD5 or SHA1. The

authentication method determines how the ESP packets are validated.

MD5 is a one-way hashing algorithm that produces a 128-bit digest.

SHA1 is a one-way hashing algorithm that produces a 160-bit digest.

SHA1 is recommended because it is more secure. Make sure that both

ends of the VPN tunnel use the same authentication method.

Encryption Key:

Enter a key to use to encrypt and decrypt IP traffic. If

you selected DES encryption, enter 16 hexadecimal values. If you

selected 3DES encryption enter 40 hexadecimal values. If you do not

enter enough hexadecimal values, then zeroes will be appended to the

key to meet the required length.

Authentication Key:

Enter a key to use to authenticate IP traffic. If you

selected MD5 authentication, enter 32 hexadecimal values. If you

selected SHA1, enter 40 hexadecimal values. If you do not enter enough

hexadecimal values, then zeroes will be appended to the key to meet

the required length.