Cisco RV042 Administration Guide - Page 145
Advanced settings for IKE with Preshared Key, Minimum Preshared Key Complexity
UPC - 745883560530
View all Cisco RV042 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 145 highlights
VPN Setting Up a Remote Access Tunnel for VPN Clients (Client To Gateway) 9 Check the box to enable this feature, or uncheck the box to disable this feature. This feature is recommended. - Preshared Key: Enter a pre-shared key to use to authenticate the remote IKE peer. You can enter up to 30 keyboard characters and hexadecimal values, such as My_@123 or 4d795f40313233. Both ends of the VPN tunnel must use the same Preshared Key. It is strongly recommended that you change the Preshared Key periodically to maximize VPN security. - Minimum Preshared Key Complexity: Check the Enable box if you want to enable the Preshared Key Strength Meter. - Preshared Key Strength Meter: If you enable Minimum Preshared Key Complexity, this meter indicates the preshared key strength. As you enter a preshared key, colored bars appear. The scale goes from red (weak) to yellow (acceptable) to green (strong). TIP: Enter a complex preshared key that includes more than eight characters, upper- and lowercase letters, numbers, and symbols such as -*^+=. • Advanced settings for IKE with Preshared Key When the Keying Mode is set to IKE with Preshared Key mode, advanced settings are available. For most users, the basic settings should suffice; advanced users can click Advanced + to view the advanced settings. To hide these settings, click Advanced - - Aggressive Mode (available for Tunnel, not Group VPN): Two modes of IKE SA negotiation are possible: Main Mode and Aggressive Mode. If network security is preferred, Main Mode is recommended. If network speed is preferred, Aggressive Mode is recommended. You can adjust this setting if the Remote Security Gateway Type is IP Only or one of the IP + types. Check this box to enable Aggressive Mode, or uncheck the box to disable Aggressive Mode and use Main Mode. NOTE: If the Remote Security Gateway Type is one of the Dynamic IP types, Aggressive Mode is required. The box is checked automatically, and this setting cannot be changed. - Compress (Support IP Payload Compression Protocol (IP Comp)): IP Comp is a protocol that reduces the size of IP datagrams. Check the box to enable the router to propose compression when it initiates a connection. If the responders reject this proposal, then the router will not implement compression. When the device works as a responder, it will Cisco Small Business RV0xx Series Routers Administration Guide 145