Cisco WRV200 User Guide - Page 29

Chapter µ

Configuring the Wireless-G Router

²´

Wireless-G VPN Router with RangeBooster

DPD will issue DPD packets (ISAKMP format) to query a

remote peer, and wait for a reply to recognize that it is

still alive. There are 3 auxiliary options: Detection Delay(s),

Detection Timeout(s), and DPD Action for DPD.

Detection Delay(s)

You can indicate the interval between

DPD query packets. The default value is

³0

seconds.

Detection Timeout(s)

You can indicate the length of

timeout when DPD cannot hear any DPD reply. The default

value is

±²0

seconds.

DPD Action

When DPD Timeout expires, the DPD will take

DPD Action to deal with the connection. You can select

Wait for Response to still wait for remote peer response, or

select

Suspend Connection

to stop passively recovering

the connection or select

Recover Connection

.

If IKE failed more than _times, block this unauthorized

IP for _ seconds

This feature is enabled by default. It

enables the Router to block unauthorized IP addresses.

Specify the number of times IKE must fail before the Router

blocks that unauthorized IP address.

Anti-replay

This protects the Router from anti-replay

attacks, when people try to capture your authentication

packets in an attempt to gain access. The feature is

enabled by default.

When you have finished making changes to the screen,

click

Save Settings

to save the changes, or click

Cancel

Changes

to undo your changes. For help information,

click More.

VPN > VPN Summary

VPN > VPN Summary

This page summarizes the comprehensive details of IPSec

VPN Tunnels that include Tunnel Name, Remote Gateway,

Remote Group, Local Group, Key Methods, Tunnel Status,

and Start/Stop/Detail Connection. Each field displays

information according to a pre-configured value of IPSec

tunnel separately, and each IPSec tunnel can be easily

commanded to start/stop connection here. VPN Summary

can help an administrator to manage and examine all

IPSec tunnels status.

Tunnel Name

The field displays the name of the tunnel.

Remote Gateway

The field displays the remote gateway.

If the pre-configured type is IP Addr., the field displays the

IP address of remote gateway. If the pre-configured type

of remote gateway is Any, the field displays ANY. If the

pre-configured type is FQDN, the field displays the FQDN

string directly.

Remote Group

The field displays the remote peer that

is designated for VPN communication after a IPSec VPN

tunnel is established. If the pre-configured type of the

remote group is IP Addr., the field displays the IP address

of the remote peer. If the pre-configured type of the

remote group is Subnet, the field displays the subnet type

“IP Address/Mask”. If the pre-configured type of remote

group is Host or Any, the field displays the “Host” or “Any”

directly.

Local Group

The field displays the local peer that is

designated for VPN communication after an IPSec VPN

tunnel is established. If the pre-configured type of local

group is IP Addr., the field displays the IP address of the

local peer. If the pre-configured type of local group is

Subnet, the field displays the subnet type “IP Address/

Mask”. If the pre-configured type of local group is Host,

the field displays the “Host” directly.

Key Methods

The field displays the IPSec authentication

and encryption key methods of the Key exchange Method

that is followed with the setting value of the Password

Forward Secrecy.

Tunnel Status

The field displays the status of IPSec

Tunnel as follows.

C

The Tunnel is Connected.

T

Try to Connect to Remote Peer.

Stop

The Tunnel is Stopped.

D

The Tunnel is Disabled.

Any

The Tunnel always waits for the connection from

the remote initiator.

NAT-T

The Tunnel enables the NAT-Traversal to allow

the remote initiator that is behind the NAT to construct

this IPSec Tunnel.

Start/Stop/Restart Connection

You can manually start/

stop IPSec connection according to pre-configured tunnel

settings. If the pre-configured type of remote gateway or

remote group is either

Any

or

NAT-Traversal

, the

Detai

l

button can also examine Remote Security Gateway

information.

•

•

•

•

•

•

Section	Page
Chapter 1: Introduction	6
Chapter 2: Planning Your Wireless Network	7
Network Topology	7
Ad-Hoc versus Infrastructure Mode	7
Network Layout	7
Chapter 3: Planning Your Virtual Private Network (VPN)	8
Why do I need a VPN?	8
1) MAC Address Spoofing	8
2) Data Sniffing	8
3) Man in the middle attacks	8
What is a VPN?	8
VPN Router to VPN Router	9
Computer (using the Linksys VPN client software) to VPN Router	9
Chapter 4: Product Overview	10
Front Panel	10
Back Panel	10
Chapter 5: Configuring the Wireless-G VPN Router	11
Overview	11
How to Access the Web-based Utility	12
Setup	12
Setup > Basic Settings	12
Setup > VLAN	15
Setup > DDNS	15
Setup > MAC Address Clone	16
Setup > Advanced Routing	17
Wireless	18
Wireless > Basic Wireless Settings	18
Wireless > Wireless Security	18
Wireless > Wireless Network Access	21
Wireless > Advanced Wireless Settings	22
Wireless > WDS	22
Firewall	23
Firewall > General	23
Firewall > Port Forwarding	23
Firewall > Port Triggering	24
Firewall > DMZ	24
Firewall > Access Restriction	25
Firewall > URL Filtering	25
VPN	25
VPN > VPN Client Access	25
VPN > VPN Passthrough	26
VPN > IPSec VPN	27
VPN > VPN Summary	29
QoS	30
QoS > Application-Based QoS	30
QoS > Port-Based QoS	30
Administration	31
Administration > Management	31
Administration > Log	32
Administration > Diagnostics	33
Administration > Factory Default	33
Administration > Firmware Upgrade	33
Administration > Reboot	34
Status	34
Status > Router	34
Status > Local Network	35
Status > Wireless	35
Status > System Performance	35
Status > VPN Clients	36
Appendix A: Troubleshooting	37
Frequently Asked Questions	42
Appendix B: Wireless Security Checklist	44
General Network Security Guidelines	44
Additional Security Tips	44
Appendix C: Using Linksys QuickVPN for Windows 2000, XP, or Vista	45
Overview	45
Before You Begin	45
Installing the Linksys QuickVPN Software	45
Installing from the CD-ROM	45
Downloading and Installing from the Internet	45
Using the Linksys QuickVPN Software	46
Version Number of the QuickVPN Client	46
Distributing Certificates to QuickVPN Users	47
Appendix D: Configuring IPSec with a Windows 2000 or XP Computer	48
Introduction	48
Environment	48
How to Establish a Secure IPSec Tunnel	48
Step 1: Create an IPSec Policy	48
Step 2: Build Filter Lists	48
Step 3: Configure Individual Tunnel Rules	50
Step 4: Assign New IPSec Policy	53
Step 5: Create a Tunnel Through the Web-Based Utility	53
Appendix E: Gateway-to-Gateway VPN Tunnel	54
Overview	54
Before You Begin	54
Configuration when the Remote Gateway Uses a Static IP Address	54
Configuration of the WRV200	54
Configuration of the RV082	55
Configuration of PC 1 and PC 2	55
Configuration when the Remote Gateway Uses a Dynamic IP Address	56
Configuration of the WRV200	56
Configuration of the RV082	56
Configuration of PC 1 and PC 2	57
Configuration when Both Gateways Use Dynamic IP Addresses	57
Configuration of the WRV200	57
Configuration of the RV082	58
Configuration of PC 1 and PC 2	58
Appendix F: Glossary	59
Appendix G: Specifications	62
Appendix H: Warranty Information	64
Exclusions and Limitations	64
Obtaining Warranty Service	64
Technical Support	65
Appendix I: Regulatory Information	66
FCC Statement	66
FCC Radiation Exposure Statement	66
Safety Notices	66
Industry Canada Statement	66
Industry Canada Radiation Exposure Statement:	66
Avis d’Industrie Canada	67
Avis d’Industrie Canada concernant l’exposition aux radiofréquences :	67
Wireless Disclaimer	67
Avis de non-responsabilité concernant les appareils sans fil	67
User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste Electric and Electronic Equipment (WEEE)	68

Cisco WRV200 User Guide - Page 29

VPN > VPN Summary, and Start/Stop/Detail Connection. Each field displays - default password

Page 29 highlights