Home » Linksys Manuals » Computer Software » Linksys QuickVPN » Manual Viewer

Linksys QuickVPN Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN A - Page 121

Setting Up IPSec, VPN > IPSec Setup, Keying Mode, IKE with Preshared Key, Manual, Encryption

UPC - 745883566341

Add to My Manuals
Save this manual to your list of manuals

Page 121 highlights

Setting Up and Configuring the WRVS4400N Wireless-N Router Configuring the VPN Settings 5 Setting Up IPSec The IPSec Setup section of the VPN > IPSec VPN window displays the security parameters for configuring a VPN. To set up IPSec for the router, follow these steps: STEP 1 Click VPN > IPSec Setup. STEP 2 Configure the security parameters for VPN IPSec: • Keying Mode-The router supports both IKE with Preshared Key (automatic) and Manual key management. When choosing automatic key management, IKE (Internet Key Exchange) protocols are used to negotiate key material for SA. If manual key management is selected, no key negotiation is needed. Basically, manual key management is used in small static environments or for troubleshooting purpose. Notice that both sides must use the same Key Management method. • Encryption-The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. 3DES is supported. Notice that both sides of the VPN tunnel must use the same Encryption method. • Authentication-Authentication determines a method to authenticate the ESP packets. Either MD5 or SHA1 may be selected. Both sides of the VPN tunnel must use the same Authentication method. - MD5-A one way hashing algorithm that produces a 128-bit digest. - SHA1-A one way hashing algorithm that produces a 160-bit digest. • Preshared Key- IKE uses the Pre-shared Key field to authenticate the remote IKE peer. Both character and hexadecimal value are acceptable in this field. for example; "My_@123" or "0x4d795f40313233." Both sides must use the same Pre-shared Key. • Key Lifetime-Specifies the lifetime of the IKE generated key. If the time expires, a new key is renegotiated automatically. The Key Lifetime may range from 1081 to 86400 seconds. The default value for Phase 1 is 28800 seconds, and default value for Phase 2 is 3600 seconds • Group- For Diffie-Hellman key negotiation. There are 3 groups available for ISAKMP SA establishment, 768-bit, 1024-bit, 1536-bit represent different bits used in Diffie-Hellman mode operation. The default value is Group 768bit. Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN Administration Guide 121

Section	Page
About This Document	9
How to Use This Guide	9
Organization	9
Finding Information in PDF Files	11
Finding Text in a PDF	11
Finding Text in Multiple PDF Files	12
Introduction	14
Networking and Security Basics	16
An Introduction to LANs	16
The Use of IP Addresses	17
The Intrusion Prevention System (IPS)	19
Planning Your Virtual Private Network (VPN)	21
Why do I need a VPN?	21
MAC Address Spoofing	22
Data Sniffing	22
Man in the Middle Attacks	22
What is a VPN?	23
VPN Router to VPN Router	24
Computer to VPN Router	25
Getting Started with the WRVS4400N Router	26
Front Panel	27
Back Panel	28
WRVS4400N Antennas	28
Placement Options	29
Desktop Option	29
Stand Option	30
Wall Option	31
Installing the Router	32
Configuring the Router	34
Setting Up and Configuring the WRVS4400N Wireless-N Router	36
Accessing the Web-Based Utility	37
Navigating the Utility	38
Setup	39
Wireless	40
Firewall	40
ProtectLink	41
VPN	41
QoS	41
Administration	42
IPS	42
L2 Switch	43
Status	43
Setting Up Your Wireless-N Router	44
Configuring Basic Setup Settings	45
Displaying A Read-Only Summary of the Basic Router Information	46
Configuring Internet Connection Settings	48
Automatic Configuration - DHCP Server	50
Static IP	51
PPPoE	52
PPTP	53
Heart Beat Signal	55
L2TP	56
Configuring DDNS Service Settings	58
Configuring Local Area Network (LAN) Settings	60
Using The DMZ (Demilitarized Zone) Host Feature to Access Special Purpose Internet Services	63
Cloning Your Network Adapter’s MAC Address onto Your Router	65
Configuring the Router’s Advanced Settings	66
Changing the Router’s Time Settings	70
Selecting IPv4 Mode or Dual Stack IPv4 And IPv6 Mode	72
Configuring Wireless Settings	76
Configuring Basic Settings	76
Configuring Wireless Security	80
Configuring Connection Control	88
Configuring Advanced Wireless Settings	89
Configuring VLAN & QoS Settings	92
Configuring Router WDS Settings	94
Configuring Firewall Settings	96
Configuring Basic Settings	97
Configuring IP Based ACL	99
Editing IP ACL Rules	101
Configuring Internet Access Policy	102
Creating a Policy	104
Deleting a Policy	106
Viewing all Policies	106
Viewing or Changing the List of Personal Computers Covered by the Current Policy	106
Configuring Single Port Forwarding	107
Configuring Port Range Forwarding	108
Configuring Port Range Triggering	110
Configuring the ProtectLink Gateway service	112
Configuring the VPN Settings	113
Displaying A VPN Status Summary of the IPSec Tunnel and Clients	113
Configuring IPSec VPN	116
Setting Up Local Groups	118
Setting Up and Configuring Remote Groups	119
Setting Up IPSec	121
Viewing Connection Status	122
Configuring VPN Client Accounts	123
Configuring VPN Passthrough	125
Configuring the QoS Settings	126
Managing Bandwidth	127
Configuring QoS	129
Configuring DSCP	130
Configuring the Administration Settings	131
Configuring Management Settings	132
Configuring System Logs	134
Diagnosing Router Problems	137
Backing Up and Restoring Configurations	139
Restoring Factory Default Settings	140
Rebooting the Router	141
Upgrading the Router Firmware	142
Configuring IPS Settings	143
Configuring IPS	143
Setting P2P/IM Policy	145
Viewing Reports	147
Viewing Protection Information	148
Configuring the L2 Switch Settings	149
Configuring Virtual LANs (VLANs)	150
Configuring VLAN Membership and Port Assignment	152
Configuring RADIUS Mode	154
Configuring Port Settings	155
Viewing Statistics Overview	157
Mirroring Ports	158
Configuring RSTP	159
Viewing Status	160
Viewing WAN/Gateway Status	161
Viewing Local Network Status	163
Viewing Wireless LAN Status	165
Viewing System Performance	166
Using the VPN Setup Wizard	168
VPN Setup Wizard	168
Before You Begin	168
Running the VPN Router Software Wizard	169
Building Your VPN Connection Remotely	178
Troubleshooting	186
I need to set a static IP address on a PC.	186
I want to test my Internet connection.	188
I am not getting an IP address on the Internet with my Internet connection.	189
I am not able to access the router’s web-based utility Setup window.	190
I can’t get my Virtual Private Network (VPN) to work through the router.	190
I need to set up a server behind my router.	191
I can’t get an Internet game, server, or application to work.	192
I need to set up online game hosting or use other Internet applications.	192
I forgot my password or the password prompt always appears when saving settings to the router.	193
I am a PPPoE user and I need to remove the proxy settings or the dial-up pop-up window.	194
To start over, I need to set the router to factory default.	194
I need to upgrade the firmware.	195
The firmware upgrade failed.	195
My DSL service’s PPPoE is always disconnecting.	196
I can’t access my e-mail, web, or VPN, or I am getting corrupted data from the Internet.	196
I need to use port triggering.	197
When I enter a URL or IP address, I get a time-out error or am prompted to retry.	198
I’m trying to access the router’s web-based utility but I do not see the login window. Instead, I see a window saying, “404 Forbidden.”	198
Frequently Asked Questions	199
Using Cisco QuickVPN for Windows 2000, XP, or Vista	203
Overview	203
Before You Begin	204
Installing the Cisco QuickVPN Software	205
Installing from the CD-ROM	205
Downloading and Installing from the Internet	207
Using the Cisco QuickVPN Software	207
Distributing Certificates to QuickVPN Users	210
Configuring a Gateway-to-Gateway IPSec Tunnel	211
Introduction	211
Environment	212
Configuring the VPN Settings for the VPN Routers	212
Configuring the VPN Settings for VPN Router 1	212
Configuring the VPN Settings for VPN Router 2	213
Configuring the Key Management Settings	214
Configuring the Key Management Settings for VPN Router 1	214
Configuring the Key Management Settings for VPN Router 2	215
Configuring PC 1 and PC 2	215
Finding Out MAC and IP Addresses	216
Windows 98 or Me Instructions	216
Windows 2000 or XP Instructions	217
For the Router’s Web-based Utility	217
Trend Micro ProtectLink Gateway Service	218
Overview	218
How to Access the Web-Based Utility	218
How to Purchase, Register, or Activate the Service	219
ProtectLink	219
How to Use the Service	222
ProtectLink > Web Protection	222
Web Protection	224
ProtectLink > Email Protection	226
Email Protection	226
ProtectLink > License	226
License	227
Specifications	228
General	228
Performance	229
Management	229
Security	230
QoS	230
Layer 2	231
Environmental	231

Match case Limit results 1 per page

Setting Up and Configuring the WRVS4400N Wireless-N Router

Configuring the VPN Settings

Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN Administration Guide

121

Setting Up IPSec

The IPSec Setup section of the VPN > IPSec VPN window displays the security

parameters for configuring a VPN.

To set up IPSec for the router, follow these steps:

STEP 1

Click

VPN > IPSec Setup

STEP 2

Configure the security parameters for VPN IPSec:

•

Keying Mode

—The router supports both

IKE with Preshared Key

(automatic) and

Manual

key management. When choosing automatic key

management, IKE (Internet Key Exchange) protocols are used to negotiate

key material for SA. If manual key management is selected, no key

negotiation is needed. Basically, manual key management is used in small

static environments or for troubleshooting purpose. Notice that both sides

must use the same Key Management method.

•

Encryption

—The Encryption method determines the length of the key used

to encrypt/decrypt ESP packets.

3DES

is supported. Notice that both sides

of the VPN tunnel must use the same Encryption method.

•

Authentication

—Authentication determines a method to authenticate the

ESP packets. Either

MD5

SHA1

may be selected. Both sides of the VPN

tunnel must use the same Authentication method.

MD5

—A one way hashing algorithm that produces a 128-bit digest.

SHA1

—A one way hashing algorithm that produces a 160-bit digest.

•

Preshared Key

— IKE uses the Pre-shared Key field to authenticate the

remote IKE peer. Both character and hexadecimal value are acceptable in

this field. for example; “My_@123” or “0x4d795f40313233.” Both sides must

use the same Pre-shared Key.

•

Key Lifetime

—Specifies the lifetime of the IKE generated key. If the time

expires, a new key is renegotiated automatically. The Key Lifetime may range

from 1081 to 86400 seconds. The default value for Phase 1 is 28800

seconds, and default value for Phase 2 is 3600 seconds

•

Group

— For Diffie-Hellman key negotiation. There are 3 groups available for

ISAKMP SA establishment, 768-bit, 1024-bit, 1536-bit represent different

bits used in Diffie-Hellman mode operation. The default value is Group 768-

bit.