Linksys QuickVPN Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN A - Page 121
Setting Up IPSec, VPN > IPSec Setup, Keying Mode, IKE with Preshared Key, Manual, Encryption
UPC - 745883566341
View all Linksys QuickVPN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 121 highlights
Setting Up and Configuring the WRVS4400N Wireless-N Router Configuring the VPN Settings 5 Setting Up IPSec The IPSec Setup section of the VPN > IPSec VPN window displays the security parameters for configuring a VPN. To set up IPSec for the router, follow these steps: STEP 1 Click VPN > IPSec Setup. STEP 2 Configure the security parameters for VPN IPSec: • Keying Mode-The router supports both IKE with Preshared Key (automatic) and Manual key management. When choosing automatic key management, IKE (Internet Key Exchange) protocols are used to negotiate key material for SA. If manual key management is selected, no key negotiation is needed. Basically, manual key management is used in small static environments or for troubleshooting purpose. Notice that both sides must use the same Key Management method. • Encryption-The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. 3DES is supported. Notice that both sides of the VPN tunnel must use the same Encryption method. • Authentication-Authentication determines a method to authenticate the ESP packets. Either MD5 or SHA1 may be selected. Both sides of the VPN tunnel must use the same Authentication method. - MD5-A one way hashing algorithm that produces a 128-bit digest. - SHA1-A one way hashing algorithm that produces a 160-bit digest. • Preshared Key- IKE uses the Pre-shared Key field to authenticate the remote IKE peer. Both character and hexadecimal value are acceptable in this field. for example; "My_@123" or "0x4d795f40313233." Both sides must use the same Pre-shared Key. • Key Lifetime-Specifies the lifetime of the IKE generated key. If the time expires, a new key is renegotiated automatically. The Key Lifetime may range from 1081 to 86400 seconds. The default value for Phase 1 is 28800 seconds, and default value for Phase 2 is 3600 seconds • Group- For Diffie-Hellman key negotiation. There are 3 groups available for ISAKMP SA establishment, 768-bit, 1024-bit, 1536-bit represent different bits used in Diffie-Hellman mode operation. The default value is Group 768bit. Cisco WRVS4400N Wireless-N Gigabit Security Router with VPN Administration Guide 121