Billion 800VGT Router Manual PDF (Setup & Configuration Guide)

Page 76 / 143 Scroll up to view Page 71 - 75

Billion 800VGT Router

Configuring

PPTP

VPN

in

the

Head

Office

The

IP

address

192.168.1.200

will

be

assigned

to

the

router

located

in

the

branch

office.

Please

make

sure

this

IP

is

not

used

in

the

head

office

LAN.

1

2

3

4

5

6

Item

Function

Description

1

Connection

Name

HeadOffice

Given

name

of

the

PPTP

connection

Dial

in

Select

Dial

in

2

Private

IP

Address

Assigned

to

Dialing

User

192.168.1.200

IP

address

assigned

to

branch

office

network

Peer

Network

IP

192.168.0.0

Branch

office

network

3

Netmask

255.255.255.0

Username

username

4

Password

123456

Input

username

&

password

to

authenticate

branch

office

network

Auth.Type

Chap(Auto)

Data

Encryption

Auto

Key

Length

Auto

5

Mode

stateful

Keep

as

default

value

in

most

of

the

cases,

PPTP

server

&

client

will

determine

the

value

automatically.

Refer

to

this

manual

for

details

if

you

want

to

change

the

setting.

6

Idle

Time

0

The

connection

will

be

disconnected

when

there

Is

no

traffic

in

a

predefined

period

of

time.

Idle

time

0

means

the

connection

is

always

on.

76

Chapter

4:

Configuration

Downloaded from

www.Manualslib.com

manuals search engine

Page 77 / 143

Billion 800VGT Router

Configuring

PPTP

VPN

in

the

Branch

Office

The

IP

address

69.1.121.30

is

the

Public

IP

address

of

the

router

located

in

head

office.

If

you

registered

a

DDNS

account

(please

refer

to

the

DDNS

section

of

this

manual),

you

can

also

use

the

domain

name

instead

of

the

IP

address

to

reach

the

router.

1

2

3

4

5

6

Item

Function

Description

1

Connection

Name

BranchOffice

Given

name

of

the

PPTP

connection

Dial

out

Select

Dial

out

2

Server

IP

Address

(or

Hostname)

69.121.1.33

IP

address

of

the

head

office

router

(in

WAN

side)

Peer

Network

IP

192.168.1.0

3

Netmask

255.255.255.0

Head

office

network

Username

username

4

Password

123456

Input

username

&

password

to

authenticate

branch

office

network

Auth.Type

Chap(Auto)

Data

Encryption

Auto

Key

Length

Auto

5

Mode

stateful

Keep

as

default

value

in

most

of

the

cases,

PPTP

server

&

client

will

determine

the

value

automatically.

Refer

to

this

manual

for

details

if

you

want

to

change

the

setting.

6

Idle

Time

0

The

connection

will

be

disconnected

when

there

Is

no

traffic

in

a

predefined

period

of

time.

Idle

time

0

means

the

connection

is

always

on.

77

Chapter

4:

Configuration

Downloaded from

www.Manualslib.com

manuals search engine

Page 78 / 143

Billion 800VGT Router

IPSec

(IP

Security

Protocol)

Click

Create

to

create

a

new

IPSec

VPN

connection

account.

After

you

have

created

the

IPSec

connection,

account

information

will

be

displayed.

(See

example

above).

Enable

/

Disable:

This

function

activates

or

deactivates

the

IPSec

connection.

If

you

wish

to

disable

the

tunnel,

select

Disable

and

click

Apply

to

deactivate

the

connection.

Name:

This

is

the

user-defined

name

of

the

connection.

Local

Subnet:

Displays

the

IP

address

and

subnet

of

the

local

network.

Remote

Subnet:

Displays

the

IP

address

and

subnet

of

the

remote

network.

Remote

Gateway:

This

is

the

IP

address

or

Domain

Name

of

the

remote

VPN

device

that

is

to

be

connected

and

establish

a

VPN

tunnel.

IPSec

Proposal:

This

is

selected

IPSec

security

method.

78

Chapter

4:

Configuration

Downloaded from

www.Manualslib.com

manuals search engine

Page 79 / 143

Billion 800VGT Router

IPSec

VPN

Connection

Name:

The

user-defined

name

for

the

connection

(e.g.

“connection

to

office”).

Local

Network:

Set

the

IP

address,

subnet

or

address

range

of

the

local

network.

²

Single

Address:

The

IP

address

of

the

local

host.

²

Subnet:

The

subnet

of

the

local

network.

For

example,

IP:

192.168.1.0

with

netmask

255.255.255.0

specifies

one

class

C

subnet

starting

from

192.168.1.1

(i.e.

192.168.1.1

through

to

192.168.1.254).

²

IP

Range:

The

IP

address

range

of

the

local

network.

For

example,

IP:

192.168.1.1,

end

IP:

192.168.1.10.

Remote

Secure

Gateway

Address

(or

Domain

Name):

The

IP

address

or

hostname

of

the

remote

VPN

device

that

is

to

be

connected

to

when

establishing

a

VPN

tunnel.

Remote

Network:

Set

the

IP

address,

subnet

or

address

range

of

the

remote

network.

Proposal:

Select

the

IPSec

security

method.

There

are

two

methods

of

checking

the

authentication

information,

AH

(authentication

header)

and

ESP

(Encapsulating

Security

Payload).

Use

ESP

for

greater

security

so

that

data

will

be

encrypted

and

authenticated.

Using

AH

data

will

be

authenticated

but

not

encrypted.

Authentication:

Authentication

establishes

the

integrity

of

the

datagram

and

ensures

it

is

not

tampered

with

during

transmission.

There

are

three

options,

Message

Digest

5

(

MD5

),

Secure

Hash

Algorithm

(

SHA1

)

or

NONE

.

SHA1

is

more

resistant

to

brute-force

attacks

than

MD5,

however

it

is

slower.

²

MD5:

A

one-way

hashing

algorithm

that

produces

a

128±bit

hash.

²

SHA1:

A

one-way

hashing

algorithm

that

produces

a

160±bit

hash.

Encryption:

Select

the

encryption

method

from

the

pull-down

menu.

There

are

several

options,

DES

,

3DES

,

AES

(128,

192

and

256)

and

NULL

.

NULL

means

it

is

a

tunnel

only

with

no

encryption.

3DES

and

AES

are

more

powerful

but

increase

latency.

²

DES:

Stands

for

Data

Encryption

Standard,

it

uses

56

bits

as

an

encryption

method.

79

Chapter

4:

Configuration

Downloaded from

www.Manualslib.com

manuals search engine

Page 80 / 143

Billion 800VGT Router

²

3DES:

Stands

for

Triple

Data

Encryption

Standard,

it

uses

168

(56*3)

bits

as

an

encryption

method.

²

AES:

Stands

for

Advanced

Encryption

Standards,

you

can

use

128,

192

or

256

bits

as

encryption

method.

Perfect

Forward

Secrecy:

Choose

whether

to

enable

PFS

using

Diffie-Hellman

public-key

cryptography

to

change

encryption

keys

during

the

second

phase

of

VPN

negotiation.

This

function

will

provide

better

security,

but

extends

the

VPN

negotiation

time.

Diffie-Hellman

is

a

public-key

cryptography

protocol

that

allows

two

parties

to

establish

a

shared

secret

over

an

unsecured

communication

channel

(i.e.

over

the

Internet).

There

are

three

modes,

MODP

768-bit,

MODP

1024-bit

and

MODP

1536-bit.

MODP

stands

for

Modular

Exponentiation

Groups.

Pre-shared

Key:

This

is

for

the

Internet

Key

Exchange

(IKE)

protocol,

a

string

from

4

to

128

characters.

Both

sides

should

use

the

same

key.

IKE

is

used

to

establish

a

shared

security

policy

and

authenticated

keys

for

services

(such

as

IPSec)

that

require

a

key.

Before

any

IPSec

traffic

can

be

passed,

each

router

must

be

able

to

verify

the

identity

of

its

peer.

This

can

be

done

by

manually

entering

the

pre-shared

key

into

both

sides

(router

or

hosts).

Select

the

Apply

button

to

apply

your

changes.

Advanced Option

This

function

is

only

available

after

completely

creating

an

IPSec

account.

Click

Advanced

Option

to

change

the

following

settings:

80

Chapter

4:

Configuration

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular Billion Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share