Page 91 / 143
Scroll up to view Page 86 - 90
Billion 800VGT Router
Configuring
L2TP
VPN
in
the
Office
The
LAN
IP
address
192.168.1.200
will
be
assigned
to
the
remote
computer
(client).
Please
make
sure
this
IP
is
not
used
on
the
Office
LAN.
1
2
3
4
5
6
Item
Function
Description
1
Connection
Name
VPN_L2TP
Given
name
of
the
L2TP
connection
Dial
in
select
Dial
in
2
Private
IP
Address
Assigned
to
Dialing
User
192.168.1.200
The
IP
address
to
be
assigned
to
the
remote
client
Username
username
3
Password
123456
The
username
&
password
that
the
remote
client
will
use
to
authenticate
the
connection.
4
Auth.Type
Chap(Auto)
In
most
of
the
cases
you
should
keep
the
default
value
of
authentication
type
for
maximum
connection
security.
5
Idle
Timeout
0
The
connection
will
be
disconnected
when
there
is
no
traffic
over
it
for
this
predefined
period
of
time.
If
Idle
time
is
set
to
0,
it
means
that
the
connection
will
never
time
out.
IPSec
Select
Enable
to
enhance
your
L2TP
VPN
security.
Authentication
MD5
Encryption
3DES
Perfect
Forward
Secrecy
None
6
Pre-shared
Key
12345678
Both
sides
of
the
tunnel
should
use
the
same
settings
for
these
options.
91
Chapter
4:
Configuration
Downloaded from
www.Manualslib.com
manuals search engine
Page 95 / 143
Billion 800VGT Router
PPP
Authentication
Type:
Default
is
Auto.
Use
this
setting
if
you
want
the
router
to
determine
which
authentication
type
to
use.
You
can
manually
specify
CHAP
(Challenge
Handshake
Authentication
Protocol)
or
PAP
(Password
Authentication
Protocol)
if
you
know
which
type
the
server
is
using
(when
acting
as
a
client)
If
the
router
is
acting
as
a
server
enter
the
authentication
type
you
want
clients
connecting
to
you
to
use.
When
using
PAP,
the
password
is
sent
unencrypted,
whilst
CHAP
encrypts
the
password
before
sending,
and
also
allows
for
challenges
at
different
periods
to
ensure
that
the
client
has
not
been
replaced
by
an
intruder.
Idle
Time
:
When
there
is
no
activity
on
the
connection
for
this
pre-determined
Idle
time,
the
VPN
connection
is
Auto-disconnected.
0
means
this
connection
is
always
on. Click
Apply
after
changing
settings.
L2TP
over IPSec (L2TP/IPSec) VPN Connection
IPSec:
Enable
this
setting
to
enhance
your
L2TP
VPN
security.
Authentication:
Authentication
establishes
the
integrity
of
the
datagram
and
ensures
it
is
not
tampered
with
during transmission
.
There
are
three
options,
Message
Digest
5
(
MD5
),
Secure
Hash
Algorithm
(
SHA1
)
or
NONE
.
SHA-1
is
more
resistant
to
brute-force
attacks
than
MD5,
however
it
is
slower.
²
MD5:
A
one-way
hashing
algorithm
that
produces
a
128±bit
hash.
²
SHA1:
A
one-way
hashing
algorithm
that
produces
a
160±bit
hash.
Encryption:
Select
your
encryption
method
choice
from
the
pull-down
menu.
There
are
four
options,
DES
,
3DES
,
AES
and
NONE
.
NONE
means
that
the
connection
is
a
tunnel
only,
with
no
encryption.
3DES
and
AES
are
more
powerful
but
increase
latency.
²
DES:
Stands
for
Data
Encryption
Standard,
and
uses
a
56
bit
encryption
method.
²
3DES:
Stands
for
Triple
Data
Encryption
Standard,
and
uses
a
168
(56*3)
bit
encryption
method.
²
AES:
Stands
for
Advanced
Encryption
Standards,
and
uses
a
128
bit
encryption
method.
Perfect
Forward
Secrecy:
Choose
whether
to
enable
PFS,
using
Diffie-Hellman
public-key
cryptography
to
change
encryption
keys
during
the
second
phase
of
VPN
negotiation.
This
function
provides
better
security,
but
extends
the
VPN
negotiation
time.
Diffie-Hellman
is
a
public-key
cryptography
protocol
that
allows
two
parties
to
establish
a
shared
secret
over
an
unsecured
communication
channel
(i.e.
over
the
Internet).
There
are
three
modes,
MODP
768-bit,
MODP
1024-bit
and
MODP
1536-bit.
MODP
stands
for
Modular
Exponentiation
Groups
Pre-shared
Key:
This
key
is
for
Internet
Key
Exchange
(IKE)
protocol
and
is
a
string
of
between
4
and
128
characters.
Both
sides
should
use
the
same
key.
IKE
is
used
to
establish
a
shared
security
policy
and
it
authenticates
keys
for
services
(such
as
IPSec)
that
require
a
key.
Before
any
IPSec
traffic
can
be
passed,
each
router
must
be
able
to
verify
the
identity
of
its
peer.
This
can
be
done
by
manually
entering
the
pre-shared
key
into
both
sides
of
the
connection
(router
or
hosts).
Remote
Host
Name
(Optional):
Enter
hostname
of
the
remote
VPN
device.
This
is
a
tunnel
identifier
and
should
match
the
Remote
VPN
device
hostname.
If
it
matches
the
tunnel
will
be
connected;
otherwise,
it
will
be
dropped.
Caution:
This
setting
is
only
for
when
the
router
functions
as
a
VPN
server.
This
option
should
be
used
by
advanced
users
only.
Local
Host
Name
(Optional):
Enter
the
hostname
of
the
Local
VPN
device
that
establishes
the
VPN
tunnel.
By
default,
the
Router’s
default
Hostname
is
home.gateway.
Tunnel
Authentication:
This
enables
the
router
to
authenticate
both
the
L2TP
remote
client
and
L2TP
host.
This
is
only
valid
when
the
L2TP
remote
client
supports
this
feature..
Secret:
The
secure
password
length
should
be
16
characters
(This
may
include
numbers
and/or
characters.)
Click
Apply
after
changing
settings.
95
Chapter
4:
Configuration
Downloaded from
www.Manualslib.com
manuals search engine
19216811.live