VPN
Setting Up a Remote Access Tunnel for VPN Clients (Client To Gateway)
Cisco Small Business RV0xx Series Routers Administration Guide
146
9
always accept compression, even if compression is not enabled. If you
enable this feature for this router, also enable it on the client.
-
Keep-Alive:
This feature enables the router to attempt to automatically
re-establish the VPN connection if it is dropped. Check the box to enable
this feature, or uncheck the box to disable it.
-
AH Hash Algorithm:
The AH (Authentication Header) protocol describes
the packet format and default standards for packet structure. With the
use of AH as the security protocol, protection is extended forward into
the IP header to verify the integrity of the entire packet. Check the box to
use this feature. Then select an authentication method: MD5 or SHA1.
MD5 produces a 128-bit digest to authenticate packet data. SHA1
produces a 160-bit digest to authenticate packet data. Both sides of the
tunnel should use the same algorithm.
-
NetBIOS Broadcast:
NetBIOS broadcast messages are used for name
resolution in Windows networking, to identify resources such as
computers, printers, and file servers. These messages are required by
some software applications and Windows features such as Network
Neighborhood. LAN broadcast traffic is typically not forwarded over a
VPN tunnel. However, you can check this box to allow NetBIOS
broadcasts from one end of the tunnel to be rebroadcast to the other
end.
-
Dead Peer Detection (DPD)
(available for Tunnel, not Group VPN)
:
Check the box to enable the router to send periodic HELLO/ACK
messages to check the status of the VPN tunnel. This feature can be
used only when it is enabled on both ends of the VPN tunnel. Specify the
interval between HELLO/ACK messages (how often you want the
messages to be sent).
-
NAT Traversal:
Network Address Translation (NAT) enables users with
private LAN addresses to access Internet resources by using a publicly
routable IP address as the source address. However, for inbound traffic,
the NAT gateway has no automatic method of translating the public IP
address to a particular destination on the private LAN. This issue
prevents successful IPsec exchanges. If your VPN router is behind a NAT
gateway, check this box to enable NAT traversal. Uncheck the box to
disable this feature. The same setting must be used on both ends of the
tunnel.