1. Home
    2. /
  2. Manuals
    3. /
  3. Hamlet
    4. /
  4. HRDSL742W
    5. /
  5. 18
Page 86 / 122 Scroll up to view Page 81 - 85
(Wireless) ADSL VPN Firewall Router with 3DES Accelerator
Chapter 4: Configuration
80
LAN to LAN L2TP Connection
Connection Name:
A user-define description of the connection.
Type:
Check
Dial Out
if you want your router to operate as a client (connecting to a remote
VPN server, e.g. your office server), check
Dial In
operates as a VPN server.
When configuring your router establish the connection to a remote LAN, enter the remote
Server IP
Address
(or Hostname)
you wish to connection to.
When configuring your router as a server to accept incoming connections, enter the
Private IP Address Assigned to Dial in User
address.
Peer Network IP:
Enter Peer network IP address.
Netmask:
Enter the subnet mask of peer network based on the Peer Network IP setting.
Username:
If you are a Dial-Out user (client), enter the username provided by your Host.
If
you are a Dial-In user (server), enter your own username.
Password:
If you are a Dial-Out user (client), enter the password provided by the your Host.
If you are a Dial-In user (server), enter your own password.
PPP Authentication Type:
Default is
Auto
if you want the router to determine the
authentication type to use, or else manually specify CHAP (Challenge Handshake
Authentication Protocol) or PAP (Password Authentication Protocol) if you know which type
the server is using (when acting as a client), or else the authentication type you want clients
connecting to you to use (when acting as a server). When using PAP, the password is sent
unencrypted, whilst CHAP encrypts the password before sending and also allows for
challenges at different periods to ensure that the client has not been replaced by an intruder.
Page 87 / 122
(Wireless) ADSL VPN Firewall Router with 3DES Accelerator
Chapter 4: Configuration
81
Idle Time
: Auto-disconnect the VPN connection when there is no activity on the connection
for a predetermined period of time. 0 means this connection is always on. Click
Apply
after
changing settings.
IPSec:
Enable for enhancing your LT2P VPN security.
Authentication:
Authentication establishes the integrity of the datagram and ensures it is
not tampered with in transmit. There are three options, Message Digest 5 (
MD5
), Secure
Hash Algorithm (
SHA-1
) or
NONE
. SHA-1 is more resistant to brute-force attacks than MD5,
however it is slower.
~
MD5:
A one-way hashing algorithm that produces a 128
bit hash.
~
SHA-1:
A one-way hashing algorithm that produces a 160
bit hash.
Encryption:
Select the encryption method from the pull-down menu. There are four options,
DES
,
3DES
,
AES
and
NONE
. NONE means it is a tunnel only with no encryption. 3DES and
AES are more powerful but increase latency.
~
DES:
Stands for Data Encryption Standard, it uses 56 bits as an encryption method.
~
3DES:
Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an
encryption method.
~
AES:
Stands for Advanced Encryption Standards, it uses 128 bits as an encryption
method.
Perfect Forward Secrecy:
Choose whether to enable PFS using Diffie-Hellman public-key
cryptography to change encryption keys during the second phase of VPN negotiation. This
function will provide better security, but extends the VPN negotiation time. Diffie-Hellman is
a public-key cryptography protocol that allows two parties to establish a shared secret over
an unsecured communication channel (i.e. over the Internet). There are three modes,
MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for Modular
Exponentiation Groups.
Pre-shared Key:
This is for the Internet Key Exchange (IKE) protocol, a string from 4 to 128
characters. Both sides should use the same key. IKE is used to establish a shared security
policy and authenticated keys for services (such as IPSec) that require a key. Before any
IPSec traffic can be passed, each router must be able to verify the identity of its peer. This
can be done by manually entering the pre-shared key into both sides (router or hosts).
Page 88 / 122
(Wireless) ADSL VPN Firewall Router with 3DES Accelerator
Chapter 4: Configuration
82
Example: Configuring a Remote Access PPTP VPN Dial-in Connection
A remote worker establishes a PPTP VPN connection with the head office using Microsoft's
VPN Adapter (included with Windows 2000/ME, etc.). The router is installed in the head office,
connected to a couple of PCs and Servers.
Configuring PPTP VPN in the Office
The input IP address 192.168.1.200 will be assigned to the remote worker. Please make sure
this IP is not used in the Office LAN.
Dial-in
1
4
3
2
5
Page 89 / 122
(Wireless) ADSL VPN Firewall Router with 3DES Accelerator
Chapter 4: Configuration
83
Item
Function
Description
1
Connection Name
VPN_PPTP
Given a name of PPTP connection
Dial in
Check Dial in
2
Private IP Address
Assigned to
Dialing User
192.168.1.200
An assigned IP address for the remote worker
Username
username
3
Password
123456
Input username & password to authenticate
remote worker
Auth.Type
Chap(Auto)
Data Encryption
Auto
Key Length
Auto
4
Mode
stateful
Keep as default value in most of the cases, PPTP
server & client will determine the value
automatically.
Refer to manual for details if you
want to change the setting.
5
Idle Time
0
The connection will be disconnected when there
is no traffic in a predefined period of time.
Idle
time
0
means the connection is always-on.
Page 90 / 122
(Wireless) ADSL VPN Firewall Router with 3DES Accelerator
Chapter 4: Configuration
84
Example: Configuring a Remote Access PPTP VPN Dial-out Connection
A company’s office establishes a PPTP VPN connection with a file server located at a separate
location. The router is installed in the office, connected to a couple of PCs and Servers.
Configuring the PPTP VPN in the Office
You can either input the IP address (69.1.121.33 in this case) or hostname to reach the server.
Dial-out
1
4
3
2
5

Rate

4.5 / 5 based on 2 votes.

Popular Hamlet Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top