Page 56 / 75
Scroll up to view Page 51 - 55
EtherFast
®
Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint
105
Instant Broadband
®
Series
104
Tunnel 1: win->router
1.
From the
IP Filter List
tab, shown in Figure C-
10, click the filter list
win->router
.
2.
Click the
Filter Action
tab (as in Figure C-11),
and click the filter action
Require Security
radio
button. Then, click the
Edit
button.
Figure C-11
Figure C-10
Step Three: Configure Individual Tunnel Rules
10. If you want to enter a description for your filter, click the
Description
tab
and enter the description there.
11. Click the
OK
button and the
New Rule Properties
screen should appear
with the IP Filer List tab selected, as shown in Figure C-9. There should
now be a listing for “router -> win” and “win -> router”. Click the
OK
(for
WinXP) or
Close
(for Win2000) button on the
IP Filter List
window.
Figure C-9
Downloaded from
www.Manualslib.com
manuals search engine
Page 57 / 75
EtherFast
®
Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint
107
Instant Broadband
®
Series
106
5.
Change the authentica-
tion method to
Use this
string to protect the
key exchange (pre-
shared key)
, as shown
in Figure C-14, and
enter the preshared key
string,
such
as
XYZ12345
. Click the
OK
button.
6.
This new Preshared
key will be displayed in
Figure C-15. Click the
OK
or
Close
button to
continue.
Figure C-14
Figure C-15
3.
From
the
Security
Methods
tab, shown in
Figure C-12, verify that
the
Negotiate security
option is enabled, and
deselect
the
Accept
unsecured communica-
tion,
but
always
respond using IPSec
check
box.
Select
Session
key
Perfect
Forward Secrecy
, and
click the
OK
button.
4.
Select the
Authentication
Methods
tab, shown in
Figure C-13, and click the
Edit
button.
Figure C-12
Figure C-13
Downloaded from
www.Manualslib.com
manuals search engine
Page 58 / 75
EtherFast
®
Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint
109
Instant Broadband
®
Series
108
Tunnel 2: router->win
9.
In the screen, shown in
Figure C-18, make sure
that “win -> router” is
select and deselect the
Use
Add
Wizard
check box. Then, click
the
Add
button to cre-
ate the second IP filter.
10. Go to the
IP Filter List
tab, and click the filter
list
router->win
,
as
shown in Figure C-19
Figure C-18
Figure C-19
7.
Select
the
Tunnel
Setting
tab, shown in
Figure C-16, and click
The tunnel endpoint is
specified by this IP
Address
radio button.
Then, enter the Router’s
WAN IP Address
.
8.
Select the
Connection
Type
tab, as shown in
Figure C-17, and click
All network connec-
tions
. Then, click the
OK
or
Close
button to finish
this rule.
Figure C-16
Figure C-17
Downloaded from
www.Manualslib.com
manuals search engine
Page 59 / 75
EtherFast
®
Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint
111
Instant Broadband
®
Series
110
13. Change the authenti-
cation method to
Use
this string to protect
the key exchange
(preshared key)
, and
enter the preshared
key string, such as
XYZ12345
,
as
shown in Figure C-
22. (This is a sample
key
string.
Yours
should be a key that
is unique but easy to
remember.)
Then
click the
OK
button.
14. This new Preshared
key will be displayed
in Figure C-23. Click
the
OK
button to
continue.
Figure C-22
Figure C-23
11. Click the
Filter Action
tab, and select the filter
action
Require Security
,
as shown in Figure C-20.
Then, click the
Edit
but-
ton.
12. Click the
Authentication
Methods
tab, and verify
that the authentication
method
Kerberos
is
selected, as shown in
Figure C-21. Then, click
the
Edit
button.
Figure C-20
Figure C-21
Downloaded from
www.Manualslib.com
manuals search engine
Page 60 / 75
EtherFast
®
Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint
113
Instant Broadband
®
Series
112
17. From the Rules tab,
shown in Figure C-
26, click the
Close
button to return to
the secpol screen.
In the
IP Security Policies on Local Computer
window, shown in Figure C-
27, right-click the policy named
to_router
, and click
Assign
. A green arrow
appears in the folder icon.
Figure C-26
Figure C-27
Step Four: Assign New IPSec Policy
15. From
the
Tunnel
Setting tab, shown in
Figure C-24, click the
radio button for
The
tunnel endpoint is
specified by this IP
Address
, and enter
the
Windows
2000/XP computer’s
IP Address.
16. Click the
Connection
Type
tab, shown in
Figure
C-25,
and
select
All network
connections
.
Then
click the
OK
(for
Windows
XP)
or
Close
(for Windows
2000) button to finish.
Figure C-24
Figure C-25
Downloaded from
www.Manualslib.com
manuals search engine