Linksys BEFVP41v2 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Linksys

BEFVP41v2

Page 21 / 63 Scroll up to view Page 16 - 20

EtherFast

Cable/DSL VPN Router with 4-Port 10/100 Switch

Instant Broadband

Series

To get more details concerning your tunnel connection, click the

View Log

but-

ton.

The screen in Figure 6-21 will appear:

The VPN Log screen displays successful connections, transmissions and recep-

tions, and the types of encryption used.

Once you no longer have need of the tunnel, simply click the

Disconnect

but-

ton on the bottom of the VPN page.

To change advanced settings, select the

tunnel

whose advanced settings you

wish to change. Then click on

more...

to change the Advanced Settings for a

specific VPN tunnel.

Advanced Settings for Selected IPSec Tunnel

From the Advanced Settings screen, shown in Figure 6-22, you can adjust the

settings for specific VPN tunnels.

Phase 1

Phase 1 is used to create a security association (SA), often called the IKE SA.

After Phase 1 is completed, Phase 2 is used to create one or more IPSec SAs,

which are then used to key IPSec sessions.

Operation Mode

There are two modes: Main and Aggressive, and they exchange the same IKE

payloads in different sequences. Main mode is more common; however, some

people prefer Aggressive mode because it is faster. Main mode is for normal

usage and includes more authentication requirements than Aggressive mode.

Main mode is recommended because it is more secure. No matter which mode

is selected, the VPN Router will accept both Main and Aggressive requests

from the remote VPN device.

Encryption

Select the length of the key used to encrypt/decrypt ESP packets. There are two

choices: DES and 3DES. 3DES is recommended because it is more secure.

Authentication

Select the method used to authenticate ESP packets. There are two choices:

MD5 and SHA. SHA is recommended because it is more secure.

Figure 6-22

Figure 6-21

Downloaded from

www.Manualslib.com

manuals search engine

Page 22 / 63

EtherFast

Cable/DSL VPN Router with 4-Port 10/100 Switch

Instant Broadband

Series

Group

There are two Diffie-Hellman Groups to choose from: 768-bit and 1024-bit.

Diffie-Hellman refers to a cryptographic technique that uses public and private

keys for encryption and decryption.

Key Lifetime

In the Key Lifetime field, you may optionally select to have the key expire at the

end of a time period of your choosing.

Enter the number of seconds you’d like

the key to be used until a re-key negotiation between each endpoint is completed.

Phase 2

Group

There are two Diffie-Hellman Groups to choose from: 768-bit and 1024-bit.

Diffie-Hellman refers to a cryptographic technique that uses public and private

keys for encryption and decryption.

Key Lifetime

In the Key Lifetime field, you may optionally select to have the key expire at the

end of a time period of your choosing.

Enter the number of seconds you’d like

the key to be used until a re-key negotiation between each endpoint is completed.

Other Settings

NetBIOS broadcast

Check the box next to NetBIOS broadcast to enable NetBIOS traffic to pass

through the VPN tunnel.

Anti-replay

Check the box next to Anti-replay to enable the Anti-replay protection. This

feature keeps track of sequence numbers as packets arrive, ensuring security at

the IP packet-level.

Keep-Alive

Check the box next to Keep-Alive to re-establish the VPN tunnel connection

whenever it is dropped. Once the tunnel is initialized, this feature will keep the

tunnel connected for the specified amount of idle time.

Unauthorized IP Blocking

Check this box to block unauthorized IP addresses. Complete the on-screen

sentence to specify how many times IKE must fail before blocking that unau-

thorized IP address for a length of time that you specify (in seconds).

The Password screen, shown in Figure 6-23, allows you to change the password,

set SNMP Community names, and

restore default settings on the

Router.

Router Password

You should set a password for the Router, unique for you

but that you will remember. When you first power up the Router, the default

Password setting is

admin

If you do not change the password, all users on your network will be able to

access the Router simply by entering the unit’s IP address into their web brows-

er’s location window and entering

admin

to access the Router.

If you select the Restore Factory Default option and click the

Apply

button,

you will clear all of the Router’s settings.

Do not restore the factory defaults unless you are having difficulties with the

Router and have exhausted all other troubleshooting measures. Once the Router

is reset, you will have to re-enter all of your configuration data.

Password

Figure 6-23

Downloaded from

www.Manualslib.com

manuals search engine

Page 23 / 63

EtherFast

Cable/DSL VPN Router with 4-Port 10/100 Switch

Instant Broadband

Series

Host Name

This field shows the name of this device. This entry is necessary

for some ISPs.

Firmware Version

This field shows the installed version of the firmware.

This field shows whether or not you have enabled the use of the Router’s

PPPoE (Point-to-Point Protocol over Ethernet)

support. Click the

Connect

button if your PPPoE status is Disconnected. This will initiate a connection to

your ISP. Click

Disconnect

if you want to cut your connection to your ISP.

LAN

These fields display the Router’s current IP Address and Subnet Mask,

as seen by users on your internal network, as well as the status of the Router’s

DHCP server function. This option is either enabled or disabled.

WAN

These fields display the Router’s IP Address, Subnet Mask and Gateway

IP as seen by external users on the Internet, as well as the IP Address of the

DNS currently being used. Multiple DNS IP settings are common. The first

available DNS entry is used in most cases.

DHCP Release

Click on the

DHCP Release

button to delete your PC’s cur-

rent IP address.

DHCP Renew

Click on the

DHCP Renew

button to replace your PC’s current

IP address with a new IP address.

DHCP Client Table

Click on the

Client Table

button to show the current

DHCP Client information. (This information is stored in temporary memory,

so the list of clients could disappear.)

SNMP Community

allows a name to be assigned to any SNMP communities

that have been setup in the network.

Four different communities can be

defined, including the two default communities—public and private.

For each

SNMP Community

name, you can configure each community's accessibility,

making it either

Read-Only

Read-Write

Restore Factory Default

If you set this option to

Yes

and click the

Apply

but-

ton, you will clear all of the Router’s settings. Do not restore to the factory

defaults unless you are having difficulties with the Router. Once the Router is

reset, you will have to re-enter your configuration information.

The Status screen, shown in Figure 6-24, provides the current status of the

device. All of the information provided is read-only.

Status

Figure 6-24

Downloaded from

www.Manualslib.com

manuals search engine

Page 24 / 63

EtherFast

Cable/DSL VPN Router with 4-Port 10/100 Switch

Client Lease Time

The Client Lease Time is the amount of time a network

user will be allowed connection to the Router with their current dynamic IP

address. Enter the amount of time, in minutes, that the user will be “leased” this

dynamic IP address.

DNS

The Domain Name System (DNS) is how the Internet translates domain

or website names into Internet addresses or URLs. Your ISP will provide you

with at least one DNS Server IP Address. If you wish to utilize another, enter

that

IP Address

in one of these fields. You can enter up to three DNS Server

IP Addresses here. The Router will utilize these for quicker access to function-

ing DNS servers.

WINS

Windows Internet Naming Service (WINS) manages each PC’s inter-

action with the Internet. If you use a WINS server, enter that server’s

Address

here. Otherwise, leave this blank.

DHCP Client Table

Click on the

Client Table

button to show the current

DHCP Client information. (This information is stored in temporary memory,

so the list of clients could disappear.)

When finished, click the

Apply

button and then the

Continue

button.

From the DHCP screen, shown in Figure 6-25, you can configure the Router as

a DHCP Server.

A DHCP (Dynamic Host Configuration Protocol) Server automatically assigns

IP addresses to each computer on your network. Unless you already have one,

you should set up the Router as a DHCP server.

DHCP Server

Check the

Enable

option to enable the Router’s DHCP server

option. If you already have a DHCP server on your network, set the Router’s

DHCP option to

Disable

Starting IP Address

Enter a numerical value for the DHCP server to start with

when issuing IP addresses. Do not use 192.168.1.1 as the Router’s starting IP

address.

Number of DHCP users

Enter the maximum number of PCs that you want

the DHCP server to assign IP addresses to, with the absolute maximum being

253.

DHCP

Figure 6-25

Instant Broadband

Series

Downloaded from

www.Manualslib.com

manuals search engine

Page 25 / 63

EtherFast

Cable/DSL VPN Router with 4-Port 10/100 Switch

On the Help screen, shown in Figure 6-27, you will find links to all of the

Utility’s internal support documentation, as well as the application that

upgrades the Router’s firmware.

Clicking on any of the topics in the bar on the left will give you help informa-

tion about that topic.

Clicking on the

Linksys Website

link in the center area will take you to

Linksys’s website, provided you are connected to the Internet.

If the link does

not take you to the Linksys website, you may alternately type

www.linksys.com

in the address bar at the top of the screen.

Clicking on the

Online manual in PDF format

link will take you to the latest

version of the manual for this product.

The manual will be in Adobe Acrobat

Portable Document File (.pdf) format.

You will need the Adobe Acrobat Reader

to view this version of the manual.

If you do not have the Acrobat Reader, click

on the

Adobe Website

link to get it.

For instructions on upgrading the Router’s firmware, see the next page.

Help

Figure 6-27

The Log tab, shown in Figure 6-26, provides you with a log of all incoming and

outgoing URLs or IP addresses for your Internet connection.

The Log feature provides you with a log of all incoming and outgoing URLs or

IP addresses for your Internet connection.

The Logviewer keeps track of all

incoming and outgoing activity that can be saved in a text file.

The IP address

points to the location where Logviewer is running.

The Outgoing Access Log lists all the URLs or IP addresses of Internet sites

that users on your network have accessed, and the Incoming Access Log gives

you a log of all incoming Internet traffic.

This data can also be accessed by other network users if the file is shared.

Access Log

To activate logging, click the

Enable

button.

Send Log to

Enter in the IP address of the PC that you want to send the log to

(where your PC is running Logviewer).

Make sure that this PC is using a stat-

ic IP address. Click the

Apply

button and then the

Continue

button when

you’re done. You may download the Logview software at www.linksys.com.

Click on

Outgoing Access Log

Incoming Access Log

to view each log.

To disable Logging, click on

Disable

in the Log window, and then click the

Apply

button and the

Continue

button.

Log

Figure 6-26

Instant Broadband

Series

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular Linksys Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share