52

Chapter 6: Set Up and Configure the Router

VPN Tab - Client to Gateway

10/100 4-Port VPN Router

Phase 2 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method

determines a method to authenticate the ESP packets. Both sides must use the same Authentication method.

MD5 is a one-way hashing algorithm that produces a 128-bit digest. If users enable the AH Hash Algorithm in

Advanced, then it is recommended to select

Null

to disable authenticating ESP packets in Phase 2, but both sides

of the tunnel must use the same setting.

Phase 2 SA Life Time: This field allows you to configure the length of time a VPN tunnel is active. The default

value is 3,600 seconds.

Preshared Key: Character and hexadecimal values are acceptable in this field, e.g. “My_@123” or

“4d795f40313233.” The max entry of this field is 30-digit. Both sides must use the same Pre-shared Key. It’s

recommended to change Preshared keys regularly to maximize VPN security.

Click the

Save Settings

button to save the settings or click the

Cancel Change

s button to undo the changes.

Downloaded from

www.Manualslib.com

manuals search engine

53

Chapter 6: Set Up and Configure the Router

VPN Tab - Client to Gateway

10/100 4-Port VPN Router

Advanced

For most users, the settings on the VPN page should be satisfactory. This device provides an advanced IPSec

setting page for some special users such as reviewers. Click the

Advanced

button to link you to that page.

Advanced settings are only for IKE with Preshared Key mode of IPSec. See Figure 6-48.

Aggressive Mode: There are two types of Phase 1 exchanges: Main mode and Aggressive mode.

Aggressive Mode requires half of the main mode messages to be exchanged in Phase 1 of the SA exchange. If

network security is preferred, select Main mode. If network speed is preferred, select Aggressive mode. When

Group VPN is enabled, it will be limited as Aggressive Mode. If you select Dynamic IP in Remote Client Type in

tunnel mode, it will also be limited as Aggressive Mode.

Compress (Support IP Payload compression Protocol (IP Comp)

The Router supports IP Payload Compression Protocol. IP Payload Compression is a protocol to reduce the size of

IP datagrams. If Compress is enabled, the Router will propose compression when initiating a connection. If the

responders reject this propose, the Router will not implement the compression. When the Router works as a

responder, the Router will always accept compression even without enabling compression.

Keep-Alive: This mechanism helps to keep up the connection of IPSec tunnels. Whenever a connection is dropped

and detected, it will be re-established immediately.

AH Hash Algorithm: AH (Authentication Header) protocol describes the packet format and the default standards

for packet structure. With the use of AH as the security protocol, protected is extended forward into IP header to

verify the integrity of the entire packet by use of portions of the original IP header in the hashing process. There

are two algorithms, MD5 and SHA1. MD5 produces a 128-bit digest to authenticate packet data and SHA1

produces a 160-bit digest to authenticate packet data.

NetBIOS Broadcast. Click the checkbox if you want NetBIOS traffic to pass through the VPN tunnel. By default, the

Router blocks these broadcasts.

Click the

Save Settings

button when you finish the settings or click the

Cancel Changes

button to undo the

changes.

Figure 6-46: Advanced

Downloaded from

www.Manualslib.com

manuals search engine

54

Chapter 6: Set Up and Configure the Router

VPN Tab - VPN Pass Through

10/100 4-Port VPN Router

VPN Tab - VPN Pass Through

IPSec Pass Through See Figure 6-49.

Internet Protocol Security (IPSec) is a suite of protocols used to implement secure exchange of packets at the IP

layer. IPSec Pass Through is enabled by default to allow IPSec tunnels to pass through the Router.

PPTP Pass Through

Point to Point Tunneling Protocol (PPTP) Pass Through is the method used to enable VPN sessions. PPTP Pass

Through is enabled by default.

L2TP Pass Through

Layer 2 Tunneling Protocol (L2TP) Pass Through is the method used to enable VPN sessions. PPTP Pass Through

is enabled by default.

Click the

Save Settings

button when you finish the VPN Pass Through settings, or click the

Cancel Changes

button to undo the changes.

Log Tab - System Log

System Log

There are three parts in System Log. Syslog, E-mail and Log Setting. See Figure 50.

Syslog

Enable Syslog: If you check the box, Syslog will be enabled.

Syslog Server: In addition to the standard event log, the Router can send a detailed log to an external Syslog

server. Syslog is an industry-standard protocol used to capture information about network activity. The Router’s

Syslog captures all log activity and includes every connection source and destination IP address, IP service, and

number of bytes transferred. Enter the Syslog server name or IP address in the Syslog Server field. Restart the

Router for the change to take effect.

E-mail

Enable E-Mail Alert: If you check the box, E-Mail Alert will be enabled.

Figure 6-47: VPN Pass Through

Figure 6-48: System Log

Downloaded from

www.Manualslib.com

manuals search engine

55

Chapter 6: Set Up and Configure the Router

Log Tab - System Log

10/100 4-Port VPN Router

Mail Server: If you wish to have any log or alert information E-mailed to you, then you must enter the name or

numerical IP address of your SMTP server. Your Internet Service Provider can provide you with this information.

Send E-mail To: This is the E-mail address to which your log files will be sent. You may leave this field blank if

you do not want to receive copies of your log information.

Log Queue Length (entries): The default is 50 entries. The Router will e-mail the log when Log entries is over 50.

Log Time Threshold (minutes): The default is 10 minutes. The Router will e-mail the log every 10 minutes.

The Router will e-mail the log when it meets any of Log Queue Length or Log Time Threshold settings.

E-mail Log Now: Click the

E-mail Log Now

button to immediately send the log to the address in the Send E-mail

to field.

Log Setting

Alert Log

You can receive alert logs for the following events. Check the box for the desired event. Syn Flooding, IP

Spoofing, Win Nuke, Ping of Death and Unauthorized Login Attempt.

General Log

You can receive alert logs for the following events. Check the box for the desired event. System Error Messages,

Deny Policies, Allow Policies, Content Filtering, Data Inspection, Authorized Login, Configuration Changes.

View System Log: Click this button to view ALL, System Log, Access Log, Firewall Log, or VPN Log.

Outgoing Log Table: Click this button to view the outgoing packet information including LAN IP, Destination

URL/IP and Service/Port number.

Incoming Log Table: Click this button to view the incoming packet information including Source IP and

Destination Port number.

Clear Log Now: This button will clear out your log without e-mailing it. Only use this button if you don't mind

losing your log information.

Downloaded from

www.Manualslib.com

manuals search engine

56

Chapter 6: Set Up and Configure the Router

Log Tab - System Statistics

10/100 4-Port VPN Router

Log Tab - System Statistics

This tab displays the system statistics including the Device Name, Status, IP Address, MAC Address, Subnet

Mask, Default Gateway, Received Packets, Sent Packets, Total Packets, Received Bytes, Sent Bytes, Total Bytes,

Error Packets Received and Dropped Packets Received for LAN, WAN1 and WAN2. See Figure 6-51.

Wizard Tab

Use this tab to access two Setup Wizards, the Basic Setup Wizard and the Access Rule Setup Wizard. They will

help you to set up the Router to access the Internet and set up a Firewall security policy. The wizard will guide

you through a series of menus to configure your Router. See Figure 6-50.

Basic Setup

1.

Click the

Launch Now

button to run the Basic Setup Wizard to quickly set up the Router to access the

Internet.

Figure 6-49: System Statistics

Figure 6-50: Wizard

Downloaded from

www.Manualslib.com

manuals search engine