Linksys RVS4000 Router Manual PDF (Setup & Configuration Guide)

Page 76 / 105 Scroll up to view Page 71 - 75

67

Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Router

How to Establish a Secure IPSec Tunnel

4-Port Gigabit Security Router with VPN

7.

Select the

Tunnel Setting

tab, and click

The tunnel endpoint is specified by this IP Address

radio button.

Then, enter the Router’s WAN IP Address.

8.

Select the

Connection Type

tab, and click

All network connections

. Then, click the

OK

or

Close

button to

finish this rule.

Tunnel 2: Router->win

9.

In the new policy’s properties screen, make sure that “win -> Router” is selected and deselect the

Use

Add

Wizard

check box. Then, click the

Add

button to create the second IP filter.

Figure C-16: Tunnel Setting Tab

Figure C-17: Connection Type Tab

Figure C-18: Properties Screen

Downloaded from

www.Manualslib.com

manuals search engine

Page 77 / 105

68

Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Router

How to Establish a Secure IPSec Tunnel

4-Port Gigabit Security Router with VPN

10. Go to the

IP Filter List

tab, and click the filter list

Router->win

.

11. Click the

Filter Action

tab, and select the filter action

Require Security

. Then, click the

Edit

button. From the

Security Methods

tab, verify that the

Negotiate security

option is enabled, and deselect the

Accept

unsecured communication, but always respond using IPSec

check box. Select

Session key Perfect

Forward Secrecy

, and click the

OK

button.

12. Click the

Authentication Methods

tab, and verify that the authentication method

Kerberos

is selected. Then,

click the

Edit

button.

Figure C-19: IP Filter List Tab

Figure C-20: Filter Action Tab

Figure C-21: Authentication Methods Tab

Downloaded from

www.Manualslib.com

manuals search engine

Page 78 / 105

69

Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Router

How to Establish a Secure IPSec Tunnel

4-Port Gigabit Security Router with VPN

13. Change the authentication method to

Use this string to protect the key exchange

(preshared key)

, and

enter the preshared key string, such as XYZ12345. (This is a sample key string. Yours should be a key that is

unique but easy to remember.) Then click the

OK

button.

14. This new Preshared key will be displayed. Click the

Apply

button to continue, if it appears on your screen;

otherwise, proceed to the next step.

15. Click the

Tunnel Setting

tab. Click the radio button for

The tunnel endpoint is specified by this IP

Address

, and enter the Windows 2000/XP computer’s IP Address.

Figure C-22: Preshared Key

Figure C-23: New Preshared Key

Figure C-24: Tunnel Setting Tab

Downloaded from

www.Manualslib.com

manuals search engine

Page 79 / 105

70

Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Router

How to Establish a Secure IPSec Tunnel

4-Port Gigabit Security Router with VPN

16. Click the

Connection Type

tab, and select

All network connections

. Then click the

OK

or

Close

button to

finish.

17. From the

Rules

tab, click the

OK

or

Close

button to return to the screen showing the security policies.

Step 4: Assign New IPSec Policy

In the

IP Security Policies on Local Machine

window, right-click the policy named

to_Router

, and click

Assign

. A

green arrow appears in the folder icon.

Figure C-25: Connection Type

Figure C-26: Rules

Figure C-27: Local Computer

Downloaded from

www.Manualslib.com

manuals search engine

Page 80 / 105

71

Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Router

How to Establish a Secure IPSec Tunnel

4-Port Gigabit Security Router with VPN

Step 5: Create a Tunnel Through the Web-Based Utility

1.

Open your web browser, and enter

192.168.1.1

in the

Address

field. Press the

Ente

r key.

2.

When the

User name

and

Password

fields appear, enter the default user name and password,

admin

. Press

the

Enter

key.

3.

From the

Setup

tab, click the

VPN

tab.

4.

From the

VPN

tab, select the tunnel you wish to create in the

Select Tunnel Entry

drop-down box. Then click

Enabled

. Enter the name of the tunnel in the

Tunnel Name

field.

This is to allow you to identify multiple

tunnels and does not have to match the name used at the other end of the tunnel.

5.

Enter the IP Address and Subnet Mask of the local VPN Router in the

Local Secure Group

fields. To allow

access to the entire IP subnet, enter 0 for the last set of IP Addresses (e.g. 192.168.1.0).

6.

Enter the IP Address and Subnet Mask of the VPN device at the other end of the tunnel (the remote VPN Router

or device with which you wish to communicate) in the

Remote Security Router

fields.

7.

Select from two types of authentication:

MD5

and

SHA1

(SHA1 is recommended because it is more secure).

As with encryption, either of these may be selected, provided that the VPN device at the other end of the

tunnel is using the same type of authentication. Or, both ends of the tunnel may choose to

Disable

authentication.

8.

Select the Key Management. Select

Auto (IKE)

and enter a series of numbers or letters in the

Pre-shared Key

field. Select

PFS

(Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are

secure. You may use any combination of up to 128 numbers or letters in this field. No special characters or

spaces are allowed. In the

Key Lifetime

field, you may optionally select to have the key expire at the end of a

time period you designate. Enter the number of seconds you’d like the key to be useful, or leave it blank for

the key to last indefinitely.

9.

Click the

Save Settings

button to save these changes.

Your tunnel should now be established.

Figure C-28: VPN Tab

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular Linksys Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share