Page 106 / 128
Scroll up to view Page 101 - 105
97
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
7.
The
IP Filter List
screen should appear. Enter an appropriate name, such as Router->win for the filter list,
and
de-select the
Use
Add Wizard
check box. Click the
Add
button.
8.
The
Filters Properties
screen will appear. Select the Addressing tab. In the
Source address
field, select
A
specific IP Subnet
, and enter the IP Address: 192.168.1.0 and Subnet mask: 255.255.255.0. (Enter your new
values if you have changed the default settings.) In the Destination address field, select
My IP Address
.
9.
If you want to enter a description for your filter, click the
Description
tab and enter the description there.
10. Click the
OK
or
Close
button and the
New Rule Properties
screen should appear with the IP Filer List tab
selected. There should now be a listing for “Router -> win” and “win -> Router”. Click the
OK
(for WinXP) or
Close
(for Win2000) button on the
IP Filter List
window.
Figure C-7: IP Filter List
Figure C-8: Filters Properties
Figure C-9: New Rule Properties
Downloaded from
www.Manualslib.com
manuals search engine
Page 107 / 128
98
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
Step 3: Configure Individual Tunnel Rules
Tunnel 1: win->Router
1.
From the
IP Filter List
tab, click the filter list win->Router.
2.
Click the
Filter Action
tab, and click the filter action
Require Security
radio button. Then, click the
Edit
button.
3.
From the
Security Methods
tab, verify that the
Negotiate security
option is enabled, and deselect the
Accept
unsecured communication, but always respond using IPSec
check box. Select
Session key Perfect
Forward Secrecy
, and click the
OK
button.
Figure C-12: Security Methods Tab
Figure C-10: IP Filter List Tab
Figure C-11: Filter Acton Tab
Downloaded from
www.Manualslib.com
manuals search engine
Page 108 / 128
99
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
4.
Select the
Authentication Methods
tab, and click the
Edit
button.
5.
Change the authentication method to
Use this string to protect the key exchange (preshared key)
, and
enter the preshared key string, such as XYZ12345. Click the
OK
button.
6.
This new Preshared key will be displayed. Click the
Apply
button to continue, if it appears on your screen,
otherwise proceed to the next step.
Figure C-13: Authentication Methods
Figure C-14: Preshared Key
Figure C-15: New Preshared Key
Downloaded from
www.Manualslib.com
manuals search engine
Page 109 / 128
100
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
7.
Select the
Tunnel Setting
tab, and click
The tunnel endpoint is specified by this IP Address
radio button.
Then, enter the WAN IP Address.
8.
Select the
Connection Type
tab, and click
All network connections
. Then, click the
OK
or
Close
button to
finish this rule.
Tunnel 2: Router->win
9.
In the new policy’s properties screen, make sure that “win -> Router” is selected and deselect the
Use
Add
Wizard
check box. Then, click the
Add
button to create the second IP filter.
Figure C-16: Tunnel Setting Tab
Figure C-17: Connection Type Tab
Figure C-18: Properties Screen
Downloaded from
www.Manualslib.com
manuals search engine
Page 110 / 128
101
Appendix C: Configuring IPSec between a Windows 2000 or XP Computer and the Gateway
How to Establish a Secure IPSec Tunnel
Wireless-G ADSL Gateway with 2 Phone Ports
10. Go to the
IP Filter List
tab, and click the filter list
Router->win
.
11. Click the
Filter Action
tab, and select the filter action
Require Security
. Then, click the
Edit
button. From the
Security Methods
tab, verify that the
Negotiate security
option is enabled, and deselect the
Accept
unsecured communication, but always respond using IPSec
check box. Select
Session key Perfect
Forward Secrecy
, and click the
OK
button.
12. Click the
Authentication Methods
tab, and verify that the authentication method
Kerberos
is selected. Then,
click the
Edit
button.
Figure C-19: IP Filter List Tab
Figure C-20: Filter Action Tab
Figure C-21: Authentication Methods Tab
Downloaded from
www.Manualslib.com
manuals search engine