1. Home
    2. /
  2. Manuals
    3. /
  3. Linksys
    4. /
  4. WRV200
    5. /
  5. 11
Page 51 / 72 Scroll up to view Page 46 - 50
´¶
Configuring IPSec with a Windows 2000
or XP Computer
Wireless-G VPN Router with RangeBooster
Appendix D
Preshared Key
This new Preshared key will be displayed. Click the
Apply
button to continue, if it appears on your screen;
otherwise, proceed to the next step.
New Preshared Key
Select the
Tunnel Setting
tab, and click
The tunnel
endpoint is specified by this IP Address
radio button.
Then, enter the Router’s WAN IP Address.
Tunnel Setting Tab
Select the
Connection Type
tab, and click
All network
connections
. Then, click the
OK
or
Close
button to
finish this rule.
6.
7.
8.
Connection Type Tab
Tunnel 2: Router->win
In the new policy’s Properties screen, make sure
that
win -> Router
is selected and deselect the
Use
Add Wizard
check box. Then, click
Add
to create the
second IP filter.
Properties Screen
Go to the
IP Filter List
tab, and click the filter list
Router->win
.
IP Filter List Tab
Click the
Filter Action
tab, and select the filter action
Require Security
. Then, click
Edit
. On the
Security
Methods
tab, verify that the
Negotiate security
option is enabled, and deselect the
Accept unsecured
communication, but always respond using IPSec
check box. Select
Session key Perfect Forward
Secrecy
, and click
OK
.
9.
10.
11.
Page 52 / 72
´·
Configuring IPSec with a Windows 2000
or XP Computer
Wireless-G VPN Router with RangeBooster
Appendix D
Filter Action Tab
Click the
Authentication Methods
tab, and verify
that the authentication method
Kerberos
is selected.
Then, click
Edit
.
Authentication Methods Tab
Change the authentication method to
Use this string
to protect the key exchange (preshared key)
, and
enter the preshared key string, such as XYZ12345.
(This is a sample key string. Yours should be a key that
is unique but easy to remember.) Then click
OK
.
Preshared Key
This new Preshared key will be displayed. Click the
Apply
button to continue, if it appears on your screen;
otherwise, proceed to the next step.
12.
13.
14.
New Preshared Key
Click the
Tunnel Setting
tab. Click the radio button
The
tunnel endpoint is specified by this IP Address
, and
enter the Windows 2000/XP computer’s IP Address.
Tunnel Setting Tab
Click the
Connection Type
tab, and select
All network
connections
. Then click
OK
or
Close
to finish.
Connection Type Tab
On the
Rules
tab, click the
OK
or
Close
button to
return to the screen showing the security policies.
Rules Tab
15.
16.
17.
Page 53 / 72
´8
Configuring IPSec with a Windows 2000
or XP Computer
Wireless-G VPN Router with RangeBooster
Appendix D
Step 4: Assign New IPSec Policy
In the
IP Security Policies on Local Machine
window, right-
click the policy named
to_Router
, and click
Assign
. A
green arrow appears in the folder icon.
Local Computer
Step 5: Create a Tunnel Through the Web-Based
Utility
Open your web browser, and enter
±9².±¶8.±.±
in the
Address
field. Press
Enter
.
When the
User name
and
Password
fields appear, enter
the default user name and password,
admin
. Press
Enter
.
Click the
VPN
tab, then click
IPSec VPN
.
VPN > IPSec VPN
Select the tunnel you wish to create in the
Select Tunnel 
Entry
drop-down box. Then click
Enabled
next to the
VPN  Tunnel
option. Enter the name of the tunnel in
1.
2.
3.
4.
the
Tunnel Name
field.
This is to allow you to identify
multiple tunnels and does not have to match the
name used at the other end of the tunnel. Set the
NAT-
Traversal
option to
Disabled
.
Enter the IP Address and Subnet Mask of the local VPN
Router in the
Local Secure Group 
fields. To allow access
to the entire IP subnet, enter
0
for the last set of IP
Addresses (e.g. 192.168.1.0).
Enter the IP Address and Subnet Mask of the VPN
device at the other end of the tunnel (the remote VPN
Router or device with which you wish to communicate)
in the
Remote Secure Group 
fields.
Select the Key Management.
Select
Auto (IKE)
, then set the Operation Mode to
Main
.
Select the ISAKMP encryption method:
³DES
,
AES-
±²8
,
AES-±9²
, or
AES-²µ¶
. The method you select
must be the same type of encryption that is being
used by the VPN device at the other end of the
tunnel.
Select the ISAKMP authentication method:
MDµ
or
SHA±
(SHA1 is recommended as it is more secure).
As with encryption, the method you select must be
the same type of authentication used by the VPN
device at the other end of the tunnel.
Select the ISAKMP DH Group: 1024, 1536, 2048,
3072, 4096, 6144, or 8192. These represent different
bits used in Diffie-Hellman mode operation.
In the
ISAKMP Key Lifetime
field, enter a time period
in seconds to have the key expire at the end of the
designated period, or leave the field blank for the
key to last indefinitely.
Select
PFS
(Perfect Forward Secrecy) to ensure
that the initial key exchange and IKE proposals are
secure.
For
IPSec,
specify
the
Encryption
Method,
Authentication
Method,
DH
Group,
and
Key
Lifetime in the same manner as for ISAKMP above.
Enter a series of numbers or letters in the
Pre-
shared Key
field. You may use any combination of
up to 24 numbers or letters in this field. No special
characters or spaces are allowed.
Click
Save Settings
to save these changes.
Your tunnel should now be established.
5.
6.
7.
a.
b.
c.
d.
e.
f.
g.
h.
8.
Page 54 / 72
´9
Gateway-to-Gateway VPN Tunnel
Wireless-G VPN Router with RangeBooster
Appendix E
Appendix E:
Gateway-to-Gateway VPN
Tunnel
Overview
This appendix explains how to configure an IPSec VPN
tunnel between two VPN Routers by example. Two
computers are used to test the liveliness of the tunnel.
Before You Begin
The following is a list of equipment you need:
Two Windows desktop computers (each computer will
be connected to a VPN Router)
Two VPN Routers, each connected to the Internet:
Wireless-G VPN Router with RangeBooster, model
number WRV200
10/100 8-Port VPN Router, model number RV082
(Any VPN Router can be deployed, such as the
Linksys 10/100 16-, 8-, or 4-Port VPN Router (model
numbers RV016, RV082, or RV042); however, this
example uses the RV082)
Configuration when the Remote Gateway
Uses a Static IP Address
This example assumes the Remote Gateway is using a
static IP address. If the Remote Gateway uses a dynamic
IP address, refer to “Configuration when the Remote
Gateway Uses a Dynamic IP.”
WAN: A.A.A.A
LAN: 192.168.5.1
WAN: B.B.B.B
WRV200
RV082
Gateway-to-Gateway IPSec VPN Tunnel - Remote Gateway Using Static IP
NOTE:
Each computer must have a network
adapter installed.
Configuration of the WRV200
Follow these instructions for the first VPN Router,
designated WRV200. The other VPN Router is designated
the RV082.
Launch the web browser for a networked computer,
designated PC 1.
Access the web-based utility of the WRV200. (Refer
to “Chapter 5: Configuring the Wireless-G Router” for
details.)
Click the
VPN
tab.
Click
IPSec VPN
.
For the VPN Tunnel setting, select
Enable
.
Enter a name in the
Tunnel Name
field.
For the Local Secure Group Type, select
Subnet
. Enter
the WRV200’s local network settings in the
IP Address
and
Mask 
fields.
WRV200 IPSec VPN Settings
For the Remote Secure Group Type, select
Subnet
.
Enter the RV082’s local network settings in the
 
IP Address
and
Mask 
fields.
For the Remote Secure Gateway Type, select
IP addr
.
Enter the RV082’s WAN IP address in the
IP Address
field.
In the Key Management section, select the appropriate
encryption, authentication, and other key management
settings.
In the
Preshared Key
field, enter a string for this key, for
example,
test±²³´
.
WRV200 Key Management Settings
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Page 55 / 72
µ0
Gateway-to-Gateway VPN Tunnel
Wireless-G VPN Router with RangeBooster
Appendix E
Click
Save Settings
and proceed to the next section,
“Configuration of the RV082.”
Configuration of the RV082
Follow similar instructions for the RV082.
Launch the web browser for a networked computer,
designated PC 2.
Access the web-based utility of the RV082. (Refer to
the User Guide of the RV082 for details.)
Click the
IPSec VPN
tab.
Click the
Gateway to Gateway
tab.
Enter a name in the
Tunnel Name
field.
For the VPN Tunnel setting, select
Enable
.
The WAN IP address (B.B.B.B) of the RV082 will be
automatically detected.
For the Local Security Group Type, select
Subnet
. Enter
the RV082’s local network settings in the
IP Address 
and
Subnet Mask
fields.
RV082 VPN Settings
For the Remote Security Gateway Type, select
IP Only
.
Enter the WRV200’s WAN IP address in the
IP Address
field.
For the Remote Security Group Type, select
Subnet
.
Enter the WRV200’s local network settings in the
IP 
Address
and
Subnet Mask
fields.
In the IPSec Setup section, select the appropriate
encryption, authentication, and other key management
settings. (These should match the settings of the
WRV200.)
In the
Preshared Key
field, enter a string for this key, for
example,
test±²³´
.
12.
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
RV082 IPSec Setup Settings
Click
Save Settings
.
Configuration of PC 1 and PC 2
Verify that PC 1 and PC 2 can ping each other (refer to
Windows Help for more information). If the computers
can ping each other, then you know the VPN tunnel is
configured correctly.
12.

Rate

4.5 / 5 based on 2 votes.

Popular Linksys Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top