Page 111 / 145
Scroll up to view Page 106 - 110
101
Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router
How to Establish a Secure IPSec Tunnel
Wireless-G VPN Broadband Router
3.
The
IP Filter List
screen should appear. Enter an appropriate name, such as win->Router, for the filter list, and
de-select the
Use Add
Wizard
check box. Then, click the
Add
button.
4.
The
Filters Properties
screen will appear. Select the
Addressing
tab. In the
Source address
field, select
My IP
Address
. In the
Destination address
field, select
A specific IP Subnet
, and fill in the IP Address: 192.168.1.0
and Subnet mask: 255.255.255.0. (These are the Router’s default settings. If you have changed these
settings, enter your new values.)
5.
If you want to enter a description for your filter, click the
Description
tab and enter the description there.
6.
Click the
OK
button. Then, click the
OK
or
Close
button on the
IP Filter List
window.
Figure D-4: IP Filter LIst
Figure D-5: Filters Properties
Figure D-6: New Rule Properties
Page 112 / 145
102
Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router
How to Establish a Secure IPSec Tunnel
Wireless-G VPN Broadband Router
Filter List 2: Router ->win
7.
The
New Rule Properties
screen will appear. Select the
IP Filter List
tab, and make sure that
win -> Router
is highlighted. Then, click the
Add
button.
8.
The
IP Filter List
screen should appear. Enter an appropriate name, such as Router->win for the filter list, and
de-select the
Use
Add Wizard
check box. Click the
Add
button.
9.
The
Filters Properties
screen will appear. Select the
Addressing
tab. In the
Source address
field, select
A
specific IP Subnet
, and enter the IP Address: 192.168.1.0 and Subnet mask: 255.255.255.0. (Enter your new
values if you have changed the default settings.) In the
Destination address
field, select
My IP Address
.
10. If you want to enter a description for your filter, click the
Description
tab and enter the description there.
11. Click the
OK
or
Close
button and the
New Rule Properties
screen should appear with the IP Filer List tab
selected. There should now be a listing for “Router -> win” and “win -> Router”. Click the
OK
(for WinXP) or
Close
(for Win2000) button on the
IP Filter List
window.
Figure D-7: IP Filter List
Figure D-8: Filters Properties
Figure D-9: New Rule Properties
Page 113 / 145
103
Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router
How to Establish a Secure IPSec Tunnel
Wireless-G VPN Broadband Router
Step 3: Configure Individual Tunnel Rules
Tunnel 1: win->Router
1.
From the
IP Filter List
tab, click the filter list win->Router.
2.
Click the
Filter Action
tab, and click the filter action
Require Security
radio button. Then, click the
Edit
button.
3.
From the
Security Methods
tab, verify that the
Negotiate security
option is enabled, and deselect the
Accept
unsecured communication, but always respond using IPSec
check box. Select
Session key Perfect
Forward Secrecy
, and click the
OK
button.
Figure D-12: Security Methods Tab
Figure D-10: IP Filter List Tab
Figure D-11: Filter Action Tab
Page 114 / 145
104
Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router
How to Establish a Secure IPSec Tunnel
Wireless-G VPN Broadband Router
4.
Select the
Authentication Methods
tab, and click the
Edit
button.
5.
Change the authentication method to
Use this string to protect the key exchange (preshared key)
, and
enter the preshared key string, such as XYZ12345. Click the
OK
button.
6.
This new Preshared key will be displayed. Click the
Apply
button to continue, if it appears on your screen;
otherwise, proceed to the next step.
Figure D-13: Authentication Methods
Figure D-14: Preshared Key
Figure D-15: New Preshared Key
Page 115 / 145
105
Appendix D: Configuring IPSec between a Windows 2000 or XP Computer and the Router
How to Establish a Secure IPSec Tunnel
Wireless-G VPN Broadband Router
7.
Select the
Tunnel Setting
tab, and click
The tunnel endpoint is specified by this IP Address
radio button.
Then, enter the Router’s WAN IP Address.
8.
Select the
Connection Type
tab, and click
All network connections
. Then, click the
OK
or
Close
button to
finish this rule.
Tunnel 2: Router->win
9.
In the new policy’s properties screen, make sure that “win -> Router” is selected and deselect the
Use
Add
Wizard
check box. Then, click the
Add
button to create the second IP filter.
Figure D-16: Tunnel Setting Tab
Figure D-17: Connection Type Tab
Figure D-18: Properties Screen