User's Manual
Table Of Contents
- Federal Communication Commission Interference Statement
- Getting Started
- Using the Setup Wizard
- Viewing System Status
- Port Management
- Networking
- VPN
- Quality of Service (QoS)
- Security
- System Management
- Where to Go From Here
VPN
Configuring IPsec VPN Policies
Cisco RV315W Broadband Wireless VPN Router Administration Guide 71
6
• Local Gateway Address: Displays the IP address of the local network. In
general, the local gateway address is the public IP address obtained by the
selected WAN interface.
• Authentication Method: The IPsec VPN uses a simple, password-based
key to authenticate. Enter the desired value that the peer device must
provide to establish a connection in the Pre-shared Key field. The pre-
shared key must be entered exactly the same here and on the remote peer.
STEP 4 Click Advanced Settings to configure the advanced settings of the IPsec VPN
policy.
• 1st Phase: Enter the following information:
- Exchange Mode: Select either Main Mode or Active Mode. The main
mode has a higher priority than the active mode.
- Authentication Algorithm: Specify the authentication algorithm for the
VPN header. There are two hash algorithms supported by the RV315W:
SHA1 and MD5. The default is SHA1.
- Encryption Algorithm: Choose the algorithm used to negotiate the
security association. The encryption standard supports DES, 3DES, AES-
128, AES-192, and AES-256. The default is DES.
- DH: Choose the Diffie-Hellman group identifier, which the two IPsec
peers use to derive a shared secret without transmitting it to each other.
The DH Group sets the strength of the algorithm in bits. The lower the
Diffie-Hellman group number, the less CPU time it requires to be
executed. The higher the Diffie-Hellman group number, the greater the
security.
- SA Lifetime: Enter the lifetime of the IPsec Security Association (SA).
The IPsec SA lifetime represents the interval after which the IPsec SA
becomes invalid. The IPsec SA is renegotiated after this interval. The
default value is 86400 seconds.
• 2rd Phase: Enter the following information:
- ESP Authentication Algorithm: Choose either SHA1 or MD5 as the ESP
authentication algorithm. The default is MD5.
- ESP Encryption Algorithm: Choose the symmetric encryption algorithm
that protects data transmission between two IPsec peers. The advanced
encryption standard supports DES, 3DES, AES-128, AES-192, and AES-
256. The default is DES.