User's Manual
Table Of Contents
- Federal Communication Commission Interference Statement
- Getting Started
- Using the Setup Wizard
- Viewing System Status
- Port Management
- Networking
- VPN
- Quality of Service (QoS)
- Security
- System Management
- Where to Go From Here
VPN
Configuring IPsec VPN Policies
Cisco RV315W Broadband Wireless VPN Router Administration Guide 72
6
- PFS: Click Enable to enable Perfect Forward Secrecy (PFS) to improve
security, or click Disable to disable it. If you enable PFS, a Diffie-Hellman
exchange is performed for every phase-2 negotiation. PFS is desired on
the keying channel of the VPN connection.
- SA Lifetime: Specify the values for the time-based lifetime and the flow-
based lifetime.
- DPD: Click Enable to enable Dead Peer Detection (DPD), or click Disable
to disable it. DPD is a method of detecting a dead Internet Key Exchange
(IKE) peer. This method uses IPsec traffic patterns to minimize the
number of messages required to confirm the availability of a peer. DPD is
used to reclaim the lost resources in case a peer is found dead and it is
also used to perform IKE peer failover. If you enable DPD, specify the
delay time and DPD timeout.
DPD Delay Time: Enter the value of delay time in seconds between
consecutive DPD R-U-THERE messages. DPD R-U-THERE messages are
sent only when IPsec traffic is idle.
DPD Timeout: Enter the value of detection timeout in seconds. If no
response and no traffic over the timeout, declare the peer dead.
STEP 5 Click OK to save your settings.
Modifying or Deleting an IPsec VPN Policy
STEP 1 Click VPN > IPsec VPN. The IPsec VPN page opens.
STEP 2 To edit the settings of an IPsec VPN policy, select the corresponding policy and
click the Edit icon. See Setting Up a Site-to-Site VPN or Setting up a PC to Site
VPN for more information.
STEP 3 To delete an IPsec VPN policy, select the corresponding policy and click the
Delete icon.