Cisco RV120W Administration Manual page 106

Configuring Virtual Private Networks (VPNs) and Security
Configuring Advanced VPN Parameters
STEP 3
STEP 4
STEP 5
STEP 6
STEP 7
STEP 8
Cisco RV120W Administration Guide
Ensure that the authentication algorithm is configured identically on both
NOTE
sides.
Choose the authentication method:
• Select Pre-Shared Key for a simple password based key that is shared with
the IKE peer.
• Select RSA-Signature to disable the pre-shared key text field and use the
Active Self Certificate uploaded in the Certificates page. A certificate must
be configured in order for RSA-Signature to work.
The double quote character (") is not supported in the pre-shared key.
NOTE
Choose the Diffie-Hellman (DH) Group algorithm, which is used when exchanging
keys. The DH Group sets the strength of the algorithm in bits.
Ensure that the DH Group is configured identically on both sides of the IKE
NOTE
policy.
In the SA Lifetime field, enter the interval, in seconds, after which the Security
Association becomes invalid.
To enable dead peer detection, check the Enable box. Dead Peer Detection is
used to detect whether the peer is alive or not. If peer is detected as dead, the
router deletes the IPsec and IKE Security Association.
In the Detection Period field, enter the interval, in seconds, between consecutive
DPD R-U-THERE messages. DPD R-U-THERE messages are sent only when the
IPsec traffic is idle.
In the Reconnect after Failure Count field, enter the maximum number of DPD
failures allowed before tearing down the connection.
5
97