Configuring Virtual Private Networks (VPNs) and Security
Configuring Advanced VPN Parameters
STEP 2
STEP 3
STEP 4
Cisco RV180/RV180W Administration Guide
-
Both—The router will work in either Initiator or Responder mode.
•
Exchange Mode—Choose one of the following options:
-
Main—This mode negotiates the tunnel with higher security, but is
slower.
-
Aggressive—This mode establishes a faster connection, but with
lowered security.
Note: If either the Local or Remote identifier type is not an IP address, then
negotiation is only possible in Aggressive Mode. If FQDN, User FQDN or DER
ASN1 DN is selected, the router disables Main mode and sets the default to
Aggressive mode.
In the Local section, enter the Identifier Type to specify the Internet Security
Association and Key Management Protocol (ISAKMP) identifier for the local router:
•
Local WAN (Internet) IP
•
FQDN
•
User-FQDN
•
DER ASN1 DN
If you chose FQDN, User-FQDN, or DER ASN1 DN as the identifier type—
Enter the IP address or domain name in the Identifier field.
In the Remote section, enter the Identifier Type to specify the Internet Security
Association and Key Management Protocol (ISAKMP) identifier for the remote
router:
•
Remote WAN (Internet) IP
•
FQDN
•
User FQDN
•
DER ASN1 DN
If you chose FQDN, User-FQDN, or DER ASN1 DN as the identifier type—
Enter the IP address or domain name in the Identifier field.
In the IKE SA Parameters section, enter these settings:
The Security Association (SA) parameters define the strength and mode for
negotiating the SA.
•
Encryption Algorithm—Choose the algorithm used to negotiate the SA:
5
111