1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. Small Business RV315W
  6. Administration manual

Cisco RV315W Administration Manual page 72

Broadband wireless vpn router
Hide thumbs Also See for RV315W:
Table of Contents

Advertisement

VPN
Configuring IPsec VPN Policies
STEP 4
Cisco RV315W Broadband Wireless VPN Router Administration Guide
-
Route: Select the IP address and subnet mask protected by the IPsec
VPN.
-
Flow Characteristic: Enter the source IP address/wildcard and
destination IP address/wildcard.
Click Advanced Settings to configure the advanced settings of the IPsec VPN
policy.
1st Phase: Enter the following information:
-
Exchange Mode: Select either Main Mode or Active Mode. The main
mode has a higher priority than the active mode.
-
Authentication Algorithm: Specify the authentication algorithm for the
VPN header. There are two hash algorithms supported by the RV315W:
SHA1 and MD5. The default is SHA1.
-
Encryption Algorithm: Choose the algorithm used to negotiate the
security association. The encryption standard supports DES, 3DES, AES-
128, AES-192, and AES-256. The default is DES.
-
DH: Choose the Diffie-Hellman group identifier, which the two IPsec
peers use to derive a shared secret without transmitting it to each other.
The DH Group sets the strength of the algorithm in bits. The lower the
Diffie-Hellman group number, the less CPU time it requires to be
executed. The higher the Diffie-Hellman group number, the greater the
security.
-
SA Lifetime: Enter the lifetime of the IPsec Security Association (SA).
The IPsec SA lifetime represents the interval after which the IPsec SA
becomes invalid. The IPsec SA is renegotiated after this interval. The
default value is 86400 seconds.
2rd Phase: Enter the following information:
-
ESP Authentication Algorithm: Choose either SHA1 or MD5 as the ESP
authentication algorithm. The default is MD5.
-
ESP Encryption Algorithm: Choose the symmetric encryption algorithm
that protects data transmission between two IPsec peers. The advanced
encryption standard supports DES, 3DES, AES-128, AES-192, and AES-
256. The default is DES.
-
PFS: Click Enable to enable Perfect Forward Secrecy (PFS) to improve
security, or click Disable to disable it. If you enable PFS, a Diffie-Hellman
exchange is performed for every phase-2 negotiation. PFS is desired on
the keying channel of the VPN connection.
6
69

Advertisement

Table of Contents
loading

Related Manuals for Cisco RV315W

Related Products for Cisco RV315W

Table of Contents