Configuring Vpn Policies - Cisco RV 120W Administration Manual

Configuring Virtual Private Networks (VPNs) and Security
Configuring VPNs
STEP 6
STEP 7
STEP 8
STEP 1
STEP 2
STEP 1
STEP 2
Cisco RV 120W Administration Guide
To enable dead peer detection, check the box. Dead Peer Detection is used to
detect whether the peer is alive or not. If peer is detected as dead, the router
deletes the IPsec and IKE Security Association.
In the Detection Period field, enter the interval, in seconds, between consecutive
DPD R-U-THERE messages. DPD R-U-THERE messages are sent only when the
IPsec traffic is idle.
In the Reconnect after Failure Count field, enter the maximum number of DPD
failures allowed before tearing down the connection.
Extended Authentication (XAUTH) Parameters
Rather than configuring a unique VPN policy for each user, you can enable the VPN
gateway router to authenticate users from a stored list of user accounts or with an
external authentication server such as a RADIUS server. When connecting many
VPN clients to a VPN gateway router, Extended Authentication (XAUTH) allows
authentication of users with methods in addition to the authentication method
mentioned in the IKE SA parameters. XAUTH can be configured in the following
modes:
Select the XAUTH type:
• None—Disables XAUTH.
• IPsec Host—The router is authenticated by a remote gateway with a
username and password combination. In this mode, the router acts as a VPN
Client of the remote gateway.
• User Database—User accounts created in the router are used to
authenticate users. See
If you selected IPsec Host, enter the username and password for the host.

Configuring VPN Policies

To configure a VPN policy:
Choose VPN > IPsec > IPsec Policies.
In the VPN Policies Table, click Add.
Configuring IPsec Users, page
5
114.
108