Cisco RV215W Administration Manual page 110

Configuring VPN
Configuring Advanced VPN Parameters
Cisco RV215W Wireless-N VPN Firewall Administration Guide
• Redundancy Endpoint— To enable the device to switch to an alternate
gateway when the primary VPN connection fails, check the Enable check
box. Enter the WAN IP address or the FQDN for the redundancy endpoint.
To automatically revert to the primary VPN when the connnection is restored,
check the Rollback enable check box.
In Local Traffic Selection and Remote Traffic Selction, enter these settings:
• Local/Remote IP—Select the type of identifier that you want to provide for
the endpoint:
- Single—Limits the policy to one host. Enter the IP address of the host
that will be part of the VPN in Start IP Address field. Enter the IP address
in the Start Address field.
- Subnet—Allows an entire subnet to connect to the VPN. Enter the
network address in the Start IP Address field, and enter the Subnet
Mask in the Subnet Mask field. Enter the subnet's network IP address in
the Start Address field. Enter the subnet mask, such as 255.255.255.0,
in the Subnet Mask field. The field automatically displays a default
subnet address based on the IP address.
IMPORTANT: Make sure that you avoid using overlapping subnets for
remote or local traffic selectors. Using these subnets would require
adding static routes on the router and the hosts to be used. For example,
a combination to avoid would be:
Local Traffic Selector: 192.168.1.0/24
Remote Traffic Selector: 192.168.0.0/16
For a Manual policy type, enter the settings in the Manual Policy Parameters
section:
• SPI-Incoming, SPI-Outgoing—Enter a hexadecimal value between 3 and
8 characters; for example, 0x1234.
• Encryption Algorithm—Select the algorithm used to encrypt the data:
- DES
- 3DES
- AES-128
- AES-192
- AES-256
9
110