Step 4: Assign New Ipsec Policy; Step 5: Create A Tunnel Through The Web-Based Utility - Linksys WAP54GP - Wireless-G Access Point User Manual

Appendix D

Step 4: Assign New IPSec Policy

In the IP Security Policies on Local Machine window, right-
click the policy named to_Router, and click Assign. A
green arrow appears in the folder icon.
Local Computer
Step 5: Create a Tunnel Through the Web-Based
Utility
Open your web browser, and enter 9.8.. in the
1.
Address field. Press Enter.
2. When the User name and Password fields appear, enter
the default user name and password, admin. Press
Enter.
Click the VPN tab, then click IPSec VPN.
3.
VPN > IPSec VPN
4. Select the tunnel you wish to create in the Select Tunnel
Entry drop-down box. Then click Enabled next to the
VPN Tunnel option. Enter the name of the tunnel in
Wireless-G VPN Router with RangeBooster
Configuring IPSec with a Windows 2000 or XP Computer
5.
6.
7.
8.
the Tunnel Name field. This is to allow you to identify
multiple tunnels and does not have to match the
name used at the other end of the tunnel. Set the NAT-
Traversal option to Disabled.
Enter the IP Address and Subnet Mask of the local VPN
Router in the Local Secure Group fields. To allow access
to the entire IP subnet, enter 0 for the last set of IP
Addresses (e.g. 192.168.1.0).
Enter the IP Address and Subnet Mask of the VPN
device at the other end of the tunnel (the remote VPN
Router or device with which you wish to communicate)
in the Remote Secure Group fields.
Select the Key Management.
Select Auto (IKE), then set the Operation Mode to
a.
Main.
b. Select the ISAKMP encryption method: DES, AES-
8, AES-9, or AES-. The method you select
must be the same type of encryption that is being
used by the VPN device at the other end of the
tunnel.
Select the ISAKMP authentication method: MD or
c.
SHA (SHA1 is recommended as it is more secure).
As with encryption, the method you select must be
the same type of authentication used by the VPN
device at the other end of the tunnel.
d. Select the ISAKMP DH Group: 1024, 1536, 2048,
3072, 4096, 6144, or 8192. These represent different
bits used in Diffie-Hellman mode operation.
e. In the ISAKMP Key Lifetime field, enter a time period
in seconds to have the key expire at the end of the
designated period, or leave the field blank for the
key to last indefinitely.
Select PFS (Perfect Forward Secrecy) to ensure
f.
that the initial key exchange and IKE proposals are
secure.
g. For IPSec, specify the Encryption Method,
Authentication Method, DH Group, and Key
Lifetime in the same manner as for ISAKMP above.
h. Enter a series of numbers or letters in the Pre-
shared Key field. You may use any combination of
up to 24 numbers or letters in this field. No special
characters or spaces are allowed.
Click Save Settings to save these changes.
Your tunnel should now be established.
8