Filter
Top Products
Configuring VPN
Configuring IPsec VPN Server
Cisco RV130/RV130W Wireless Multifunction VPN Router Administration Guide 106
6
STEP 4 In the Phase 2 Configuration section, configure parameters to negotiate IPsec
Security Association (SA) for the IPsec tunnel:
a. In the Local IP field, indicate how many endpoints will be part of the VPN
policy:
• Single—Limits the policy to one host. Enter the IP address of the host that
will be part of the VPN in the IP Address field.
• Subnet—Allows an entire subnet to connect to the VPN. Enter the
network address in the IP Address field, and enter the subnet mask in the
Subnet Mask field. Enter the subnet’s network IP address in the IP
Address field. Enter the subnet mask, such as 255.255.255.0, in the
Subnet Mask field. The field automatically displays the default subnet
address based on the IP address.
b. In the IPsec SA Lifetime field, enter the duration, in seconds, after which the
IPsec Security Association for the VPN connection is renegotiated.
c. Choose the Encryption Algorithm to encrypt data and choose the
Authentication Algorithm for the VPN header. Ensure that the authentication
algorithm is configured identically on both your device and the remote
endpoint.
d. To create a more secure IPsec VPN connection, check the PFS Key Group
Enable check box, ensuring a new Diffie-Hellman key exchange in phase 2.
Perfect Forward Secrecy (PFS) creates an additional layer of security by
protecting your data with a new key, in case the DH key generated in phase 1 is
compromised in transit. Ensure that both IPsec endpoints have PFS enabled.
STEP 5 Click Save.
Configuring IPsec VPN User Accounts
STEP 1 Choose VPN > IPsec VPN Server > User.
STEP 2 Click Add Row.
STEP 3 Enter a username and password.
We recommended that the password contains no dictionary words from any
language, and is a mix of letters (both uppercase and lowercase), numbers, and
symbols. The password can be up to 64 characters long.
STEP 4 To import usernames and passwords from a CSV file, click Import. The
Administration > Users page is displayed. In the Import Username and Password