Filter
Top Products
www.cnetusa.com
4
As shown above, CWR-854 can store 10 different VPN profiles. We need to enable
IPSec VPN and then click on edit to configure the first profile.
- Use any name for the connection.
- Authentication will be through the Pre-Shared Key (PSK). Basically anyone who
wants to have VPN connectivity to the router needs to have this key. We will
later on use this same key in the client configuration.
- The next step is to enter the IP information for Local and remote sites. For local
site choose “Subnet Address” to allow access to the whole LAN network. For
remote site, choose “Any Address” so that the router accepts VPN requests from
any IP address.
- Both local and remote systems are identified by IP.
- Key management is auto (IKE). Click the advance key to see the settings for
phase 1 and 2 negotiations. In phase 1 peers are authenticated to each other and a
secure encrypted link is established to start phase 2 which is the actual negotiation
of security services for the IPSec-compliant VPN channel. As you can see in the
next image, 3DES and MD5 are the chosen encryption and authentication
methods and for additional security PFS (Perfect Forward Secrecy) is also
selected.