59
Chapter 6: Setting up and Configuring the Router
VPN Tab - Client to Gateway
10/100 16-Port VPN Router
select Aggressive Mode. If you select one of the Dynamic IP types for the Remote Security Gateway Type
setting, then Main Mode will be unavailable, so Aggressive Mode will be used.
Compress (Support IP Payload compression Protocol (IP Comp)). The Router supports IP Payload Compression
Protocol, which is used to reduce the size of IP datagrams. If this feature is enabled, the Router will propose
compression when initiating a connection. If the responders reject this proposal, then the Router will not
implement compression. When the Router works as a responder, the Router will always accept compression
even when the Compress feature has not been enabled. Select Compress to support this protocol.
Keep-Alive. This feature helps maintain the connections of IPSec tunnels. Whenever a connection is dropped
and the drop is detected, then the connection will be re-established immediately. Select Keep-Alive to enable
this feature.
AH Hash Algorithm. The AH (Authentication Header) protocol describes the packet format and default
standards for packet structure. If AH is used as a security protocol, portions of the original IP header are used
to verify the integrity of the entire packet during the hashing process, so protection is extended forward into
the IP header. Select an algorithm, MD5 or SHA1. MD5 produces a 128-bit digest to authenticate packet data,
and SHA1 produces a 160-bit digest to authenticate packet data. Both ends of the VPN tunnel should use the
same AH Hash Algorithm.
NetBIOS Broadcast. Click the checkbox if you want NetBIOS traffic to pass through the VPN tunnel. By default,
the Router blocks these broadcasts.
Click the Save Settings button to save your changes, or click the Cancel Changes button to undo the changes.
VPN Tab - Client to Gateway
Use this screen to create a new tunnel between a local VPN device and a mobile user.
Add a New Tunnel
You can select Tunnel to create a tunnel for a single mobile user, or select Group VPN to create tunnels for
multiple VPN clients. The Group VPN feature facilitates the setup of tunnels for multiple VPN clients, so you do not
need to individually configure multiple remote VPN clients. After you have selected Tunnel or Group VPN, the
settings available on this screen may change, depending on which selection you have made.
Tunnel No. A tunnel number between 1-50 will be automatically generated.
Tunnel Name. Enter a name for this VPN tunnel, such as Home Office or New York Branch. This allows you to
identify multiple tunnels and does not have to match the name used at the other end of the tunnel.
Figure 6-71: Client to Gateway