Linksys WRT54G3GV2 Benutzerhandbuch
Chapter3
Advanced Configuration
21
Wreless-G Router for Moble Broadband
IP Addr.
Enter the IP address of the remote VPN device.
This can be static or dynamic, depending on the settings
of the remote VPN device. The IP address you enter is NOT
the IP address of the local Gateway.
IP Address
Enter the IP address of the VPN device at
the other end of the tunnel.
FQDN
Enter the Fully Qualified Domain Name (FQDN) of
the remote VPN device.
Doman Name
Enter the domain name of the VPN
device at the other end of the tunnel.
Any
Select this option to have the Router accept requests
from any IP address.
Encrypton
Using encryption helps make your connection
more secure. Select DES or 3DES (3DES is recommended
because it is more secure). You may choose either of these,
but it must be the same type of encryption that is being
used by the VPN device at the other end of the tunnel. If
you do not choose to encrypt your data, select Dsabled.
Authentcaton
Authentication acts as another level
of security. Select MD or SHA (SHA is recommended
because it is more secure). As with encryption, either of
these may be selected, if the VPN device at the other end
of the tunnel is using the same type of authentication.
Key Management
A key is a string of letters and/or numbers used for
authentication or encryption. Select Auto (IKE) for
automatic key management by the Internet Key
Exchange (IKE) protocol, or select Manual for manual key
management. The two methods are described below.
Auto (IKE)
PFS
PFS (Perfect Forward Secrecy) enables automatic
re-keying to enhance security. Select Enabled to ensure
that the initial key exchange and IKE proposals are secure.
Otherwise, select Dsabled.
Pre-shared Key
Enter a series of numbers or letters.
Based on this word, which MUST be entered at both ends
of the tunnel if this method is used, a key is generated to
scramble (encrypt) the data being transmitted over the
tunnel, where it is unscrambled (decrypted). You may use
any combination of up to 24 numbers or letters in this
field. No special characters or spaces are allowed.
Key Lfetme
You may have the key expire at the end
of a time period. Enter the number of seconds you’d like
the key to be useful, or leave it blank for the key to last
indefinitely. The default is 300 seconds.
•
•
Manual
VPN> Manual Key Management
Encrypton Key
If you chose DES for your Encryption
setting, enter 16 hexadecimal characters, or if you chose
3DES, enter 48 hexadecimal characters.
Authentcaton Key
If you chose MD5 for your
Authentication setting, enter 32 hexadecimal characters,
or if you chose SHA, enter 40 hexadecimal characters.
Inbound SPI
Enter the Inbound Security Parameter Index
(SPI). This is the Outbound SPI for the remote VPN device.
Outbound SPI
Enter the Outbound Security Parameter
Index (SPI). This is the Inbound SPI for the remote VPN
device.
Status
The status of the connection is shown.
The following settings are available if Auto (IKE) is
The following settings are available if Auto (IKE) is
selected.
Connect
Click this button to connect your VPN tunnel.
Vew Logs
To view the logs, click Vew Logs.
Incoming Log Table
The table shows the Source IP and Destination Port
Number of incoming traffic.
VPN > Incoming Log Table
Click Refresh to update the log. Click Close to return to
the VPN screen.
Advanced Settngs
Before configuring these settings, click
Save Settngs on the VPN screen to apply your changes,
or click Cancel Changes to cancel your changes.
Then click Advanced Settngs to configure additional
Then click Advanced Settngs to configure additional
settings.
Advanced IPSec VPN Tunnel Setup
Phase 1 is when the two endpoints negotiate parameters
for key exchange. Phase 2 is when they negotiate
parameters for data exchange.