Cisco Systems RV130W Manual De Usuario

Configuring Site-to-Site IPsec VPN Advanced Parameters

Cisco RV130/RV130W Wireless Multifunction VPN Router Administration Guide

101

 

Advanced VPN parameters such as IKE and other VPN policies control how the 
device initiates and receives VPN connections. 

To configure advanced VPN parameters, choose VPN > Site-to-Site IPsec VPN > 
Advanced VPN Setup. 

The Internet Key Exchange (IKE) protocol dynamically exchanges keys between 
two IPsec hosts. You can create IKE policies to define the security parameters to 
be used when exchanging data with the remote router over the IPsec VPN 
connection. For example, you can create IKE policies to define parameters for peer 
authentication and encryption algorithms. Ensure that the encryption, 
authentication, and key-group parameters in your VPN policy. are compatible with 
settings at the remote router.

To add an IKE policy:

On the Advanced VPN Setup page, click Add Row.

Enter a unique name for the IKE policy to identify and manage the policy easily.

In the Exchange Mode field, choose one of the following modes for the policy:

•

Main—Negotiates the tunnel with higher security, but is slower.

•

Aggressive—Establishes a faster connection, but with lowered security.

In the Local Identifier and Remote Identifier fields, indicate if you want to identify 
your device and the remote router by their real IP address or their public IP 
address. If you select IP address, enter the real IP address of your device and the 
remote router.

In the IKE SA Parameters section, configure parameters to define the strength and 
mode for negotiating Security Association (SA) between your device and the 
remote router:

a. In the Encryption Algorithm field, choose the algorithm to encrypt data.

b. In the Authentication Algorithm field, specify the authentication algorithm for 

the VPN header. Ensure that the authentication algorithm is configured 
identically on both sides of the VPN tunnel.