Cisco WRV54G User Manual

32

Chapter 6: Configuring the Router
The Security Tab

Wireless-G VPN Broadband Router

settings of the remote VPN device. Make sure that you have entered the IP Address correctly, or the
connection cannot be made. Remember, this is NOT the IP Address of the local VPN Router, but the IP
Address of the remote VPN Router or device with which you wish to communicate.

•

Encryption. Using Encryption also helps make your connection more secure. There are two different types of
encryption: DES or 3DES (3DES is recommended because it is more secure). You may choose either of these,
but it must be the same type of encryption that is being used by the VPN device at the other end of the tunnel.
Or, you may choose not to encrypt by selecting Disable. In Figure 6-18, DES (which is the default) has been
selected.

•

Authentication. Authentication acts as another level of security. There are two types of authentication: MD5
and SHA (SHA is recommended because it is more secure). As with encryption, either of these may be
selected, provided that the VPN device at the other end of the tunnel is using the same type of authentication.
Or, both ends of the tunnel may choose to Disable authentication. In Figure 6-18, MD5 (the default) has been
selected.

•

Key Management. Key Exchange Method. Select Auto (IKE) or Manual for the Key Exchange Method. The
two methods are described below.

Auto (IKE)
Select Auto (IKE) and enter a series of numbers or letters in the Pre-shared Key field. Check the box next to
PFS (Perfect Forward Secrecy) to ensure that the initial key exchange and IKE proposals are secure. Based on
this word, which MUST be entered at both ends of the tunnel if this method is used, a key is generated to
scramble (encrypt) the data being transmitted over the tunnel, where it is unscrambled (decrypted). You may
use any combination of up to 24 numbers or letters in this field. No special characters or spaces are allowed.
In the Key Lifetime field, you may optionally select to have the key expire at the end of a time period of your
choosing. Enter the number of seconds you’d like the key to be useful, or leave it blank for the key to last
indefinitely.

Manual (See Figure 6-18.)
Select Manual, then select the Encryption Algorithm from the drop-down menu. Enter the Encryption Key in
the field (If, for your Encryption Algorithm, you chose DES, enter 16 hexadecimal characters. If you chose
3DES, enter 48 hexadecimal characters.) Select the Authentication Algorithm from the drop-down menu.
Enter the Authentication Key in the field (If, for your Authentication Algorithm, you chose MD5, enter 32
hexadecimal characters. If you chose SHA1, enter 40 hexadecimal characters.) . Enter the Inbound and
Outbound SPIs in the respective fields.

•

Status. Click the Advanced VPN Tunnel Setup key and the Advanced VPN Tunnel Setup screen will appear.
See Figure 6-19.

Figure 6-18: Manual Key Management