Name: Cisco RV320
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

VPN

Client to Gateway

Cisco RV320/RV325 Administration Guide 97

IPSec Setup

For encryption to be successful, the two ends of a VPN tunnel must agree on the

methods of encryption, decryption, and authentication. Enter exactly the same

settings on both routers.

Enter the settings for Phase 1 and Phase 2. Phase 1 establishes the preshared

keys to create a secure authenticated communication channel. In Phase 2, the IKE

peers use the secure channel to negotiate Security Associations for other

services such as IPsec. Be sure to enter the same settings when configuring other

routers for this tunnel.

• Phase 1 / Phase 2 DH Group—DH (Diffie-Hellman) is a key exchange

protocol. There are three groups of different prime key lengths: Group 1 -

768 bits, Group 2 - 1,024 bits, and Group 5 - 1,536 bits. For faster speed and

lower security, choose Group 1. For slower speed and higher security,

choose Group 5. Group 1 is selected by default.

• Phase 1 / Phase 2 Encryption—Method of encryption for this phase: DES,

3DES, AES-128, AES-192, or AES-256. The method determines the length of

the key used to encrypt or decrypt ESP packets. AES-256 is recommended

because it is more secure.

• Phase 1 / Phase 2 Authentication—Method of authentication for this

phase: MD5 or SHA1. The authentication method determines how the ESP

(Encapsulating Security Payload Protocol) header packets are validated.

MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA1 is

a one-way hashing algorithm that produces a 160-bit digest. SHA1 is

recommended because it is more secure. Make sure that both ends of the

VPN tunnel use the same authentication method.

• Phase 1 / Phase 2 SA Life Time—Length of time a VPN tunnel is active in

this phase. The default value for Phase 1 is 28800 seconds. The default

value for Phase 2 is 3600 seconds.

• Perfect Forward Secrecy—When Perfect Forward Secrecy (PFS) is

enabled, IKE Phase 2 negotiation generates new key material for IP traffic

encryption and authentication, so hackers using brute force to break

encryption keys will not be able to obtain future IPsec keys. Check the box

to enable this feature, or uncheck the box to disable this feature. This feature

is recommended.

• Minimum Preshared Key Complexity—Check Enable to enable the

Preshared Key Strength Meter.

Other manuals for Cisco RV320

Brochure & Specs4 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco RV320 and is the answer not in the manual?

Cisco RV320 Specifications

General

Ethernet LAN	Yes
Cabling technology	10/100/1000Base-T(X)
Networking standards	IEEE 802.3, IEEE 802.3u
Ethernet LAN data rates	10, 100, 1000 Mbit/s
Ethernet interface type	Gigabit Ethernet
USB version	2.0
USB ports quantity	2
Ethernet LAN (RJ-45) ports	6
Gigabit Ethernet (copper) ports quantity	4
Routing protocols	RIP-1, RIP-2
Supported network protocols	IPv4, IPv6, Static IP, PPPoE, PPTP, DNS, DynDNS
VPN support	IPsec, L2TP, DPD, DNS
Firewall security	Port Address Translation (PAT) firewall, Stateful packet inspection (SPI) firewall, Network address translation (NAT) firewall
Security algorithms	128-bit AES, 192-bit AES, 256-bit AES, 3DES, DES, HTTPS, MD5, SHA-1, SSL/TLS
VPN tunnels quantity	25
Authentication method	SHA-1, MD5
MAC address filtering	-
Certification	FCC, CE, UL, cUL, CB, CCC, BSMI, KC, Anatel
Storage temperature (T-T)	0 - 70 °C
Operating temperature (T-T)	0 - 40 °C
Storage relative humidity (H-H)	5 - 90 %
Operating relative humidity (H-H)	10 - 85 %
Product color	Black
Rack mounting	No
LED indicators	Activity, LAN, Link, Power, USB, WAN
Input current	1.5 A
Output voltage	12 V