VPN
Client to Gateway
98 Cisco RV320/RV325 Administration Guide
8
• Preshared Key—Preshared key to use to authenticate the remote IKE peer.
You can enter up to 30 keyboard characters or hexadecimal values, such as
My_@123 or 4d795f40313233. Both ends of the VPN tunnel must use the
same Preshared Key. We recommend that you change the Preshared Key
periodically to maximize VPN security.
• Preshared Key Strength Meter—When you enable Minimum Preshared
Key Complexity, this meter indicates the preshared key strength. As you
enter a preshared key, colored bars appear. The scale goes from red (weak)
to yellow (acceptable) to green (strong).
TIP Enter a complex preshared key that includes more than eight characters,
upper- and lowercase letters, numbers, and symbols such as -*^+= (' ' " \ are
not supported).
Advanced Settings for IKE with Preshared Key and IKE with
Certificate
For most users, the basic settings should suffice; advanced users can click
Advanced to display the advanced settings. If you change the Advanced settings
on one router, also enter the settings on the other router.
• Aggressive Mode—Two modes of IKE SA negotiation are possible, Main
Mode and Aggressive Mode. If network security is preferred, Main Mode is
recommended. If network speed is preferred, Aggressive Mode is
recommended. Check this box to enable Aggressive Mode, or uncheck the
box to use Main Mode.
If the Remote Security Gateway Type is one of the Dynamic IP types,
Aggressive Mode is required. The box is checked automatically, and this
setting cannot be changed.
• Compress (Support IP Payload Compression Protocol (IP Comp))—A
protocol that reduces the size of IP datagrams. Check the box to enable the
router to propose compression when it initiates a connection. If the
responder rejects this proposal, then the router does not implement
compression. When the router is the responder, it accepts compression,
even if compression is not enabled. If you enable this feature for this router,
also enable it on the router at the other end of the tunnel.
• Keep-Alive—Attempts to reestablish the VPN connection if it is dropped.
To Next Page
Loading...
