Select Local WAN IP, Local FQDN, or Local User FQDN from the drop-down list.Remote Identifier Type
Enter the identifier name or IP Address based on your selectionRemote Identifier
Select IP address or Subnet from the drop-down list.Remote IP Type
Enter the IP address of the device that can use this tunnel.IP Address
Enter the subnet mask.Subnet Mask
Step 2
On the Advanced Settings tab, provide the following:
There are two modes of IKE SA negotiation — Main Mode and Aggressive Mode.
Main mode is recommended when the network's security is preferred. If network speed
is preferred, Aggressive Mode is recommended. Check Enable to enable Aggressive
Mode, or uncheck Enable to use the Main Mode.
If the Remote Security Gateway Type is one of the Dynamic IP types, Aggressive Mode
is required. The box is checked automatically, and this setting cannot be changed.
Aggressive Mode
A protocol that reduces the size of IP datagrams. Check Compress to enable the router
to propose compression when it starts a connection. If the responder rejects this proposal,
then the router does not implement compression. When the router is the responder, it
accepts compression, even if compression is not enabled. If you enable this feature for
this router, also enable it on the router at the other end of the tunnel.
Compress
Broadcast messages used for name resolution in Windows networking to identify
resources such as computers, printers, and file servers. These messages are used by
some software applications and Windows features such as Network Neighborhood.
LAN broadcast traffic is typically not forwarded over a VPN tunnel. However, you can
check this box to allow NetBIOS broadcasts from one end of the tunnel to be rebroadcast
to the other end.
NetBIOS Broadcast
Attempts to re-establish the VPN connection in regular intervals of time.Keep-Alive
Click DPD to enable DPD. It sends periodic HELLO/ACK messages to check the status
of the VPN tunnel. DPD option must be enabled on both ends of the VPN tunnel. Specify
the interval between HELLO/ACK messages in the Interval field by entering the
following:
•
Delay Time: Enter the time delay between each Hello message.
•
Detection Timeout: Enter the timeout to declare that the peer is dead.
•
Delay Action: Action to be taken after DPD timeout. Select Clear or Restart
from the drop-down list.
Dead Peer Detection (DPD)
Enable
Check Extended Authentication to enable.
For a single user, select User and enter the username and password.
For a group, select Group Name, and select admin or guest from the drop-down list.
Extended Authentication
RV345/345P Administration Guide
82
VPN
Create a Site-to-Site VPN Connection
To Next Page
Loading...
Need help?
General
