1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Setting up VPN on RV0041?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by BoB-O, Mar 2, 2006.

  1. BoB-O

    BoB-O Guest

    Hey all,

    I'm trying to set up VPN using my RV0041 (originally purchased for the 1:1 NAT). I've set up MS ISA on many a box, but the terminology used in the RV0041 firmware is foreign to me. Mostly because it doesn't offer any way to specify a username and password.

    Can anyone offer assistance for setting up VPN on this box? All my users are WinXP, so anything that would allow me to use the built-in VPN client would be excellent.

    Thanks,
    BoB
     
  2. marleybpaul

    marleybpaul Guest

    here is it

    Introduction
    This document demonstrates how to establish a secure IPSec tunnel using preshared keys to join a private network inside a Linksys Cable/DSL VPN Router and a Microsoft Windows 2000 or XP PC. You can find detailed information on configuring the Microsoft Windows 2000 server at the Microsoft web site:

    Microsoft KB 252735 - How to Configure IPSec Tunneling in Windows 2000

    Microsoft KB 257225 - Basic IPSec Troubleshooting in Windows 2000



    Environment
    Windows XP or Windows 2000

    IP Address: 140.111.1.2 ß User ISP provide IP Address, this is only a sample

    Subnet Mask: 255.255.255.0

    BEFVP41

    WAN

    IP Address: 140.111.1.1 ß User ISP provide IP Address, this is only a sample

    Subnet Mask: 255.255.255.0

    LAN

    IP Address: 192.168.1.1

    Subnet Mask: 255.255.255.0

    Step-by-Step

    [Windows 2000/XP]
    Create IPSec Policy
    1. Click the Start button, select Run, and type secpol.msc. in the open field.

    2. Right-click IP Security Policies on Local Computer and click Create IP Security Policy.

    3. Click the Next button, and then type a name for your policy (for example, “to_befvp41â€). Then, click Next.

    4. Deselect the Activate the default response rule check box and then click the Next button.

    5. Click the Finish button, making sure the Edit check box is checked.



    Build 2 Filter Lists: “WinXPà BEFVP41†and “BEFVP41à WinXPâ€.
    Note: The references in this section to “WinXP†can easily be exchanged for “Win2000â€, if running Windows 2000.
    Filter List 1: WinXPà BEFVP41
    1. In the new policy properties, deselect the Use Add Wizard check box and then click the Add button to create a new rule.



    2. From the IP Filter List tab, click the Add button.



    3. Type an appropriate name “WinXPà BEFVP41†for the filter list, deselect the Use Add Wizard check box, and click the Add button.



    4. In the Source address field, select My IP Address.

    5. In the Destination address field, select A specific IP Subnet, and fill in the IP Address 192.168.1.0 and Subnet mask 255.255.255.0.



    6. If you want to type a description for your filter, click the Description tab.

    7. Click the OK button. Then click the OK (for WinXP) or Close (for WIN2000) button on the IP Filter List window.

    Filter List 2: BEFVP41à WinXP
    8. On the IP Filter List tab, click the Add button.



    9. Type an appropriate name “BEFVP41à WinXP†for the filter list, deselect the Use Add Wizard check box, and click the Add button.



    10. In the Source address field, select A specific IP Subnet, and fill in the IP Address 192.168.1.0 and Subnet mask 255.255.255.0.

    11. In the Destination address field, select My IP Address.



    12. If you want to type a description for your filter, click the Description tab.

    13. Click the OK button and click the OK (for WinXP) or Close (for Win2000) button on IP Filter List window.



    Configure Individual Rule of 2 Tunnels
    Tunnel 1: WinXPà BEFVP41
    From the IP Filter List tab, click the filter list WinXPà BEFVP41.


    From the Filter Action tab, click the filter action “Require Securityâ€, and click the Edit button.


    3. verify that the Negotiate security option is enabled, and deselect the Accept unsecured communication, but always respond using IPSec check box.

    Select the Session key perfect forward secrecy (PFS) and remember to check the PFS option on the BEFVP41, and click the OK button.


    From the Authentication Methods tab, click the Edit button.


    Change the authentication method to Use this string (preshared key), enter the string “XYZ12345â€, and click the OK button.


    This new Preshared key will be displayed. Click the OK button to continue.



    From the Tunnel Setting tab, click The tunnel endpoint is specified by this IP Address radio button and type the WAN IP Address 140.111.1.1 of the BEFVP41.


    From the Connection Type tab, Select All network connections and click the OK button to finish this rule.


    Tunnel 2: BEFVP41à WinXP
    In the new policy properties, deselect the Use Add Wizard check box and click the Add button to create the second IP Filter.


    From the IP Filter List tab, click the filter list BEFVP41à WinXP.


    From the Filter Action tab, select the filter action Require Security.


    From the Authentication Methods tab, click the Edit button.


    Change the authentication method to Use this string (preshared key), enter the string “XYZ12345â€, and then click the OK button.


    This new Preshared key will be displayed. Click the OK button to continue.



    From the Tunnel Setting tab, click the radio button for The tunnel endpoint is specified by this IP Address and type the Windows 2000/XP IP Address 140.111.1.2.


    From the Connection Type tab, select All network connections. Then, click the OK (for WInXP) or Close (for Win2000) button to finish .


    16. From the Rules tab, click the OK button to go back to the secpol screen.



    Assign New IPSec Policy
    1. In the IP Security Policies on Local Computer MMC snap-in, right-click the policy named to_befvp41, and click Assign. A green arrow appears in the folder icon.



    [BEFVP41]
    Setup Screen
    Open your web browser and enter 192.168.1.1 in the Address field and press the Enter key.
    When the User name and Password field appears, skip the user name and enter the default password admin and press the Enter key.
    Click the VPN tab to set the configuration as shown below.


    This is a sample configuration for the router’s setup tab.
    VPN Screen


    This is a sample configuration for the router’s VPN tab.

    Once all these have been entered, click the Connect button to establish a connection. The Status should indicate that the Router is connected.
     

Share This Page