Configuring VPN and Security
Configuring Advanced VPN Parameters
STEP 1
STEP 2
STEP 3
Cisco RV180/RV180W Administration Guide
VPN clients must be configured with the same VPN policy parameters used in the
VPN tunnel that the client wishes to use: encryption, authentication, lifetime, and
PFS key-group. Upon establishing these authentication parameters, the VPN client
user database must also be populated with an account to give a user access to
the tunnel. The VPN gateway authenticates users in this list when XAUTH is used
in an IKE policy.
VPN client software is required to establish a VPN tunnel between the router and
remote endpoint. Open source software (such as OpenVPN or Openswan) as well
as Microsoft IPsec VPN software can be configured with the required IKE policy
parameters to establish an IPsec VPN tunnel. Refer to the client software guide for
detailed instructions on setup as well as the router's online help.
To open this page: In the navigation tree, choose VPN > IPsec > VPN Users.
If you are using a Point-to-Point Tunneling Protocol VPN server, enter these
settings in the PPTP Server Configuration section:
•
PPTP Server—Check the Enable box to enable this feature, or uncheck the
box to disable it.
•
Starting IP Address—Enter the starting IP address of the range of IP
addresses for the PPTP VPN tunnel.
•
Ending IP Address—Enter the ending IP address of the range of IP
addresses for the PPTP VPN tunnel. The range can include up to 10
addresses.
Note: The starting IP of the PPTP client IP range is used as the PPTP server
IP of the router and the remaining PPTP client IP address range is used to
assign IP address to PPTP clients. If the address range is within a VLAN
range, the PPTP clients are members of that VLAN. Access to other VLANs
is subject to the inter-VLAN routing settings. For example, if PPTP clients are
on VLAN 3, and VLAN 2 prevents inter-VLAN routing, then the PPTP clients
are unable to access resources on VLAN 2.
If you checked the Enable box for the PPTP Server, save your settings. You can
add PPTP users only if you enabled the PPTP Server.
In the VPN Client Setting Table, perform these tasks:
•
To add a client, click Add. Enter these settings:
-
Enabled—For PPTP, check the box to activate the user account. Uncheck
the box to de-activate the user account. This setting is not applicable to
QuickVPN or XAUTH.
5
122