Step-by-Step
windows 2000/xp

    create ipsec policy

    1. click the start button, select run, and type secpol.msc. in the open field.

    2. right-click ip security policies on local computer, and click create ip security policy.

    3. click the next button, and then enter a name for your policy (for example, to_befvp41). then, click next.

    4. deselect the activate the default response rule check box, and then click the next button.

    5. click the finish button, making sure the edit check box is checked.

   

    build 2 filter lists: "winxp=]befvp41" and "befvp41=]winxp"

    the references in this section to "winxp" can easily be exchanged for "win2000", if running windows 2000.

    filter list 1: winxp=]befvp41

    1. in the new policy's properties screen, deselect the use add wizard check box, and then click the add button to create a new rule.

   

    2. from the ip filter list tab, click the add button.

   

    3. enter an appropriate name, such as winxp=]befvp41, for the filter list, and deselect the use add wizard check box. click the add button.

   

    4. in the source address field, select my ip address.

    5. in the destination address field, select a specific ip subnet, and fill in the ip address: 192.168.1.0 and subnet mask: 255.255.255.0.

   

    6. if you want to enter a description for your filter, click the description tab.

    7. click the ok button. then click the ok (for windows xp) or close (for windows 2000) button on the ip filter list window.

    filter list 2: befvp41=]winxp

    8. on the ip filter list tab, click the add button.

   

    9. enter an appropriate name, such as befvp41=]winxp for the filter list, and deselect the use add wizard check box. click the add button.

   

    10. in the source address field, select a specific ip subnet, and enter the ip address: 192.168.1.0 and subnet mask: 255.255.255.0.

    11. in the destination address field, select my ip address.

   

    12. if you want to type a description for your filter, click the description tab.

    13. click the ok button and click the ok (for winxp) or close (for win2000) button on the ip filter list window.

   

    configure individual rule of 2 tunnels

    tunnel 1: winxp=]befvp41

    1. from the ip filter list tab, click the filter list winxp=]befvp41.

   

    2. from the filter action tab, click the filter action require security, and click the edit button.

   

    3. verify that the negotiate security option is enabled, and deselect the accept unsecured communication, but always respond using ipsec check box.

    4. select session key perfect forward secrecy, and remember to check the pfs option on the befvp41. click the ok button.

   

    5. from the authentication methods tab, click the edit button.

   

    6. change the authentication method to use this string to protect the key exchange (preshared key), and enter the preshared key string, such as xyz12345. click the ok button.

   

    this new preshared key will be displayed in figure c-15. click the ok button to continue.

   

    7. from the tunnel setting tab, click the tunnel endpoint is specified by this ip address radio button, and enter the wan ip address of the befvp41.

   

    8. from the connection type tab, select all network connections, and click the ok or close button to finish this rule.

   

    tunnel 2: befvp41=]winxp

    9. in the new policy's properties screen, deselect the use add wizard check box, and click the add button to create the second ip filter.

   

    10. from the ip filter list tab, click the filter list befvp41=]winxp.

   

    11. from the filter action tab, select the filter action require security.

   

    12. from the authentication methods tab, click the edit button.

   

    13. change the authentication method to use this string to protect the key exchange (preshared key), and enter the preshared key string, such as xyz12345. then click the ok button.

   

    this new preshared key will be displayed in figure c-23. click the ok button to continue.

   

    14. from the tunnel setting tab, click the radio button for the tunnel endpoint is specified by this ip address, and enter the windows 2000/xp computer's ip address.

   

    15. from the connection type tab, select all network connections. then click the ok (for windows xp) or close (for windows 2000) button to finish.

   

    16. from the rules tab, click the ok button to return to the secpol screen.

   

    assign new ipsec policy

    1. in the ip security policies on local computer window, right-click the policy named to_befvp41, and click assign. a green arrow appears in the folder icon.

   

    befvp41

    setup screen

    1. open your web browser, and enter 192.168.1.1 in the address field. press the enter key.

    2. when the user name and password field appears, skip the user name and enter the default password admin. press the enter key.

    3. click the vpn tab to set the configuration as shown in figure c-28.

    figure c-28 is a sample configuration for the router's setup tab.

   

    vpn screen

    figure c-29 is a sample configuration for the router's vpn tab.

    once all the settings have been configured, click the connect button to establish a vpn connection.

    the status should indicate that the router is connected.

   

   

   
Cisco-Linksys BEFVP41 相关内容:报价 | 参数 | 图片 | 论坛 | 评测