Gebruiksaanwijzing /service van het product RVL200 van de fabrikant Cisco Systems
Ga naar pagina of 117
USER GUIDE BUSINESS SERIES 4-P or t SSL/IPSec VPN Router Model: RVL200.
ii About This Guide 4-Port SSL/IPSec VPN Router About T his Guide Icon Descriptions While reading through the User Guide you may see various icons that call attention to specific items.
i T able of Contents 4-Port SSL/IPSec VPN Router Chapter 1: Introduction 1 Introduction to the Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Introduction to Virtual Private Netw orks ( VPNs) . . . . . . . . .
ii T able of Contents 4-Port SSL/IPSec VPN Router Setup > One -to- One NA T. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 One -to-One NA T . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
iii T able of Contents 4-Port SSL/IPSec VPN Router QoS > QoS Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 QoS Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
iv T able of Contents 4-Port SSL/IPSec VPN Router Wizar d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Basic Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
v T able of Contents 4-Port SSL/IPSec VPN Router Appendix H: Deployment in an Existing Netw ork 80 Over view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 LAN-to-LAN Connection . . . . . . . .
vi T able of Contents 4-Port SSL/IPSec VPN Router Appendix M: Multiple VLANs and Subnets 96 Over view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 RVL200 Conguration. . . . . . . . . . . .
1 Introduc tion 4-Port SSL/IPSec VPN Router Chapter 1 Chapter 1: Introduction Introduction to the Router Thank you f or choosing the Linksys 4-P ort SSL/IPSec VPN Router . The R outer is an advanced I nternet-sharing network solution for your small business needs.
2 Introduc tion 4-Port SSL/IPSec VPN Router Chapter 1 Internet Central Office Home VPN Router VPN Router VPN Router to VPN Router Computer (using SSL VPN client software) to VPN Router The follo wing is an example of a comput er-to-VPN Router VPN. I n her hotel room, a traveling businesswoman connects to her I nternet Ser vice Pro vider (ISP).
3 Produc t Over view 4-Port SSL/IPSec VPN Router Chapter 2 Chapter 2: Pr oduc t Over view Front P anel Po wer (Green) The Po wer LED lights up green and stays on while the Router is pow ered on. Diag (Orange) The Diag LED lights up when the Router is not ready for use.
4 Installation 4-Port SSL/IPSec VPN Router Chapter 3 Chapter 3: Installation Physical Installation There ar e three wa ys to place the Router . The first wa y is to place it hor izontally on a surface, so it sits on its four rubber feet. The second way is to stand the R outer vertically on a sur face.
5 Installation 4-Port SSL/IPSec VPN Router Chapter 3 Cable Connec tion T o connect network devices to the R outer , follow these instructions: Before you begin, make sure that all of your hardware is pow ered off, including the R outer , computers, switches, and cable or DSL modem.
Chapter 4 Advanced Configura tion 6 4-Port SSL/IPSec VPN Router Chapter 4: A dvanc ed C onfigur a tion Over view F or your convenience , use the Router ’ s web-based utility to set it up and configure it. T his chapter will explain all of the functions in this utility.
Chapter 4 Advanced Configura tion 7 4-Port SSL/IPSec VPN Router Select Allow cookies . Select Enable JavaScript . Click Advanc ed . Select Enable ActiveX . Netscape Communicator > Options > Site C ontrols > W eb F eatur es Click OK . Under Options, click A dvanced .
Chapter 4 Advanced Configura tion 8 4-Port SSL/IPSec VPN Router Click to Install the W eb Cache Cleaner On the Security Warning scr een, click Y es . Click Y es to Install The W eb Cache Cleaner will be installed in C: WINDOWSDownloaded Progr am Files.
Chapter 4 Advanced Configura tion 9 4-Port SSL/IPSec VPN Router Sy stem Up Time This is the length of time in da ys, hours , and minutes that the Router has been ac tive. The cur rent time and date are also displa yed. P ort S tatistics Click any por t on the Router ’ s rear panel image to see the status of the selected por t.
Chapter 4 Advanced Configura tion 10 4-Port SSL/IPSec VPN Router If you have not set up the e-mail server on the Log tab, the message, “E-mail cannot be sent because you have not specified an outbound SMTP server address, ” will be displayed .
Chapter 4 Advanced Configura tion 11 4-Port SSL/IPSec VPN Router subscribers use this connection type.) Y our ISP assigns these values. Obtain an IP Automatically DNS Ser ver (Required) 1/2 If y ou selec t Use the F ollowing DNS Ser ver Addresses , enter your DNS ser ver IP addr ess(es) (enter at least one).
Chapter 4 Advanced Configura tion 12 4-Port SSL/IPSec VPN Router Keep Alive: Inter val If you select the Keep Alive option, the Router will send keep-alive packets as of ten as you specify .
Chapter 4 Advanced Configura tion 13 4-Port SSL/IPSec VPN Router Setup > Passwor d Passw ord The User Name is admin; it cannot be changed. Old Passwor d Enter the old password . The default is admin when you first pow er up the Router . New Password Enter a new password for the Router .
Chapter 4 Advanced Configura tion 14 4-Port SSL/IPSec VPN Router Click Save Settings to save your change, or click Cancel Changes to undo it. Setup T ab > F or warding The Forwarding screen allows you to set up port range forwarding and por t triggering applications.
Chapter 4 Advanced Configura tion 15 4-Port SSL/IPSec VPN Router Some I nternet applications or games use alternate por ts to communicate between the server and LAN host. When you want to use these applications, enter the triggering (outgoing) por t and alternate incoming port in the P or t T riggering table.
Chapter 4 Advanced Configura tion 16 4-Port SSL/IPSec VPN Router UPnP F orwarding T able List Click Refresh to update the on-screen information. Click Close to exit this screen and r eturn to the UPnP scr een. On the UPnP screen, click Save Settings to save your changes, or click Canc el Changes to undo them.
Chapter 4 Advanced Configura tion 17 4-Port SSL/IPSec VPN Router Setup > MAC Clone MAC Clone User Defined W AN MA C Address T o manually clone a MA C address, selec t User Defined W AN MA C Address , and then enter the 12 digits of your adapter ’ s MAC address.
Chapter 4 Advanced Configura tion 18 4-Port SSL/IPSec VPN Router other rout ers on the network. It determines the r oute tha t the net work packets take based on the fewest number of hops between the source and the destination. W orking Mode S elect Gateway mode if the Router is hosting your network ’ s connection to the Internet.
Chapter 4 Advanced Configura tion 19 4-Port SSL/IPSec VPN Router DHCP > Setup Setup Enable DHCP Server T o use the Router as your network’ s DHCP server , selec t Enable DHCP S erver . If you already have a DHCP server on your net work, remove the check mark.
Chapter 4 Advanced Configura tion 20 4-Port SSL/IPSec VPN Router NO TE: T o support NetBIOS f or DHCP and Vir tual P assage clients, the Router uses two methods. ( Vir tual Passage is an ActiveX -based VPN client that provides full net work connectivity for Window s users.
Chapter 4 Advanced Configura tion 21 4-Port SSL/IPSec VPN Router to configure the Device IP Address and Subnet Mask settings.) Subnet1-4 The subnet numbers are created according to the VLAN numbers. ( The multiple subnets can also be configured on the Setup > Network screen.
Chapter 4 Advanced Configura tion 22 4-Port SSL/IPSec VPN Router System Management > Diagnostic > P ing Ping host or IP addr ess Enter the IP address of the device being pinged, and click Go . The test will take a few seconds to complete. When completed, the Router will display the results at the bottom of the screen.
Chapter 4 Advanced Configura tion 23 4-Port SSL/IPSec VPN Router from the Restart screen, then the Router will send out y our log file before it is r eset. System Management > Restart Restart Restart Router Click Restar t Router to restart the Router .
Chapter 4 Advanced Configura tion 24 4-Port SSL/IPSec VPN Router System Management > IGMP Snooping Enable IGMP Snooping S elect this option to use IGMP Snooping. Timeout Enter the time inter val during which IGMP broadcast packets from the IGMP ser ver are sent to the IGMP clients behind a specific por t of the Router .
Chapter 4 Advanced Configura tion 25 4-Port SSL/IPSec VPN Router Port Receiv e P acket Count The number of packets receiv ed is displayed . Port Receiv e Packet Byte Count The number of packet bytes rec eived is display ed. Port T r ansmit Packet Count The number of packets transmitted is display ed.
Chapter 4 Advanced Configura tion 26 4-Port SSL/IPSec VPN Router Port Management > VLAN Membership VLAN Membership VLAN ID Select the VLAN ID number tha t you c onfigured on the Create VLAN screen. Description Enter the VLAN group name. Y ou can use up to 50 characters.
Chapter 4 Advanced Configura tion 27 4-Port SSL/IPSec VPN Router Rate C ontrol Service Selec t the Ser vice you want. If the Ser vice y ou need is not list ed in the menu, click Service Management to add the new ser vice. The Service Management screen appears.
Chapter 4 Advanced Configura tion 28 4-Port SSL/IPSec VPN Router Service Management Service Name Enter a name. Protoc ol Select the protocol it uses. Port Range Enter its range. Click Add to List . Click Save S ettings to save your changes, or click C ancel Changes to undo them.
Chapter 4 Advanced Configura tion 29 4-Port SSL/IPSec VPN Router None If the None option is selec ted, then the Router prioritizes each packet based on the required level of service for its four LAN por ts, using four priority queues with stric t or W eighted Round Robin ( WWR) queuing.
Chapter 4 Advanced Configura tion 30 4-Port SSL/IPSec VPN Router based QoS in Layer 3, the Router can use the prior ity bits in the Type of Service ( T oS) octet to pr ioritize traffic. If priority bits are used, the T oS oc tet may con tain three bits for IP P recedence or six bits f or DSCP service.
Chapter 4 Advanced Configura tion 31 4-Port SSL/IPSec VPN Router NO TE: SSL VPN has higher priority than P ort F orwarding when HT TPS is enabled. HTTP T o allow HT TP connections for remote management, select Enable . O therwise, select Disable . Then enter the port number you want to use for remote management (port 80 or 8080 is usually used).
Chapter 4 Advanced Configura tion 32 4-Port SSL/IPSec VPN Router Time The time inter val to which the access rule applies is displayed . Day The days to which the access rule applies is displayed . Click Edit to edit an access rule, and click the T rash Can icon to delete an ac cess rule.
Chapter 4 Advanced Configura tion 33 4-Port SSL/IPSec VPN Router Source S elect the Sourc e IP address(es) for the access rule. If it can be any IP address, select Any . If it is one IP address, select Single and enter the IP address . I f it is a range of IP addresses, select Range , and enter the star ting and ending IP addresses in the A ddr .
Chapter 4 Advanced Configura tion 34 4-Port SSL/IPSec VPN Router Group Name Enter a name for the new g roup . Show unknown IP/MAC addresses I f you do not k now a computer’ s IP or M AC address, click Sho w unknown IP/MA C addresses . The Unk nown MAC Address List appears.
Chapter 4 Advanced Configura tion 35 4-Port SSL/IPSec VPN Router Summar y T unnel Used The number of VPN tunnels being used is displayed . T unnel A vailable The number of available VPN tunnels is displayed . T unnel Sta tus Add New T unnel Click Add New T unnel to add a Gateway-to-Gateway tunnel.
Chapter 4 Advanced Configura tion 36 4-Port SSL/IPSec VPN Router FQDN) A uthentication , Dynamic IP + Domain Name(FQDN) Authentication , or Dynamic IP + E- mail A ddr .(USER FQDN) Authentication . F ollow the instructions for the type you want to use .
Chapter 4 Advanced Configura tion 37 4-Port SSL/IPSec VPN Router NO TE: The Remote S ecurity Gateway T ype you select should match the L ocal Security Gateway T ype selec ted on the VPN device at the other end of the tunnel. IP Only The default is IP Only .
Chapter 4 Advanced Configura tion 38 4-Port SSL/IPSec VPN Router Subnet The default is Subnet . All computers on the remote subnet will be able to access the tunnel . IP address Enter the IP address. Subnet Mask Enter the subnet mask . The default is 255.
Chapter 4 Advanced Configura tion 39 4-Port SSL/IPSec VPN Router Manual Incoming and Outgoing SPI (Security Par ameter Index) SPI is carried in the ESP (Encapsulating S ecurity P ayload Protocol) header and enables the r eceiver and sender to select the SA, under which a packet should be processed .
Chapter 4 Advanced Configura tion 40 4-Port SSL/IPSec VPN Router the Router will disconnect the tunnel so the connection can be re - established. Specify the inter val between HELL O/A CK messages (how often you want the messages to be sent). DPD is enabled by default, and the default interval is 10 seconds.
Chapter 4 Advanced Configura tion 41 4-Port SSL/IPSec VPN Router Generate New Certificate Click this option to generate a new certificate. It will replace the Router ’ s existing certificate. Export C ertific ate f or Administr ation The c ertificate f or administration holds the privat e key and should be st ored in a safe place as a backup .
Chapter 4 Advanced Configura tion 42 4-Port SSL/IPSec VPN Router NO TE: I f your users are unable to connect via Active Directory , verify the follo wing: The time settings between the Active Directory ser ver and the Router must be synchronized .
Chapter 4 Advanced Configura tion 43 4-Port SSL/IPSec VPN Router SSL VPN > Virtual Passage Virtual Passage Client Addr ess Range Define the range of IP addresses to assign to incoming Virtual Passage clients. The default is 192.168.1.200 to 192.168.
Chapter 4 Advanced Configura tion 44 4-Port SSL/IPSec VPN Router SNMP > V iews Configure this screen to allow or deny access to SNMP featur es. SNMP > Views View s Vie w T able V iew Name Selec t the appropriate view name.
Chapter 4 Advanced Configura tion 45 4-Port SSL/IPSec VPN Router Security Model Select the v ersion of SNMP the group uses: SNMPv1 , SNMPv2 , or SNMPv3 . Security Level This option is available if SNMPv3 is selected f or the Security M odel. Selec t No Authen tication if no authentication or privac y security levels are specified.
Chapter 4 Advanced Configura tion 46 4-Port SSL/IPSec VPN Router Select how you want to define the access control of this community . Basic Ac cess Mo de This allows both v1 and v2c operation requests. Selec t Read Only if you want the user to have read-only access to the parameters of the MIB tree with respect to the view name.
Chapter 4 Advanced Configura tion 47 4-Port SSL/IPSec VPN Router SNMPv3 Select this option if you want to use SNMPv3. Then configure the f ollowing: User Name Enter the name of the user who receives SNMP notifications. Security Level Selec t No Authentication if no authentication or privacy security levels are specified.
Chapter 4 Advanced Configura tion 48 4-Port SSL/IPSec VPN Router e -mailed at the same time. The default is S everity0_ Emergency . Click E-mail Log Now to immediately send the log to the address in the Send E-mail to field. Log Setting Alert Log Syn F looding Selec t this option if y ou want Syn F looding events to trigger an alert.
Chapter 4 Advanced Configura tion 49 4-Port SSL/IPSec VPN Router Log > Syst em Statistics Click Refresh to update the sta tistics. Wizard Use this tab to access two Setup Wizards , the Basic Setup Wizar d and the Access Rule Setup Wizar d. Run the Basic Setup Wizar d to set up the Router for your Internet connection(s).
Chapter 4 Advanced Configura tion 50 4-Port SSL/IPSec VPN Router Depending on which connection type you have selected, the appropriate screen will appear . F ollow the instructions for the appropriate connection type: Obtain an IP automatically If you want t o use the ISP’ s DNS ser ver , select Use DNS Ser ver provided by ISP (default).
Chapter 4 Advanced Configura tion 51 4-Port SSL/IPSec VPN Router your Internet access disconnec ts. The default is 5 minutes. If y ou select the Keep aliv e option, the Router will keep the c onnection alive by sending out a few data packets periodically , so your ISP thinks that the connection is still active.
Chapter 4 Advanced Configura tion 52 4-Port SSL/IPSec VPN Router Select the ser vice y ou want from the Service pull-down menu. Click Next to continue. Click Previous if you want to return to the previous screen. Click Exit if you want to exit the Setup Wizar d.
Chapter 4 Advanced Configura tion 53 4-Port SSL/IPSec VPN Router Decide when you want this Access Rule to be enforc ed. Select Alwa ys if y ou want the A ccess Rule to be alw ays enforc ed. Click Next to continue. Click Pr evious if you want to return to the previous screen.
Chapter 4 Advanced Configura tion 54 4-Port SSL/IPSec VPN Router session. (I f you end the session, you will need to re - enter your User Name and P assw ord to log in and then manage the Router .) After y ou click the L ogout tab, a Warning screen appears.
55 T roubleshooting 4-Port SSL/IPSec VPN Router Appendix A Appendix A: T roubleshooting The rmw are upgrade has failed. A firmwar e upgrade takes approximat ely ten minutes.
56 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B Appendix B: V ir tual P assage SSL VPN Client Over view The Router’ s SSL VPN Portal includes an A ctiveX -based VPN client that pr ovides full network c onnectivity for Windows users.
57 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B Deselect (remove the checkmark from) Override automatic cookie handling . Internet Explorer > Internet Options > Privacy Click OK . Click OK again. Netscape Communic ator 8.
58 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B Login for the SSL VPN P ortal ( Window s OS) F ollow these instructions to log in: Enter the IP address of the Router , https://<W AN IP address of the Router> , in your web browser .
59 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B On the Security Warning scr een, click Y es . Click Y es to Install A second S ecurity Warning screen asks you if you want to install XT unnel , the V irtual Passage application.
60 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B Windo ws V ista U sage If you use Windows Vista to establish an SSL VPN connection and do not disable the User Account Control (U AC) f eature , an error message will displa y , indicating that V irtual Passage was not installed.
61 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B A screen may appear indica ting that the certificate cannot be verified. Linksys has confirmed that the certificate is valid. Click Con tinue . Click to Continue On the W arning screen, click Run .
62 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B Before Y ou Begin (Linux OS) Make sure you have administrative rights on your computer . Then install the freeware , Java Runtime Environmen t ( JRE), on your computer . T o download the freeware , visit Java-related websites.
63 Vir tual Passage SSL VPN Client 4-Port SSL/IPSec VPN Router Appendix B On the W arning screen, click Run . Click Run After the software is installed , you will be notified that the SSL VPN tunnel has been established. SSL VPN T unnel Established T o end the SSL VPN connection, click Disconnect .
64 Bandwidth Management 4-Port SSL/IPSec VPN Router Appendix C Appendix C: Bandwidth Management Over view This appendix explains how to ensure Quality of Ser vice (QoS) on Vonage V oice over Internet Protocol ( V oIP) phone ser vice. This example uses Vonage; howev er , similar instructions will apply to other V oIP services.
65 Bandwidth Management 4-Port SSL/IPSec VPN Router Appendix C Creation of Ne w Bandwidth Management Rules Create four new rules: Vonage V oIP (Upstream), Vonage V oIP (Downstream), V onage 2 (Upstream), and Vonage 2 (Downstream). On the Bandwidth Management scr een, select V onage V oIP fr om the Ser vice drop-down menu.
66 Ac tiv e Direc tor y S er ver 4-Port SSL/IPSec VPN Router Appendix D Appendix D: A c tiv e Director y S er ver NO TE: W indows Ser ver 2000 and 2003 support the Active Directory ser ver featur e. T o configure an Active Dir ector y server: Click the Start button of your W indows computer .
67 Ac tiv e Direc tor y S er ver 4-Port SSL/IPSec VPN Router Appendix D Click Next . W elcome to the Active Directory Installation W izard Click Next . Operating System C ompatibility 9. 10. Select Domain controller for a new domain , and then click Next .
68 Ac tiv e Direc tor y S er ver 4-Port SSL/IPSec VPN Router Appendix D Enter a domain name, and then click N ext . New Domain Name Enter a domain NetBIOS name, and then click N ext . NetBIOS Domain Name 13. 14. Select the folders that will store the Active Directory database and log.
69 Ac tiv e Direc tor y S er ver 4-Port SSL/IPSec VPN Router Appendix D Select I will corr ect the problem later by configuring DNS manually (A dvanced) , and then click N ext . DNS Registration Diagnostics Select P ermissions compatible only with W indow s 2000 or Windo ws Ser ver 2003 opera ting systems .
70 Ac tiv e Direc tor y S er ver 4-Port SSL/IPSec VPN Router Appendix D T r oubleshooting If your users are unable to connect via Active Director y , check the following: The time settings between the Active Director y ser ver and the Router must be synchronized.
71 User f or the Active Direc tor y Ser v er 4-Port SSL/IPSec VPN Router Appendix E Appendix E: U ser for the A ctive Director y S er ver NO TE: W indows Ser ver 2000 and 2003 support the Active Directory ser ver featur e. T o create a user f or Active Directory : Click the Start button of your W indows computer .
72 User f or the Active Direc tor y Ser v er 4-Port SSL/IPSec VPN Router Appendix E Click Finish t o create the new user . New Object > User > Summar y 9.
73 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F Appendix F : Internet A uthen tication Ser vice (IAS) Ser ver NO TE: W indows Ser ver 2000 and 2003 support the IAS server feature. T o install an IAS ser ver: Click the Start button of your W indows computer .
74 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F Click Next . W elcome to the New Remote Ac cess Policy Wizar d Select Set up a custom polic y , and enter a policy name. Then click Next . Policy Configuration Method 11.
75 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F Make sur e a policy has been added , and then click Next . Policy Conditions Select Grant remote acc ess p ermission , and then click Next . Permissions 16. 17. Click Edit Profile .
76 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F On the Encr yption tab, selec t Basic encryption , Strong encr yption , Str ongest encryption , and No encryption . Click Apply . Encryption Click Finish . Completing the New Remote Acc ess Policy Wizar d Make sure the policy has been added.
77 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F Click Next . W elcome to the New Connection Request Policy W izard Select A custom polic y , and enter a policy name . Then click Next . Policy Configuration Method 29.
78 Internet Authentic ation Ser vice (IAS) Ser ver 4-Port SSL/IPSec VPN Router Appendix F Make sur e a policy has been added , and then click Next . Policy Conditions Click Edit Profile . Request Processing Method 34. 35. On the Authentication tab , select Authentica te request on this server , and then click OK .
79 Lightw eight Direc tor y Access Protocol (LD AP ) Ser ver 4-Port SSL/IPSec VPN Router Appendix G Appendix G: Lightw eight Dir ec tor y A cc ess P r otoc ol (LD AP) Ser ver Access the Rout er ’ s web-based utility. Click the SSL VPN tab . Click the User Management tab .
80 Deployment in an Existing N etwork 4-Port SSL/IPSec VPN Router Appendix H Appendix H: Deploymen t in an Existing Netw ork Over view If you have a current VPN router in your net work, you can add the 4-Port SSL/IPSec VPN Router (model number: RVL200), so that the SSL clients can access the existing network resources .
81 Deployment in an Existing N etwork 4-Port SSL/IPSec VPN Router Appendix H W AN-to-L AN Connec tion LAN Corporate Network Branch Office RV082 LAN W AN W AN2 W AN1 RVL200 W AN IP: 192.
82 Gate wa y-to- G ate w a y VPN T unnel 4-Port SSL/IPSec VPN Router Appendix I Appendix I: Gatew a y-t o -G ate wa y VPN T unnel Over view This appendix explains how to configure an IPSec VPN tunnel bet ween two VPN Routers by example. Tw o computers are used t o test the liveliness of the tunnel .
83 Gate wa y-to- G ate w a y VPN T unnel 4-Port SSL/IPSec VPN Router Appendix I In the IPS ec Setup sec tion, select the appropriate encr yption, authentication, and other key management settings. In the Preshared Key field, enter a string f or this key , for example, 13572468.
84 Gate wa y-to- G ate w a y VPN T unnel 4-Port SSL/IPSec VPN Router Appendix I Configuration when the R emote Gate wa y Uses a Dynamic IP Address This example assumes the Remote Gateway is using a dynamic IP address. If the R emote G ateway uses a static IP address, ref er to “Configuration when the Remote Gateway Uses a Sta tic IP Address .
85 Gate wa y-to- G ate w a y VPN T unnel 4-Port SSL/IPSec VPN Router Appendix I The W AN IP address (B.B .B.B) of the R V082 will be automatically detected. F or the L ocal S ecurity Group T ype, select Subnet . Ent er the RV082’ s local net work settings in the IP Address and Subnet Mask fields.
86 Gate wa y-to- G ate w a y VPN T unnel 4-Port SSL/IPSec VPN Router Appendix I RVL200 IPSec VPN Settings F or the Remote S ecurity Gateway T ype, select IP by DNS Resolved . Enter the RV082’ s domain name in the field provided . F or the Remote Securit y Group T ype , select Subnet .
87 IPSec NA T Tra v ersal 4-Port SSL/IPSec VPN Router Appendix J Appendix J: IPSec NA T T ra v ersal Over view Network A ddress T ranslation (NA T ) traversal is a technique developed so that data protected by IPSec can pass through a NA T . (See NA T 1 and NA T 2 in the diag ram.
88 IPSec NA T Tra v ersal 4-Port SSL/IPSec VPN Router Appendix J The W AN IP address of R outer A will be automatically detected. F or the L ocal S ecurity Group T ype, select Subnet . Ent er Router A ’ s local net work settings in the IP Address and Subnet Mask fields.
89 IPSec NA T Tra v ersal 4-Port SSL/IPSec VPN Router Appendix J Configuration of the One-to- O ne NA T Rules The one -to- one NA T rules must be configured on NA T 2 - RV042 and NA T 1 - R VO42. One -to-O ne NA T Rule on NA T 2 - RV042 192.168.99.1 => 192.
90 IPSec NA T Tra v ersal 4-Port SSL/IPSec VPN Router Appendix J F or the Remote Securit y Group T ype , select Subnet . Enter Router A ’ s local network settings in the IP Addr ess and Subnet Mask fields. In the IPS ec Setup sec tion, select the appropriate encr yption, authentication, and other key management settings.
91 Configuration of Multiple Subnets 4-Port SSL/IPSec VPN Router Appendix K Appendix K: C onfigur ation of Multiple Subnets Over view The 4-P ort SSL/IPSec VPN Router (model number: RVL200) can suppor t multiple subnets. The configuration example shows an RVL200 deploying two routers .
92 Configuration of Multiple Subnets 4-Port SSL/IPSec VPN Router Appendix K Setup > Network In the LAN Setting sec tion, select Multiple Subnet . Click Add/Edit . A new scr een appears. Create a Subnet In the LAN IP Address field, enter 192.168.7.0 .
93 Configuration of Multiple Subnets 4-Port SSL/IPSec VPN Router Appendix K Enter 192.168.1.2 in the Default Gateway field . Enter 1 in the Hop Count field . Select W AN1 from the Interface dr op- down menu. T o create the static r oute, click A dd to list .
94 Multiple VLANs with Computers 4-Port SSL/IPSec VPN Router Appendix L Port 4: T runk ing Port RVL200 192.168.4.x Default VLAN1 VLAN2 VLAN3 VLAN4 192.168.3.x 192.168.2.x SRW2048 RVL200 with Multiple VLANs Using C omputers RVL200 Configuration Physically connect Ethernet por t 4 on the R VL200 to a trunking por t on the SR W2048.
95 Multiple VLANs with Computers 4-Port SSL/IPSec VPN Router Appendix L Select Enable VLAN . Enter 2 in the VLAN ID field. T o create VLAN2, click Add VLAN . Enter 3 in the VLAN ID field. T o create VLAN3, click Add VLAN . Enter 4 in the VLAN ID field.
96 Multiple VLANs and S ubnets 4-Port SSL/IPSec VPN Router Appendix M Appendix M: Multiple VLANs and Subnets Over view The 4-P ort SSL/IPSec VPN Router (model number: RVL200) can suppor t multiple Virtual Local Area Networks ( VLANs) used with multiple subnets.
97 Multiple VLANs and S ubnets 4-Port SSL/IPSec VPN Router Appendix M Subnet Mask Selec t 255.255.255.0 . Range Start Enter 100 . Range End Enter 149 . F or VLAN3, complet e the following: IP A ddress Enter 192.168.3.1 . ( This is the default, which you can ov erwr ite.
98 Access of Multiple VLANs ov er a SSL VPN T unnel 4-Port SSL/IPSec VPN Router Appendix N Appendix N: A cc ess of Multiple VL ANs ov er a SSL VPN T unnel Over view The 4-P ort SSL/IPSec VPN Router (m.
99 Firm ware Upgrade 4-Port SSL/IPSec VPN Router Appendix O Appendix O: F irm ware Upgrade Over view This appendix explains how to upgrade the firmwar e of the Router . Before Y ou Begin If you are using Internet Explorer on Window s XP , disable the pop-up block ing function before you upg rade the Router ’ s firmware.
100 Firm ware Upgrade 4-Port SSL/IPSec VPN Router Appendix O When you or another user logs out, a W arning screen will appear . It will ask you to confirm that you want to delete the Histor y Item for the Router .
101 Batt er y Replacement 4-Port SSL/IPSec VPN Router Appendix P Appendix P : Battery Replacement Over view The R outer has a lithium batter y , type CR2032, on its main circuit board. This battery has an operating life of approxima tely 1 to 2 years .
102 Specific ations 4-Port SSL/IPSec VPN Router Appendix Q Appendix Q: Specifications Specications Model RVL200 Standards IEEE 802.3, IEEE 802.3u, IEEE 802.
103 4-Port SSL/IPSec VPN Router Appendix R Warranty Inf ormation Appendix R: W arranty Informa tion Limited W arranty Linksys warrants to Y ou that, for a period of one year (the " W arranty Period"), your Linksys Product will be substantially fr ee of defects in materials and w orkmanship under normal use.
104 Regula tor y Informa tion 4-Port SSL/IPSec VPN Router Appendix S Appendix S: Regulat or y Information FCC Sta tement This produc t has been tested and complies with the specifications for a Class B digital device, pursuant to Part 15 of the FCC Rules.
105 Regula tor y Informa tion 4-Port SSL/IPSec VPN Router Appendix S User Inf ormation f or Consumer Products Cov ered b y EU Directive 2002/96/EC on W aste Electric and Elec tronic Equipment ( WEEE) This document contains important information for users with regards to the proper disposal and recycling of Linksys products.
106 Regula tor y Informa tion 4-Port SSL/IPSec VPN Router Appendix S Eesti (E stonian) - K eskkonnaalane informatsioon Euroopa Liidus asuva tele klientidele Euroopa Liidu direktiivi 2002/96/EÜ nõuete kohaselt on seadmeid, millel on tootel või pakendil käesolev sümbol , keelatud kõr valdada koos sorteerimata olmejäätmetega.
107 Regula tor y Informa tion 4-Port SSL/IPSec VPN Router Appendix S Lietuvškai (Lithuanian) - Aplink osaugos informacija, skir ta Europos Sąjungos vartotojams Europos dir ektyva 2002/96/EC numato ,.
108 Regula tor y Informa tion 4-Port SSL/IPSec VPN Router Appendix S Português (P ortuguese) - Informação ambiental para clientes da União Eur opeia A Directiva Europeia 2002/96/CE exige que o equipamento que exibe este símbolo no produto e/ou na sua embalagem não seja eliminado junto com os resíduos municipais não separados.
109 Contac t Informa tion 4-Port SSL/IPSec VPN Router Appendix T Appendix T : C ontact Information Linksys C ontact Information W ebsite http://www .linksys.
Een belangrijk punt na aankoop van elk apparaat Cisco Systems RVL200 (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Cisco Systems RVL200 heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Cisco Systems RVL200 vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Cisco Systems RVL200 leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Cisco Systems RVL200 krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Cisco Systems RVL200 bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Cisco Systems RVL200 kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Cisco Systems RVL200 . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.