Linksys RV082 User Manual

45

Chapter 6: Set Up and Configure the Router
VPN Tab - Gateway to Gateway

10/100 8-Port VPN Router

Phase 2 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method
determines a method to authenticate the ESP packets. Both sides must use the same Authentication method.
MD5 is a one-way hashing algorithm that produces a 128-bit digest. If users enable the AH Hash Algorithm in
Advanced, then it is recommended to select Null to disable authenticating ESP packets in Phase 2, but both sides
of the tunnel must use the same setting.

Phase 2 SA Life Time: This field allows you to configure the length of time a VPN tunnel is active. The default
value is 3,600 seconds.

Preshared Key: Use character and hexadecimal values in this field, e.g. “My_@123” or “4d795f40313233.” The
max entry of this field is 30-digit. Both sides must use the same Pre-shared Key. It’s recommended to change
Preshared keys regularly to maximize VPN security.

Click the Save Settings button to save the settings or click the Cancel Changes button to undo the changes.

Advanced

For most users, the settings on the VPN page should be satisfactory. This device provides an advanced IPSec
setting page for some special users such as reviewers. Click the Advanced button to link you to that page.
Advanced settings are only for IKE with Preshared Key mode of IPSec.

Aggressive Mode: There are two types of Phase 1 exchanges: Main mode and Aggressive mode.

Aggressive Mode requires half of the main mode messages to be exchanged in Phase 1 of the SA exchange. If
network security is preferred, select Main mode. When users select the Dynamic IP in Remote Security Gateway
Type, it will be limited as Aggressive Mode.

Compress (Support IP Payload compression Protocol (IP Comp)

The Router supports IP Payload Compression Protocol. IP Payload Compression is a protocol to reduce the size of
IP datagrams. If Compress is enabled, the Router will propose compression when initiating a connection. If the
responders reject this propose, the Router will not implement the compression. When the Router works as a
responder, the Router will always accept compression even without enabling compression.

Keep-Alive: This mechanism helps to keep up the connection of IPSec tunnels. Whenever a connection is dropped
and detected, it will be re-established immediately.

AH Hash Algorithm: AH (Authentication Header) protocol describe the packet format and the default standards for
packet structure. With the use of AH as the security protocol, protected is extended forward into IP header to
verify the integrity of the entire packet by use of portions of the original IP header in the hashing process. There