3 establish vpn connection using manual keys, 4 delete vpn rules, 5 display vpn rules – Asus SL6000 User Manual
Page 98
ASUS VPN ADSL Router
97
Chapter 10
Chapter 10
4. Click on “Enable” or “Disable” radio button to enable or disable this rule.
5. Make changes to any or all of the following fields: local/remote secure
group, remote gateway, key management type (select Preshared Key),
preshared key for IKE, encryption/authentication algorithm for IKE,
lifetime for IKE, encryption/authentication algorithm for IPSec, opera-
tion mode for IPSec, PFS group for IPSec and lifetime for IPSec. Please
see Table 10.4 for explanation of these fields.
6. Click on the [Modify] button to modify this VPN rule. The new set-
tings for this VPN rule will then be displayed in the VPN Connection
Status table at the lower half of the VPN Configuration page.
10.2.4 Delete VPN Rules
To delete an outbound ACL rule, follow the instructions below:
1. Log into Configuration Manager as admin, click the VPN menu, and
then click Tunnel submenu.
2. Prior to deleting a VPN rule, make sure that the VPN service is enabled
in System Service Configuration page.
3. Select the rule number from the “ID” drop-down list or click on the
icon of the rule to be deleted in the VPN Connection Status table.
4. Click on the [Delete] button to delete this VPN rule. Note that the VPN
rule deleted will be removed from the VPN Connection Status table
located at the lower half of the same configuration page.
10.2.5 Display VPN Rules
To see existing VPN rules, follow the instructions below:
1. Log into Configuration Manager as admin, click the VPN menu, and
then click Tunnel submenu.
2. The VPN rule table located at the lower half of the VPN Configuration
page shows all the configured VPN rules.
10.3 Establish VPN Connection Using Manual Keys
This section describes the steps to establish the VPN tunnel-using manual keying.
Manual keying is a method to achieve security when ease of configuration and
maintenance is more important or automatic keying is not feasible due to
interoperability issues between IKE implementations on the gateways. However,
this is a weak security option as all packets use the same keys unless you - as the
network administrator, use different key for authentication.