User's Manual
Configuring Virtual Private Networks (VPNs) and Security
Configuring VPNs
Cisco RV 120W Administration Guide 105
5
Configuring IP Security Policies
The VPN Wizard is the recommended method to configure corresponding IKE and
VPN policies for establishing a VPN tunnel. Once the Wizard creates the matching
IKE and VPN policies, you can modify the required fields using the E
Edit
button.
Advanced users can create an IKE policy from the A
Add
button, but must be sure to
use compatible encryption, authentication, and key-group parameters for the VPN
policy.
Configuring IKE Policies
The Internet Key Exchange (IKE) protocol dynamically exchanges keys between
two IPsec hosts. You can create IKE policies to define the security parameters
such as authentication of the peer, encryption algorithms, etc. to be used in this
process.
To configure IKE Policies:.
STEP 1 Choose V
VPN
> I
IPsec
> I
IPsec Policies
.
STEP 2 In the I
IKE Policies Table
, click A
Add
.
STEP 3 Enter the information in the following sections and press S
Save
.
General Information
STEP 1 Under P
Policy Name
, enter a unique name for the policy for identification and
management purposes.
STEP 2 Under D
Direction/Type
, choose one of the following connection methods:
•
Initiator
—The router will initiate the connection to the remote end.
•
Responder
—The router will wait passively and respond to remote IKE
requests.
•
Both
—The router will work in either Initiator or Responder mode.
STEP 3 Under E
Exchange Mode
, choose one of the following options:
•
Main mode
—This mode negotiates the tunnel with higher security, but is
slower.
•
Aggressive mode
—This mode establishes a faster connection, but with
lowered security.