Figure C-17: Connection Type Tab
Figure C-18: Properties Screen
10. Go to the
IP Filter List
tab, and click the filter list
Router->win
, as shown in Figure B-19.
11. Click the
Filter Action
tab, and select the filter action
Require Security
, as shown in Figure
B-20. Then, click
the
Edit
button. From the
Security Methods
tab, shown previously in Figure B-12, verify that the
Negotiate
security
option is enabled, and deselect the
Accept unsecured communication, but always
respond
using IPSec
check box. Select
Session key Perfect Forward Secrecy
, and click the
OK
button.
12. Click the
Authentication Methods
tab, and verify that the authentication method
Kerberos
is
selected, as
shown in Figure B-21. Then, click the
Edit
button.
Figure C-19: IP Filter List Tab
Figure C-20: Filter Action Tab
Figure C-21: Authentication Methods Tab
13. Change the authentication method to
Use this string to protect the key exchange
(preshared key)
, and
enter the preshared key string, such as XYZ12345, as shown in Figure B-22. (This is a sample key
string.
Yours should be a key that is unique but easy to remember.) Then click the
OK
button.
14. This new Preshared key will be displayed in Figure B-23. Click the
Apply
button to continue, if
it appears on
your screen, otherwise proceed to the next step.
15. Click the
Tunnel Setting
tab, shown in Figure B-24, click the radio button for
The tunnel
endpoint is
specified by this IP Address,
and enter the Windows 2000/XP computer’s IP Address.
Figure C-22: Preshared Key
Figure C-23: New Preshared Key
Figure C-24: Tunnel Setting Tab
16. Click the
Connection Type
tab, shown in Figure B-25, and select
All network connections
.
Then click the
OK
or
Close
button to finish.
17. From the
Rules
tab, shown in Figure B-26, click the
OK
or
Close
button to return to the secpol
screen.
Step 4: Assign New IPSec Policy
In the IP Security Policies on
Local Computer
window, shown in Figure B-27, right-click the policy
named
to_Router
, and click
Assign
. A green arrow appears in the folder icon.
Figure C-25: Connection Type
Figure C-26: Rules
Figure C-27: Local Computer
Step 5: Create a Tunnel Through the Web-Based Utility
1. Open your web browser, and enter
192.168.1.1
in the Address field. Press the
Ente
r key.
2. When the User name and Password field appears, enter the default user name and password
admin
. Press
the
Enter
key.
3. From the
Setup
tab, click the
VPN
tab.
4. From the
VPN
tab, shown in Figure B-28, select the tunnel you wish to create in the
Select
Tunnel Entry
dropdown
box. Then click
Enabled
. Enter the name of the tunnel in the
Tunnel Name
field. This is to allow
you to
identify multiple tunnels and does not have to match the name used at the other end of the tunnel.