Thursday, November 5, 2009

Configuring VPN tunnel between Linksys routers?

A Virtual Private Network (VPN) is a connection between two endpoints - a VPN router, for instance - in different networks that allows private data to be sent securely over a shared or public network, such as the Internet. This establishes a private network that can send data securely between these two locations or networks through a "tunnel." A VPN tunnel connects two PCs or networks and allows data to be transmitted over the Internet as if it were still within those networks. It is a connection secured by encrypting the data sent between the two networks.


To setup a VPN Tunnel on a Linksys router you need to perform four steps:
1.Connecting Devices Together
2.Verifying the VPN Settings Needed on the Two Routers
3.Configuring VPN Tunnel settings on Router A
4.Configuring VPN Tunnel settings on Router B

Connecting Devices Together

Before connecting to a VPN tunnel you need to ensure that there is an active Internet connection between the two routers that will communicate. After ensuring that there is an active Internet connection, you need to verify the VPN settings. To verify the VPN settings of the two routers, follow the instructions below.

Verifying the VPN Settings Needed on the Two Routers

In order for you to successfully configure a VPN tunnel, you need to take note of the settings needed to set-up a tunnel. To verify the settings needed for your VPN Tunnel follow the steps below.

Step 1:
Access the router's web-based setup page.
Step 2:
Click Status then under WAN/Gateway take note of the Internet IP Address.
Step 3:
Click Status then LAN and take note of the IP Address.

Router A's Status page:



Router B's Status page:


Step 4:
Make sure the Local IP Address of the two routers are different. Take note that the Local IP Address of Router A will be Router B's Remote Secure Group.
Note: Change the Local IP Address of a Linksys router if necessary.
In this example, we will use the following:

Step 5:
After verifying the settings needed to setup a tunnel, you need to configure the settings on Router A. For instructions, follow the steps below.
Configuring VPN Tunnel settings on Router A

Step 1:
Access the router's web-based setup page.
Step 2:
When the router's web-based setup page appears, click VPN.

Step 3:
Look for IPsec VPN Tunnel then select Enable.
Step 4:
Under Tunnel Name enter the name you want to set your tunnel. In this example "tunnel1" was used.

Step 5:
Look for Local Secure Group and select either Subnet, IP Addr. or IP Range, then on the fields provided enter the appropriate values of the router. In this example, we selected Subnet and entered "192.168.1.0" for the IP since this is the LAN segment of the local router and "255.255.255.0" for the Mask.

Step 6:
Under Remote Security Group, select either Subnet, IP Addr., IP Range, or Any, then on the fields provided enter the appropriate values of the remote router. In this example, we selected Subnet and entered "192.168.2.0" for the IP since this is the LAN segment of the remote router and "255.255.255.0" for the Mask.

Step 7:
Look for the Remote Security Gateway drop down menu and select either IP Addr. or Any, then enter the WAN/Internet IP address or the DDNS of the remote router. In this example, we selected IP Addr. and entered "10.100.16.60" for the IP Address field since this is the Internet IP address of the remote router.

Step 8:
Under Encryption, select 3DES since this is the only Encryption type supported.
Note: Make sure the Encryption level selected is the same with the router you wish to establish a VPN tunnel with.
Step 9:
Under Authentication, select the authentication mode you wish to enable on your tunnel. In this example we used SHA1.
Note: Make sure the Authentication mode selected is the same with the router you wish to establish a VPN tunnel with.

Step 10:
Under Key Exchange Method, select Auto (IKE).
Step 11:
Make sure PFS is set to Enable. This will ensure that the initial key exchange and IKE proposals are secured.

Step 12:
Under Pre-Shared Key, enter the key you want to enable on your tunnel. In this example "MyPresharedKey" was used.
Step 13:
Under Key Life Time, enter the time period you want the key to expire on your tunnel. In this example "28800" was used.

Note: Make sure the Pre-shared Key and Key Life Time entered are the same with the remote router.
Step 14:
Click On Save Setting
Step 15:
After verifying the settings needed to setup a tunnel, you need to configure the settings on Router B. For instructions, follow the steps below.
Configuring VPN Tunnel settings on Router B

Step 1:
Access the router's web-based setup page.
Step 2:
When the router's web-based setup page appears, click VPN.

Step 3:
Look for IPsec VPN Tunnel then select Enable.
Step 4:
Under Tunnel Name enter the name you want to set your tunnel. In this example "tunnel1" was used.

Step 5:
Look for Local Secure Group and select either Subnet, IP Addr. or IP Range, then on the fields provided enter the appropriate values of the router. In this example, we selected Subnet and entered "192.168.2.0" for the IP since this is the LAN segment of the local router and "255.255.255.0" for the Mask.

Step 6:
Under Remote Security Group select either Subnet, IP Addr., IP Range, or Any, then on the fields provided enter the appropriate values on your router (this values should be from the remote router). In this example we select Subnet and enter "192.168.1.0" for the IP since this is the LAN segment of the remote router and "255.255.255.0" for the Mask.

Step 7:
Look for the Remote Security Gateway drop down menu and select either IP Addr. or Any, then enter the WAN/Internet IP address or the DDNS of the remote router. In this example, we selected IP Addr. and entered "22.15.160.53" for the IP Address field since this is the Internet IP address of the remote router.

Step 8:
Under Encryption, select 3DES since this is the only Encryption type supported.
Note: Make sure the Encryption level is the same with the router you wish to establish a VPN tunnel with.
Step 9:
Under Authentication, select the authentication mode you wish to enable on your tunnel. In this example we used SHA1.
Note: Make sure the Authentication mode is the same with the router you wish to establish a VPN tunnel with.

Step 10:
Under Key Exchange Method, select Auto (IKE).
Step 11:
Make sure PFS is set to Enable. This will ensure that the initial key exchange and IKE proposals are secured.

Step 12:
Under Pre-Shared Key, enter the key you want to enable on your tunnel. In this example "MyPresharedKey" was used.
Step 13:
Under Key Life Time, enter the time period you want the key to expire on your tunnel. In this example "28800" was used.

Note: Make Sure the Pre-Shared Key and Key Life Time Entered are the same with the remote Router
Step:14
Click On Save Setting
Step:15
Click On Connect
Cheers Now your VPN is Ready to Use
Posted by at

1 comment:

Subscribe to: Post Comments (Atom)