Cisco Small Business RV 120W Wireless-N VPN Firewall ...
Cisco Small Business RV 120W Wireless-N VPN Firewall ... Cisco Small Business RV 120W Wireless-N VPN Firewall ...
Configuring Virtual Private Networks (VPNs) and SecurityConfiguring Security5To configure VPN passthrough:STEP 1STEP 2Choose VPN > IPsec > VPN Passthrough.Choose the type of traffic to allow to pass through the router:• IPsec—Check Enable to allow IP security tunnels to pass through the router.• PPTP—Check Enable to allow Point-to-Point Tunneling Protocol tunnels topass through the router.• L2TP—Check Enable to allow Layer 2 Tunneling Protocol tunnels to passthrough the router.STEP 3Click Save.Configuring SecurityThe Cisco RV120W provides several security methods, including certificateauthentication, RADIUS server support, and 802.1x port-based authentication.Using Certificates for AuthenticationThe Cisco RV120W uses digital certificates for IPsec VPN authentication and SSLvalidation (for HTTPS and SSL VPN authentication). You can obtain a digitalcertificate from a well-known Certificate Authority (CA) such as VeriSign, orgenerate and sign your own certificate using functionality available on thisgateway. The gateway comes with a self-signed certificate, and this can bereplaced by one signed by a CA as per your networking requirements. A CAcertificate provides strong assurance of the server's identity and is a requirementfor most corporate network VPN solutions.A self certificate is a certificate issued by a CA identifying your device (or selfsignedif you don't want the identity protection of a CA). To request a selfcertificate to be signed by a CA, you can generate a Certificate Signing Requestfrom the gateway by entering identification parameters and sending to the CA forsigning. Once signed, the CA's Trusted Certificate and signed certificate from theCA are uploaded to activate the self-certificate validating the identity of thisgateway. The self certificate is then used in IPsec and SSL connections with peersto validate the gateway's authenticity.Cisco RV120W Administration Guide 107
Configuring Virtual Private Networks (VPNs) and SecurityConfiguring Security5To configure certificates, choose Security > SSL Certificate. You can choose thefollowing options:Generating New CertificatesOne of the steps in creating a certificate is to generate a certificate request fromthe computer or the device that will be using the certificate. The CertificateSigning Request (CSR) file needs to be submitted to the CA who will thengenerate a certificate for this device.To generate a certificate request:STEP 1STEP 2STEP 3STEP 4STEP 5STEP 6Choose Security > SSL Certificate.Choose Generate a New Certificate.Click Generate Certificate.Enter the name of the certificate request.Enter the subject of the certificate request. The Subject field populates the CN(Common Name) entry of the generated certificate. Subject names are usuallydefined in the following format: CN=, OU=, O=, L=, ST=, C=. For example,CN=router1, OU=my_company, O=mydept, L=SFO, C=US.Choose the Hash Algorithm: MD5 or SHA-1. The algorithm used to sign thecertificate (RSA) is shown.STEP 7 Enter the signature key length, or the length of the signature (512,1024, or 2048).STEP 8STEP 9(Optional) Enter the IP address of the router.(Optional) Enter the domain name of the router.STEP 10 (Optional) Enter the e-mail address of the company contact that is used whengenerating the self certificate request.STEP 11 Click Generate. A new certificate request is created.Importing a Certificate from a FileTo import a certificate from a file (for example, if you have been given a certificatefrom a CA), the file must be on a computer connected to the Cisco RV120W:Cisco RV120W Administration Guide 108
- Page 65 and 66: Configuring the Wireless NetworkCon
- Page 67 and 68: Configuring the Wireless NetworkCon
- Page 69 and 70: Configuring the Wireless NetworkCon
- Page 71 and 72: Configuring the Wireless NetworkCon
- Page 73 and 74: Configuring the Wireless NetworkCon
- Page 75 and 76: Configuring the FirewallCisco RV120
- Page 77 and 78: Configuring the FirewallConfiguring
- Page 79 and 80: Configuring the FirewallConfiguring
- Page 81 and 82: Configuring the FirewallConfiguring
- Page 83 and 84: Configuring the FirewallConfiguring
- Page 85 and 86: Configuring the FirewallConfiguring
- Page 87 and 88: Configuring the FirewallConfiguring
- Page 89 and 90: Configuring the FirewallConfiguring
- Page 91 and 92: Configuring the FirewallConfiguring
- Page 93 and 94: Configuring the FirewallConfiguring
- Page 95 and 96: Configuring the FirewallConfiguring
- Page 97 and 98: Configuring the FirewallFirewall Co
- Page 99 and 100: Configuring the FirewallFirewall Co
- Page 101 and 102: 5Configuring Virtual Private Networ
- Page 103 and 104: Configuring Virtual Private Network
- Page 105 and 106: Configuring Virtual Private Network
- Page 107 and 108: Configuring Virtual Private Network
- Page 109 and 110: Configuring Virtual Private Network
- Page 111 and 112: Configuring Virtual Private Network
- Page 113 and 114: Configuring Virtual Private Network
- Page 115: Configuring Virtual Private Network
- Page 119 and 120: Configuring Virtual Private Network
- Page 121 and 122: 6Configuring Quality of Service (Qo
- Page 123 and 124: Configuring Quality of Service (QoS
- Page 125 and 126: Configuring Quality of Service (QoS
- Page 127 and 128: Administering Your Cisco RV120WConf
- Page 129 and 130: Administering Your Cisco RV120WUsin
- Page 131 and 132: Administering Your Cisco RV120WConf
- Page 133 and 134: Administering Your Cisco RV120WConf
- Page 135 and 136: Administering Your Cisco RV120WCapt
- Page 137 and 138: Administering Your Cisco RV120WConf
- Page 139 and 140: Administering Your Cisco RV120WConf
- Page 141 and 142: Administering Your Cisco RV120WConf
- Page 143 and 144: Administering Your Cisco RV120WUpgr
- Page 145 and 146: 8Viewing the Cisco RV120W StatusThi
- Page 147 and 148: Viewing the Cisco RV120W StatusView
- Page 149 and 150: Viewing the Cisco RV120W StatusView
- Page 151 and 152: Viewing the Cisco RV120W StatusView
- Page 153 and 154: Viewing the Cisco RV120W StatusView
- Page 155 and 156: Viewing the Cisco RV120W StatusView
- Page 157 and 158: Viewing the Cisco RV120W StatusView
- Page 159 and 160: AUsing Cisco QuickVPN for Windows 7
- Page 161 and 162: Using Cisco QuickVPN for Windows 7,
- Page 163: BWhere to Go From HereCisco provide
Configuring Virtual Private Networks (<strong>VPN</strong>s) and SecurityConfiguring Security5To configure <strong>VPN</strong> passthrough:STEP 1STEP 2Choose <strong>VPN</strong> > IPsec > <strong>VPN</strong> Passthrough.Choose the type of traffic to allow to pass through the router:• IPsec—Check Enable to allow IP security tunnels to pass through the router.• PPTP—Check Enable to allow Point-to-Point Tunneling Protocol tunnels topass through the router.• L2TP—Check Enable to allow Layer 2 Tunneling Protocol tunnels to passthrough the router.STEP 3Click Save.Configuring SecurityThe <strong>Cisco</strong> <strong>RV</strong><strong>120W</strong> provides several security methods, including certificateauthentication, RADIUS server support, and 802.1x port-based authentication.Using Certificates for AuthenticationThe <strong>Cisco</strong> <strong>RV</strong><strong>120W</strong> uses digital certificates for IPsec <strong>VPN</strong> authentication and SSLvalidation (for HTTPS and SSL <strong>VPN</strong> authentication). You can obtain a digitalcertificate from a well-known Certificate Authority (CA) such as VeriSign, orgenerate and sign your own certificate using functionality available on thisgateway. The gateway comes with a self-signed certificate, and this can bereplaced by one signed by a CA as per your networking requirements. A CAcertificate provides strong assurance of the server's identity and is a requirementfor most corporate network <strong>VPN</strong> solutions.A self certificate is a certificate issued by a CA identifying your device (or selfsignedif you don't want the identity protection of a CA). To request a selfcertificate to be signed by a CA, you can generate a Certificate Signing Requestfrom the gateway by entering identification parameters and sending to the CA forsigning. Once signed, the CA's Trusted Certificate and signed certificate from theCA are uploaded to activate the self-certificate validating the identity of thisgateway. The self certificate is then used in IPsec and SSL connections with peersto validate the gateway's authenticity.<strong>Cisco</strong> <strong>RV</strong><strong>120W</strong> Administration Guide 107