Professional Documents
Culture Documents
Settings of Gateway: The type of VPN connection is Group VPN of Client to Gateway. Click the Client to Gateway text button on VPN page and check the Group VPN check box to enter VPN settings. Select Subnet from Local Security Group Type menu and fill in subnet range and netmask in the IP address and Subnet Mask text fields. Select Microsoft XP/2000 VPN Client from Remote Client menu. Enter pre-shared key preshared key into the Preshared key text field.
Steps of Win7s setting: Click the Start button on the desktop. Enter secpol.msc in the text field and press enter to the Local Security Policy window.
Right click the IP Security Policies on Local Computer directory and select Create IP Security Policy to IP Security Policy Wizard page. Click Next button to the next page.
Name this policy Win7 IPsec Policy. Click the Next button to the next page.
Click the Finish button to the Win7 IPsec Policy Properties page.
Click the General tab. Click the Settings button to the Key Exchange Settings page.
Check the Master key perfect forward secrecy (PFS) check box. Click the Methods button to the Key Exchange Security Methods page.
Click the Remove button to remove the original policy. Click Add button to add a new policy.
Set the policy as the following picture and click OK button to return. Click OK button to return to the Key Exchange Settings page. Click OK button to return to the Win7 IPsec Policy Properties page.
Set as the following picture. Click the Next button to the Network Type page
Check All network connections check box. Click Next to the IP Filter List page.
Click Add button to the IP Filter List window and enter Win7 to RV042 to the Name text field. Click Add button to the IP Filter Wizard page.
Click Next button to the IP Filter Description and Mirrored property page and select Mirrored. Click Next button to the IP Traffic Source page.
Select My IP Address from the Source address selection. Click Next button to the IP Traffic Destination page.
Select A specific IP Address or Subnet from the Destination address menu and enter gateways subnet and subnet mask to the IP Address or Subnet text field. Click Next button to the IP Protocol Type page.
Select Any from the Select a protocol type menu and click Next button to the next page.
There will be a new rule named Win7 to RV042 in the field and check its check box. Click Next button to the Filter Action page.
Click the Next button to the Filter Action Name page and name this filter Win7.
Click the Next button to the Filter Action General Options page.
Check the Negotiate security check box and click the Next button to the Communicating with computers that do not support IPsec page.
Check the Do not allow unsecured communication check box and click the Next button to the IP Traffic Security page.
Check the Custom check box and click Settings button to the Custom Security Method Settings page.
Set up the Method as the following picture. Click the OK button to return to the IP Traffic Security page. Click the Next button to the "Completing the Security Rule Wizard page.
There will be a filter named Win7 in the field and check the Win7 check box and click Next button to the Authentication Method page.
Check the Use this string to protect the key exchange (preshared key): check box and enter preshared key into the text filed. Click the Next button to the Completing the Security Rule Wizard page.
Click the Finish button to return to the Win7 IPsec Policy Properties page.
Set up as the following picture. Click the Next button to the Network Type page.
Check the All network connections check box and click the Next button to the IP Filter List page.
Name this filter as RV042 to Win7. Click the Add button to the IP Filter Wizard page.
Click the Next button to the IP Filter Description and Mirrored property page.
Check the Mirrored check box and click the Next button to the IP Traffic Source page.
Select A specific IP Address or Subnet from the Source address menu and enter gateways subnet and subnet mask to the IP Address or Subnet text field. Click Next button to the IP Traffic Destination page.
Select My IP Address from the Destination address menu and click Next button to the IP Protocol Type page.
Select Any from the Select a protocol type menu. Click the Next button to the Completing the IP Filter Wizard page.
There will be a new rule named RV042 to Win7 in the field and check its check box. Click Next button to the Filter Action page.
Check the Win7 check box and click the Edit button to the Win7 Properties page.
Check the Custom check box and click the Settings button to the Custom Security Method Settings page.
Set the method as the following picture and click the OK button to return to the Win7 Properties page.
Set up as the following picture. Click the OK button to return to the Filter Action page.
Check the Use this string to protect the key exchange (preshared key): check box and enter preshared key in the text field. Click the Next button to the Completing the Security Rule Wizard page.
Click the Finish button to return to the New Rule Properties page.
Right click the Win7 IPsec Policy and click Assign to enable this rule.
Open the DOS command line and ping gateways LAN IP to trigger the IPsec negotiation. As the following picture, the rule has become effective.