Connection Type: Remote Access or LAN to LAN
Name: A given name for the connection (e.g. “connection to ofce”).
Connection Type: Remote Access or LAN to LAN.
Type: Check Dial Out if you want your router to operate as a client (connecting to a remote VPN
server, e.g. your ofce server), check Dial In operates as a VPN server.
When conguring your router as a Client, enter the remote Server IP Address (or Hostname) you
wish to connect to.
When conguring your router as a server, enter the Private IP Address Assigned to the Dial in
User.
Username: If you are a Dial-Out user (client), enter the username provided by your Host. If you
are a Dial-In user (server), enter your own username.
Password: If you are a Dial-Out user (client), enter the password provided by your Host. If you are
a Dial-In user (server), enter your own password.
Authentication Type: Default is Auto if you want the router to determine the authentication type
to use, or else manually specify CHAP (Challenge Handshake Authentication Protocol) or PAP
(Password Authentication Protocol) if you know which type the server is using (when acting as a
client), or else the authentication type you want clients connecting to you to use (when acting as a
server). When using PAP, the password is sent unencrypted, whilst CHAP encrypts the password
before sending, and also allows for challenges at different periods to ensure that an intruder has
not replaced the client.
Tunnel Authentication: This enables router to authenticate both the L2TP remote and L2TP host.
This is only valid when L2TP remote supports this feature.
Secret: The secure password length should be 16 characters which may include numbers and
characters.
Active as default route: Commonly used by the Dial-out connection which all packets will route
through the VPN tunnel to the Internet; therefore, active the function may degrade the Internet
performance.
Remote Host Name (Optional): Enter hostname of remote VPN device. It is a tunnel identier
from the Remote VPN device matches with the Remote hostname provided. If remote hostname
matches, tunnel will be connected; otherwise, it will be dropped.
Cautious: This is only when the router performs as a VPN server. This option should be
used by advanced users only.
Local Host Name (Optional): Enter hostname of Local VPN device that is connected / establishes
a VPN tunnel. As default, Router’s default Hostname is home.gateway.
IPSec: Enable for enhancing your L2TP VPN security.
Authentication: Authentication establishes the integrity of the datagram and ensures it is not
tampered with in transmit. There are three options, Message Digest 5 (MD5), Secure Hash
Algorithm (SHA1) or NONE. SHA1 is more resistant to brute-force attacks than MD5, however it is
slower.
MD5: A one-way hashing algorithm that produces a 128−bit hash.
105
