Configuration of an IPSec VPN Server on RV130 and RV130W

<!DOCTYPE html> <html xmlns:fb="//www.facebook.com/2008/fbml" xmlns:og="//opengraphprotocol.org/schema/" lang="en" xml:lang="en" class="no-touch no-js"> <head> <meta charset="utf-8"> <meta name="HandheldFriendly" content="True" /> <meta name="MobileOptimized" content="320" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta name="rei" content="3/2/2022 10.39am est" /> <script tyle="text/javascript" src="/content/dam/cdc/j/cdcrSwitch.js"></script> <script type="text/javascript"> if (typeof cdc === "undefined"){ cdc = {}; } cdc.localizedLang="en/us"; if (window.cdcext === undefined) { window.cdcext = {}; } cdcext.customEnvironment = "prod"; if (window.cdclocale === undefined) { window.cdclocale = {}; } cdclocale.locale = cdc.localizedLang=="en/us"?"en_us":cdc.localizedLang; </script> <script src="/c/dam/cdc/t/ctm-core.js"></script> <script> window['adrum-start-time'] = new Date().getTime(); window.environ = "prod" ; </script> <script> if (window.cpe === undefined) { window.cpe = {}; } cpe.accountName = "prod"; cpe.config = ["cinf","dsc","pps"]; cpe.hideMethod = "elements"; window.targetGlobalSettings = JSON.parse('{\x22timeout\x22:4000}'); window.targetPageParamsAll = () => JSON.parse('{\x22entity\x22:\x22{\\\x22id\\\x22:\\\x221544487688106121\\\x22,\\\x22categoryId\\\x22:\\\x22Products,Routers,TSD Products Tech Note\\\x22}\x22}'); const bullseyeLibrary = `/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/external/bullseye.js`; import(bullseyeLibrary); </script> <script src="/etc.clientlibs/cisco-cdc/clientlibs/clientlib-external/resources/regional-mbox/regional-mbox.js"></script> <title>Configuration of an IPSec VPN Server on RV130 and RV130W - Cisco</title> <meta name="format-detection" content="telephone=no"> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <meta name="description" content="The objective of this document is to show you how to configure an IPSec VPN Server on RV130 and RV130W." /> <meta name="title" content="Configuration of an IPSec VPN Server on RV130 and RV130W" /> <meta name="documentId" content="SMB4990" /> <meta name="templateName" content="eot" /> <meta name="PID" content="RV130-WB-K9-NA,RV130-K8-RU,RV130-WB-K8-RU,RV130-WB-K9-NA-WS,RV130-WB-K9-NA-RF" /> <meta name="SecondaryPID" content="RV130W-A-K9-NA-RF,RV130W-WB-E-K8-RU,RV130W-WB-AK9NA-WS,RV130W-WBAK9NA-RF,RV130W-E-K9-G5-RF,RV130-WB-K9-G5-RF,RV130W-E-K9-CN,RV130W-E-K9-G5-WS,RV130-K8-RU,RV130-K9-IN,RV130W-A-K9-AU-RF,RV130-K9-IN-RF,RV130W-A-K9-NA-WS,RV130-WB-K9-G5,RV130W-WB-A-K9-NA,RV130-WB-K9-G5-WS,RV130W-E-K9-G5,RV130W-A-K9-AR,RV130W-A-K9-AU,RV130W-E-K9-IN,RV130W-A-K9-NA,RV130W-A-K9-AR-RF,RV130-WB-K8-RU,RV130W-E-K8-RU,RV130W-E-K9-CN-RF,RV130-K8-RU,RV130-WB-K8-RU,RV130W-E-K8-RU,RV130W-WB-EK9G5-WS,RV130W-WB-E-K8-RU,RV130W-WB-E-K9-G5,RV130W-WB-EK9G5-RF" /> <meta property="fb:app_id" content="156494687694418" /> <meta name="ioContentSource" content="WEM" /> <meta name="concept" content="Cisco Small Business RV Series Routers" /> <meta name="secondaryConcept" content="Cisco RV130 WF VPN Router" /> <meta name="secondaryConcept" content="Cisco RV130W Wireless-N Multifunction VPN Router" /> <meta name="secondaryConcept" content="Cisco RV130W Wireless-N Multifunction WF VPN Router" /> <meta name="docType" content="TSD Products Tech Note" /> <meta name="iaPath" content="cisco.com#Products#Cisco Products#Routers#Small Business Routers#Cisco Small Business RV Series Routers" /> <meta name="contentType" content="cisco.com#US#postSales" /> <meta name="Topics" content="SMB#Virtual Private Network VPN#IPSec Profiles,SMB#Family#Routers#routers-100" /> <meta name="locale" content="US" /> <meta name="language" content="en" /> <meta name="country" content="US" /> <meta name="hub" content="Enterprise Networks" /> <meta name="CCID_Page" content="cc001772" /> <meta name="date" content="Wed Aug 31 11:46:23 PDT 2022" /> <meta name="accessLevel" content="Customer" /> <meta name="accessLevel" content="Guest" /> <meta name="accessLevel" content="Partner" /> <meta name="entitlementExpression" content="contains( "0,1,2,3,4,7" , $profileField[3] )" /> <meta property="og:site_name" content="Cisco" /> <meta property="og:type" content="website" /> <meta property="og:title" content="Configuration of an IPSec VPN Server on RV130 and RV130W" /> <meta property="og:description" content="The objective of this document is to show you how to configure an IPSec VPN Server on RV130 and RV130W." /> <meta property="og:url" content="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html" /> <link rel="canonical" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="x-default" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="pt-br" href="https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="es-mx" href="https://www.cisco.com/c/es_mx/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="ko-kr" href="https://www.cisco.com/c/ko_kr/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="it-it" href="https://www.cisco.com/c/it_it/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="ja-jp" href="https://www.cisco.com/c/ja_jp/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="de-de" href="https://www.cisco.com/c/de_de/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="fr-ca" href="https://www.cisco.com/c/fr_ca/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="ar-ae" href="https://www.cisco.com/c/ar_ae/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="nl-nl" href="https://www.cisco.com/c/nl_nl/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="zh-tw" href="https://www.cisco.com/c/zh_tw/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="zh-cn" href="https://www.cisco.com/c/zh_cn/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <link rel="alternate" hreflang="en-us" href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html"/> <script src="/etc.clientlibs/clientlibs/granite/jquery.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/utils.min.js"></script> <script src="/etc.clientlibs/clientlibs/granite/jquery/granite.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/jquery.min.js"></script> <script src="/etc.clientlibs/foundation/clientlibs/shared.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/underscore.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script src="/etc.clientlibs/cq/personalization/clientlib/personalization/kernel.min.js"></script> <script type="text/javascript"> $CQ(function() { CQ_Analytics.SegmentMgr.loadSegments("\/etc\/segmentation"); CQ_Analytics.ClientContextUtils.init("\/c\/dnc\/etc\/clientcontext\/default", "\/content\/en\/us\/support\/docs\/smb\/routers\/cisco\u002Drv\u002Dseries\u002Dsmall\u002Dbusiness\u002Drouters\/smb4990\u002Dconfiguration\u002Dof\u002Dan\u002Dipsec\u002Dvpn\u002Dserver\u002Don\u002Drv130\u002Dand\u002Drv130w"); }); </script> <link rel="stylesheet" href="/etc/designs/cdc/clientlibs/responsive/css/cisco-sans.min.css" type="text/css"> <script src="/etc/designs/cdc/clientlibs/responsive/js/foundation.min.js"></script> <link rel="stylesheet" href="/etc/designs/cdc/fw/b/responsive/css/eot.min.css" type="text/css"> <script> sessionStorage.setItem("logOutIntermediateMessage", 'You are being logged out.'); </script>  <script type="application/ld+json"> [ { "@context": "http://www.schema.org", "@type": "WebPage", "name": "Configuration of an IPSec VPN Server on RV130 and RV130W", "url": "https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html", "description": "The objective of this document is to show you how to configure an IPSec VPN Server on RV130 and RV130W.", "publisher": { "@type": "Corporation", "name": "Cisco" } }] </script>    <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqxgy4r2z2grhtq-f-6270720cc-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":3,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"1c8384","ak.r":37669,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":57382,"ak.gh":"23.53.33.212","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1732676071","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==nQkZpXy+sHnj0H6L6NNkmmW2Gag8OdqReCFbR5IY+WGPIv7v260uX/msXtlPeBv1OJk74jwjPPJoWqRVx4HBmwygvjPduG86hyG0VDPBCx8Lr3HWDcsgCAMuXMTXbyQGyPrF86/JBfJBO0xJsL/JKg8sbrr2YIuWowP6UTBkDaZZdxzR77DMj/s067mcxIMb1PmLrjC8sPhU3qqo5uf/MuuPuFUyIDFxiM4odJ5VlV+P9P1MCOTIqThDGNt6uChBXj0HbViw3mwwHPp/13NpxdsrjXOvxmEUII0CaG3fd8pX05PINsrqX8oVICvFpZjR6ugMMyg7ySLPJakOl+bOA6AhbVD/grnHhYWywxHH09Pw39ZZHlh+lf67gKnfRdfOPd+PnflYShL4r/sSIjftunlLeMad6JdBQu64k/IgI1U=","ak.pv":"517","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body id="wcq" class="fw-res cdc-support cdc-eot cdc-high-density cdc-full-width cdc-transform "> <div id="fw-skiplinks"> <ul class="container"> <li><a id="skiplink-content" href="#fw-content">Skip to content</a></li> <li><a id="skiplink-search" href="#">Skip to search</a></li> <li><a id="skiplink-footer" href="#fw-footer-v2" class="last">Skip to footer</a></li> </ul> </div> <script type="module" src="/site/web-components/us/en/cdc-header.js"></script> <cdc-header></cdc-header> <nav class="fw-c-header__seo-links" aria-hidden="true" style="display:none"> <ul> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/index.html">Cisco.com Worldwide</a></li> <li><a tabindex="-1" href="/c/en/us/products/index.html">Products and Services</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/solutions/index.html">Solutions</a></li> <li><a tabindex="-1" href="/c/en/us/support/index.html">Support</a></li> <li><a tabindex="-1" href="/c/en/us/training-events.html">Learn</a></li> <li><a tabindex="-1" href="//www.cisco.com/c/en/us/about/sitemap.html">Explore Cisco</a></li> <li><a tabindex="-1" href="/c/en/us/buy.html">How to Buy</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Partners Home</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/cisco-partner-program/index.html?ccid=cc000864&dtid=odiprc001129">Partner Program</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/support-help/index.html">Support</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/tools/index.html?dtid=odiprc001129">Tools</a></li> <li><a tabindex="-1" href="https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/pf/index.jsp#/">Find a Cisco Partner</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/connect-with-a-partner/index.html?ccid=cc000864&dtid=odiprc001129">Meet our Partners</a></li> <li><a tabindex="-1" href="https://www.cisco.com/site/us/en/partners/index.html?dtid=odicdc001129">Become a Cisco Partner</a></li> </ul> </nav> <div id="fw-content" class="container grid"> <div class="row full blowout" data-owner="ID"> <div class="col full "> <nav id="fw-breadcrumb" class="data-based" aria-label="breadcrumbs" data-owner="ID"> <ul itemscope itemtype="//schema.org/BreadcrumbList"> <li aria-hidden="true"><a href='#' class="skip"><span></span></a></li> <li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/index.html'><span itemprop='name'>Support</span><meta itemprop='position' content='1' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/all-products.html'><span itemprop='name'>Product Support</span><meta itemprop='position' content='2' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/index.html'><span itemprop='name'>Routers</span><meta itemprop='position' content='3' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/small-business-rv-series-routers/series.html'><span itemprop='name'>Cisco Small Business RV Series Routers</span><meta itemprop='position' content='4' /></a><span class='caret'></span></li><li itemprop='itemListElement' itemscope itemtype='//schema.org/ListItem'><a itemprop='item' href='/c/en/us/support/routers/small-business-rv-series-routers/products-configuration-examples-list.html'><span itemprop='name'>Configuration Examples and TechNotes</span><meta itemprop='position' content='5' /></a><span class='caret'></span></li> </ul> </nav> <script> if (window.cdc === undefined) { window.cdc = {}; } if (cdc.breadcrumb === undefined) { cdc.breadcrumb = (function () { let clone = document.querySelector('#fw-breadcrumb').cloneNode(true); let appendClone = function () { let hasBreadcrumb = document.querySelector('#fw-breadcrumb') !== null, firstMarquee = document.querySelectorAll('.dmc-mq')[0]; if (!hasBreadcrumb && firstMarquee !== undefined) { firstMarquee.querySelector('.frame .inset').insertBefore(this.clone, firstMarquee.querySelector('.frame .inset').firstElementChild); } }; return { clone: clone, appendClone: appendClone } }()); } //DE380224 var anchorChild = document.getElementsByTagName("a"); for(var i=0; i<anchorChild.length; i++){ if(anchorChild[i].getAttribute("itemprop")=="item") { if ( anchorChild[i].href.includes("%3Clocale%3E") ){ let anchorChildHREF = anchorChild[i].href; let docLocale = document.querySelector('meta[name="locale"]').getAttribute('content'); let docLanguage = document.querySelector('meta[name="language"]').getAttribute('content'); var docSeparator; if ((docLocale.toLowerCase() == "us") && (docLanguage.toLowerCase() == "en")) { docSeparator="/"; } else { docSeparator="_"; } let anchorURLReplace = docLanguage.toLowerCase() + docSeparator + docLocale.toLowerCase(); anchorChildHREF = anchorChildHREF.replace("%3Clocale%3E", anchorURLReplace); anchorChild[i].setAttribute('href', anchorChildHREF); } } } </script> <h1 id="fw-pagetitle" class="" data-owner="ID">Configuration of an IPSec VPN Server on RV130 and RV130W</h1> </div> </div>  <div class="row blowout wide-narrow-v2 visitedlinks"> <div class="col wide-v2"> <script> if (typeof(cdc) == "undefined") cdc={}; if (typeof(cdc.translations) == "undefined") cdc.translations={}; </script> <div class="docHeaderComponent base-blowout"> <div class="linksRow"> <div class="toolbar"> <div class="noprint" id="saveModule"> <script type="text/javascript"> cdc.util.ensureNamespace("cdc.rc.savedoc"); cdc.rc.savedoc.isLoggedIn = false; cdc.rc.savedoc.save = "Save"; cdc.rc.savedoc.saved = "Saved"; </script> <button class="save" aria-expanded="false"> <label>Save</label> </button> </div> <div class="saveDocumentMessage login cdc-expandPanel" role="region" aria-live="polite"> <a href="/c/login/index.html?referer=/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html">Log in</a> to Save Content </div>   <div class="noprint translations"> <a href="#" tabindex="-1"> <button type="button" class="translations translations-link anchor translationOptions simpleOverlay-trigger"> <div class="toolbarIcon translationsIcon"></div><label class="iconLabel" id="onlyForNonEn">Translations</label> </button> </a> </div> <div class="noprint downloadDocument" ><button type="button" class="view-download-list-link anchor" aria-expanded="false"><div class="toolbarIcon downloadIcon"></div><label class="iconLabel">Download</label></button></div> <div class="noprint printDocument js-only"><button type="button" class="anchor printPage"><div class="toolbarIcon printIcon"></div><label class="iconLabel">Print</label></button></div> </div> </div>  <script language="javascript"> cdc.translations.map = "{pt-br=https://www.cisco.com/c/pt_br/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, es-mx=https://www.cisco.com/c/es_mx/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, ko-kr=https://www.cisco.com/c/ko_kr/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, it-it=https://www.cisco.com/c/it_it/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, ja-jp=https://www.cisco.com/c/ja_jp/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, de-de=https://www.cisco.com/c/de_de/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, fr-ca=https://www.cisco.com/c/fr_ca/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, ar-ae=https://www.cisco.com/c/ar_ae/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, nl-nl=https://www.cisco.com/c/nl_nl/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, zh-tw=https://www.cisco.com/c/zh_tw/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, zh-cn=https://www.cisco.com/c/zh_cn/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, en-us=https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html, x-default=https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.html}";//storing the map for use in the JS cdc.translations.locale="en_us"; </script> <div class="availableLanguagesList"> <h3>Available Languages</h3> <ul id="translationsList"> </ul> </div> <div id="download-list-container" class="noprint panelRow" role="region" aria-live="polite"> <div class='download-list' aria-label="Download Options"> <h3>Download Options</h3> <ul> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.pdf" class="download-pdf"><div class="fileIcon pdfIcon"></div>PDF</a> <span class="docSize">(233.5 KB)</span> <br /> <span class="description">View with Adobe Reader on a variety of devices</span> </div> </li> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.epub" class="download-epub"><div class="fileIcon epubIcon"></div>ePub</a> <span class="docSize">(288.2 KB)</span> <br /> <span class="description">View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone</span> </div> </li> <li> <div class="fileText"> <a href="/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4990-configuration-of-an-ipsec-vpn-server-on-rv130-and-rv130w.mobi" class="download-mobi"><div class="fileIcon mobiIcon"></div>Mobi (Kindle)</a> <span class="docSize">(860.1 KB)</span> <br /> <span class="description">View on Kindle device or Kindle app on multiple devices</span> </div> </li> </ul> </div> </div> <div class="infobarClearFix"> <div class="infobar"> <div class="updatedDate"><span>Updated:</span>December 10, 2018</div> <div class="documentId"><span>Document ID:</span>SMB4990</div> </div> <div class="disclaimers support"> <div class="disclaimerButtons"> <div class="aboutBias"> <button aria-expanded="false" >Bias-Free Language</button> </div> </div> <div class="biasfreeContent panel"> <h3>Bias-Free Language</h3> <p>The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. <a href="https://www.cisco.com/c/en/us/about/social-justice/inclusive-language-policy.html">Learn more</a> about how Cisco is using Inclusive Language.</p> </div> </div> </div> </div> <script> jQuery(document).ready(function(){ if(jQuery("body").hasClass("cdc-eot-toc") && jQuery(".cdc-eot-toc").find(".DocumentHistory").length > 0){ jQuery(".cdc-eot-toc .seeRevisions").show(); if(jQuery(window).width() >= 768){ jQuery(".cdc-eot-toc .updatedDate").nextAll(".bullet").show(); } }else{ jQuery(".cdc-eot-toc .infobar .bullet").hide(); jQuery(".cdc-eot-toc .seeRevisions"); jQuery(".cdc-eot-toc .updatedDate"); } }) </script> <script src="/etc/designs/cdc/fw/clientlibs/granite-utils.min.js"></script> <script> if (window.cdc === "undefined") window.cdc={}; if (typeof cdc.rc === "undefined") cdc.rc={}; // initialize dictionary for i18n cdc.util.ensureNamespace("cdc.rc"); cdc.rc.eotkeys = { showOnly5Products : "Show Only 5 Products", showAllRowsProducts : "Show All nRows Products", supportCommunityUrl : "https://community.cisco.com/t5/technology-and-support/ct-p/technology-support", supportCommunity : "Cisco Community", thankYou : "Thank You", viewersAlso : "Customers Also Viewed", show : "Show", more : "More", showOnly3Documents: "Show Only 3 Documents" }; </script> <div id="eot-doc-wrapper">  <html> <head> <link type="text/css" rel="stylesheet" href="//www.cisco.com/etc/designs/cdc/transformation/support-responsive.css"/> <title>Configuration of an IPSec VPN Server on RV130 and RV130W</title> <script>!function(e){var n="https://s.go-mpulse.net/boomerang/";if("False"=="True")e.BOOMR_config=e.BOOMR_config||{},e.BOOMR_config.PageParams=e.BOOMR_config.PageParams||{},e.BOOMR_config.PageParams.pci=!0,n="https://s2.go-mpulse.net/boomerang/";if(window.BOOMR_API_key="GKZXC-NS3SU-A7VFH-HKBHM-U7LKH",function(){function e(){if(!o){var e=document.createElement("script");e.id="boomr-scr-as",e.src=window.BOOMR.url,e.async=!0,i.parentNode.appendChild(e),o=!0}}function t(e){o=!0;var n,t,a,r,d=document,O=window;if(window.BOOMR.snippetMethod=e?"if":"i",t=function(e,n){var t=d.createElement("script");t.id=n||"boomr-if-as",t.src=window.BOOMR.url,BOOMR_lstart=(new Date).getTime(),e=e||d.body,e.appendChild(t)},!window.addEventListener&&window.attachEvent&&navigator.userAgent.match(/MSIE [67]\./))return window.BOOMR.snippetMethod="s",void t(i.parentNode,"boomr-async");a=document.createElement("IFRAME"),a.src="about:blank",a.title="",a.role="presentation",a.loading="eager",r=(a.frameElement||a).style,r.width=0,r.height=0,r.border=0,r.display="none",i.parentNode.appendChild(a);try{O=a.contentWindow,d=O.document.open()}catch(_){n=document.domain,a.src="javascript:var d=document.open();d.domain='"+n+"';void(0);",O=a.contentWindow,d=O.document.open()}if(n)d._boomrl=function(){this.domain=n,t()},d.write("<bo"+"dy onload='document._boomrl();'>");else if(O._boomrl=function(){t()},O.addEventListener)O.addEventListener("load",O._boomrl,!1);else if(O.attachEvent)O.attachEvent("onload",O._boomrl);d.close()}function a(e){window.BOOMR_onload=e&&e.timeStamp||(new Date).getTime()}if(!window.BOOMR||!window.BOOMR.version&&!window.BOOMR.snippetExecuted){window.BOOMR=window.BOOMR||{},window.BOOMR.snippetStart=(new Date).getTime(),window.BOOMR.snippetExecuted=!0,window.BOOMR.snippetVersion=12,window.BOOMR.url=n+"GKZXC-NS3SU-A7VFH-HKBHM-U7LKH";var i=document.currentScript||document.getElementsByTagName("script")[0],o=!1,r=document.createElement("link");if(r.relList&&"function"==typeof r.relList.supports&&r.relList.supports("preload")&&"as"in r)window.BOOMR.snippetMethod="p",r.href=window.BOOMR.url,r.rel="preload",r.as="script",r.addEventListener("load",e),r.addEventListener("error",function(){t(!0)}),setTimeout(function(){if(!o)t(!0)},3e3),BOOMR_lstart=(new Date).getTime(),i.parentNode.appendChild(r);else t(!1);if(window.addEventListener)window.addEventListener("load",a,!1);else if(window.attachEvent)window.attachEvent("onload",a)}}(),"".length>0)if(e&&"performance"in e&&e.performance&&"function"==typeof e.performance.setResourceTimingBufferSize)e.performance.setResourceTimingBufferSize();!function(){if(BOOMR=e.BOOMR||{},BOOMR.plugins=BOOMR.plugins||{},!BOOMR.plugins.AK){var n=""=="true"?1:0,t="",a="bdpnbeqxgy4r2z2grhtq-f-6270720cc-clientnsv4-s.akamaihd.net",i="false"=="true"?2:1,o={"ak.v":"39","ak.cp":"61004","ak.ai":parseInt("271834",10),"ak.ol":"0","ak.cr":3,"ak.ipv":4,"ak.proto":"http/1.1","ak.rid":"1c8384","ak.r":37669,"ak.a2":n,"ak.m":"dsca","ak.n":"essl","ak.bpcip":"8.222.208.0","ak.cport":57382,"ak.gh":"23.53.33.212","ak.quicv":"","ak.tlsv":"tls1.2","ak.0rtt":"","ak.0rtt.ed":"","ak.csrc":"-","ak.acc":"reno","ak.t":"1732676071","ak.ak":"hOBiQwZUYzCg5VSAfCLimQ==nQkZpXy+sHnj0H6L6NNkmmW2Gag8OdqReCFbR5IY+WGPIv7v260uX/msXtlPeBv1OJk74jwjPPJoWqRVx4HBmwygvjPduG86hyG0VDPBCx8Lr3HWDcsgCAMuXMTXbyQGyPrF86/JBfJBO0xJsL/JKg8sbrr2YIuWowP6UTBkDaZZdxzR77DMj/s067mcxIMb1PmLrjC8sPhU3qqo5uf/MuuPuFUyIDFxiM4odJ5VlV+P9P1MCOTIqThDGNt6uChBXj0HbViw3mwwHPp/13NpxdsrjXOvxmEUII0CaG3fd8pX05PINsrqX8oVICvFpZjR6ugMMyg7ySLPJakOl+bOA6AhbVD/grnHhYWywxHH09Pw39ZZHlh+lf67gKnfRdfOPd+PnflYShL4r/sSIjftunlLeMad6JdBQu64k/IgI1U=","ak.pv":"517","ak.dpoabenc":"","ak.tf":i};if(""!==t)o["ak.ruds"]=t;var r={i:!1,av:function(n){var t="http.initiator";if(n&&(!n[t]||"spa_hard"===n[t]))o["ak.feo"]=void 0!==e.aFeoApplied?1:0,BOOMR.addVar(o)},rv:function(){var e=["ak.bpcip","ak.cport","ak.cr","ak.csrc","ak.gh","ak.ipv","ak.m","ak.n","ak.ol","ak.proto","ak.quicv","ak.tlsv","ak.0rtt","ak.0rtt.ed","ak.r","ak.acc","ak.t","ak.tf"];BOOMR.removeVar(e)}};BOOMR.plugins.AK={akVars:o,akDNSPreFetchDomain:a,init:function(){if(!r.i){var e=BOOMR.subscribe;e("before_beacon",r.av,null,null),e("onbeacon",r.rv,null,null),r.i=!0}return this},is_complete:function(){return!0}}}}()}(window);</script></head> <body> <style type="text/css"> #eot-doc-wrapper ul, #eot-doc-wrapper p {margin-left: 40px;} </style> <h2 style="margin-left: 20px;">Objective</h2> <p style="margin-left: 40px;">IPSec VPN (Virtual Private Network) enables you to securely obtain remote access to corporate resources by establishing an encrypted tunnel across the Internet.</p> <p style="margin-left: 40px;">The objective of this document is to show you how to configure an IPSec VPN Server on RV130 and RV130W.</p> <p style="margin-left: 40px;"><b>Note: </b>For information about how to configure an IPSec VPN Server with the Shrew Soft VPN Client on RV130 and RV130W, refer to the article <a href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb5037-use-shrew-soft-vpn-client-to-connect-with-ipsec-vpn-server-o.html"><em>Use Shrew Soft VPN Client with IPSec VPN Server on RV130 and RV130W</em></a>.</p> <h2 style="margin-left: 20px;">Applicable Devices</h2> <p style="margin-left: 50px;">• RV130W Wireless-N VPN Firewall<br /> • RV130 VPN Firewall</p> <h2 style="margin-left: 20px;">Software Version</h2> <p style="margin-left: 50px;">• v1.0.1.3</p> <h2 style="margin-left: 20px;">Setup IPSec VPN Server</h2> <p style="margin-left: 40px;">Step 1. Log in to the web configuration utility and choose <b>VPN </b>> <b>IPSec VPN Server</b> > <b>Setup</b>. The Setup page opens.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step1.png"/></p> <p style="margin-left: 40px;">Step 2. Check the <b>Server Enable</b> checkbox to enable the certificate.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step2.png" style="width: 557px; height: 323px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 3. (Optional) If your VPN router or VPN Client is behind a NAT gateway, click <b>Edit </b>to configure NAT Traversal. Otherwise, leave NAT Traversal disabled.</p> <p style="margin-left: 40px;"><b>Note:</b> For more information about how to configure NAT Traversal settings, refer to <a href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4991-internet-key-exchange-ike-policy-settings-on-rv130-and-rv130.html"><em>Internet Key Exchange (IKE) Policy Settings on RV130 and RV130W VPN Routers</em>.</a></p> <p style="margin-left: 40px;"><a href="https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4991-internet-key-exchange-ike-policy-settings-on-rv130-and-rv130.html"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step3.png" style="width: 557px; height: 323px; border-width: 1px; border-style: solid;"/></a></p> <p style="margin-left: 40px;">Step 4. Enter a key between 8 to 49 characters long that will be exchanged between your device and the remote endpoint in the <em>Pre-Shared Key</em> field.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step4.png" style="width: 530px; height: 205px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 5. From the<em> Exchange Mode</em> drop down list, choose the mode for the IPSec VPN connection. <b>Main</b> is the default mode. However, if your network speed is low, choose the <b>Aggressive </b>mode.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step5.png" style="width: 545px; height: 234px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;"><b>Note:</b> Aggressive mode exchanges the IDs of the end points of the tunnel in clear text during the connection, which requires less time to exchange but is less secure.</p> <p style="margin-left: 40px;">Step 6. From the <b>Encryption Algorithm</b> drop-down list, choose the appropriate encryption method to encrypt the Pre-Shared Key in Phase 1. AES-128 is recommended for its high security and fast performance.The VPN tunnel needs to use the same encryption method for both of its ends.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step6.png" style="width: 543px; height: 203px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• DES — Data Encryption Standard (DES) is a 56-bit, old encryption method which is not very secure, but may be required for backwards compatibility.</p> <p style="margin-left: 50px;">• 3DES — Triple Data Encryption Standard (3DES) is a 168-bit, simple encryption method used to increase the key size because it encrypts the data three times. This provides more security than DES but less security than AES.</p> <p style="margin-left: 50px;">• AES-128 — Advanced Encryption Standard with 128-bit key (AES-128) uses a 128-bit key for AES encryption. AES is faster and more secure than DES. In general, AES is also faster and more secure than 3DES. AES-128 is faster but less secure than AES-192 and AES-256.</p> <p style="margin-left: 50px;">• AES-192 — AES-192 uses a 192-bit key for AES encryption. AES-192 is slower but more secure than AES-128, and faster but less secure than AES-256.</p> <p style="margin-left: 50px;">• AES-256 — AES-256 uses a 256-bit key for AES encryption. AES-256 is slower but more secure than AES-128 and AES-192.</p> <p style="margin-left: 40px;">Step 7. From the <em>Authentication Algorithm</em> drop-down list, choose the appropriate authentication method to determine how the Encapsulating Security Payload (ESP) protocol header packets are validated in Phase 1. The VPN tunnel needs to use the same authentication method for both ends of the connection.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step7.png" style="width: 557px; height: 206px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• MD5 — MD5 is a one-way hashing algorithm that produces a 128-bit digest. MD5 computes faster than SHA-1, but is less secure than SHA-1. MD5 is not recommended.</p> <p style="margin-left: 50px;">• SHA-1 — SHA-1 is a one-way hashing algorithm that produces a 160-bit digest. SHA-1 computes slower than MD5, but is more secure than MD5.</p> <p style="margin-left: 50px;">• SHA2-256 — Specifies the Secure Hash Algorithm SHA2 with the 256-bit digest.</p> <p style="margin-left: 40px;">Step 8. From the <em>DH Group</em> drop-down list, choose the appropriate Diffie-Hellman (DH) group to be used with the key in Phase 1. Diffie-Hellman is a cryptographic key exchange protocol which is used in the connection to exchange pre-shared key sets. The strength of the algorithm is determined by bits.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step8.png" style="width: 539px; height: 226px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• Group1 (768-bit) — Computes the key the fastest, but is the least secure.</p> <p style="margin-left: 50px;">• Group2 (1024-bit) — Computes the key slower, but is more secure than Group1.</p> <p style="margin-left: 50px;">• Group5 (1536-bit) — Computes the key the slowest, but is the most secure.</p> <p style="margin-left: 40px;">Step 9. In the <em>IKE SA Life Time</em> field, enter the time, in seconds, that the automatic IKE key is valid. Once this time expires, a new key is negotiated automatically.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step9.png" style="width: 537px; height: 205px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 10. From the<em> Local IP</em> drop down list, choose <b>Single</b> if you would like a single local LAN user to access the VPN tunnel, or choose <b>Subnet</b> if you would like multiple users to be able to access it.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step10.png" style="width: 553px; height: 273px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 11. If <b>Subnet </b>was chosen in Step 10, enter the Network IP address of the sub-network in the IP Address field. If <b>Single</b> was chosen in Step 10, enter the IP address of the single user and skip to Step 13.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step11.png" style="width: 546px; height: 272px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 12. (Optional) If <b>Subnet</b> was chosen in Step 10, enter the subnet mask of the local network in the <em>Subnet Mask </em>field.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step12.png" style="width: 558px; height: 272px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 13. In the <em>IPSec SA Lifetime</em> field, enter the time in seconds that the VPN connection remains active in Phase 2. Once this time expires, the IPSec Security Association for the VPN connection is renegotiated.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step13.png" style="width: 558px; height: 272px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 14. From the <em>Encryption Algorithm </em>drop-down list, choose the appropriate encryption method to encrypt the Pre-Shared key in Phase 2. AES-128 is recommended for its high security and fast performance.The VPN tunnel needs to use the same encryption method for both of its ends.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step14.png" style="width: 556px; height: 265px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• DES — Data Encryption Standard (DES) is a 56-bit, old encryption method which is the least secure, but may be required for backwards compatibility.</p> <p style="margin-left: 50px;">• 3DES — Triple Data Encryption Standard (3DES) is a 168-bit, simple encryption method used to increase the key size because it encrypts the data three times. This provides more security than DES but less security than AES.</p> <p style="margin-left: 50px;">• AES-128 — Advanced Encryption Standard with 128-bit key (AES-128) uses a 128-bit key for AES encryption. AES is faster and more secure than DES. In general, AES is also faster and more secure than 3DES. AES-128 is faster but less secure than AES-192 and AES-256.</p> <p style="margin-left: 50px;">• AES-192 — AES-192 uses a 192-bit key for AES encryption. AES-192 is slower but more secure than AES-128, and faster but less secure than AES-256.</p> <p style="margin-left: 50px;">• AES-256 — AES-256 uses a 256-bit key for AES encryption. AES-256 is slower but more secure than AES-128 and AES-192.</p> <p style="margin-left: 40px;">Step 15. From the<em> Authentication Algorithm</em> drop-down list, choose the appropriate authentication method to determine how the Encapsulating Security Payload (ESP) protocol header packets are validated in Phase 2.The VPN tunnel needs to use the same authentication method for both of its ends.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step15.png" style="width: 540px; height: 272px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• MD5 — MD5 is a one-way hashing algorithm that produces a 128-bit digest. MD5 computes faster than SHA-1, but is less secure than SHA-1. MD5 is not recommended.</p> <p style="margin-left: 50px;">• SHA-1 — SHA-1 is a one-way hashing algorithm that produces a 160-bit digest. SHA-1 computes slower than MD5, but is more secure than MD5.</p> <p style="margin-left: 50px;">• SHA2-256 — Specifies the Secure Hash Algorithm SHA2 with the 256-bit digest.</p> <p style="margin-left: 40px;">Step 16. (Optional) In the<em> PFS Key Group</em> field, check the <b>Enable</b> checkbox. Perfect Forward Secrecy (PFS) creates an additional layer of security in protecting your data by ensuring a new DH key in Phase 2. The process is done in case the DH key generated in Phase 1 is compromised in transit.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step16.png" style="width: 546px; height: 273px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">Step 17. From the<em> DH Group </em>drop-down list, choose the appropriate Diffie-Hellman (DH) group to be used with the key in Phase 2.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step17.png" style="width: 569px; height: 320px; border-width: 1px; border-style: solid;"/></p> <p style="margin-left: 40px;">The available options are defined as follows:</p> <p style="margin-left: 50px;">• Group1 (768-bit) — Computes the key the fastest, but is the least secure.</p> <p style="margin-left: 50px;">• Group2 (1024-bit) — Computes the key slower, but is more secure than Group1.</p> <p style="margin-left: 50px;">• Group5 (1536-bit) — Computes the key the slowest, but is the most secure.</p> <p style="margin-left: 40px;">Step 18. Click <b>Save</b> to save your settings.</p> <p style="margin-left: 40px;"><img alt="" src="/c/dam/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/images/raquelandrew-08112014-step18.png" style="width: 560px; height: 324px; border-width: 1px; border-style: solid;"/></p> <p>For more information, check out the following documentation: </p> <ul> <li><a href="https://www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/datasheet-c78-731521.html">RV130 Data sheet</a> - explains the VPN capabilities for the RV130 series routers</li> <li><a href="https://www.cisco.com/c/en/us/support/routers/rv130-vpn-router/model.html">RV130 Product Page</a> - includes links for all RV130 articles from Cisco</li> </ul> </body> </html> <cdc:do action="com.cisco.wem.framework.service.command.eotcontent.EOTResponsiveContent@3aad4d2f" returnTypedAs="eotResponsiveContainerVo" id="eotResponsiveContainerVo" /> <div class="row full visitedlinks" style="padding: 0px; margin:0px"> <div class="col full" >  <div id="eot-revision-history"> <h3>Revision History</h3> <div style="overflow-x: auto;"> <table border="1" id="erh-table"> <tbody> <tr> <th>Revision</th> <th>Publish Date</th> <th>Comments</th> </tr>  <tr class="published"> <td><div align="center">1.0</div></td> <td><div align="center">10-Dec-2018</div></td> <td><div align="left">Initial Release</div></td> </tr> </tbody> </table> </div> </div> </div> </div> </div> <script> if (window.cdc === undefined) { cdc = {}; } if (cdc.eot === undefined) { cdc.eot = {}; } cdc.eot.isEot = true; cdc.eot.isToc = false; jQuery(document).ready(function () { if (jQuery('.unpublished').length > 0) { let lastRel = "1.0"; if (jQuery('.published').length > 0) { lastRel = Number(jQuery('.published td')[0].innerText) + 1 + ".0"; } jQuery('.preview_revision').text(lastRel); } const linkItemsLen = jQuery("#eot-doc-wrapper link[rel='stylesheet']").length; function addNewTocStyleSheet() { const fileName = "/etc/designs/cdc/transformation/wemdcmt_responsive.css", linkElement = `<link rel="stylesheet" href="" type="text/css" />`; document.head.append(linkElement); } if (cdc.eot.isToc && !linkItemsLen) { addNewTocStyleSheet(); } else if (cdc.eot.isEot) { jQuery("#eot-doc-wrapper link[rel='stylesheet']").each(function () { const linkTag = jQuery(this), hrefVal = jQuery(linkTag).attr("href"); if (hrefVal != undefined && hrefVal.indexOf("support-responsive.css") == -1 && hrefVal.indexOf("_responsive.css") == -1) { let fileName = hrefVal.substr(hrefVal.lastIndexOf("/") + 1, hrefVal.length).split(".css")[0]; const filePath = "/etc/designs/cdc/transformation/"; if (fileName == "ccimr") { fileName = "techdocs_responsive"; } else if (fileName == "support-docs") { fileName = "support-responsive"; } else if (fileName == "framework") { fileName = "responsiveframework"; } else if (fileName == "dcmt") { fileName = "wemdcmt_responsive"; } else if (fileName == "techdocs_85_11_word") { fileName = "techdocs_85_11_word"; if (cdc.eot.isToc) { addNewTocStyleSheet(); } } else { fileName += "_responsive"; } jQuery(linkTag).attr("href", filePath + fileName + ".css"); } if (hrefVal.indexOf("support-responsive.css") > -1) { jQuery(linkTag).attr("href", "/etc/designs/cdc/transformation/support-responsive.css"); } }); jQuery("#eot-doc-wrapper > table").wrap("<div></div>"); jQuery("#eot-doc-wrapper table:not('.olh_note')").parent().css({ overflowX: "auto" }); } }); </script> </div> <div class="col narrow-v2"> <div class="rightRailComponent base-blowout"> <div class="eotPersonalization"> <section id="eotSupportCampaign"></section> </div>   <div class="hideComponent"> <div class="tac-image"> <script type="text/javascript"> document.getElementsByClassName('tac-image')[0].parentElement.style.display="none"; </script> </div> </div> <div class="hideComponent"> <div class="eot-authors"> <ul> </ul> </div> </div>  <div class="eot-feedback-container"> <div class="eot-feedback"> <h3>Was this Document Helpful?</h3> <span class="eot-feedback-btnwrap"> <button class="eot-feedback-btn eot-feedback-btn-yes" aria-label="Was this Document Helpful?? Yes">Yes</button> <button class="eot-feedback-btn eot-feedback-btn-no" aria-label="Was this Document Helpful?? No">No</button> </span> <span lang="en" class="eot-feedback-olwrap"> <a href="javascript: void(0);" class="eot-feedback-ol" onclick="window.open('https://ciscocx.qualtrics.com/jfe/form/SV_dpqK8gJRAW2GHCC?Ref=' + location.href + '&resize=false', 'feedback', 'width=650, height=460, scrollbars=1, menubar=1, resizable=1'); return false;"> <img id="feedback_img" border="0" style="cursor: pointer;" title="Feedback" src="//www.cisco.com/c/dam/cdc/i/Feedback_OceanBlue.png" alt="Feedback">Feedback</a> </span> </div> </div> <div class="showComponent"> <div class="eot-vav"> <ul> </ul> </div> </div> <div class="showComponent"> <div class="eotLetUsHelp"> <h3>Contact Cisco</h3> <ul> <li><a id="eotLetUsHelpProdDocUrl" href="https://mycase.cloudapps.cisco.com/start?prodDocUrl=">Open a Support Case</a><img src="/etc/designs/cdc/fw/i/icon_lock_small.png" alt="login required"/></li> <li>(Requires a <a href="//www.cisco.com/c/en/us/services/order-services.html">Cisco Service Contract</a>)</li> </ul> </div> <script> jQuery(document).ready(function() { var getURL=jQuery("#eotLetUsHelpProdDocUrl").attr("href"), domInd = location.href.indexOf('cisco.com') ; if ( domInd > -1 && domInd < location.href.search(/\w\/\w/) ) { getURL += encodeURI(location.href); } jQuery("#eotLetUsHelpProdDocUrl").attr("href",getURL); }); </script> </div>  <div id="eotRightRailMBox">  <div> <div class="mboxDefault"></div> <script type="text/javascript"> var test=""; if(test!=undefined && test.trim().length>0){ mboxCreate('en-us_dg_support_eot','type=default',''); }else{ mboxCreate('en-us_dg_support_eot','type=default'); } </script> </div> </div> <div class="showComponent"> <script type="text/javascript"> var eottdatp = document.getElementsByClassName('eot-tdatp'); if (eottdatp && eottdatp.style) { eottdatp.style.display="none"; } </script> </div> <div class="showClass"> </div> </div> </div> </div>   </div> <script type="module" src="/site/web-components/us/en/cdc-footer.js"></script> <cdc-footer></cdc-footer> <script type="text/javascript"> if(document.querySelector('#privacy-manager')!=null){ document.querySelector('#privacy-manager').href='#cookies'; } </script> <div id="fw-overlay"></div> <script src="/etc/designs/cdc/fw/b/responsive/js/eot.min.js"></script> <script src="/c/dam/cdc/t/ctm.js" type="text/javascript"></script>  <noscript><img src="//cisco.112.2o7.net/b/ss/cisco-mobile/5/12345" width="2" height="2" border="0" alt=""/></noscript> </body> </html>

CINXE.COM

Configuration of an IPSec VPN Server on RV130 and RV130W - Cisco