The RV042 supports up to 30 VPN tunnels, established as Site-to-Site tunnels or remote end user access tunnels. I've used my RV042 to successfully set up and test Site-to-Site VPN capability with the SonicWALL TZ190W, the NETGEAR FVS124G, and the D-Link DFL-CPG310. (Click on the model number to see any of these reviews.) We've put together a slide show here on the configuration options used for a Site-to-Site tunnel between the RV042 and the DFL-CPG310.
Clearly, the RV042 supports a wide variety of router-to-router IPSec configurations. Encryption options include DES and 3DES, plus the more secure Advanced Encryption Standard (AES) at 128, 192, and 256 bits. Authentication options include both MD5 and SHA-1 hash functions. The RV042 adds additional configuration options for Aggressive or Main key exchange and Keep-Alive functionality, giving it the flexibility to connect with many different IPSec VPN capable devices.
For remote users, Linksys provides two options: their QuickVPN Client, which is readily available for download from Linksys' website, as well as basic PPTP access. Out of the box, the RV042 supports 10 QuickVPN Clients and five PPTP Clients. There are two versions of the QuickVPN Client software; 1.1.0 is for Windows XP/2000 machines, and 1.26 is a recently-released version for Windows Vista. Having a Vista VPN Client is a plus for Linksys, as there are quite a few networking products that still don't have Vista clients.
We were able to set up an account and password on the RV042, install the client on both a Vista and Windows machine, click on connect, and establish a connection using the default certificate that comes with QuickVPN. Figure 6 below is a screen shot of the simple VPN Client user setup screen on the RV042.
Figure 6: Setting up the VPN client
To update the security certificate from the default, simply click Generate New Certificate and use the export buttons to make a copy of the Router's certificate and Client certificate. You'll want to keep a backup copy of the Router's certificate in case you have to default the router, and you'll need to install a copy of the Client certificate in the Windows\Program Files\Linksys\Linksys VPN Client directory on each remote user's PC.
Note that the firewall HTTPS option must be enabled on the RV042 for the VPN client to work. It's a simple button on the Firewall page, but I had this feature disabled for some reason, and was going nuts trying to figure out why I couldn't get the VPN client to work. (If I helped you with this, please let me know by posting a comment. It'll make my day to know that I've done some good in this world and saved someone else some VPN frustration.)
The other option for remote access to the RV042 is PPTP. PPTP, or Point-to-Point Tunneling Protocol, is a simpler remote client software, built in to both Windows XP and Vista. No software needs to be installed on the Windows machine, eliminating common configuration and driver hassles. Configuring PPTP is as simple as adding a user name and password in the RV042, and configuring the connection on the PC.
Creating a PPTP connection on a Windows XP machine can be done via the Control Panel by clicking on Network Connections and then selecting Create a new connection. The Windows Wizard makes it pretty easy. Figure 7 is a screen shot from a Windows XP machine for setting up the PPTP connection.
Figure 7: Setting up a PPTP connection on Windows XP
PPTP is supported in Vista as well. A PPTP connection is added via the Network and Sharing Center by selecting Set up a connection or network, and then selecting Connect to a workplace. Figure 8 is another Windows screen shot, this time from a Vista machine, showing the simplicity of the PPTP client.
Figure 8: Setting up a PPTP connection on Windows Vista
PPTP is not considered as secure as an IPSec VPN Client. But for simple purposes, it has its value. Either an IPSec or PPTP connection is superior to leaving open holes in your firewall for remote access to key devices. The nice thing about the RV042 is that it supplies the options for both remote client technologies, allowing the network administrator a choice in remote access.