The Shrew Soft VPN Client is a free IPsec Remote Access VPN Client for both Windows 2000, XP, Vista. Created by Shrew Soft Inc. Alternatives to ShrewSoft VPN Client for Mac with any license. WireGuard WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography.

Objective

IPSec VPN (Virtual Private Network) enables you to securely obtain remote access to corporate resources by establishing an encrypted tunnel across the Internet.

The objective of this document is to show you how to configure an IPSec VPN Server on RV130 and RV130W.

Note: For information about how to configure an IPSec VPN Server with the Shrew Soft VPN Client on RV130 and RV130W, refer to the article Use Shrew Soft VPN Client with IPSec VPN Server on RV130 and RV130W.

Applicable Devices

• RV130W Wireless-N VPN Firewall
• RV130 VPN Firewall

Software Version

• v1.0.1.3

Setup IPSec VPN Server

Step 1. Log in to the web configuration utility and choose VPN > IPSec VPN Server > Setup. The Setup page opens.

Step 2. Check the Server Enable checkbox to enable the certificate.

Step 3. (Optional) If your VPN router or VPN Client is behind a NAT gateway, click Edit to configure NAT Traversal. Otherwise, leave NAT Traversal disabled.

Note: For more information about how to configure NAT Traversal settings, refer to Internet Key Exchange (IKE) Policy Settings on RV130 and RV130W VPN Routers.

Step 4. Enter a key between 8 to 49 characters long that will be exchanged between your device and the remote endpoint in the Pre-Shared Key field.

Step 5. From the Exchange Mode drop down list, choose the mode for the IPSec VPN connection. Main is the default mode. However, if your network speed is low, choose the Aggressive mode.

Note: Aggressive mode exchanges the IDs of the end points of the tunnel in clear text during the connection, which requires less time to exchange but is less secure.

Step 6. From the Encryption Algorithm drop-down list, choose the appropriate encryption method to encrypt the Pre-Shared Key in Phase 1. AES-128 is recommended for its high security and fast performance.The VPN tunnel needs to use the same encryption method for both of its ends.

The available options are defined as follows:

• DES — Data Encryption Standard (DES) is a 56-bit, old encryption method which is not very secure, but may be required for backwards compatibility.

• 3DES — Triple Data Encryption Standard (3DES) is a 168-bit, simple encryption method used to increase the key size because it encrypts the data three times. This provides more security than DES but less security than AES.

• AES-128 — Advanced Encryption Standard with 128-bit key (AES-128) uses a 128-bit key for AES encryption. AES is faster and more secure than DES. In general, AES is also faster and more secure than 3DES. AES-128 is faster but less secure than AES-192 and AES-256.

• AES-192 — AES-192 uses a 192-bit key for AES encryption. AES-192 is slower but more secure than AES-128, and faster but less secure than AES-256.

• AES-256 — AES-256 uses a 256-bit key for AES encryption. AES-256 is slower but more secure than AES-128 and AES-192.

Step 7. From the Authentication Algorithm drop-down list, choose the appropriate authentication method to determine how the Encapsulating Security Payload (ESP) protocol header packets are validated in Phase 1. The VPN tunnel needs to use the same authentication method for both ends of the connection.

The available options are defined as follows:

• MD5 — MD5 is a one-way hashing algorithm that produces a 128-bit digest. MD5 computes faster than SHA-1, but is less secure than SHA-1. MD5 is not recommended.

• SHA-1 — SHA-1 is a one-way hashing algorithm that produces a 160-bit digest. SHA-1 computes slower than MD5, but is more secure than MD5.

How to run script mac. • SHA2-256 — Specifies the Secure Hash Algorithm SHA2 with the 256-bit digest.

Step 8. From the DH Group drop-down list, choose the appropriate Diffie-Hellman (DH) group to be used with the key in Phase 1. Diffie-Hellman is a cryptographic key exchange protocol which is used in the connection to exchange pre-shared key sets. The strength of the algorithm is determined by bits.

The available options are defined as follows:

• Group1 (768-bit) — Computes the key the fastest, but is the least secure.

• Group2 (1024-bit) — Computes the key slower, but is more secure than Group1.

• Group5 (1536-bit) — Computes the key the slowest, but is the most secure.

Step 9. In the IKE SA Life Time field, enter the time, in seconds, that the automatic IKE key is valid. Once this time expires, a new key is negotiated automatically.

Step 10. From the Local IP drop down list, choose Single if you would like a single local LAN user to access the VPN tunnel, or choose Subnet if you would like multiple users to be able to access it.

Step 11. If Subnet was chosen in Step 10, enter the Network IP address of the sub-network in the IP Address field. If Single was chosen in Step 10, enter the IP address of the single user and skip to Step 13.

Step 12. (Optional) If Subnet was chosen in Step 10, enter the subnet mask of the local network in the Subnet Mask field.

Step 13. In the IPSec SA Lifetime field, enter the time in seconds that the VPN connection remains active in Phase 2. Once this time expires, the IPSec Security Association for the VPN connection is renegotiated.

Run dslrBooth photo booth software on your pc or mac, hook up your Canon, Nikon, or Sony dslr and you have a professional photo booth. DslrBooth was made to simplify the process of running photo. Photo booth software for your Nikon, Canon DSLR camera, or webcam. Fully automated workflow from capture to printing. Customize prints with text and graphics with built-in template editor Share your prints using: E-mail, Twitter Add effects to photos Compatible with fotoShare, our FREE iPad viewing/sharing app Fanatica. Downloads Fully functional FREE downloads to test out. Purchase when you're ready. Supported Cameras. DslrBooth Download for Mac OS X 10.13, 10.14, 10.15.1 Supported Cameras. HashPrinter Download for Windows Download for Mac Windows 7, 8, 10 OS X 10.10+. Professional Photo Booth Software for your Canon, Nikon DSLR camera, or webcam. The Professional Edition has all features of the Standard edition plus Green Screen (Chroma Keying) allowing the replacement of a green or blue background with a custom background. Live View which allows people to see a video of themselves. Running a photo booth shouldn't be complicated or expensive. Run dslrBooth photo booth software on your pc or mac, hook up your Canon, Nikon, Sony dslr, or Webcam and you have a professional photo booth. Download Free Trial.

Step 14. From the Encryption Algorithm drop-down list, choose the appropriate encryption method to encrypt the Pre-Shared key in Phase 2. AES-128 is recommended for its high security and fast performance.The VPN tunnel needs to use the same encryption method for both of its ends.

The available options are defined as follows:

• DES — Data Encryption Standard (DES) is a 56-bit, old encryption method which is the least secure, but may be required for backwards compatibility.

• 3DES — Triple Data Encryption Standard (3DES) is a 168-bit, simple encryption method used to increase the key size because it encrypts the data three times. This provides more security than DES but less security than AES.

• AES-128 — Advanced Encryption Standard with 128-bit key (AES-128) uses a 128-bit key for AES encryption. AES is faster and more secure than DES. In general, AES is also faster and more secure than 3DES. AES-128 is faster but less secure than AES-192 and AES-256.

• AES-192 — AES-192 uses a 192-bit key for AES encryption. AES-192 is slower but more secure than AES-128, and faster but less secure than AES-256.

• AES-256 — AES-256 uses a 256-bit key for AES encryption. AES-256 is slower but more secure than AES-128 and AES-192.

Step 15. From the Authentication Algorithm drop-down list, choose the appropriate authentication method to determine how the Encapsulating Security Payload (ESP) protocol header packets are validated in Phase 2.The VPN tunnel needs to use the same authentication method for both of its ends.

The available options are defined as follows:

• MD5 — MD5 is a one-way hashing algorithm that produces a 128-bit digest. MD5 computes faster than SHA-1, but is less secure than SHA-1. MD5 is not recommended.

• SHA-1 — SHA-1 is a one-way hashing algorithm that produces a 160-bit digest. SHA-1 computes slower than MD5, but is more secure than MD5.

• SHA2-256 — Specifies the Secure Hash Algorithm SHA2 with the 256-bit digest.

Step 16. (Optional) In the PFS Key Group field, check the Enable checkbox. Perfect Forward Secrecy (PFS) creates an additional layer of security in protecting your data by ensuring a new DH key in Phase 2. The process is done in case the DH key generated in Phase 1 is compromised in transit.

Step 17. From the DH Group drop-down list, choose the appropriate Diffie-Hellman (DH) group to be used with the key in Phase 2.

The available options are defined as follows:

• Group1 (768-bit) — Computes the key the fastest, but is the least secure.

• Group2 (1024-bit) — Computes the key slower, but is more secure than Group1.

• Group5 (1536-bit) — Computes the key the slowest, but is the most secure.

Step 18. Click Save to save your settings.

For more information, check out the following documentation:

• RV130 Data sheet - explains the VPN capabilities for the RV130 series routers
• RV130 Product Page - includes links for all RV130 articles from Cisco

About the App

• App name: shrewsoft-vpn-client
• App description: Linux/BSD version of Shrew Soft VPN client
• App website: https://www.shrew.net

Install the App

1. Press Command+Space and type Terminal and press enter/return key.
2. Run in Terminal app:
   ruby -e '$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)' < /dev/null 2> /dev/null
   and press enter/return key.
   If the screen prompts you to enter a password, please enter your Mac's user password to continue. When you type the password, it won't be displayed on screen, but the system would accept it. So just type your password and press ENTER/RETURN key. Then wait for the command to finish.
3. Run:
   brew install shrewsoft-vpn-client

Done! You can now use shrewsoft-vpn-client.