NETGEAR DGFV338 manual Dual WAN Port Systems

Page 109

Chapter 5

Virtual Private Networking

This chapter describes how to use the virtual private networking (VPN) features of the ProSafe DGFV338. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer.

Tip: When using dual WAN port networks, use the VPN Wizard to configure the basic parameters and them edit the VPN and IKE Policy screens for the various VPN scenarios.

Dual WAN Port Systems

The ADSL port and the Ethernet port of the ProSafe DGFV338 can be configured for auto-rollover mode for increased system reliability (if both ports are configured) or, if only one of the ports is configured, they can be configured as either Dedicated ADSL or Dedicated Ethernet. This WAN mode choice then impacts how the VPN features must be configured.

Table 5-1. IP addressing requirements for VPNs in dual WAN port systems

Configuration and WAN IP address

Rollover Modea

Dedicated Mode

 

 

 

 

VPN Road Warrior

Fixed

FQDN required

Allowed (FQDN optional)

(client-to-gateway)

 

 

 

Dynamic

FQDN required

FQDN required

 

 

 

 

 

VPN Gateway-to-Gateway

Fixed

FQDN required

Allowed (FQDN optional)

 

 

 

 

 

Dynamic

FQDN required

FQDN required

 

 

 

 

VPN Telecommuter

Fixed

FQDN required

Allowed (FQDN optional)

(client-to-gateway through a

 

 

 

Dynamic

FQDN required

FQDN required

NAT router)

 

 

 

 

 

 

 

a. All tunnels must be re-established after a rollover using the new WAN IP address.

Virtual Private Networking

5-1

v1.0, April 2007

Page 108 Page 110
Image 109
Page 108 Page 110
Contents NETGEAR, Inc Technical Support Placement and Range GuidelinesTrademarks Statement of ConditionsFCC Requirements for Operation in the United States FCC StatementEurope EU Declaration of Conformity Português Certificate of the Manufacturer/Importer Bestätigung des Herstellers/ImporteursVoluntary Control Council for Interference Vcci Statement Terms Additional CopyrightsViii MD5 DGFV338 Product and Publication DetailsContents Chapter Wireless Configuration Chapter Virtual Private Networking Chapter LAN Configuration Appendix a Default Settings and Technical Specifications Xvi Conventions, Format and Scope About This ManualHow to Print this Manual How to Use This ManualXix Page Chapter Introduction Key Features of the Netgear ProSafe DGFV338Full Routing on Both the Adsl and 10/100 WAN Port Powerful, True Firewall with Content FilteringVirtual Private Networking VPN SecurityAutosensing Ethernet Connections with Auto Uplink Extensive Protocol Support Easy Installation and ManagementSystem Requirements Maintenance and SupportHardware Description Package ContentsNos LEDs Activity Description Object DescriptionsRouter Rear Panel Enter http//192.168.1.1 as the URL Router Login Factory DefaultsPlacement of your Netgear ProSafe DGFV338 Chapter Basic Installation and Configuration Using Adsl Microfilters optional Logging in and Configuring your Internet Connection Configuring Your Internet Connection using Auto Detect V1.0, April Internet Service Connections Manually Configuring your Adsl ConnectionEnter your Internet IP Address Manually Configuring your Ethernet Connection V1.0, April Enter your Internet IP Address V1.0, April V1.0, April V1.0, April Configuring the WAN Mode Use Dedicated WAN port V1.0, April On the Internet Configuring Dynamic DNS If NeededV1.0, April DynDNS Service Screen Traffic Meter Adsl Programming the Traffic MeterParameter Description Traffic Meter ParametersV1.0, April Implementing Wireless Security Chapter Wireless ConfigurationLUHOHVVDWD 6HFXULW\2SWLRQV Understanding Wireless Settings Wireless Access Point Wireless LANsV1.0, April Access Control List Advanced Wireless Router Settings Wireless Advanced OptionsWPA-PSK or WPA2-PSK Pre-Shared Key WEP and WPA/WPA2 Wireless Security Check List FormConfiguring Your Wireless Settings Configuring WEP V1.0, April Configuring WPA-PSK Configuring WPA2-PSK Configuring WPA-PSK and WPA2-PSK Configuring WPA with Radius Configuring WPA2 with Radius Configuring WPA and WPA2 with Radius Restricting Wireless Access by MAC Address V1.0, April V1.0, April Using Rules to Block or Allow Specific Kinds of Traffic Firewall Protection and Content Filtering OverviewAbout Service Based Rules Outbound Rules Service Blocking V1.0, April V1.0, April V1.0, April Outbound Rule Example Blocking Instant Messenger Inbound Rules Port ForwardingV1.0, April V1.0, April V1.0, April V1.0, April Inbound Rule Example a Local Public Web Server Inbound Rule Example One-to-One NAT Mapping V1.0, April Inbound Rule Example Exposed Host Considerations for Inbound Rules Order of Precedence for Rules Customized ServicesV1.0, April Outbound Rules Add Screen Quality of Service QoS PrioritiesWAN Security Checks Attack ChecksManaging Groups and Hosts V1.0, April V1.0, April Groups and Hosts Blocking Internet SitesV1.0, April V1.0, April Enabling Source MAC Filtering Setting up Port Triggering V1.0, April Port triggering Setting a Schedule to Block or Allow Specific Traffic Event Logs and Alerts V1.0, April V1.0, April Security and Administrator Management V1.0, April IP addressing requirements for VPNs in dual WAN port systems Dual WAN Port SystemsSetting up a VPN Connection using the VPN Wizard V1.0, April V1.0, April IKE Policy VPN Tunnel PoliciesIKE Policy Table Managing IKE PoliciesManaging VPN Policies VPN PolicyVPN Policy Table VPN Tunnel Connection StatusCreating a VPN Connection Between FVX538 and DGFV338 Configuring the ProSafe DGFV338V1.0, April V1.0, April V1.0, April V1.0, April Configuring the FVX538 Configuring the DGFV338 Testing the ConnectionCreating a VPN Client Connection VPN Client to DGFV338 V1.0, April Configuring the VPN Client Todgfv Left frame, select Security Policy Todgfv Testing the Connection Certificate Authorities Generate Self Certificate Request, enter the required data Generating a Self Certificate RequestV1.0, April Managing your Certificate Revocation List CRL Uploading a Trusted CertificateUpload Extended Authentication Xauth ConfigurationConfiguring Xauth for VPN Clients V1.0, April User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Mode Config Operation Manually Assigning IP Addresses to Remote Users ModeConfigConfiguring the ProSafe DGFV338 V1.0, April V1.0, April Configuring the ProSafe VPN Client for ModeConfig V1.0, April V1.0, April V1.0, April V1.0, April Performance Management Wireless Firewall Features That Reduce TrafficService Blocking Block Sites Source MAC Filtering Wireless Firewall Features That Increase TrafficPort Forwarding V1.0, April Port Triggering Using QoS to Shift the Traffic MixVPN Tunnels Changing the Passwords and Login Time-out Administrator and Guest Access AuthorizationTools for Traffic Management Enabling Remote Management Access Under Allow Remote Management, check the Yes radio box Https//172.21.4.18080 Command Line InterfaceTraffic Limits Reached Event AlertsRouter Status MonitoringRouter Status WAN Ports Internet Traffic V1.0, April Known PCs and Devices LAN Ports and Attached DevicesKnown PCs and Devices table Dhcp LogPort Triggering Status Firewall SecurityPort Triggering Status data V1.0, April VPN Tunnels VPN Status Data Using a Snmp ManagerV1.0, April Diagnostics Diagnostics Settings Backup and Firmware Upgrade Configuration File ManagementBackup and Restore Settings Click default Router Upgrade To upgrade router software Setting the Time ZoneV1.0, April Using the Firewall as a Dhcp server Chapter LAN ConfigurationSecurity and Firewall Protection Configuring the LAN Setup OptionsUsing Address Reservation Configuring Multi Home LAN IPs V1.0, April Gateway IP and DNS server IPs Adding or Editing a Static Route Configuring Static RoutesRouting Information Protocol RIP V1.0, April Static Route Example Enabling Universal Plug and Play UPnPSettings Description UPnP Portmap Table settingsV1.0, April Basic Functions Power LED Not OnLEDs Never Turn Off Troubleshooting the Web Configuration InterfaceLAN or Internet Port LEDs Not On Troubleshooting the ISP Connection V1.0, April Testing the LAN Path to Your Firewall Troubleshooting a TCP/IP Network Using a Ping UtilityPing -n 10 IP address Testing the Path from Your PC to a Remote DeviceProblems with Date and Time Restoring the Default Configuration and PasswordV1.0, April Table A-1. Default Configuration Settings Default Factory SettingsFeature Default Behavior Table A-2. Technical Specifications Technical SpecificationsSpecification Description Electromagnetic Emissions Appendix B Related Documents V1.0, April Numerics IndexIndex-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8
Related manuals
Manual 10 pages 13.59 Kb
Top Page Image Contents