NETGEAR DG834 V3 - page 113

Reference Manual for the ADSL Modem Router DG834 v3

Virtual Private Networking (Advanced Feature) 6-39

v1.1, October 2006

•Single PC - no Subnet—select this option if there is no LAN (only a single PC) at the remote

endpoint. If this option is selected, no additional data is required. The typical application is a

PC running the VPN client at the remote end.

•Single address—Enter an IP address in the "Single/Start IP address" field. This must be an

address on the remote LAN. Typically, this setting is used when you wish to access a server on

the remote LAN.

•Range address—enter the starting IP address in the "Single/Start IP address" field, and the

finish IP address in the "Finish IP address" field. This must be an address range used on the

remote LAN.

•Subnet address—enter an IP address in the "Single/Start IP address" field, and the desired

network mask in the "Subnet Mask" field.

The remote VPN endpoint must have these IP addresses entered as its "Local" addresses.

IKE. Direction/Type—this setting is used when determining if the IKE policy matches the current

traffic. Select the desired option.

•Responder only—incoming connections are allowed, but outgoing connections will be

blocked.

•Initiator and Responder—both incoming and outgoing connections are allowed.

Exchange Mode—ensure the remote VPN endpoint is set to use "Main Mode".

Diffie-Hellman (DH) Group—the Diffie-Hellman algorithm is used when exchanging keys. The

DH Group setting determines the number of bit size used in the exchange. This value must match

the value used on the remote VPN Gateway.

Local Identity Type—select the desired option to match the "Remote Identity Type" setting on the

remote VPN endpoint.

•WAN IP Address—your Internet IP address.

•Fully Qualified Domain Name—your domain name.

•Fully Qualified User Name—your name, E-mail address, or other ID.

Local Identity Data—enter the data for the selection above. (If "WAN IP Address" is selected, no

input is required.)

Remote Identity Type—select the desired option to match the "Local Identity Type" setting on

the remote VPN endpoint.

•IP Address—the Internet IP address of the remote VPN endpoint.

•Fully Qualified Domain Name—the Domain name of the remote VPN endpoint.

Contents

Main Page European Union Statement of Compliance Page v Voluntary Control Council for Interference (VCCI) Statement WProduct and Publication Details Change History Page Contents Reference Manual for the ADSL Modem Router DG834 v3 Page Page Page Chapter 1 About This Manual Audience, Scope, Conventions, and Formats How to Print this Manual Chapter 2 Introduction About the Modem Router Key Features A Powerful, True Firewall Easy Installation and Management Protocol Support Page Virtual Private Networking (VPN) Auto Sensing and Auto Uplink LAN Ethernet Connections Content Filtering Trend Micro Home Network Security Whats in the Box? Introduction 2-7 The Modem Routers Front Panel The DG834 ADSL Modem Router front panel shown below contains status LEDs. Figure 2-1 Table 2-1. LED Descriptions The Routers Rear Panel Connecting the Router to the Internet Page Chapter 3 Protecting Your Network Protecting Access to Your DG834 ADSL Modem Router How to Change the Built-In Password Changing the Administrator Login Timeout Configuring Basic Firewall Services Blocking Keywords, Sites, and Services How to Block Keywords and Sites Page Firewall Rules Inbound Rules (Port Forwarding) Page Page Outbound Rules (Service Blocking) Page Order of Precedence for Rules Services How to Define Services Setting Times and Scheduling Firewall Services How to Set Your Time Zone Page How to Schedule Firewall Services Trend Micro Home Network Security Security Service Settings Page Parental Controls Settings Page Page Page Page Chapter 4 Managing Your Network Backing Up, Restoring, or Erasing Your Settings How to Back Up the Configuration to a File How to Restore the Configuration from a File How to Erase the Configuration Upgrading the Modem Routers Firmware How to Upgrade the Modem Router Firmware Network Management Information Viewing Modem Router Status and Usage Statistics Managing Your Network 4-5 Table 4-1. Menu 3.2 - Modem Router Status Fields This screen shows the following statistics:. Page Viewing Attached Devices Viewing, Selecting, and Saving Logged Information Page Page Examples of Log Messages Enabling Security Event E-mail Notification Running Diagnostic Utilities and Rebooting the Modem Router Enabling Remote Management Configuring Remote Management Page Chapter 5 Advanced Configuration Configuring Advanced Security Setting Up A Default DMZ Server Connect Automatically, as Required Disable Port Scan and DOS Protection Respond to Ping on Internet WAN Port MTU Size Configuring LAN IP Settings Page DHCP Page How to Configure LAN TCP/IP Settings Configuring Dynamic DNS How to Configure Dynamic DNS Using Static Routes Static Route Example How to Configure Static Routes Page Universal Plug and Play (UPnP) Page Chapter 6 Virtual Private Networking (Advanced Feature) Overview of VPN Configuration Client-to-Gateway VPN Tunnels Gateway-to-Gateway VPN Tunnels DG834 Planning a VPN Page VPN Tunnel Configuration How to Set Up a Client-to-Gateway VPN Configuration DG834 192.168.3.1 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834 v3 22.23.24.25 Follow this procedure to configure a client-to-gateway VPN tunnel using the VPN Wizard. Page Page Page Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC Page Page Page Page Page Page Page Page How to Set Up a Gateway-to-Gateway VPN Configuration Page Page Page Page Page Page VPN Tunnel Control Activating a VPN Tunnel Page Page Verifying the Status of a VPN Tunnel Page Deactivating a VPN Tunnel Page Deleting a VPN Tunnel Page How to Set Up VPN Tunnels in Special Circumstances Using Auto Policy to Configure VPN Tunnels Page Page Page Page Virtual Private Networking (Advanced Feature) 6-41 Example of Using Auto Policy Figure 6-42 Table 6-1. VPN Tunnel Configuration Worksheet Page Page Page Page Using Manual Policy to Configure VPN Tunnels Page Page Page Page Chapter 7 Troubleshooting Basic Functioning Power LED Not On Test LED Never Turns On or Test LED Stays On LAN or Internet Port LEDs Not On Troubleshooting the Web Configuration Interface Troubleshooting the ISP Connection ADSL link Obtaining a WAN IP Address Troubleshooting PPPoE or PPPoA Troubleshooting Internet Browsing Troubleshooting a TCP/IP Network Using the Ping Utility Testing the LAN Path to Your Router Testing the Path from Your Computer to a Remote Device Restoring the Default Configuration and Password Using the Reset button Problems with Date and Time Appendix A Technical Specifications This appendix provides technical specifications for the DG834 ADSL Modem Router. Page Appendix B NETGEAR VPN Configuration DG834 v3 to FVL328 Configuration Profile Step-By-Step Configuration Page Page Page DG834 v3 with FQDN to FVL328 Configuration Profile Page Step-By-Step Configuration Page Page Page Page Page B-14 NETGEAR VPN Configuration Configuration Summary (Telecommuter Example) Figure B-12 Table B-1. Configuration summary (telecommuter example) Gateway A WAN IP WA N IP LAN IP Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Page Page Page Page Page Page Page Page Page Page Page Monitoring the VPN Tunnel (Telecommuter Example) Viewing the PC Clients Connection Monitor and Log Viewer Viewing the VPN Routers VPN Status and Log Information Page Page Appendix C Related Documents