NETGEAR DG834 V3 Planning a VPN

Reference Manual for the ADSL Modem Router DG834 v3

Virtual Private Networking (Advanced Feature) 6-3

v1.1, October 2006

A VPN between two or more NETGEAR VPN-enabled routers is a good way to connect branch or

home offices and business partners over the Internet. VPN tunnels also enable access to network

resources across the Internet. In this case, use DG834 v3s on each end of the tunnel to form the

VPN tunnel end points. See “How to Set Up a Gateway-to-Gateway VPN Configuration” on

page 6-20 to set up this configuration.

Planning a VPN

When you set up a VPN, it is helpful to plan the network configuration and record the

configuration parameters on a worksheet:

To set up a VPN connection, you must configure each endpoint with specific identification and

connection information describing the other endpoint. You must configure the outbound VPN

settings on one end to match the inbound VPN settings on other end, and vice versa.

Table 6-1. VPN Tunnel Configuration Worksheet

Connection Name:

Pre-Shared Key:

Secure Association -- Main Mode or Manual Keys:

Perfect Forward Secrecy -- Enabled or Disabled:

Encryption Protocol -- DES or 3DES:

Authentication Protocol -- MD5 or SHA-1:

Diffie-Hellman (DH) Group -- Group 1 or Group 2:

Key Life in seconds:

IKE Life Time in seconds:

VPN Endpoint Local IPSec ID LAN IP Address Subnet Mask

FQDN or Gateway IP

(WAN IP Address)

Contents

Main Page European Union Statement of Compliance Page v Voluntary Control Council for Interference (VCCI) Statement WProduct and Publication Details Change History Page Contents Reference Manual for the ADSL Modem Router DG834 v3 Page Page Page Chapter 1 About This Manual Audience, Scope, Conventions, and Formats How to Print this Manual Chapter 2 Introduction About the Modem Router Key Features A Powerful, True Firewall Easy Installation and Management Protocol Support Page Virtual Private Networking (VPN) Auto Sensing and Auto Uplink LAN Ethernet Connections Content Filtering Trend Micro Home Network Security Whats in the Box? Introduction 2-7 The Modem Routers Front Panel The DG834 ADSL Modem Router front panel shown below contains status LEDs. Figure 2-1 Table 2-1. LED Descriptions The Routers Rear Panel Connecting the Router to the Internet Page Chapter 3 Protecting Your Network Protecting Access to Your DG834 ADSL Modem Router How to Change the Built-In Password Changing the Administrator Login Timeout Configuring Basic Firewall Services Blocking Keywords, Sites, and Services How to Block Keywords and Sites Page Firewall Rules Inbound Rules (Port Forwarding) Page Page Outbound Rules (Service Blocking) Page Order of Precedence for Rules Services How to Define Services Setting Times and Scheduling Firewall Services How to Set Your Time Zone Page How to Schedule Firewall Services Trend Micro Home Network Security Security Service Settings Page Parental Controls Settings Page Page Page Page Chapter 4 Managing Your Network Backing Up, Restoring, or Erasing Your Settings How to Back Up the Configuration to a File How to Restore the Configuration from a File How to Erase the Configuration Upgrading the Modem Routers Firmware How to Upgrade the Modem Router Firmware Network Management Information Viewing Modem Router Status and Usage Statistics Managing Your Network 4-5 Table 4-1. Menu 3.2 - Modem Router Status Fields This screen shows the following statistics:. Page Viewing Attached Devices Viewing, Selecting, and Saving Logged Information Page Page Examples of Log Messages Enabling Security Event E-mail Notification Running Diagnostic Utilities and Rebooting the Modem Router Enabling Remote Management Configuring Remote Management Page Chapter 5 Advanced Configuration Configuring Advanced Security Setting Up A Default DMZ Server Connect Automatically, as Required Disable Port Scan and DOS Protection Respond to Ping on Internet WAN Port MTU Size Configuring LAN IP Settings Page DHCP Page How to Configure LAN TCP/IP Settings Configuring Dynamic DNS How to Configure Dynamic DNS Using Static Routes Static Route Example How to Configure Static Routes Page Universal Plug and Play (UPnP) Page Chapter 6 Virtual Private Networking (Advanced Feature) Overview of VPN Configuration Client-to-Gateway VPN Tunnels Gateway-to-Gateway VPN Tunnels DG834 Planning a VPN Page VPN Tunnel Configuration How to Set Up a Client-to-Gateway VPN Configuration DG834 192.168.3.1 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834 v3 22.23.24.25 Follow this procedure to configure a client-to-gateway VPN tunnel using the VPN Wizard. Page Page Page Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC Page Page Page Page Page Page Page Page How to Set Up a Gateway-to-Gateway VPN Configuration Page Page Page Page Page Page VPN Tunnel Control Activating a VPN Tunnel Page Page Verifying the Status of a VPN Tunnel Page Deactivating a VPN Tunnel Page Deleting a VPN Tunnel Page How to Set Up VPN Tunnels in Special Circumstances Using Auto Policy to Configure VPN Tunnels Page Page Page Page Virtual Private Networking (Advanced Feature) 6-41 Example of Using Auto Policy Figure 6-42 Table 6-1. VPN Tunnel Configuration Worksheet Page Page Page Page Using Manual Policy to Configure VPN Tunnels Page Page Page Page Chapter 7 Troubleshooting Basic Functioning Power LED Not On Test LED Never Turns On or Test LED Stays On LAN or Internet Port LEDs Not On Troubleshooting the Web Configuration Interface Troubleshooting the ISP Connection ADSL link Obtaining a WAN IP Address Troubleshooting PPPoE or PPPoA Troubleshooting Internet Browsing Troubleshooting a TCP/IP Network Using the Ping Utility Testing the LAN Path to Your Router Testing the Path from Your Computer to a Remote Device Restoring the Default Configuration and Password Using the Reset button Problems with Date and Time Appendix A Technical Specifications This appendix provides technical specifications for the DG834 ADSL Modem Router. Page Appendix B NETGEAR VPN Configuration DG834 v3 to FVL328 Configuration Profile Step-By-Step Configuration Page Page Page DG834 v3 with FQDN to FVL328 Configuration Profile Page Step-By-Step Configuration Page Page Page Page Page B-14 NETGEAR VPN Configuration Configuration Summary (Telecommuter Example) Figure B-12 Table B-1. Configuration summary (telecommuter example) Gateway A WAN IP WA N IP LAN IP Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Page Page Page Page Page Page Page Page Page Page Page Monitoring the VPN Tunnel (Telecommuter Example) Viewing the PC Clients Connection Monitor and Log Viewer Viewing the VPN Routers VPN Status and Log Information Page Page Appendix C Related Documents