Configuration Profile, Gateway a | NETGEAR DGND3300-100NAS instruction

C. NETGEAR VPN Configuration	C
Case study on how to set up a VPN

This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DGND3300v2 to a FVL328. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html).

Configuration Profile

The configuration in this appendix follows the addressing and configuration mechanics defined by the VPN Consortium. Gather necessary information before you begin configuration. Verify that the firmware is up to date, and that you have all the addresses and parameters to be set on both sides. Check that there are no firewall restrictions.

Table 8. N300 Wireless Modem Router to Gateway B Profile Summary

	VPN Consortium Scenario		Scenario 1 (Identity Using Preshared Secrets)

	Type of VPN		LAN-to-LAN or gateway-to-gateway (not PC/client-to-gateway)

	Security scheme:		IKE with pre-shared secret/key (not certificate based)

	IP addressing:

		NETGEAR-Gateway A	Static IP address

		NETGEAR-Gateway B	Static IP address

10.506.0/24					172.23.9.0/24
10.506.0/24
		Gateway A
		(DGND3300v2)
				Gateway B
		LAN IP	Internet		LAN IP
		LAN IP	WAN IP	WAN IP	LAN IP
10.5.6.1			14.15.16.17	22.23.24.25	172.23.9.1

Figure 71. VPNC Example, Network Interface Addressing

Appendix C. NETGEAR VPN Configuration 151

Image 151

Contents

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 Trademarks Technical SupportStatement of Conditions Table of Contents Network Maintenance Advanced Settings Part Appendix C Netgear VPN Configuration Using the Setup Manual Router Internet Setup To log in to the N300 wireless modem router Logging In to Your N300 Wireless Modem Router To use the Setup Wizard Using the Setup Wizard To view or configure the basic settings Viewing or Manually Configuring Your ISP Settings Router Internet Setup Settings Description ISP does not require login Router Internet Setup Manual Configuring Adsl Settings Planning Your Wireless Network Wireless Settings See Manually Configuring Your Wireless Settings on Wireless Placement and Range Guidelines Wireless Security Options To view or manually configure the wireless settings Manually Configuring Your Wireless Settings Name 11N Ssid WPA-802.1x Configuring WEP Wireless SecurityNetwork Key 8-63 characters To configure WEP data encryption Configuring WPA, WPA2, or Mixed WPA2 + WPA Wireless Security To configure WPA or WPA2 in the N300 wireless modem router Using a WPS Button to Add a WPS Client Using Push N Connect WPS to Configure Your Wireless Network Using PIN Entry to Add a WPS Client To use a PIN to add a WPS client Configuring Advanced WPS Settings Adding More WPS Clients To add a wireless client device that is WPS enabledAdding Both WPS and Non-WPS Clients Restricting Access to Your N300 Wireless Modem Router Wireless Guest Networks To configure a wireless guest network Web-Based Interface Live Parental ControlsTotal Home Protection Minimal Software Installation Flexible Settings Protecting Access to Your N300 Wireless Modem Router Security Settings Changing the Built-In Password Restricting Access by MAC AddressTo restrict access based on MAC addresses Select the Turn Access Control On check box To block access to Internet sites Blocking Access to Internet Sites Firewall Rules To add or edit a rule from the Firewall Rules screen Scheduling Blocking on Field Outbound Rules Inbound Rules Port Forwarding Adding a Custom Port Forwarding Rule Adding a Pre-set Port Forwarding Rule Port Triggering To configure port triggering Blocking Access to Internet Services Scheduling Blocking To block access to Internet servicesTo schedule blocking Viewing Logs of Web Access or Attempted Web Access Field Description Configuring Email Alert and Web Access Log Notifications Security Settings Setting the Time Upgrading the Firmware Network Maintenance Manually Check for Firmware Upgrades Viewing N300 Wireless Modem Router Status Information Field Description Dhcp Connection Status Statistics Viewing a List of Attached Devices Managing the Configuration File Do not interrupt the reboot process Running Diagnostic Utilities and Rebooting the RouterBacking Up and Restoring the Configuration Erasing the Configuration Enabling Remote Management Access Select the Turn Remote Management On check box Http//134.177.0.1238080 in your browser Traffic MeterTo monitor traffic on your router Network Maintenance Network Maintenance USB port Up data File Sharing Scenarios USB Drive RequirementsBus Speed/Second To share files with your friends and family Sharing Photos with Friends and FamilyStoring Files in a Central Location for Printing Sharing Large Files with Colleagues \\readyshare USB Storage Basic Settings\\readyshare\USBStorage Fields and Buttons Description Editing a Network Folder Configuring USB Storage Advanced Settings Http Fields Description Creating a Network Folder Unmounting a USB Drive Media Server SettingsSpecifying Approved USB Devices Locating the Internet Port IP Address Connecting to the USB Drive from a Remote ComputerSelect the Allow only approved devices check box Enabling File and Printer Sharing Connecting to the USB Drive with Microsoft Network SettingsAccessing the Router’s USB Drive Remotely Using FTP Configuring Windows 98SE and Windows ME Configuring Windows 2000 and Windows XP Virtual Private Networking Overview of VPN Configuration Gateway-to-Gateway VPN Tunnels Client-to-Gateway VPN TunnelsGateway B Parameter Value to Be Entered Field Selection Planning a VPN Parameter Factory Default Setting VPN Tunnel Configuration Configure the Client-to-Gateway VPN Tunnel Setting Up a Client-to-Gateway VPN Configuration Address Virtual Private Networking Configure the Netgear ProSafe VPN Client Select the Connect using Secure Gateway Tunnel check box Security Policy settings, Client-to-Gateway a Virtual Private Networking Virtual Private Networking Select the Encapsulation Protocol ESP check box Leave the Authentication Protocol AH check box cleared Virtual Private Networking Setting Up a Gateway-to-Gateway VPN Configuration Gateway a Gateway B Gateway-to-Gateway VPN Tunnel Configuration Worksheet Virtual Private Networking Virtual Private Networking Activating a VPN Tunnel VPN Tunnel Control To use the VPN Status screen to activate a VPN tunnel Using the VPN Status Screen to Activate a VPN Tunnel Activating the VPN Tunnel by Pinging the Remote Endpoint Verifying the Status of a VPN Tunnel Start Using a VPN Tunnel to Activate ItType ping Deactivating a VPN Tunnel To use the VPN Policies screen to deactivate a VPN tunnel Using the VPN Status Screen to Deactivate a VPN TunnelTo use the VPN Status screen to deactivate a VPN tunnel Deleting a VPN Tunnel Setting Up VPN Tunnels in Special CircumstancesTo delete a VPN tunnel Configuring VPN Network Connection Parameters Using Auto Policy to Configure VPN Tunnels Virtual Private Networking Fields and Settings Description VPN Auto Policy Screen Settings Fully Qualified Domain Name. Your domain name IKE DH Group setting in the IKE section To use Auto Policy Example of Using Auto Policy Auto Policy Field Description VPN Auto Policy screen displays Enter these policy settings Click Apply. The VPN Policies screen displays Using Manual Policy to Configure VPN Tunnels Fields and Settings Description SPI Using the LAN Setup Options Advanced Settings Part Settings LAN TCP/IP Using the N300 Wireless Modem Router as a Dhcp Server To reserve an IP address Address Reservation Click Edit or Delete Using a Dynamic DNS ServiceTo configure Dynamic DNS To edit or delete a reserved address entry Select the Use a Dynamic DNS Service check box Configuring the WAN Setup Options Setting Description WAN Setup fields are described in the following table Setting Up a Default DMZ Server Setting Up Quality of Service QoSTo assign a computer or server to be a default DMZ server QoS for Applications and Online Gaming Configuring QoS for Internet Access Advanced Settings Part 1 Click Add Priority Rule Click Setup QoS RuleQoS for a Router LAN Port QoS for a MAC Address Editing or Deleting an Existing QoS Policy Configuring Static RoutesTo edit or delete an existing QoS policy To add or edit a static route Wireless Repeating Also Called WDS Wireless Repeating Function To set up the base station Setting Up the Base Station To configure a N300 wireless modem router as a repeater unit Setting Up a Repeater Unit Advanced Settings Part 1 Common Connection Types Fine-tuning your network Network Connection Theoretical Raw Transfer Time Assessing Your Speed Requirements Optimizing Your Network Bandwidth Reduce interference Optimizing Wireless PerformanceIdentify critical wireless links Choose placement carefully Changing the MTU Size Choose your settings Application Universal Plug and PlayTo change the MTU size To turn on Universal Plug and Play Advanced Settings Part Recommendation Instructions Quick Tips Troubleshooting with the LEDs Situation Recommended Action Restoring the Factory Configuration Settings on Cannot Access the N300 Wireless Modem Router Menu To check the WAN IP address Cannot Access the InternetChecking the Configuration Checking the WAN IP Address Troubleshooting a Network Using the Ping Utility Testing the Path from Your Computer to a Remote Device Testing the LAN Path to Your RouterTo ping the router from a running Windows PC Problems with Date and Time Viewing Available Networks Wireless Connectivity Appendix A. Troubleshooting Using the Restore Factory Settings Button Restoring the Factory Configuration Settings 192.168.0.1 Feature Default Setting Router loginInternet connection Local network LAN NETGEAR-2.4G Feature Default Setting Interface Specifications Technical Specifications Gateway a Configuration Profile Unit Step-by-Step ConfigurationLAN Subnet Mask Configuration Profile N300 Wireless Modem Router with Fqdn to Gateway B VPN Consortium Scenario Using a Fully Qualified Domain Name Fqdn Step-by-Step Configuration Click Show Status Device LAN IP Address LAN Subnet Mask Configuration Summary Telecommuter Example VPN Consortium Scenario Setting Up Client-to-Gateway VPN Telecommuter Example Configure Gateway a VPN Router at Main Office Configure Gateway B VPN Router at Regional Office Connection Security section, select Secure Appendix C. Netgear VPN Configuration Appendix C. Netgear VPN Configuration Select the Encapsulation Protocol ESP check box Select toDGND3300v2 Monitoring the VPN Tunnel Telecommuter Example Viewing the VPN Router’s VPN Status and Log Information FCC Requirements for Operation in the United States Regulatory Compliance Information Europe EU Declaration of Conformity Interference Reduction TableEdoc in Languages of the European Community 1999/5/EG befindet Slovensko Document Link Related Documents Index Index Ping 89, 142 Ssid Index