ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

4.Complete the settings as explained in the following table. The only differences between IPv4 and IPv6 settings are the subnet mask (IPv4) and prefix length (IPv6).

Table 54. Add New VPN Policy screen settings for IPv4 and IPv6

Setting

Description

 

 

 

 

General

 

 

 

 

 

Policy Name

A descriptive name of the VPN policy for identification and management

 

purposes.

 

 

Note: The name is not supplied to the remote VPN endpoint.

 

 

Policy Type

From the drop-down list, select one of the following policy types:

 

Auto Policy. Some settings (the ones in the Manual Policy Parameters

 

section of the screen) for the VPN tunnel are generated automatically.

 

Manual Policy. All settings need to be specified manually, including the ones

 

in the Manual Policy Parameters section of the screen.

Remote Endpoint

Select a radio button to specify how the remote endpoint is defined:

 

IP Address. Enter the IP address of the remote endpoint in the fields to the

 

right of the radio button.

 

FQDN. Enter the FQDN of the remote endpoint in the field to the right of the

 

radio button.

 

 

 

Enable NetBIOS?

Select this check box to enable NetBIOS broadcasts to travel over the VPN

 

tunnel. For more information about NetBIOS, see Configure NetBIOS Bridging

 

with IPSec VPN on page 262. This feature is disabled by default.

 

 

Enable Auto Initiate

Select this check box to enable the VPN tunnel to autoestablish itself without the

 

presence of any traffic.

 

Note: The direction and type of the IKE policy that is associated with this VPN

 

policy need to be either Initiator or Both but cannot be Responder. For more

 

information, see Manually Add or Edit an IKE Policy on page 224.

 

 

Enable Keepalive

Select a radio button to specify if keep-alive is enabled:

 

Yes. This feature is enabled: Periodically, the wireless VPN firewall sends

 

keep-alive requests (ping packets) to the remote endpoint to keep the tunnel

Note: See also

alive. You need to specify the ping IP address in the Ping IP Address field, the

Configure Keep-Alives

detection period in the Detection Period field, and the maximum number of

and Dead Peer

keep-alive requests that the wireless VPN firewall sends in the Reconnect

Detection on page 259.

after failure count field.

 

No. This feature is disabled. This is the default setting.

 

Ping IP Address

The IP address that the wireless VPN firewall pings. The

 

 

address needs to be of a host that can respond to ICMP

 

 

ping requests.

 

Detection Period

The period in seconds between the keep-alive requests. The

 

 

default setting is 10 seconds.

 

 

 

 

Reconnect after

The maximum number of keep-alive requests before the

 

failure count

wireless VPN firewall tears down the connection and then

 

 

attempts to reconnect to the remote endpoint. The default

 

 

setting is 3 keep-alive requests.

Virtual Private Networking Using IPSec and L2TP Connections

235

Page 235
Image 235
NETGEAR FVS318N manual Add New VPN Policy screen settings for IPv4 and IPv6, 235, Setting Description General