Manuals / Planet Technology / Computer Equipment / Network Router

Planet Technology user manual Example 2 Windows 2000/XP Client to LAN, VRT-401 Configuration

Models: VRT-401

1 125

Download 125 pages 14.86 Kb

Page 89

VPN

Example 2: Windows 2000/XP Client to LAN

In this example, a Windows 2000/XP client connects to VRT-401 and gains access to the local LAN.

Figure 54: Windows 2000/XP Client to VRT-401

To use 3DES encryption, you need Service Pack 3 or later installed on Windows 2000.

VRT-401 Configuration

Setting		Value	Notes

Name		Win Client	Name does not affect operation. Select a
			meaningful name.
Remote Endpoint		172.16.9.10	Other endpoint's WAN (Internet) IP ad-
			dress.
Local		Subnet address:	Allows access to entire LAN. Use a more
IP addresses		192.168.0.0	restrictive definition if possible.
		255.255.255.0
Remote		172.16.9.10	For a single client, this is the same as the
IP addresses			Gateway.
Key Exchange		IKE	Must match

IKE SA Parameters

IKE Direction		Responder	Only want to accept client connections.

Local Identity		IP address	Required.

Remote Identity		IP address	Required

IKE Authentica-		Pre-shared Key	Certificates are not widely used.
tion method
Pre-shared Key		Xxxxxxxxxx	Must match client PC

IKE Authentica-		SHA-1	Must match client PC
tion algorithm
IKE Encryption		3DES	Must match client PC

IKE Exchange		Main Mode	Must match client PC
mode

85

Image 89

Planet Technology user manual Example 2 Windows 2000/XP Client to LAN, VRT-401 Configuration, Setting Value

Contents

Broadband VPN Router Copyright Table of Contents Remote Administration 111 Using Certificates 101106 107Internet Access Features VRT-401 FeaturesConfiguration & Management LAN FeaturesSecurity Features Advanced Internet FunctionsPackage Contents Front-mounted LEDs Physical DetailsRear Panel To Clear All Data and restore the factory default valuesChoose an Installation Site ProcedureRequirements Connect LAN CablesPower Up Using the DMZ PortConnect WAN Cable Check the LEDsTo Do this Refer to OverviewUsing UPnP Configuration ProgramUsing your Web Browser PreparationIf you cant connect Password DialogCommon Connection Types Config WizardCable Modems DSL ModemsSingTel RAS Other Modems e.g. Broadband WirelessBig Pond Cable Australia Navigation & Data Input Home ScreenData LAN Screen LAN ScreenUsing another Dhcp Server Using VRT-401’s Dhcp ServerTo Configure your PCs to use Dhcp What Dhcp DoesWindows Clients TCP/IP Settings OverviewUsing Specify an IP Address Checking TCP/IP Settings Windows 9x/MEUsing Dhcp Gateway Tab Win 95/98 Windows NT4.0 TCP/IP Checking TCP/IP Settings Windows NT4.0Specify an IP Address Obtain an IP address from a Dhcp ServerWindows NT4.0 Add Gateway Windows NT4.0 DNS Network Configuration Win Checking TCP/IP Settings WindowsTCP/IP Properties Win Using a fixed IP Address Use the following IP AddressNetwork Configuration Windows XP Checking TCP/IP Settings Windows XPTCP/IP Properties Windows XP Accessing AOL Internet AccessFor Windows 9x/ME/2000 For Windows XPLinux Clients Macintosh ClientsOther Unix Systems Fixed IP AddressStatus Screen OperationData Status Screen Data PPPoE Screen Connection Status PPPoEConnection Physical Address PPPoE Link StatusConnection Log Messages Operation and Status Data Pptp Screen Connection Status PptpConnection Physical Ad DressData Telstra Big Pond Screen Connection Status Telstra Big PondConnection Status Connection Details SingTel RASData SingTel RAS Screen Internet Physical Ad Connection Details Fixed/Dynamic IP AddressData Fixed/Dynamic IP address Screen Buttons Release/Renew Internet Screen Advanced Internet ScreenSpecial Applications Screen Communication ApplicationsSpecial Applications Checkbox Name Incoming Ports Outgoing Ports Using a Special ApplicationData Special Applications Screen URL Filter DMZData URL Filter Screen URL Filter ScreenDynamic DNS Screen Service works as followsDynamic DNS Domain Name Server Password Domain Name Ddns ServiceData Dynamic DNS Screen Ddns Data User NameIP Address seen by Internet Users Virtual ServersData Virtual Servers Screen Using the DMZ port for Virtual ServersVirtual Servers Screen Backup DNS IP Address Connecting to the Virtual ServersOptions Defining your own Virtual ServersMTU size MTUAdmin Login Screen Admin LoginPassword Dialog To use this feature Access ControlAccess Control Screen Data Access Control Screen View Log Group Members Screen Access Control LogSecurity Configuration Firewall Rules Screen This feature is for advanced administrators onlyFirewall Rules Data Firewall Rules Screen Data Define Firewall Rule Screen Define Firewall RuleType Source IPLog Dest IPAction Logs Enable Logs DoS AttacksData Logs Screen Internet ConnecSyslog Server Enable Syslog Access ControlFirewall Rules TimezoneInclude Security Options SPI Firewall Enable DoSData Security Options Screen FirewallAllow IPsec Options Respond toAllow Pptp Allow L2TPData Define Schedule Screen SchedulingDefine Schedule Screen Data Services Screen ServicesButtons Delete IPSec VRT-401 does not support Transport ModeVRT-401 always uses Tunnel Mode Policies VPN ConfigurationClient PC to VPN Gateway Common VPN SituationsVPN Pass-through Connecting 2 VPN Gateways Connecting 2 LANs via VPNData VPN Policies Screen VPN ConfigurationVPN Policies Screen Operations Add Able/Disable CopyAdding a New Policy Enable Policy General SettingsEndpoint KeysLocal IP addresses Type VPN Wizard Traffic SelectorManual Key Exchange Remote IP addresses TypeManually assigned Keys Tication is enabledESP Encryption ESP AuthenticaRemote Identity IKE PhaseLocal Identity Encryption AuthenticationIKE Exchange ModeAH Authentication IKE Phase 2 IPsec SA IPsec SA LifeTime IPSec PFSConfiguration Settings Example 1 Connecting 2 VRT-401sSetting LAN a Gateway LAN B Gateway ExamplesIPSec SA Parameters DESExample 2 Windows 2000/XP Client to LAN VRT-401 ConfigurationSetting Value Windows 2000/XP Local Security Settings Windows Client ConfigurationWindows 2000/XP Policy Properties Filter Properties Addressing New Rule Properties Filter Action Modify Security Method VPN Setting Windows SettingTunnel Setting Windows 2000/XP Client to VRT-401 Filter List Filter Action Modify Security Method DUT to Win2K Properties Properties General Tab IKE Security Algorithms Key Exchange Security MethodsExample 3 Windows 2000 Server to VPN Gateway Setting Single Client Server/GatewayWindows 2000 Server Addressing Windows 2000 Server ConfigurationUsing Certificates Adding a Self Certificate Adding a Trusted CertificateSignature Algorithm Hash AlgorithmSignature Key LengthTo add a New CRL CRLsUpload CRL Upgrade Administra Tion RoutingPC Database RemotePC Database Screen PC DatabaseData PC Database Screen PC Properties Name PC Database AdminData PC Database Admin Screen ∙ Dchp Client Reserved IP Address Select this if the PC Update SeButtons Add as New EntryTo connect from a remote PC via the Internet Remote AdministrationData Remote Administration Screen Routing Using this ScreenOverview Routing ScreenStatic Routing Static Routing Table Entries Enable RIPData Routing Screen Local Router Configuring Other Routers on your LANStatic Routing Example For Router As Default RouteOther Routers on the Local LAN For VRT-401’s Routing TableTo perform the Firmware Upgrade Firmware UpgradeFor Router Bs Default Route Data Upnp Screen Problem 1 Cant connect to VRT-401 to configure it General ProblemsInternet Access 119 FCC Statement VRT-401FCC Radiation Exposure Statement CE Marking Warning