Example 2 Windows 2000/XP Client to LAN | TRENDnet BRV204 guide

Microsoft VPN

Example 2: Windows 2000/XP Client to LAN

In this example, a Windows 2000/XP client connects to the TW100-BRV204 and gains access to the local LAN.

Figure 57: Windows 2000/XP Client to TW100-BRV204

To use 3DES encryption on Windows 2000, you need Service Pack 3 or later installed.

TW100-BRV204 Configuration

Setting	Value	Notes
Name	Win Client	Name does not affect operation. Select a
		meaningful name.
Remote Endpoint	172.16.9.10	Other endpoint's WAN (Internet) IP address.
Local	Subnet address:	Allows access to entire LAN. Use a more
IP addresses	192.168.0.0	restrictive definition if possible.
	255.255.255.0
Remote	172.16.9.10	For a single client, this address is the same as
IP addresses		the endpoint address.
Key Exchange	IKE	Must match client PC
IKE SA Parameters
IKE Direction	Both ways	Using "Responder only" is not possible.
Local Identity	IP address	Required.
Remote Identity	IP address	Required
IKE Authentication	Pre-shared Key	Certificates are not widely used.
method
Pre-shared Key	Xxxxxxxxxx	Must match client PC
IKE Authentication	SHA-1	Must match client PC
algorithm
IKE Encryption	3DES	Must match client PC
IKE Exchange	Main Mode	Windows 2000 only supports Main Mode.
mode

85

Image 89

TRENDnet manual Example 2 Windows 2000/XP Client to LAN, TW100-BRV204 Configuration, Setting Value

Contents

Page Page Table of Contents 108 Overview 136 General Problems Internet Access120 136 Internet Access Features TW100-BRV204 Features Advanced Internet Functions LAN FeaturesConfiguration & Management Package Contents Front-mounted LEDs Physical Details Rear Panel Using the DMZ Port Advantages of the DMZ Port Choose an Installation Site ProcedureRequirements Connect LAN Cables Check the LEDs Power UpConnect WAN Cable Refer to OverviewTo Do this Preparation Configuration ProgramUsing UPnP If you cant connect Using your Web Browser TW100-BRV204 User’s Guide Common Connection Types Setup WizardCable Modems DSL Modems SingTel RAS Other Modems e.g. Broadband WirelessBig Pond Cable Australia Navigation & Data Input Home Screen Buttons LAN ScreenData LAN Screen Using another Dhcp Server Using the TW100-BRV204 s Dhcp ServerTo Configure your PCs to use Dhcp What Dhcp Does Windows Clients TCP/IP Settings Overview Using Specify an IP Address Checking TCP/IP Settings Windows 9x/MEUsing Dhcp Gateway Tab Win 95/98 Windows NT4.0 TCP/IP Checking TCP/IP Settings Windows NT4.0 Specify an IP Address Obtain an IP address from a Dhcp Server Windows NT4.0 DNS Network Configuration Win Checking TCP/IP Settings Windows Using a fixed IP Address Use the following IP Address Network Configuration Windows XP Checking TCP/IP Settings Windows XP TCP/IP Properties Windows XP Accessing AOL Internet AccessFor Windows 9x/ME/2000 For Windows XP Linux Clients Macintosh ClientsOther Unix Systems Fixed IP Address Status Screen Operation System Data Status ScreenInternet Data PPPoE Screen Connection Status PPPoEConnection Connection Log Message Description Connection Log Messages Data Pptp Screen Connection Status PptpPptp Status Connect Disconnect Data Telstra Big Pond Screen Connection Status Telstra Big Pond Connection Details SingTel RAS Default GatewayData SingTel RAS Screen RAS Plan DNS IP Address Dhcp Client Release/Renew Button will display Either Release Or Renew Connection Details Fixed/Dynamic IP AddressData Fixed/Dynamic IP address Screen Update the data shown on screen Internet Features Data WAN Port Configuration Screen WAN Port ConfigurationIdentification IP Address Login Communication Applications Advanced InternetCommunication Applications Data Special Applications Screen Special ApplicationsSpecial Applications Screen Multi-DMZ Using a Special ApplicationIncoming Ports Outgoing Ports URL Filter Screen URL FilterData URL Filter Screen Filter Strings Dynamic DNS Domain Name Server Ddns ServiceDynamic DNS Screen Data Dynamic DNS Screen Ddns Data Ddns Service User Name Password/Key Domain Name Ddns Status IP Address seen by Internet Users Using the DMZ port for Virtual ServersVirtual Servers Virtual Servers Screen Connecting to the Virtual ServersDefining your own Virtual Servers Data Virtual Servers Screen Options Backup DNSData Options Screen MTU size Admin Login Screen Admin Login Security Configuration Access Control Screen Access ControlTo use this feature Data Access Control Screen Internet Access Group Members Screen Access Control LogDate/Time Source IP address Firewall Rules This feature is for advanced administrators onlyFirewall Rules Screen Data Firewall Rules Screen Data Add Edit Move Delete View Log System Rules Data Define Firewall Rule Screen Define Firewall RuleType Source IP Log Dest IPAction Data Logs Screen Enable LogsLogs Syslog Server Timezone Data E-Mail Screen MailMail Alerts Mail Logs Port No SubjectSmtp Server Security Options Enable DoS Firewall ThresholdData Security Options Screen Firewall Options Data Define Schedule Screen SchedulingDefine Schedule Screen Data Services Screen ServicesAvailable Services Add New Service IPSec TW100-BRV204 does not support Transport ModeTW100-BRV204 always uses Tunnel Mode Policies VPN ConfigurationVPN Endpoint Address Client PC to VPN Gateway Common VPN SituationsVPN Pass-through Connecting 2 VPN Gateways Connecting 2 LANs via VPN VPN Policies Screen VPN ConfigurationData VPN Policies Screen VPN List Copy Enable/DisableAdding a New Policy VPN Wizard General Screen General Settings Local IP addresses VPN Wizard Traffic Selector Screen Manually assigned Keys Manual Key ExchangeRemote IP addresses Tion is enabled ESP AuthenticationESP Encryption Encryption Algorithm IKE Phase 1 IKE SA IKE Phase Algorithm AuthenticationEncryption IKE Exchange IKE Phase 2 IPsec SA IKE Phase 2 ScreenAH Authentication IPsec SA Life Time VPN Wizard Final Screen Configuration Settings Example 1 Connecting 2 TW100-BRV204 sSetting LAN a Gate LAN B Gate Way VPN Examples IPSec SA Parameters DES Example 2 Windows 2000/XP Client to LAN TW100-BRV204 ConfigurationSetting Value Windows 2000/XP Local Security Settings Windows Client Configuration Windows 2000/XP Policy Properties Filter Properties Addressing New Rule Properties Filter Action Modify Security Method VPN Setting Windows Setting Tunnel Setting Windows 2000/XP Client to TW100-BRV204 Filter List Filter Action Modify Security Method DUT to Win2K Properties Properties General Tab IKE Security Algorithms Key Exchange Security Methods Example 3 Windows 2000 Server to VPN Gateway SettingSingle Client Server/Gateway Windows 2000 Server Addressing Windows 2000 Server Configuration Trusted Certificates CertificatesRequesting a Trusted Certificate Data Trusted Certificates Screen Active Self Certificates Self CertificatesData Self Certificates Screen Self Certificate Requests Requesting a Self Certificate Signature Key Length Hash AlgorithmSignature Algorithm To add a New CRL CRLs Certificate Revocation Lists Status VPN Status Data VPN Status ScreenSA Type Data Transfered Microsoft VPN Screen Server Setup Data Microsoft VPN Screen Client DatabaseData Microsoft VPN Client Database Screen Pptp Server Button Server Status Data Microsoft VPN Status ScreenTions Server Log Windows 98/ME Windows Client Setup Windows ME VPN Dialing Properties To establish a connection Windows 2000 Network Connection Windows Windows 2000 VPN Host Windows 2000 Finish Wizard Changing the connection settings Windows XP Network Connection Type Windows XP Windows XP Connection Name Windows XP Connection Availability Remote Admin Diagnostics PC DatabaseUpgrade Network Data Config File Screen Config File Data Network Diagnostics Screen Network DiagnosticsPing DNS Lookup PC Database Screen PC Database Data PC Database Screen AdministrationKnown PCs Generate Report PC Properties PC Database AdminData PC Database Admin Screen Standard Screen Add as NewEntry Data Remote Administration Screen Remote AdministrationSettings Information To connect from a remote PC via the Internet AccessPort Number Allow Remote Routing Using this ScreenOverview Routing Screen Data Routing Screen Enable RIPStatic Routing Static Routing Table Entries Local Router Configuring Other Routers on your LAN Other Routers on the Local LAN Static Routing ExampleFor the TW100-BRV204 s Routing Table Entry 1 Segment For Router As Default Route Data Upgrade Firmware Screen Upgrade FirmwareTo perform the Firmware Upgrade Upgrade Firmware Allow Internet access to be disabled Enable UPnP Services Allow Configu RationUPnP Data UPnP Screen Problem 1 Cant connect to the TW100-BRV204 to configure it General ProblemsInternet Access Appendix a Troubleshooting FCC Statement TW100-BRV204 CE Standards CE Marking WarningFCC Radiation Exposure Statement Limited Warranty Technical Support 142