ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
5-18 Virtual Private Networking Using IPsec
v1.2, June 2008
4. Enter the LAN IP Subnet Address and Subnet Mask of the FVS336G LAN. Check the
Connect using radio button and choose Secure Gateway Tunnel from the pull-down menu.
5. From the first ID Type pull-down menus, choose Domain Name and enter the FQDN address
of the FVS336G.
6. From the second ID Type pull-down menu, choose Gateway IP Address and enter the WAN
IP Gateway address of the FVS336G.
7. In the left frame, click My Identity.
8. From the Select Certificate pull-down menu, choose None.
9. From the ID Type pull-down menu, choose Domain Name.
The value entered under Domain Name will be of the form “<name><XY>.fvg_remote.com”,
where each user must use a different variation on the Domain Name entered here. The <name>
is the policy name used in the FVS336G configuration. In this example, it is “home”. X and Y
are an arbitrary pair of numbers chosen for each user.
In this example, we have entered home11.fvg_remote.com. Up to 200 user variations can be
served by one policy.
10. Leave Virtual A dapter disabled, and click your computer’s Network Adapter. Your current IP
address will appear.
11. Before leaving the My Identity menu, click Pre-Shared Key.
12. Click Enter Key and then enter your preshared key, and click OK. This key will be shared by
all users of the FVS336G policy “home”.
13. In the left frame, click Security Policy.
14. For the Phase 1 Negotiation Mode, check the Aggressive Mode radio button.
15. PFS should be disabled, and Enable Replay Detection should be enabled.
16. In the left frame, expand Authentication (Phase 1) and choose Proposal 1. The Proposal 1
fields should mirror those in the following figure. No changes should be necessary.
17. In the left frame, expand Key Exchange (Phase 2) and choose Proposal 1. The fields in this
proposal should also mirror those in the following figure. No changes should be necessary.
18. In the upper left of the window, click the disk icon to save the policy.
Note: X may not be zero!