Page 276 / 304
Scroll up to view Page 271 - 275
VigorPro5300 Series User’s Guide
268
5.2 Create a Remote Dial-in User Connection Between the
Teleworker and Headquarter
The other common case is that you, as a teleworker, may want to connect to the enterprise
network securely. According to the network structure as shown in the below illustration, you
may follow the steps to create a Remote User Profile and install Smart VPN Client on the
remote host.
Settings in VPN Router in the enterprise office:
1.
Go to
VPN and Remote Access
and select
Remote Access Control
to enable the
necessary VPN service and click
OK
.
2.
Then, for using PPP based services, such as PPTP, L2TP, you have to set general
settings in
PPP General Setup
.
For using IPSec-based service, such as IPSec or L2TP with IPSec Policy, you have to
set general settings in
IKE/IPSec General Setup
, such as the pre-shared key that both
parties have known.
Page 277 / 304
VigorPro5300 Series User’s Guide
269
3.
Go to
Remote Dial-In Users
. Click on one index number to edit a profile.
4.
Set
Dial-In
settings to as shown below to allow the remote user dial-in to build VPN
connection.
If an
IPSec
service is selected, you may further specify the remote peer IP Address,
IKE Authentication Method and IPSec Security Method for this Dial-In connection.
Otherwise, it will apply the settings defined in
IPSec General Setup
above.
If a
PPTP
service is selected, you should further specify the remote peer IP Address,
Username, Password, and VJ Compression for this Dial-In connection.
Page 278 / 304
VigorPro5300 Series User’s Guide
270
Settings in the remote host:
1.
For Win98/ME, you may use "Dial-up Networking" to create the PPTP tunnel to Vigor
router.
For Win2000/XP, please use "Network and Dial-up connections" or “Smart
VPN Client”, complimentary software to help you create PPTP, L2TP, and L2TP over
IPSec tunnel. You can find it in CD-ROM in the package or go to
www.draytek.com
download center. Install as instructed.
2.
After successful installation, for the first time user, you should click on the
Step 0.
Configure
button. Reboot the host.
3.
In
Step 2. Connect to VPN Server
, click
Insert
button to add a new entry.
If an IPSec-based service is selected as shown below,
Page 279 / 304
VigorPro5300 Series User’s Guide
271
You may further specify the method you use to get IP, the security method, and
authentication method. If the Pre-Shared Key is selected, it should be consistent with
the one set in VPN router.
If a PPP-based service is selected, you should further specify the remote VPN server IP
address, Username, Password, and encryption method. The User Name and Password
should be consistent with the one set up in the VPN router. To use default gateway on
remote network means that all the packets of remote host will be directed to VPN
server then forwarded to Internet. This will make the remote host seem to be working
in the enterprise network.
Page 280 / 304
VigorPro5300 Series User’s Guide
272
4.
Click
Connect
button to build connection. When the connection is successful, you will
find a green light on the right down corner.
5.3 QoS Setting Example
Assume a teleworker sometimes works at home and takes care of children. When working
time, he would use Vigor router at home to connect to the server in the headquarter office
downtown via either HTTPS or VPN to check email and access internal database.
Meanwhile, children may chat on Skype in the restroom.
1.
Go to
Bandwidth Management>>Quality of Service.
2.
Click
Setup
link for WAN1. Make sure the QoS Control on the left corner is checked.
And select
BOTH
as the
Direction
.
3.
Set Inbound/Outbound bandwidth.
19216811.live