1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. DG834G
    5. /
  5. 22
Page 106 / 268 Scroll up to view Page 101 - 105
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
7-14
Advanced Configuration
202-10006-05, June 2005
Page 107 / 268
Virtual Private Networking (Advanced Feature)
8-1
202-10006-05, June 2005
Chapter 8
Virtual Private Networking (Advanced Feature)
This chapter describes how to use the virtual private networking (VPN) features of the DG834G
wireless router. VPN communications paths are called tunnels. VPN tunnels provide secure,
encrypted communications between your local network and a remote network or computer.
This chapter is organized as follows:
“Overview of VPN Configuration” on page 8-2
provides an overview of the two most
common VPN configurations: Client-to-Gateway and Gateway-to-Gateway.
“Planning a VPN” on page 8-3
provides a worksheet for recording the configuration
parameters of the VPN you want to set up, along with the VPN Committee (VPNC)
recommended default parameters set by the VPN Wizard.
“VPN Tunnel Configuration” on page 8-6
summarizes the three ways to configure a VPN
tunnel: VPN Wizard (recommended for most situations), Auto Policy, and Manual Policy.
“How to Set Up a Client-to-Gateway VPN Configuration” on page 8-6
provides the steps
needed to configure a VPN tunnel between a remote PC and a network gateway using the VPN
Wizard and the NETGEAR ProSafe VPN Client.
“How to Set Up a Gateway-to-Gateway VPN Configuration” on page 8-20
provides the steps
needed to configure a VPN tunnel between two network gateways using the VPN Wizard.
“VPN Tunnel Control” on page 8-27
provides the step-by-step procedures for activating,
verifying, deactivating, and deleting a VPN tunnel once the VPN tunnel has been configured.
“How to Set Up VPN Tunnels in Special Circumstances” on page 8-35
provides the steps
needed to configure VPN tunnels when there are special circumstances and the VPNC
recommended defaults of the VPN Wizard are inappropriate. The two alternatives for
configuring VPN tunnels are Auto Policy and Manual Policy.
Page 108 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
8-2
Virtual Private Networking (Advanced Feature)
202-10006-05, June 2005
Overview of VPN Configuration
Two common scenarios for configuring VPN tunnels are between a remote personal computer and
a network gateway and between two or more network gateways. The DG834G supports both of
these types of VPN configurations. The DG834G wireless router supports up to five concurrent
tunnels.
Client-to-Gateway VPN Tunnels
Client-to-Gateway VPN Tunnels provide secure access from a remote PC, such as a telecommuter
connecting to an office network (see
Figure 8-1
).
Figure 8-1:
Client-to-Gateway VPN Tunnel
A VPN client access allows a remote PC to connect to your network from any location on the
Internet. In this case, the remote PC is one tunnel endpoint, running the VPN client software. The
DG834G wireless router on your network is the other tunnel endpoint. See
“How to Set Up a
Client-to-Gateway VPN Configuration” on page 8-6
to set up this configuration.
Gateway-to-Gateway VPN Tunnels
Gateway-to-Gateway VPN Tunnels provide secure access between networks, such as a branch
or home office and a main office (see
Figure 8-2
).
VPN Tunnel
DG834G
PC
(Running NETGEAR
ProSafe VPN Client)
PCs
Page 109 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
Virtual Private Networking (Advanced Feature)
8-3
202-10006-05, June 2005
Figure 8-2:
Gateway-to-Gateway VPN Tunnel
A VPN between two or more NETGEAR VPN-enabled routers is a good way to connect branch or
home offices and business partners over the Internet. VPN tunnels also enable access to network
resources across the Internet. In this case, use DG834Gs on each end of the tunnel to form the VPN
tunnel end points. See
“How to Set Up a Gateway-to-Gateway VPN Configuration” on page 8-20
to set up this configuration.
Planning a VPN
When you set up a VPN, it is helpful to plan the network configuration and record the
configuration parameters on a worksheet:
A
B
VPN Tunnel
DG834G VPN Firewall
DG834G VPN Firewall
PCs
PCs
Page 110 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
8-4
Virtual Private Networking (Advanced Feature)
202-10006-05, June 2005
To set up a VPN connection, you must configure each endpoint with specific identification and
connection information describing the other endpoint. You must configure the outbound VPN
settings on one end to match the inbound VPN settings on other end, and vice versa.
This set of configuration information defines a security association (SA) between the two VPN
endpoints. When planning your VPN, you must make a few choices first:
Will the local end be any device on the LAN, a portion of the local network (as defined by a
subnet or by a range of IP addresses), or a single PC?
Will the remote end be any device on the remote LAN, a portion of the remote network (as
defined by a subnet or by a range of IP addresses), or a single PC?
Will either endpoint use Fully Qualified Domain Names (FQDNs)? FQDNs supplied by
Dynamic DNS providers (see
“The Use of a Fully Qualified Domain Name (FQDN)” on page
F-7
) can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel
request. Otherwise, the side using a dynamic IP address must always be the initiator.
Table 8-1.
VPN Tunnel Configuration Worksheet
Connection Name:
Pre-Shared Key:
Secure Association -- Main Mode or Manual Keys:
Perfect Forward Secrecy -- Enabled or Disabled:
NETBIOS -- Enabled or Disabled:
Encryption Protocol -- DES or 3DES:
Authentication Protocol -- MD5 or SHA-1:
Diffie-Hellman (DH) Group -- Group 1 or Group 2:
Key Life in seconds:
IKE Life Time in seconds:
VPN Endpoint
Local IPSec ID
LAN IP Address
Subnet Mask
FQDN or Gateway IP
(WAN IP Address)

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top