1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. DG834G
    5. /
  5. 23
Page 111 / 268 Scroll up to view Page 106 - 110
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
Virtual Private Networking (Advanced Feature)
8-5
202-10006-05, June 2005
What method will you use to configure your VPN tunnels?
The VPN Wizard using VPNC defaults (see
Table 8-2
)
The typical automated Internet Key Exchange (IKE) setup (see
“Using Auto Policy to
Configure VPN Tunnels” on page 8-36
)
A Manual Keying setup in which you must specify each phase of the connection (see
“Using Manual Policy to Configure VPN Tunnels” on page 8-48
)?
What level of IPSec VPN encryption will you use?
DES - The Data Encryption Standard (DES) processes input data that is 64 bits wide,
encrypting these values using a 56 bit key. Faster but less secure than 3DES.
3DES - (Triple DES) achieves a higher level of security by encrypting the data three times
using DES with three different, unrelated keys.
What level of authentication will you use?
MDS: 128 bits, faster but less secure.
SHA-1: 160 bits, slower but more secure.
Table 8-2.
Parameters Recommended by the VPNC and Used in the VPN Wizard
Parameter
Factory Default
Secure Association
Main Mode
Authentication Method
Pre-shared Key
Encryption Method
3DES
Authentication Protocol
SHA-1
Diffie-Hellman (DH) Group
Group 2 (1024 bit)
Key Life
8 hours
IKE Life Time
1 hour
NETBIOS
Enabled
Note:
NETGEAR publishes additional interoperability scenarios with various gateway
and client software products. Look on the NETGEAR web site at
www.netgear.com
for these interoperability scenarios.
Page 112 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
8-6
Virtual Private Networking (Advanced Feature)
202-10006-05, June 2005
VPN Tunnel Configuration
There are two tunnel configurations and three ways to configure them:
Use the VPN Wizard to configure a VPN tunnel (recommended for most situations):
See
“How to Set Up a Client-to-Gateway VPN Configuration” on page 8-6
.
See
“How to Set Up a Gateway-to-Gateway VPN Configuration” on page 8-20
.
See
“Using Auto Policy to Configure VPN Tunnels” on page 8-36
when the VPN Wizard and
its VPNC defaults (see
Table 8-2
on
page 8-5
) are not appropriate for your special
circumstances, but you want to automate the Internet Key Exchange (IKE) setup.
See
“Using Manual Policy to Configure VPN Tunnels” on page 8-48
when the VPN Wizard
and its VPNC defaults (see
Table 8-2
on
page 8-5
) are not appropriate for your special
circumstances and you must specify each phase of the connection. You manually enter all the
authentication and key parameters. You have more control over the process, however the
process is more complex and there are more opportunities for errors or configuration
mismatches between your DG834G and the corresponding VPN endpoint gateway or client
workstation.
How to Set Up a Client-to-Gateway VPN Configuration
Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a
network gateway (see
Figure 8-3
) involves the following two steps:
“Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G” on page 8-7
uses
the VPN Wizard to configure the VPN tunnel between the remote PC and network gateway.
“Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC” on page 8-12
configures the NETGEAR ProSafe VPN Client endpoint.
Page 113 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
Virtual Private Networking (Advanced Feature)
8-7
202-10006-05, June 2005
Figure 8-3:
Client-to-Gateway VPN Tunnel
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the
DG834G
Note:
This section uses the VPN Wizard to set up the VPN tunnel using the VPNC
default parameters listed in
Table 8-2 on page 8-5
. If you have special requirements not
covered by these VPNC-recommended parameters, refer to
“How to Set Up VPN
Tunnels in Special Circumstances” on page 8-35
to set up the VPN tunnel.
192.168.3.1
VPN Tunnel
DG834G
22.23.24.25
PC
(Running NETGEAR
ProSafe VPN Client)
PCs
0.0.0.0
Page 114 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
8-8
Virtual Private Networking (Advanced Feature)
202-10006-05, June 2005
The worksheet below identifies the parameters used in the following procedure. A blank
worksheet is at
“Planning a VPN” on page 8-3
.
Follow this procedure to configure a client-to-gateway VPN tunnel using the VPN Wizard.
1.
Log in to the DG834G at its LAN address of
with its default user name of
admin
and password of
password
. Click the VPN Wizard link in the main menu to display
this screen. Click
Next
to proceed.
Table 8-3.
VPN Tunnel Configuration Worksheet
Connection Name:
RoadWarrior
Pre-Shared Key:
12345678
Secure Association -- Main Mode or Manual Keys:
Main
Perfect Forward Secrecy -- Enabled or Disabled:
Disabled
NETBIOS -- Enabled or Disabled:
Enabled
Encryption Protocol -- DES or 3DES:
3DES
Authentication Protocol -- MD5 or SHA-1:
SHA-1
Diffie-Hellman (DH) Group -- Group 1 or Group 2:
Group 2
Key Life in seconds:
28800
(8 hours)
IKE Life Time in seconds:
3600
(1 hour)
VPN Endpoint
Local IPSec ID
LAN IP Address
Subnet Mask
FQDN or Gateway IP
(WAN IP Address)
Client
toDG834
Dynamic
DG834G
toClient
192.168.3.1
255.255.255.0
22.23.24.25
Page 115 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
Virtual Private Networking (Advanced Feature)
8-9
202-10006-05, June 2005
Figure 8-4:
VPN Wizard Start Screen
2.
Fill in the Connection Name and the pre-shared key, select the type of target end point, and
click
Next
to proceed.
Note:
The Connection Name is arbitrary and not relevant to how the configuration functions.
Figure 8-5:
Connection Name and Remote IP Type
Enter the new Connection Name:
(e.g.,
RoadWarrior
)
Enter the pre-shared key:
(e.g.,
12345678
)
Select the radio button:
A remote VPN client (single PC)

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top