Page 251 / 268
Scroll up to view Page 246 - 250
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
NETGEAR VPN Configuration
F-17
202-10006-05, June 2005
b.
If you do not have a modem or dial-up adapter installed in your PC, you may see the
warning message stating “The
NETGEAR ProSafe VPN
Component requires at least
one dial-up adapter be installed.” You can disregard this message.
c.
Install the
IPSec
Component. You may have the option to install either the
VPN Adapter
or the
IPSec Component
or both. The
VPN Adapter
is not necessary.
d.
The system should show the
ProSafe
icon (
) in the system tray after rebooting.
e.
Double-click the system tray icon to open the
Security Policy Editor
.
2.
Add a new connection.
a.
Run the
NETGEAR ProSafe Security Policy Editor
program and create a
VPN
Connection
.
b.
From the
Edit
menu of the
Security Policy Editor
, click
Add
, then
Connection
. A
New
Connection
listing appears in the list of policies. Rename the
New Connection
so that it
matches the
Connection Name
you entered in the
VPN Settings
of the DG834G on
Gateway A.
Note:
In this example, the
Connection Name
used on the client side of the VPN tunnel is
toDG834G
and it does not have to match the
VPN_client Connection Name
used on the
gateway side of the VPN tunnel (see
Figure F-16
) because Connection Names are
arbitrary to how the VPN tunnel functions.
Tip:
Choose Connection Names that make sense to the people using and administrating
the VPN.
Figure F-15:
Security Policy Editor new connection
Page 252 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
F-18
NETGEAR VPN Configuration
202-10006-05, June 2005
Figure F-16:
Security Policy Editor Connection settings
c.
Select
Secure
in the
Connection Security
check box.
d.
Select
IP Subnet
in the
ID Type
menu.
e.
In this example, type
192.168.0.1
in the Subnet field as the network address of the
DG834G.
f.
Enter
255.255.255.0
in the Mask field as the
LAN Subnet Mask
of the DG834G.
g.
Select
All
in the
Protocol
menu to allow all traffic through the VPN tunnel.
h.
Select the
Connect
using
Secure Gateway Tunnel
check box.
i.
Select
Domain Name
in the
ID Type
menu below the check box and enter
fromDG834G.com
(in this example).
j.
Select
Gateway Hostname
and enter
ntgr.dyndns.org
(in this example).
k.
The resulting Connection Settings are shown in
Figure F-16
.
3.
Configure the
Security Policy
in the DG834G Wireless ADSL Firewall Router software.
a.
In the
Network Security Policy
list, expand the new connection by double clicking its
name or clicking on the “+” symbol.
My Identity
and
Security Policy
subheadings
appear below the connection name.
ntgr
Page 253 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
NETGEAR VPN Configuration
F-19
202-10006-05, June 2005
b.
Click on the
Security Policy
subheading to show the
Security Policy
menu.
Figure F-17:
Security Policy Editor security policy
c.
Select the
Main Mode
in the
Select Phase 1 Negotiation Mode
check box.
4.
Configure the
VPN Client Identity
.
In this step, you will provide information about the remote VPN client PC. You will need to
provide:
—
The Pre-Shared Key that you configured in the DG834G.
—
Either a fixed IP address or a “fixed virtual” IP address of the VPN client PC.
Page 254 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
F-20
NETGEAR VPN Configuration
202-10006-05, June 2005
a.
In the
Network Security Policy
list on the left side of the
Security Policy Editor
window, click
My Identity
.
Figure F-18:
Security Policy Editor my identity
b.
Choose
None
in the
Select Certificate
menu.
c.
Select
Domain Name
in the
ID Type
menu and enter
toDG834G.com
(in this example) in
the box below it. Choose
Disabled
in the
Virtual Adapter
menu.
d.
In the
Internet Interface
box, select
Intel PRO/100VE Network Connection
(in this
example, your Ethernet adapter may be different) in the
Name
menu and enter
192.168.2.3
(in this example) in the
IP Addr
box.
Page 255 / 268
Reference Manual for the Model Wireless ADSL Firewall Router DG834G
NETGEAR VPN Configuration
F-21
202-10006-05, June 2005
e.
Click the
Pre-Shared Key
button. In the
Pre-Shared Key
dialog box, click the
Enter
Key
button. Enter the DG834G's
Pre-Shared Key
and click
OK
. In this example,
12345678
is entered. This field is case sensitive.
Figure F-19:
Security Policy Editor pre-shared key
5.
Configure the
VPN Client Authentication Proposal
.
In this step, you will provide the type of encryption (DES or 3DES) to be used for this
connection. This selection must match your selection in the VPN router configuration.
a.
In the
Network Security Policy
list on the left side of the
Security Policy Editor
window, expand the
Security Policy
heading by double clicking its name or clicking on
the “+” symbol.