Page 106 / 157 Scroll up to view Page 101 - 105
Wireless ADSL2+ Modem Router DG834Gv5 User Manual
6-28
Virtual Private Networking
v1.0, March 2010
b.
Type
ping 192.168.3.1
.
Start Using a VPN Tunnel to Activate It
To use a VPN tunnel, use a Web browser to go to a URL whose IP address or range is covered by
the policy for that VPN tunnel.
Verifying the Status of a VPN Tunnel
To use the VPN Status screen to determine the status of a VPN tunnel:
1.
Log in to the modem router.
2.
On the main menu, select VPN Status to display the VPN Status/Log screen.
Figure 6-33
Note:
The pings may fail the first time. If so, then try the pings a second time.
Figure 6-34
Page 107 / 157
Wireless ADSL2+ Modem Router DG834Gv5 User Manual
Virtual Private Networking
6-29
v1.0, March 2010
This log shows the details of recent VPN activity, including the building of the VPN tunnel. If
there is a problem with the VPN tunnel, refer to the log for information about what might be
the cause of the problem.
Click
Refresh
to see the most recent entries.
Click
Clear Log
to delete all log entries.
3.
On the VPN Status/Log screen, click
VPN Status
to display the Current VPN Tunnels (SAs)
screen.
This table lists the following data for each active VPN tunnel.
SPI
. Each SA has a unique SPI (Security Parameter Index) for traffic in each direction.
For manual key exchange, the SPI is specified in the policy definition. For automatic key
exchange, the SPI is generated by the IKE protocol.
Policy Name
. The VPN policy associated with this SA.
Remote Endpoint
. The IP address on the remote VPN endpoint.
Action
. Either a
Drop
or a
Connect
button.
SLifeTime (Secs)
. The remaining soft lifetime for this SA in seconds. When the soft
lifetime becomes 0 (zero), the SA (Security Association) is re-negotiated.
HLifeTime (Secs)
. The remaining hard lifetime for this SA in seconds. When the hard
lifetime becomes 0 (zero), the SA (Security Association) is terminated. (It is re-established
if required.)
Figure 6-35
Page 108 / 157
Wireless ADSL2+ Modem Router DG834Gv5 User Manual
6-30
Virtual Private Networking
v1.0, March 2010
Deactivating a VPN Tunnel
Sometimes a VPN tunnel must be deactivated for testing purposes. You can deactivate a VPN
tunnel from two places:
Policy table on VPN Policies screen
VPN Status screen
Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel
To use the VPN Policies screen to deactivate a VPN tunnel:
1.
Log in to the modem router.
2.
On the main menu, select VPN Policies to display the VPN Policies screen.
3.
In the Policy Table, clear the
Enable
check box for the VPN tunnel that you want to
deactivate, and then click
Apply
. (To reactivate the tunnel, select the
Enable
check box, and
then click
Apply
.)
Using the VPN Status Screen to Deactivate a VPN Tunnel
To use the VPN Status screen to deactivate a VPN tunnel:
1.
Log in to the modem router.
Figure 6-36
Page 109 / 157
Wireless ADSL2+ Modem Router DG834Gv5 User Manual
Virtual Private Networking
6-31
v1.0, March 2010
2.
On the main menu, select VPN Policies to display the VPN Policies screen.
3.
Click
VPN Status
. The Current VPN Tunnels (SAs) screen displays:
4.
Click
Drop
for the VPN tunnel that you want to deactivate.
Deleting a VPN Tunnel
To delete a VPN tunnel:
1.
Log in to the modem router.
Figure 6-37
Figure 6-38
Page 110 / 157
Wireless ADSL2+ Modem Router DG834Gv5 User Manual
6-32
Virtual Private Networking
v1.0, March 2010
2.
On the main menu, select VPN Policies to display the VPN Policies screen. In the Policy
Table, select the radio button for the VPN tunnel to be deleted, and then click
Delete
.
Setting Up VPN Tunnels in Special Circumstances
When the VPN Wizard and its VPNC defaults (see
Table 6-2
) are not appropriate for your
circumstances, use one of these alternatives:
Auto Policy
. For a typical automated Internet Key Exchange (IKE) setup, see
“Using Auto
Policy to Configure VPN Tunnels” on page 6-32
. Auto Policy uses the IKE protocol to define
the authentication scheme and automatically generate the encryption keys.
Manual Policy
. For a manual keying setup in which you must specify each phase of the
connection, see
“Using Manual Policy to Configure VPN Tunnels” on page 6-42
. Manual
policy does not use IKE. Rather, you manually enter all the authentication and key parameters.
You have more control over the process; however, the process is more complex, and there are
more opportunities for errors or configuration mismatches between your DG834G v5 and the
corresponding VPN endpoint gateway or client workstation.
Using Auto Policy to Configure VPN Tunnels
You need to configure matching VPN settings on both VPN endpoints. The outbound VPN
settings on one end must match to the inbound VPN settings on other end, and vice versa.
See
“Example of Using Auto Policy” on page 6-37
for an example of using Auto Policy.
Figure 6-39

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top