NETGEAR DGND3300v2 Router Manual PDF (Setup & Configuration Guide)

Page 86 / 177 Scroll up to view Page 81 - 85

86

|

Chapter 6.

Virtual Private Networking

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

a.

In the Network Security Policy list on the left side of the Security Policy Editor window,

click

My Identity

.

b.

In the Select Certificate drop-down list, select

None

.

c.

In the ID Type drop-down list, select

IP Address

. If you are using a virtual fixed IP

address, enter this address in the Internal Network IP Address field. Otherwise,

leave this field empty.

d.

In the Internet Interface section of the screen, select the adapter that you use to

access the Internet. If you have a dial-up Internet account, select

PPP Adapter

in

the Name list. If you have a dedicated cable or DSL line, select your Ethernet

adapter. If you will be switching between adapters or if you have only one adapter,

select

Any

.

e.

In the My Identity section of the screen, click the

Pre-Shared Key

button. The

Pre-Shared Key screen displays:

f.

Click

Enter Key

. Enter the N300 wireless modem router pre-shared key, and then

click

OK

. In this example, 12345678

is entered, though asterisks are displayed in the

field. This field is case-sensitive.

5.

Configure the VPN client authentication proposal.

In this step, you provide the type of encryption (DES or 3DES) to be used for this

connection. This selection must match your selection in the N300 wireless modem router

configuration.

Downloaded from

www.Manualslib.com

manuals search engine

Page 87 / 177

Chapter 6.

Virtual Private Networking

|

87

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

a.

In the Network Security Policy list on the left side of the Security Policy Editor window,

expand the Security Policy heading by double-clicking its name or clicking the

+

symbol.

b.

Expand the Authentication subheading by double-clicking its name or clicking the

+

symbol. Then select

Proposal 1

below Authentication.

c.

In the Authentication Method drop-down list, select

Pre-Shared key

.

d.

In the Encrypt Alg drop-down list, select the type of encryption that is configured for

the encryption protocol in the N300 wireless modem router, as listed in

Table

1

on

page

78. This example uses Triple DES.

e.

In the Hash Alg drop-down list, select

SHA-1

.

f.

In the SA Life drop-down list, select

Unspecified

.

g.

In the Key Group drop-down list, select

Diffie-Hellman Group 2

.

6.

Configure the VPN client key exchange proposal.

In this step, you provide the type of encryption (DES or 3DES) to be used for this

connection. This selection must match your selection in the N300 wireless modem router

configuration.

Downloaded from

www.Manualslib.com

manuals search engine

Page 88 / 177

88

|

Chapter 6.

Virtual Private Networking

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

a.

Expand the Key Exchange subheading by double-clicking its name or clicking the

+

symbol. Then select

Proposal 1

below Key Exchange.

b.

In the SA Life drop-down list, select

Unspecified

.

c.

In the Compression drop-down list, select

None

.

d.

Select the

Encapsulation Protocol (ESP)

check box.

e.

In the Encrypt Alg drop-down list, select the type of encryption that is configured for

the encryption protocol in the N300 wireless modem router, as listed in

Table

1

on

page

78. This example uses Triple DES.

f.

In the Hash Alg drop-down list, select

SHA-1

.

g.

In the Encapsulation drop-down list, select

Tunnel

.

h.

Leave the

Authentication Protocol (AH)

check box cleared.

7.

Save the VPN client settings.

In the Security Policy Editor window, select

File > Save

.

After you have configured and saved the VPN client information, your PC automatically

opens the VPN connection when you attempt to access any IP addresses in the range of

the remote VPN router’s LAN.

8.

Check the VPN connection.

To check the VPN connection, you can initiate a request from the remote PC to the N300

wireless modem router’s network by using the Connect option in the NETGEAR ProSafe

menu bar. The NETGEAR ProSafe client reports the results of the attempt to connect.

Since the remote PC has a dynamically assigned WAN IP address, it must initiate the

request.

To perform a ping test using our example, start from the remote PC:

a.

Establish an Internet connection from the PC.

b.

On the Windows taskbar, click the

Start

button, and then select

Run

.

Downloaded from

www.Manualslib.com

manuals search engine

Page 89 / 177

Chapter 6.

Virtual Private Networking

|

89

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

c.

Type

ping -t 192.168.3.1

, and then click

OK

.

This causes a continuous ping to be sent to the first N300 wireless modem router.

After between several seconds and 2 minutes, the ping response should change from

timed out

to

reply

.

Once the connection is established, you can open a browser on the PC and enter the

LAN IP address of the remote gateway. After a short wait, you should see the login

screen of the N300 wireless modem router (unless another PC is already logged in to the

N300 wireless modem router).

You can view information about the progress and status of the VPN client connection by

opening the NETGEAR ProSafe Log Viewer.

To launch this function, click the Windows

Start

button, then select

Programs >

NETGEAR ProSafe VPN Client > Log Viewer

. The Log Viewer screen for a successful

connection is shown in the following figure:

Downloaded from

www.Manualslib.com

manuals search engine

Page 90 / 177

90

|

Chapter 6.

Virtual Private Networking

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

Note:

Use the active VPN tunnel information and pings to determine

whether a failed connection is due to the VPN tunnel or some reason

outside the VPN tunnel.

9.

The Connection Monitor screen for this connection is shown in the following figure:

In this example you can see these settings:

•

The N300 wireless modem router has a GW address (public IP WAN address) of

22.23.24.25.

•

The N300 wireless modem router has a remote address (LAN IP address) of 192.168.3.1.

•

The VPN client PC has a local address (dynamically assigned address) of 192.168.2.2.

While the connection is being established, the Connection Name field in this screen displays

SA before the name of the connection. When the connection is successful, the SA changes

to the yellow key symbol shown in the previous figure.

Note:

While your PC is connected to a remote LAN through a VPN, you

might not have normal Internet access. If this is the case, you must

close the VPN connection to have normal Internet access.

Setting Up a Gateway-to-Gateway VPN Configuration

Note:

This section describes how to use the VPN Wizard to set up the

VPN tunnel using the VPNC default parameters listed in

Table

2

on

page

79. If you have special requirements not covered by these

VPNC-recommended parameters, see

Setting Up VPN Tunnels in

Special Circumstances

on page

100 for information about how to set

up the VPN tunnel.

Downloaded from

www.Manualslib.com

manuals search engine

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share