Page 91 / 177
Scroll up to view Page 86 - 90
Chapter 6.
Virtual Private Networking
|
91
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
Follow this procedure to configure a gateway-to-gateway VPN tunnel using the VPN Wizard.
Figure 53. Gateway-to-Gateway VPN Tunnel
Set the LAN IPs on each N300 wireless modem router to different subnets and configure
each correctly for the Internet. The subsequent examples assume the settings shown in the
following table.
Note:
The LAN IP address ranges of each VPN endpoint must be
different. The connection will fail if both are using the NETGEAR
default address range of 192.168.0.x.
Table 4.
Gateway-to-Gateway VPN Tunnel Configuration Worksheet
Parameter
Value to Be Entered
Field Selection
Connection Name
GtoGr
N/A
Pre-Shared Key
12345678
N/A
Secure Association
N/A
Main Mode
Manual Keys
Perfect Forward Secrecy
N/A
Enabled
Disabled
Encryption Protocol
N/A
DES
3DES
Authentication Protocol
N/A
MD5
SHA-1
Diffie-Hellman (DH) Group
N/A
Group 1
Group 2
Key Life in seconds
28800 (8 hours)
N/A
IKE Life Time in seconds
3600 (1 hour)
N/A
VPN Endpoint
Local IPSecID
LAN IP Address
Subnet Mask
FQDN or Gateway
IP (WAN IP
Address)
Gateway_A
GW_A
192.168.0.1
255.255.255.0
14.15.16.17
Gateway_B
GW_B
192.168.3.1
255.255.255.0
22.23.24.25
Gateway A
Gateway B
VPN tunnel
Internet
22.23.24.25
14.15.16.17
IP:192.168.3.1
Downloaded from
www.Manualslib.com
manuals search engine
Page 92 / 177
92
|
Chapter 6.
Virtual Private Networking
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
To configure a gateway-to-gateway VPN tunnel using the VPN Wizard:
1.
Log in to Gateway A on LAN A. From the main menu, select
VPN Wizard
.
Click
Next
,
and the Step 1 of 3 screen displays.
2.
Fill in the Connection Name and pre-shared key fields. Select the radio button for the type of
target end point, and click
Next
, and the Step 2 of 3 screen displays.
3.
Fill in the IP address or FQDN for the target VPN endpoint WAN connection, and click
Next
.
and the Step 3 of 3 screen displays.
4.
Fill in the IP Address and Subnet Mask fields for the target endpoint that can use this tunnel,
and click
Next
.
Downloaded from
www.Manualslib.com
manuals search engine
Page 93 / 177
Chapter 6.
Virtual Private Networking
|
93
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
The VPN Wizard Summary screen displays:
To view the VPNC-recommended authentication and encryption settings used by the
VPN Wizard, click the
here
link.
5.
Click
Done
on the Summary screen.
The VPN Policies screen displays, showing that the new tunnel is enabled.
Note:
See
Using Auto Policy to Configure VPN Tunnels
on page
101 for
information about how to enable the IKE keep-alive capability on an
existing VPN tunnel.
6.
Repeat these steps for the gateway on LAN B, and pay special attention to the following
network settings:
•
WAN IP of the remote VPN gateway (for example, 14.15.16.17)
•
LAN IP settings of the remote VPN gateway:
-
-
Subnet mask (for example, 255.255.255.0)
-
Pre-shared key (for example, 12345678)
7.
Use the VPN Status screen to activate the VPN tunnel by performing the following steps:
Downloaded from
www.Manualslib.com
manuals search engine
Page 94 / 177
94
|
Chapter 6.
Virtual Private Networking
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
Note:
The VPN Status screen is only one of three ways to active a VPN
tunnel. See
Activating a VPN Tunnel
on page
94 for information
about the other ways.
a.
On the N300 wireless modem router menu, select
VPN Status
. The VPN Status/Log
screen displays:
b.
Click the
VPN Status
button to display the Current VPN Tunnels (SAs) screen:
c.
Click
Connect
for the VPN tunnel you want to activate. View the VPN Status/Log
screen to verify that the tunnel is connected.
VPN Tunnel Control
Activating a VPN Tunnel
There are three ways to activate a VPN tunnel:
Downloaded from
www.Manualslib.com
manuals search engine
Page 95 / 177
Chapter 6.
Virtual Private Networking
|
95
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
•
Use the VPN Status screen.
•
Activate the VPN tunnel by pinging the remote endpoint.
•
Start using the VPN tunnel.
Note:
See
Using Auto Policy to Configure VPN Tunnels
on page
101 for
information about how to enable the IKE keep-alive capability on an
existing VPN tunnel.
Using the VPN Status Screen to Activate a VPN Tunnel
To use the VPN Status screen to activate a VPN tunnel:
1.
Log in to the N300 wireless modem router.
2.
On the main menu, select
VPN Status
. The VPN Status/Log screen displays:
3.
Click
VPN Status
to display the Current VPN Tunnels (SAs) screen:
Downloaded from
www.Manualslib.com
manuals search engine
19216811.live