Page 156 / 177 Scroll up to view Page 151 - 155
156
|
Appendix C.
NETGEAR VPN Configuration
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
3.
On NETGEAR Gateway B, configure the Dynamic DNS settings. Assume a correctly
configured DynDNS account.
a.
From the main menu, select
Dynamic DNS
.
b.
Select the
DynDNS.org
radio button.
The Dynamic DNS screen displays:
c.
Fill in the fields with the account and host name settings.
In the Host and Domain Name field, enter
fvl328.dyndns.org
.
In the User Name field, enter the account user name.
In the Password field, enter the account password.
d.
Click
Apply.
e.
Click
Show Status
.
The resulting screen should show Update OK: good:
4.
Configure the N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 as in the
gateway-to-gateway procedures using the VPN Wizard (see
Setting Up a
Gateway-to-Gateway VPN Configuration
on page
90), being certain to use appropriate
network addresses for the environment.
Downloaded from
www.Manualslib.com
manuals search engine
Page 157 / 177
Appendix C.
NETGEAR VPN Configuration
|
157
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
The LAN addresses used in this example are as follows:
a.
For the connection name, enter
toFVL328
.
b.
For the remote WAN's IP address, enter
fvl328.dyndns.org
.
c.
Enter the following:
IP Address.
172.23.9.1
Subnet Mask.
255.255.255.0
5.
Configure the
FVL328
as in the gateway-to-gateway procedures for the VPN Wizard (see
Setting Up a Gateway-to-Gateway VPN Configuration
on page
90), being certain to use
appropriate network addresses for the environment.
a.
For the connection name, enter
toDGND3300v2
.
b.
For the remote WAN's IP address, enter
dgnd3300v2.dyndns.org
.
c.
Enter the following:
IP Address.
10.5.6.1
Subnet Mask.
255.255.255.0
6.
Test the VPN tunnel by pinging the remote network from a PC attached to the N300
Wireless Dual Band ADSL2+ Modem Router DGND3300v2.
a.
Open the command prompt (select
Start > Run > cmd
)
b.
Type
ping 172.23.9.1
.
If the pings fail the first time, try the pings a second time.
Configuration Summary (Telecommuter Example)
The configuration in this section follows the addressing and configuration mechanics defined
by the VPN Consortium. Gather the necessary information before you begin configuration.
Device
LAN IP Address
LAN Subnet Mask
DGND3300v2
10.5.6.1
255.255.255.0
FVL328
172.23.6.1
255.255.255.0
Downloaded from
www.Manualslib.com
manuals search engine
Page 158 / 177
158
|
Appendix C.
NETGEAR VPN Configuration
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
Verify that the firmware is up to date, and make sure you have all the addresses and
parameters to be set on both sides. Assure that there are no firewall restrictions.
Figure 73. Telecommuter Example
Setting Up Client-to-Gateway VPN (Telecommuter
Example)
Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN client and a
network gateway involves two steps, described in the following sections:
Step 1: Configure Gateway A (VPN Router at Main Office)
on page
159.
Step 2: Configure Gateway B (VPN Router at Regional Office)
on page
160 describes
configuring the NETGEAR ProSafe VPN client endpoint.
Table 10.
Configuration Summary (Telecommuter Example)
VPN Consortium Scenario
Scenario 1
Type of VPN:
PC/client-to-gateway, with client behind NAT router
Security scheme:
IKE with pre-shared secret/key (not certificate based)
IP addressing:
Gateway
Fully qualified domain name (FQDN)
Client
Dynamic
Gateway A
(main office)
Gateway B
LAN IP
192.168.0.1
192.168.0.1/24
FQDN
ntgr.dyndns.org
“from_GW_A”
WAN IP
Internet
WAN IP
0.0.0.0
“toGW_A”
IP: 192.168.2.3
(regional office)
Client PC
(running NETGEAR
ProSafe VPN client)
Downloaded from
www.Manualslib.com
manuals search engine
Page 159 / 177
Appendix C.
NETGEAR VPN Configuration
|
159
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
Step 1: Configure Gateway A (VPN Router at Main Office)
1.
Log in to the VPN router. Select
VPN Policies
to display the VPN Policies screen. Click
Add Auto Policy
to proceed and enter the information.
2.
Click
Apply
when you are finished to display the VPN Policies screen.
To view or modify the tunnel settings, select the radio button next to the tunnel entry, and then
click
Edit
.
toGW_A.com (in this example)
fromGW_A.com (in this example)
fromGW_A
(in the example)
192.168.2.3 (in this example)
IKE Keep Alive is optional; must match
Remote LAN IP Address when enabled
(remote PC must respond to pings)
(Remote NAT router must have
Address Reservation set and
VPN Passthrough enabled)
Downloaded from
www.Manualslib.com
manuals search engine
Page 160 / 177
160
|
Appendix C.
NETGEAR VPN Configuration
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual
Step 2: Configure Gateway B (VPN Router at Regional Office)
This procedure assumes that the PC running the client has a dynamically assigned IP
address.
The PC must have a VPN client program installed that supports IPSec (in this case study, the
NETGEAR VPN ProSafe Client is used). Go to the NETGEAR website (
www.netgear.com
)
for information about how to purchase the NETGEAR ProSafe VPN Client.
Note:
Before installing the software, be sure to turn off any virus protection
or firewall software you might be running on your PC.
1.
Install the NETGEAR ProSafe VPN Client on the remote PC, and then reboot.
a.
You might need to insert your Windows CD to complete the installation.
b.
If you do not have a modem or dial-up adapter installed in your PC, you might see
the warning message stating “The NETGEAR ProSafe VPN Component requires at
least one dial-up adapter be installed.” You can disregard this message.
c.
Install the IPSec component. You might have the option to install either the VPN
adapter or the IPSec component or both. The VPN adapter is not necessary.
d.
The system should show the ProSafe icon (
) in the system tray after you reboot.
e.
Double-click the system tray icon to open the Security Policy Editor.
2.
Add a new connection.
a.
Run the NETGEAR ProSafe Security Policy Editor program, and create a VPN
connection.
b.
From the Edit menu of the Security Policy Editor, select
Add > Connection
. A New
Connection listing appears in the list of policies.
c.
Rename the new connection to match the connection name you entered in the VPN
settings of Gateway A. Choose connection names that make sense to the people
using and administrating the VPN.
Downloaded from
www.Manualslib.com
manuals search engine

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top