Page 86 / 176 Scroll up to view Page 81 - 85
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
5-8
Basic Virtual Private Networking
v1.0, September 2007
The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go
to the NETGEAR Web site (
) and select VPN01L_VPN05L in the Product
Quick Find drop-down menu for information on how to purchase the NETGEAR ProSafe VPN
Client.
1.
Install the NETGEAR ProSafe VPN Client on the remote PC and reboot.
a.
You may need to insert your Windows CD to complete the installation.
b.
If you do not have a modem or dial-up adapter installed in your PC, you may see the
warning message stating “The NETGEAR ProSafe VPN Component requires at least one
dial-up adapter be installed.” You can disregard this message.
c.
Install the IPSec Component. You may have the option to install either the VPN Adapter
or the IPSec Component or both. The VPN Adapter is not necessary.
d.
The system should show the ProSafe icon (
) in the system tray after rebooting.
e.
Double-click the system tray icon to open the Security Policy Editor.
2.
Add a new connection.
a.
Run the NETGEAR ProSafe Security Policy Editor program and create a VPN
Connection.
b.
From the Edit menu of the Security Policy Editor, click
Add
, then
Connection
. A “New
Connection” listing appears in the list of policies. Rename the “New Connection” so that it
matches the Connection Name you entered in the VPN Settings of the FVG318 on
LAN A.
Note:
Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off
any virus protection or firewall software you may be running on your PC.
Note:
The procedure in this section explains how to create a new security policy from
scratch. For the procedure on how to import an existing security policy that has
already been created on another client running the NETGEAR ProSafe VPN
Client, see
“Transferring a Security Policy to Another Client” on page 5-17
.
Page 87 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Basic Virtual Private Networking
5-9
v1.0, September 2007
3.
Enter the connection settings for the new connection:
a.
Select Secure in the Connection Security check box
b.
Select IP
Subnet in the ID Type menu.
In this example, type
192.168.0.0
in the Subnet field as the network address of the
FVG318.
c.
Enter
255.255.255.0
in the Mask field as the LAN Subnet Mask of the FVG318.
d.
Select All in the Protocol menu to allow all traffic through the VPN tunnel.
e.
Select the Connect using Secure Gateway Tunnel check box.
Note:
In this example, the Connection Name used on the client side of the VPN
tunnel is
NETGEAR_VPN_router
and it does not have to match the
RoadWarrior
Connection Name used on the gateway side of the VPN
tunnel (see
Figure 5-8
) because Connection Names are unrelated to how
the VPN tunnel functions.
Tip:
Choose Connection Names that make sense to the people using and
administrating the VPN.
Figure 5-7
Page 88 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
5-10
Basic Virtual Private Networking
v1.0, September 2007
f.
Select Domain Name in the ID Type menu below the check box.
g.
Enter the public WAN IP Domain Name of the FVG318 in the field directly below the ID
Type menu. In this example,
fvg_local.com
would be used.
The resulting Connection Settings are shown in
Figure 5-8
.
4.
Configure the Security Policy in the NETGEAR ProSafe VPN Client software.
a.
In the Network Security Policy list, expand the new connection by double clicking its
name or clicking on the “+” symbol. My Identity and Security Policy subheadings appear
below the connection name.
b.
Click on the
Security Policy
subheading to show the Security Policy menu.
c.
Select the Main Mode in the Select Phase 1 Negotiation Mode check box.
Figure 5-8
Page 89 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Basic Virtual Private Networking
5-11
v1.0, September 2007
5.
Configure the VPN Client Identity. Provide information about the remote VPN client PC. You
will need to provide:
The Pre-Shared Key that you configured in the FVG318.
Either a fixed IP address or a “fixed virtual” IP address of the VPN client PC.
a.
In the Network Security Policy list on the left side of the Security Policy Editor window,
click on
My Identity
.
Figure 5-9
Figure 5-10
Page 90 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
5-12
Basic Virtual Private Networking
v1.0, September 2007
b.
Choose None in the Select Certificate box.
c.
Select IP Address in the ID Type box. If you are using a virtual fixed IP address, enter this
address in the Internal Network IP Address box. Otherwise, leave this box empty.
d.
In the Internet Interface box, select the adapter you use to access the Internet. Select PPP
Adapter in the Name menu if you have a dial-up Internet account. Select your Ethernet
adapter if you have a dedicated Cable or DSL line. You may also choose Any if you will
be switching between adapters or if you have only one adapter.
e.
Click the
Pre-Shared Key
button. In the Pre-Shared Key dialog box, click the
Enter Key
button. Enter the FVG318’s Pre-Shared Key and click
OK
. In this example,
12345678
is
entered. This field is case sensitive.
6.
Configure the VPN Client Authentication Proposal. Provide the type of encryption (DES or
3DES) to be used for this connection. This selection must match your selection in the FVG318
configuration.
a.
In the Network Security Policy list on the left side of the Security Policy Editor window,
expand the Security Policy heading by double clicking its name or clicking on the “+”
symbol.
b.
Expand the Authentication subheading by double clicking its name or clicking on the “+”
symbol. Then select Proposal 1 below Authentication.
Figure 5-11

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top