NETGEAR FVG318 Router Manual PDF (Setup & Configuration Guide)

Page 101 / 176 Scroll up to view Page 96 - 100

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

Basic Virtual Private Networking

5-23

v1.0, September 2007

Activating a VPN Tunnel

There are three ways to activate a VPN tunnel:

•

Start using the VPN tunnel.

•

Use the IPSec Connection Status screen.

•

Activate the VPN tunnel by pinging the remote endpoint.

To use a VPN tunnel:

1.

Open a Web browser.

2.

Go to the URL whose IP address or IP address range is covered by the policy for that VPN

tunnel.

To use the IPSec Connection Status screen to activate a VPN tunnel:

1.

Log in to the VPN Firewall Router.

2.

Open the FVG318 VPN > Connection Status screen to get the IPSec Connection Status screen

(

Figure 5-27

).

3.

Click

Connect

adjacent to the policy to get the VPN tunnel you want to activate.

Figure 5-28

Page 102 / 176

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

5-24

Basic Virtual Private Networking

v1.0, September 2007

To activate the VPN tunnel by pinging the remote endpoint, select your configuration (either

client-to-gateway or gateway-to-gateway):

•

Client-to-Gateway Configuration

– to check the VPN Connection, you can initiate a request

from the remote PC to the FVG318’s network by using the “Connect” option in the

NETGEAR ProSafe menu bar. The NETGEAR ProSafe client will report the results of the

attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must

initiate the request.

To perform a ping test using our example, start from the remote PC:

a.

Establish an Internet connection from the PC.

b.

On the Windows task bar, click the

Start

button, and then click

Run

.

c.

Type

ping -t 192.168.3.1

and then click

OK

.

This will cause a continuous ping to be sent to the first FVG318. Within two minutes, the

ping response should change from “timed out” to “reply.”

Note:

This section uses 192.168.3.1 for an example remote endpoint LAN IP address.

Figure 5-29

Note:

Use

Ctrl-C

to stop the pinging.

Page 103 / 176

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

Basic Virtual Private Networking

5-25

v1.0, September 2007

Once the connection is established, you can open the browser of the PC and enter the LAN IP

address of the remote FVG318. After a short wait, you should see the login screen of the VPN

Firewall Router (unless another PC already has the FVG318 management interface open).

•

Gateway-to-Gateway Configuration

. Test the VPN tunnel by pinging the remote network

from a PC attached to the FVG318.

a.

Open a command prompt (

Start

->

Run

->

cmd

).

b.

Type

ping 192.168.3.1

.

Verifying the Status of a VPN Tunnel

To use the VPN Logs screen to determine the status of a VPN tunnel, perform the following steps:

1.

Log in to the VPN Firewall Router.

2.

Open the FVG318 Monitoring > VPN Logs to get the VPN Logs screen (see

Figure 5-28

).

This log shows the details of recent VPN activity, including the building of the VPN tunnel. If

there is a problem with the VPN tunnel, refer to the log for information about what might be

the cause of the problem.

•

Click

Refresh

to see the most recent entries.

•

Click

Clear Log

to delete all log entries.

Figure 5-30

Figure 5-31

Note:

The pings may fail the first time. If so, then try the pings a second time.

Page 104 / 176

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

5-26

Basic Virtual Private Networking

v1.0, September 2007

To Use the IPSec Connection Status screen to change the status of a VPN connection:

3.

Click

VPN > Connection Status

(

Figure 5-26

) to get the IPSec Connection Status screen

(

Figure 5-27

).

This page lists the following data for each active VPN Tunnel.

•

SPI

–

each SA has a unique SPI (Security Parameter Index) for traffic in each direction.

For Manual key exchange, the SPI is specified in the Policy definition. For Automatic key

exchange, the SPI is generated by the IKE protocol.

•

Policy Name

– The name of the VPN policy associated with this SA.

•

Remote Endpoint

– The IP address on the remote VPN Endpoint.

•

Tx (KB) –

The number of KBs of data transmitted over this SA.

•

Tx (Packets) –

The number of IP packets transmitted over this SA.

•

State –

Displays the current status of the SA for IKE policies. The status can be either Not

Connected or IPSec SA Established.

•

Action –

Click Connect to build the SA (connection) or Drop to terminate the SA

(connection), as required.

The screen refreshes automatically to display the most current status for an SA. The settings

for page refresh are:

•

Poll Interval –

Time in seconds, after which the page will automatically reload.

•

Set Interval –

You can set a new value in the Poll Interval text field and click Set Interval

to set a new interval value.

•

Stop

– If you click Stop, the polling interval will cease.

Deactivating a VPN Tunnel

Sometimes a VPN tunnel must be deactivated for testing purposes. There are two ways to

deactivate a VPN tunnel:

•

Policy table on VPN Policies screen

•

Connection Status screen

Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel

To use the VPN Policies screen to deactivate a VPN tunnel:

1.

Log in to the VPN Firewall Router.

2.

Select

VPN > VPN Policies

and click the

VPN Policies

tab to get the VPN Policies screen

below (

Figure 5-32

).

Page 105 / 176

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

Basic Virtual Private Networking

5-27

v1.0, September 2007

3.

Select the checkbox adjacent to the policy you want to disable and click

disable.

The VPN

Policy will be disabled.

Using the VPN Status Page to Deactivate a VPN Tunnel

To use the VPN Connection Status screen to deactivate a VPN tunnel:

1.

Log in to the VPN Firewall Router.

2.

Select the

VPN > Connection Status

screen. The IPSec Connection Status screen will display.

3.

In the

Action

column adjacent to the VPN tunnel you want to deactivate, click

Drop.

Deleting a VPN Tunnel

To delete a VPN tunnel:

1.

Log in to the VPN Firewall Router.

2.

Click

VPN > Policies

and click the

VPN Policies

tab to display the VPN Policies screen

(

Figure 5-32

). Select the radio button for the VPN tunnel to be deleted and click

Delete

.

Figure 5-32

Note:

When NETBIOS is enabled (which it is in the VPNC defaults implemented by the

VPN Wizard), automatic traffic will reactivate the tunnel. To prevent reactivation

from happening, either disable NETBIOS or disable the policy for the tunnel (see

“Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel”

on page 5-26

).

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share