1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVL328
    5. /
  5. 41
Page 201 / 234 Scroll up to view Page 196 - 200
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
G-7
May 2004, 202-10030-02
From the ESP Configuration Encryption Algorithm drop-down box, select
3DES
. This
will also be entered in the FVL328 Prosafe High Speed VPN Firewall Security Policy Key
Exchange (Phase 2) Encrypt Alg field, as seen in
“Connection Security Policy Key
Exchange (Phase 2)” on page G-12
.
Select
Enable Authentication
in the ESP Configuration Enable Authentication check
box.
Note
: Do not confuse this with the Authentication Protocol (AH) option. Using the AH
option will prevent clients behind a home NAT router from connecting.
From the ESP Configuration Authentication Algorithm drop-down box, select
SHA-1
.
This will also be entered in the FVL328 Prosafe High Speed VPN Firewall Security Policy
Key Exchange (Phase 2) Hash Alg field, as seen in
“Connection Security Policy Key
Exchange (Phase 2)” on page G-12
.
Select the
NETBIOS Enable
check box to enable networking features like Windows
Network Neighborhood.
Click
Apply
to save your changes. You will be taken back to the VPN Policies Menu page.
4.
When the screen returns to the VPN Policies, make sure the Enable check box is selected.
Click
Apply
to save your changes.
Step-By-Step Configuration of the FVL328 Firewall B
Note:
The FVL328 Prosafe High Speed VPN Firewall has the ability to “Import” a
predefined configuration profile. The FVL328.SPD file on the FVL328 Prosafe High
Speed VPN Firewall
Resource CD (230-10061-02)
includes all the settings identified in
this procedure.
Whenever importing policy settings, you should first export any existing settings you
may have configured to prevent the new imported settings from replacing an existing
working configuration.
To import this policy, use the Security Policy Editor File menu to select Import Policy,
and select the FVL328.SPD file at D:\Software\Policies where D is the drive letter of
your CD-ROM drive.
Page 202 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
G-8
NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
May 2004, 202-10030-02
This procedure describes linking a remote PC and a LAN. The LAN will connect to the Internet
using an FVL328 with a static IP address. The PC can be directly connected to the Internet through
dialup, cable or DSL modem, or other means, and we will assume it has a dynamically assigned IP
address.
1.
Install the FVL328 Firewall Software on the PC.
You may need to insert your Windows CD to complete the installation.
Reboot your PC after installing the client software.
2.
Configure the Connection Network Settings.
Figure G-4:
Security Policy Editor New Connection
a.
Run the Security Policy Editor program and create a VPN Connection.
Note:
Before installing the FVL328 Prosafe High Speed VPN Firewall software, be
sure to turn off any virus protection or firewall software you may be running on your
PC.
Page 203 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
G-9
May 2004, 202-10030-02
Figure G-5:
Security Policy Editor Options menu
Note
: If the configuration settings on this screen are not available for editing, go to the
Options menu, select Secure, and Specified Options to enable editing these settings.
From the Edit menu of the Security Policy Editor, click
Add
, then
Connection
. A “New
Connection” listing appears. Rename the “New Connection” to
FVL328
.
b.
ensure that the following settings are configured:
In the Connection Security box, Secure is selected.
In the Protocol menu, All is selected.
The Connect using Secure Gateway Tunnel check box is selected.
c.
In this example, select IP Subnet as the ID Type,
192.168.0.0
in the Subnet field (the
Subnet address is the LAN IP Address of the FVL328 with 0 as the last number), and
255.255.255.0 i
n the Mask field, which is the LAN Subnet Mask of the FVL328.
d.
In the ID Type menus, select
Domain Name
and
Gateway IP Address
. Enter
FVL328
in
the Domain Name field. In this example,
66.120.188.153
would be used for the Gateway
IP Address, which is the static IP address for the FVL328 WAN port.
3.
Configure the Connection Identity Settings.
a.
In the Network Security Policy list, click the My Identity subheading.
Figure G-6:
My Identity
Page 204 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
G-10
NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
May 2004, 202-10030-02
In this example, select Domain Name as the ID Type, and enter
VPNclient
. Also, accept
the default Internal Network IP Address of 0.0.0.0.
Figure G-7:
My Identity Pre-Shared Key
b.
Click
Pre-Shared Key
.
Figure G-8:
Connection Identity Pre-Shared Key
c.
Enter
hr5xb84l6aa9r6
which is
the same Pre-Shared Key entered in the FVL328.
d.
Click
OK
.
4.
Configure the Connection Identity Settings.
a.
In the Network Security Policy list, click the Security Policy subheading.
In this example, enter this
pre-shared key in this field:
hr5xb84l6aa9r6
Page 205 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
G-11
May 2004, 202-10030-02
Figure G-9:
Security Policy
b.
For this example, ensure that the following settings are configured:
In the Select Phase 1 Negotiation Mode menu, select
Aggressive Mode
.
Select the
Enable Perfect Forward Secrecy (PFS)
check box.
In the PFS Key Group drop-down list,
Diffie-Hellman Group 2
.
Select the Enable Replay Detection check box.
5.
Configure the Connection Security Policy
In this step, you will provide the authentication (IKE Phase 1) settings, and the key exchange
(Phase 2) settings. The setting choices in this procedure follow the VPNC guidelines.
Figure G-10:
Connection Security Policy Authentication (Phase 1)
a.
Configure the Authentication (Phase 1) Settings.

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top