Page 61 / 212 Scroll up to view Page 56 - 60
Reference Manual for the ProSafe VPN Firewall FVS114
Basic Virtual Private Networking
5-5
202-10098-01, April 2005
VPN Tunnel Configuration
There are two tunnel configurations and three ways to configure them:
Use the VPN Wizard to configure a VPN tunnel (recommended for most situations):
See
“How to Set Up a Client-to-Gateway VPN Configuration” on page 5-5
.
See
“How to Set Up a Gateway-to-Gateway VPN Configuration” on page 5-20
.
See
Chapter 6, “Advanced Virtual Private Networking
” when the VPN Wizard and its VPNC
defaults (see
Table 5-1
on
page 5-4
) are not appropriate for your special circumstances.
How to Set Up a Client-to-Gateway VPN Configuration
Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a
network gateway (see
Figure 5-3
) involves the following two steps:
“Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS114” on page 5-6
uses the
VPN Wizard to configure the VPN tunnel between the remote PC and network gateway.
“Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC” on page 5-9
configures the NETGEAR ProSafe VPN Client endpoint.
Figure 5-3:
Client-to-gateway VPN tunnel
192.168.3.1
VPN Tunnel
FVS114
24.0.0.1
PC
(Running NETGEAR
ProSafe VPN Client)
PCs
Page 62 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
5-6
Basic Virtual Private Networking
202-10098-01, April 2005
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the
FVS114
Follow this procedure to configure a client-to-gateway VPN tunnel using the VPN Wizard.
1.
Log in to the FVS114 at its LAN address of
with its default user name of
admin
and password of
password
. Click the
VPN Wizard
link in the main menu to display
this screen. Click
Next
to proceed.
Figure 5-4:
VPN Wizard start screen
2.
Fill in the Connection Name and the pre-shared key, select the type of target end point, and
click
Next
to proceed.
Note:
The Connection Name is arbitrary and not relevant to how the configuration functions.
Note:
This section uses the VPN Wizard to set up the VPN tunnel using the VPNC
default parameters listed in
Table 5-1 on page 5-4
. If you have special requirements not
covered by these VPNC-recommended parameters, refer to
Chapter 6, “Advanced
Virtual Private Networking
” to set up the VPN tunnel.
Page 63 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
Basic Virtual Private Networking
5-7
202-10098-01, April 2005
Figure 5-5:
Connection Name and Remote IP Type
The Summary screen below displays.
Figure 5-6:
VPN Wizard Summary
Enter the new Connection Name:
(
RoadWarrior
in this example)
Enter the pre-shared key:
(
12345678
in this example)
Select the radio button:
A remote VPN client (single PC)
Page 64 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
5-8
Basic Virtual Private Networking
202-10098-01, April 2005
To view the VPNC recommended authentication and encryption settings used by the VPN
Wizard, click the
here
link (see
Figure 5-6
). Click
Back
to return to the
Summary
screen.
Figure 5-7:
VPNC Recommended Settings
3.
Click
Done
on the Summary screen (see
Figure 5-6
) to complete the configuration procedure.
The VPN Policies menu below displays showing that the new tunnel is enabled.
Figure 5-8:
VPN Policies
To view or modify the tunnel settings, select the radio button next to the tunnel entry and click
Edit
.
Page 65 / 212
Reference Manual for the ProSafe VPN Firewall FVS114
Basic Virtual Private Networking
5-9
202-10098-01, April 2005
Step 2: Configuring the NETGEAR ProSafe VPN Client on the
Remote PC
This procedure describes how to configure the NETGEAR ProSafe VPN Client. This example
assumes the PC running the client has a dynamically assigned IP address.
The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go
to the NETGEAR Web site (
) and select VPN01L_VPN05L in the Product
Quick Find drop-down menu for information on how to purchase the NETGEAR ProSafe VPN
Client.
1.
Install the NETGEAR ProSafe VPN Client on the remote PC and reboot.
a.
You may need to insert your Windows CD to complete the installation.
b.
If you do not have a modem or dial-up adapter installed in your PC, you may see the
warning message stating “The NETGEAR ProSafe VPN Component requires at least one
dial-up adapter be installed.” You can disregard this message.
c.
Install the IPSec Component. You may have the option to install either the VPN Adapter
or the IPSec Component or both. The VPN Adapter is not necessary.
d.
The system should show the ProSafe icon (
) in the system tray after rebooting.
e.
Double-click the system tray icon to open the Security Policy Editor.
2.
Add a new connection.
a.
Run the NETGEAR ProSafe Security Policy Editor program and create a VPN
Connection.
b.
From the Edit menu of the Security Policy Editor, click
Add
, then
Connection
. A “New
Connection” listing appears in the list of policies. Rename the “New Connection” so that it
matches the Connection Name you entered in the VPN Settings of the FVS114 on LAN A.
Note:
Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off
any virus protection or firewall software you may be running on your PC.
Note:
The procedure in this section explains how to create a new security policy from
scratch. For the procedure on how to import an existing security policy that has already
been created on another client running the NETGEAR ProSafe VPN Client, see
“Transferring a Security Policy to Another Client” on page 5-17
.

Rate

4 / 5 based on 1 vote.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top