NETGEAR FVS114 Router Manual PDF (Setup & Configuration Guide)

Page 66 / 212 Scroll up to view Page 61 - 65

Reference Manual for the ProSafe VPN Firewall FVS114

5-10

Basic Virtual Private Networking

202-10098-01, April 2005

Note:

In this example, the Connection Name used on the client side of the VPN tunnel is

NETGEAR_VPN_router

and it does not have to match the

RoadWarrior

Connection

Name used on the gateway side of the VPN tunnel (see

Figure 5-5

) because Connection

Names are unrelated to how the VPN tunnel functions.

Tip:

Choose Connection Names that make sense to the people using and administrating

the VPN.

Figure 5-9:

Security Policy Editor new connection

Figure 5-10:

Security Policy Editor connection settings

c.

Select Secure in the Connection Security check box.

Page 67 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Basic Virtual Private Networking

5-11

202-10098-01, April 2005

d.

Select IP

Subnet in the ID Type menu.

In this example, type

192.168.3.1

in the Subnet field as the network address of the

FVS114.

e.

Enter

255.255.255.0

in the Mask field as the LAN Subnet Mask of the FVS114.

f.

Select All in the Protocol menu to allow all traffic through the VPN tunnel.

g.

Select the Connect using Secure Gateway Tunnel check box.

h.

Select IP

Address in the ID Type menu below the check box.

i.

Enter the public WAN IP Address of the FVS114 in the field directly below the ID Type

menu. In this example,

22.23.24.25

would be used.

The resulting Connection Settings are shown in

Figure 5-10

.

3.

Configure the Security Policy in the NETGEAR ProSafe VPN Client software.

a.

In the Network Security Policy list, expand the new connection by double clicking its

name or clicking on the “+” symbol. My Identity and Security Policy subheadings appear

below the connection name.

b.

Click on the

Security Policy

subheading to show the Security Policy menu.

Figure 5-11:

Security Policy Editor Security Policy

c.

Select the Main Mode in the Select Phase 1 Negotiation Mode check box.

4.

Configure the VPN Client Identity.

Page 68 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

5-12

Basic Virtual Private Networking

202-10098-01, April 2005

In this step, you will provide information about the remote VPN client PC. You will need to

provide:

—

The Pre-Shared Key that you configured in the FVS114.

—

Either a fixed IP address or a “fixed virtual” IP address of the VPN client PC.

a.

In the Network Security Policy list on the left side of the Security Policy Editor window,

click on

My Identity

.

Figure 5-12:

Security Policy Editor My Identity

b.

Choose None in the Select Certificate box.

c.

Select IP Address in the ID Type box. If you are using a virtual fixed IP address, enter this

address in the Internal Network IP Address box. Otherwise, leave this box empty.

d.

In the Internet Interface box, select the adapter you use to access the Internet. Select PPP

Adapter in the Name menu if you have a dial-up Internet account. Select your Ethernet

adapter if you have a dedicated Cable or DSL line. You may also choose Any if you will

be switching between adapters or if you have only one adapter.

e.

Click the

Pre-Shared Key

button. In the Pre-Shared Key dialog box, click the

Enter Key

button. Enter the FVS114's Pre-Shared Key and click

OK

. In this example,

12345678

is

entered. This field is case sensitive.

Page 69 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

Basic Virtual Private Networking

5-13

202-10098-01, April 2005

Figure 5-13:

Security Policy Editor Pre-Shared Key

5.

Configure the VPN Client Authentication Proposal.

In this step, you will provide the type of encryption (DES or 3DES) to be used for this

connection. This selection must match your selection in the FVS114 configuration.

a.

In the Network Security Policy list on the left side of the Security Policy Editor window,

expand the Security Policy heading by double clicking its name or clicking on the “+”

symbol.

b.

Expand the Authentication subheading by double clicking its name or clicking on the “+”

symbol. Then select Proposal 1 below Authentication.

Figure 5-14:

Security Policy Editor Authentication

c.

In the Authentication Method menu, select Pre-Shared key.

d.

In the Encrypt Alg menu, select the type of encryption. In this example, use Triple DES.

e.

In the Hash Alg menu, select SHA-1.

Page 70 / 212

Reference Manual for the ProSafe VPN Firewall FVS114

5-14

Basic Virtual Private Networking

202-10098-01, April 2005

f.

In the SA Life menu, select Unspecified.

g.

In the Key Group menu, select Diffie-Hellman Group 2.

6.

Configure the VPN Client Key Exchange Proposal.

In this step, you will provide the type of encryption (DES or 3DES) to be used for this

connection. This selection must match your selection in the FVS114 configuration.

a.

Expand the Key Exchange subheading by double clicking its name or clicking on the “+”

symbol. Then select Proposal 1 below Key Exchange.

Figure 5-15:

Security Policy Editor Key Exchange

b.

In the SA Life menu, select Unspecified.

c.

In the Compression menu, select None.

d.

Check the Encapsulation Protocol (ESP) check box.

e.

In the Encrypt Alg menu, select the type of encryption. In this example, use Triple DES.

f.

In the Hash Alg menu, select SHA-1.

g.

In the Encapsulation menu, select Tunnel.

h.

Leave the Authentication Protocol (AH) check box unchecked.

7.

Save the VPN Client Settings.

From the File menu at the top of the Security Policy Editor window, select Save.

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share