1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS318N
    5. /
  5. 52
Page 256 / 414 Scroll up to view Page 251 - 255
Virtual Private Networking Using IPSec and L2TP Connections
256
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Figure 156.
4.
In the IKE SA Parameters section of the screen, locate the DPD fields, and complete the
settings as explained the following table:
5.
Click
Apply
to save your settings.
Configure NetBIOS Bridging with IPSec VPN
Windows networks use the Network Basic Input/Output System (NetBIOS) for several basic
network services such as naming and neighborhood device discovery. Because VPN routers
do not usually pass NetBIOS traffic, these network services do not function for hosts on
opposite ends of a VPN connection. To solve this problem, you can configure the wireless
VPN firewall to bridge NetBIOS traffic over the VPN tunnel.
Table 62.
Dead Peer Detection settings
Setting
Description
IKE SA Parameters
Enable Dead Peer
Detection
Select the
Yes
radio button to enable DPD. When the wireless VPN firewall
detects an IKE connection failure, it deletes the IPSec and IKE SA and forces a
reestablishment of the connection. You need to specify the detection period in
the Detection Period field and the maximum number of times that the wireless
VPN firewall attempts to reconnect in the Reconnect after failure count field.
Detection Period
The period in seconds between consecutive
DPD R-U-THERE messages, which are sent only when the
IPSec traffic is idle. The default setting is 10 seconds.
Reconnect after
failure count
The maximum number of DPD failures before the wireless
VPN firewall tears down the connection and then attempts
to reconnect to the peer. The default setting is 3 failures.
Page 257 / 414
Virtual Private Networking Using IPSec and L2TP Connections
257
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To enable NetBIOS bridging on a configured VPN tunnel:
1.
Select
VPN > IPSec VPN > VPN Policies
.
The VPN Policies screen displays (see
Figure 139
on page 226).
2.
Specify the IP version for which you want to edit a VPN policy:
IPv4
. In the upper right of the screen, the IPv4 radio button is already selected by
default. Go to
Step 3
.
IPv6
. Select the
IPv6
radio button. The VPN Policies screen for IPv6 displays.
3.
In the List of VPN Policies table, click the
Edit
table button to the right of the VPN policy that
you want to edit. The Edit VPN Policy screen displays. (The following figure shows only the
top part with the General section of the Edit VPN Policy screen for IPv6.)
Figure 157.
4.
Select the
Enable NetBIOS?
check box.
5.
Click
Apply
to save your settings.
Configure the L2TP Server
As an alternate solution to IPSec VPN tunnels, you can configure a Layer 2 Tunneling
Protocol (L2TP) server on the wireless VPN firewall to allow users to access L2TP clients
over L2TP tunnels. A maximum of 25 simultaneous L2TP user sessions are supported. (The
very first IP address of the L2TP address pool is used for distribution to the wireless VPN
firewall.)
An L2TP Access Concentrator (LAC) typically initiates a tunnel to fullfil a connection request
from an L2TP user; the L2TP server accommodates the tunnel request. After an L2TP tunnel
Page 258 / 414
Virtual Private Networking Using IPSec and L2TP Connections
258
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
is established, the L2TP user can connect to an L2TP client that is located behind the
wireless VPN firewall.
Note:
IPSec VPN provides stronger authentication and encryption than
L2TP. (Packets that traverse the L2TP tunnel are not encapsulated
by IPSec.)
You need to enable the L2TP server on the wireless VPN firewall, specify an L2TP server
address pool, and create L2TP user accounts. For information about how to create L2TP
user accounts, see
Configure User Accounts
on page 296.
To enable the L2TP server and configure the L2TP server pool:
1.
Select
VPN > L2TP Server
.
The L2TP Server screen displays. (The following figure
contains an example.)
Figure 158.
2.
To enable the L2TP server, select the
Enable
check box.
3.
Enter the settings as explained in the following table:
4.
Click
Apply
to save your settings.
Table 63.
L2TP Sever screen settings
Setting
Description
Starting IP Address
The first IP address of the pool. This address is used for distribution to the wireless
VPN firewall.
Ending IP Address
The last IP address of the pool. A maximum of 26 contiguous addresses is
supported. (The first address of the pool cannot be assigned to a user.)
Idle Timeout
The period after which an idle user is automatically logged out of the L2TP server.
The default idle time-out period is 10 minutes.
Page 259 / 414
Virtual Private Networking Using IPSec and L2TP Connections
259
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
View the Active L2TP Users
To view the active L2TP tunnel users, select
VPN > Connection Status > L2TP Active
Users
.
The L2TP Active Users screen displays:
Figure 159.
The List of L2TP Active Users table lists each active connection with the information that is
described in the following table.
Table 64.
L2TP Active Users screen information
Item
Description
Username
The name of the L2TP user that you have defined (see
Configure User Accounts
on
page 296
).
Remote IP
The client’s IP address on the remote LAC.
L2TP IP
The IP address that is assigned by the L2TP server on the wireless VPN firewall.
Action
Click the
Disconnect
table button to terminate the L2TP connection.
Page 260 / 414
260
7
7.
Virtual Private Networking
Using SSL Connections
The wireless VPN firewall provides a hardware-based SSL VPN solution designed specifically to
provide remote access for mobile users to their corporate resources, bypassing the need for a
preinstalled VPN client on their computers. Using the familiar Secure Sockets Layer (SSL)
protocol, commonly used for e-commerce transactions, the wireless VPN firewall can
authenticate itself to an SSL-enabled client, such as a standard web browser. Once the
authentication and negotiation of encryption information are completed, the server and client can
establish an encrypted connection. With support for up to 5 dedicated SSL VPN tunnels, the
wireless VPN firewall allows users to easily access the remote network for a customizable,
secure, user portal experience from virtually any available platform.
This chapter contains the following sections:
SSL VPN Portal Options
Overview of the SSL Configuration Process
Configure Domains, Groups, and Users
Configure Applications for Port Forwarding
Configure the SSL VPN Client
Use Network Resource Objects to Simplify Policies
Configure User, Group, and Global Policies
Access the New SSL Portal Login Screen
SSL VPN Portal Options
The wireless VPN firewall’s SSL VPN portal can provide two levels of SSL service to the
remote user:
SSL VPN tunnel
. The wireless VPN firewall can provide the full network connectivity of a
VPN tunnel using the remote user’s browser instead of a traditional IPSec VPN client.
The SSL capability of the user’s browser provides authentication and encryption,
establishing a secure connection to the wireless VPN firewall. Upon successful
connection, an ActiveX-based SSL VPN client is downloaded to the remote computer to
allow the remote user to virtually join the corporate network.
The SSL VPN client provides a point-to-point (PPP) connection between the client and
the wireless VPN firewall, and a virtual network interface is created on the user’s

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top