1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 21
Page 101 / 178 Scroll up to view Page 96 - 100
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-11
v1.0, September 2006
Configuring the FVX538
To configure the FVX538 using the VPN Wizard:
1.
Select
VPN
from the main menu. The
Policies
screen will display. Click the
VPN Wizard
link. The
VPN Wizard
screen will display.
2.
Check the
Gateway
radio box to establish a remote VPN gateway.
3.
Give the new connection a name such as
to_fvs.
4.
Enter a value for the pre-shared key.
5.
Enter the WAN IP address or Internet name of the remote WAN.
Figure 5-5
Page 102 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-12
Virtual Private Networking
v1.0, September 2006
6.
Enter the remote LAN IP address and subnet mask.
7.
Click
Apply
to create the “to_fvs” IKE and VPN policies.
Testing the Connection
1.
From a PC on either firewall’s LAN, try to ping a PC on the other firewall’s LAN. Establishing
the VPN connection may take several seconds.
2.
For additional status and troubleshooting information, view the VPN log and status menu in
the FVX538 or FVS338.
Creating a VPN Client Connection: VPN Client to FVS338
This section describes how to configure a VPN connection between a Windows PC (the client)
installed with the NETGEAR ProSafe VPN Client and the VPN firewall.
Figure 5-6
Page 103 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-13
v1.0, September 2006
Using the FVS338 VPN Wizard, we will create a single set of policies (IKE and VPN) that will
allow up to 50 remote PCs to connect from locations in which their IP addresses are unknown in
advance. The PCs may be directly connected to the Internet or may be behind NAT routers. If more
PCs are to be connected, an additional policy or policies must be created.
Each PC will use the NETGEAR VPN Client. Since the PC’s IP address is assumed to be
unknown, the PC must always be the Initiator of the connection.
This procedure was developed and tested using:
NETGEAR ProSafe VPN Firewall 50 FVS338
NETGEAR ProSafe VPN Client
NAT router: NETGEAR FR114P
Configuring the FVS338
To configure the FVS338 using the VPN Wizard:
1.
Select
VPN
from the main menu. The
Policies
screen will display. Click the
VPN Wizard
link. The
VPN Wizard
screen will display.
2.
Check the
VPN Client
radio box to establish a remote VPN client.
3.
Give the new connection a name such as
home.
4.
Enter a value for the pre-shared key.
5.
Click
Apply.
The
VPN Policies
screen will display showing a VPN Client policy named
home. Select the
VPN Policies
tab to display the corresponding “home” VPN Policy.
Note:
When XAuthentication (XAUTH) is enabled, incoming VPN connections are
authenticated against the FVS338 Network Database first, then, if configured,
a RADIUS server is checked.
Page 104 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-14
Virtual Private Networking
v1.0, September 2006
Configuring the VPN Client
On a remote PC that has a NETGEAR ProSafe VPN Client installed, configure the client using the
FVS338 VPN Client default parameters (displayed in both the IKE Policy table and the VPN
Policy table of the FVS338 under the name “home”):
Local FQDN (the router): fvs_local.com
Remote FQDN (the client): fvs_remote.com
Encryption Algorithm: 3DES
Authentication Algorithm: SHA-1
Pre-shared key: 12345678 (defined by user)
Diffie-Hellman (DH) Group: Group 2 (1024 bit)
SA Life Time: unspecified
Remote LAN IP subnet: 192.168.1.0/255.255.255.0
Figure 5-7
fvs_remote.com
fvs_local.com
Page 105 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-15
v1.0, September 2006
To configure the VPN Client:
1.
Right-click on the VPN client icon
in your Windows toolbar and select the
Security Policy
Editor
. The
Security Policy Editor
screen will display.
2.
In the upper left of the Policy Editor window, click the New Document icon to open a New
Connection.
3.
Give the New Connection a name, such as
to_FVS
(shown in
Figure 5-9
)
.
4.
In the Remote Party Identity section, from the
ID Type
pull-down menu, select
IP Subnet
.
5.
Enter the LAN IP Subnet Address and Subnet Mask of the FVS338 LAN.
6.
Check
Connect using
radio box and select
Connect using Secure Gateway Tunnel
from the
pull-down menu.
7.
From the
ID Type
pull-down menu, select
Domain Name
and
Gateway IP Address
.
3.
For the Domain Name, enter
fvs_local.com
and enter the WAN IP Address of the
FVS338.
Figure 5-8

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top