NETGEAR SRX5308 Router Manual PDF (Setup & Configuration Guide)

Page 226 / 469 Scroll up to view Page 221 - 225

Virtual Private Networking Using IPSec

and

L2TP Connections

226

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

4.

Click

Apply

to use the new settings immediately, and click

Save

to keep the settings for

future use.

Configure the Global Parameters



To specify the global parameters:

1.

Click

Global Parameters

in the left column

of the Configuration Panel screen.

The

Global Parameters pane displays in the

Configuration Panel screen:

Figure 149.

2.

Specify the default lifetimes in seconds:

•

Authentication (IKE)

,

Default

. The default lifetime value is 3600 seconds. Change

this setting to

28800

seconds to match the configuration of the VPN firewall.

•

Encryption (IPSec)

,

Default

. The default lifetime value is 1200 seconds. Change this

setting to

3600

seconds to match the configuration of the VPN firewall.

3.

Click

Apply

to use the new settings immediately, and click

Save

to keep the settings for

future use.

The VPN firewall configuration is now complete.

Page 227 / 469

Virtual Private Networking Using IPSec

and

L2TP Connections

227

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

Test the Connection and View Connection and Status

Information

•

Test the NETGEAR VPN Client Connection

•

NETGEAR VPN Client Status and Log Information

•

View the VPN Firewall IPSec VPN Connection Status

•

View the VPN Firewall IPSec VPN Log

Both the NETGEAR ProSafe VPN Client and the VPN firewall provide VPN connection and

status information. This information is useful for verifying the status of a connection and

troubleshooting problems with a connection.

Test the NETGEAR VPN Client Connection

There are many ways to establish a connection. The following procedures assume that you

use the default authentication phase name

Gateway

and the default IPSec configuration

name

Tunnel

. If you manually set up the connection and changed the names, use

vpn_client

(or any other name that you have configured) as the authentication phase name and

netgear_platform

(or any other name that you have configured) as the IPSec configuration

name.



To establish a connection, use one of the following three methods:

•

Use the Configuration Panel screen

. In the tree list pane of the Configuration Panel

screen, perform

one

of the following tasks:

-

Click the

Tunnel

IPSec configuration name, and press

Ctrl+O.

-

Right-click the

Tunnel

IPSec configuration name, and select

Open tunnel

.

Figure 150.

•

Use the Connection Panel screen

. On the main menu of the Configuration Panel

screen, select

Tools > Connection Panel

to open the Connection Panel screen. Perform

one

of the following tasks:

-

Double-click

Gateway-Tunnel

.

-

Right-click

Gateway-Tunnel

, and select

Open tunnel

.

-

Click

Gateway-Tunnel

, and press

Ctrl+O

.

Page 228 / 469

Virtual Private Networking Using IPSec

and

L2TP Connections

228

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

Figure 151.

•

Use the system-tray icon

. Right-click the system tray icon, and select

Open tunnel

‘Tunnel’

.

Figure 152.

Whichever way you choose to open the tunnel, when the tunnel opens successfully, the

Tunnel opened

message displays above the system tray:

Figure 153.

After the VPN client is launched, it displays an icon in the system tray that indicates whether

a tunnel is opened, using a color code:

Figure 154.

Purple icon:

no VPN tunnel opened

Green icon:

at least one VPN tunnel opened

Page 229 / 469

Virtual Private Networking Using IPSec

and

L2TP Connections

229

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

NETGEAR VPN Client Status and Log Information



To view detailed negotiation and error information on the NETGEAR VPN client:

Right-click the VPN client icon in the system tray, and select

Console

. The VPN Client

Console Active screen displays:

Figure 155.

View the VPN Firewall IPSec VPN Connection Status

To view the status of current IPSec VPN tunnels, select

VPN > Connection Status

.

The

Connection Status submenu tabs display with the IPSec VPN Connection Status screen in

view. (The following figure shows an IPSec SA as an example.)

Figure 156.

Page 230 / 469

Virtual Private Networking Using IPSec

and

L2TP Connections

230

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

The Active IPSec SA(s) table lists each active connection with the information that is

described in the following table. The default poll interval is 10 seconds. To change the poll

interval period, enter a new value in the Poll Interval field, and click the

Set Interval

button.

To stop polling, click the

Stop

button.

View the VPN Firewall IPSec VPN Log



To display the IPSec VPN log:

Select

Monitoring > VPN Logs > IPSec VPN Logs.

The IPSec VPN Logs screen displays:

Figure 157.

Table 52.

IPSec VPN Connection Status screen information

Item

Description

Policy Name

The name of the VPN policy that is associated with this SA.

Endpoint

The IP address on the remote VPN endpoint.

Tx (KB)

The amount of data that is transmitted over this SA.

Tx (Packets)

The number of IP packets that are transmitted over this SA.

State

The status of the SA. Phase 1 is the authentication phase, and Phase 2 is key exchange

phase. If there is no connection, the status is IPSec SA Not Established.

Action

Click the

Connect

table button to build the connection, or click the

Disconnect

table

button to terminate the connection.

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share