NETGEAR SRXN3205 Router Manual PDF (Setup & Configuration Guide)

Page 106 / 218 Scroll up to view Page 101 - 105

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

6-4

Virtual Private Networking Using IPsec

v1.0, October 2008

Creating a Client to Gateway VPN Tunnel with the Wizard

Follow these steps to configure the VPN client.

1.

From the main menu, go to

VPN > IPSec VPN > VPN Wizard

. The VPN Wizard

displays.

.

2.

Select

VPN Client

as your VPN tunnel connection.

3.

Create a

Connection Name

like “client”.

Enter an appropriate name for the connection. This name is not supplied to the remote VPN

client. It is only used to help you manage the VPN settings.

4.

Enter a

Pre-shared Key

.

The key must be entered both here and on the VPN Client. This key length should be

minimum 8 characters and should not exceed 49 characters.

5.

The public

Remote and Local Identifier

are automatically filled in.

6.

Click

Apply

.

Click

Edit

to review the VPN policy details the wizard just created for you.

Figure 6-2

Page 107 / 218

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Virtual Private Networking Using IPsec

6-5

v1.0, October 2008

Viewing or Modifying IKE and VPN Policy Settings

Follow these steps to view or modify IKE and VPN policy settings.

1.

For IKE policy settings, go to

VPN > IPSec VPN > IKE Policies.

To view or modify the IKE policy settings, click

Edit

in the

Action

column of the policy you

want to review.

Figure 6-3

Page 108 / 218

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

6-6

Virtual Private Networking Using IPsec

v1.0, October 2008

2.

For VPN policy settings, go to

VPN > IPSec VPN > VPN Policies.

To view or modify the IKE Polic, click

Edit

in the Actioni columnof the policy you want

to review.

Figure 6-4

Page 109 / 218

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Virtual Private Networking Using IPsec

6-7

v1.0, October 2008

Creating a VPN Client to SRXN3205 Connection

This section describes how to configure a VPN connection between a Windows PC and the

SRXN3205 firewall.

Using the SRXN3205's VPN Wizard, we will create VPN client policies (IKE and VPN) that will

allow remote PCs to connect from locations in which their IP addresses are unknown in advance.

The PCs may be directly connected to the Internet or may be behind NAT routers.

Each PC will use Netgear's ProSafe VPN Client software. Since the PC's IP address is assumed to

be unknown, the PC must always be the initiator of the connection.

This procedure was developed and tested using:

•

Netgear SRXN3205 ProSafe Wireless-N VPN Firewall

•

Netgear ProSafe VPN Client

•

NAT router: Netgear FVX538

Configuring the SRXN3205

1.

Start/open the VPN Wizard.

2.

Select the

VPN Client

radio button for type of VPN connection.

3.

Give the client connection a name, such as “client”.

4.

Enter a value for the pre-shared key.

5.

Enter the Remote Identifier Information. The default is srxn_remote.com.

6.

Enter the Local Identifier information. The default is srxn_local.com

7.

Click

Apply

to create the “client” VPN Client. The

VPN Policies

screen is displayed showing

the VPN Client policy as enabled.

8.

Click the

IKE Policies

tab to display the

IKE Policies

table and click

Edit

adjacent to the

“client” policy to view the policy details.

You can augment user authentication security by enabling the XAUTH server by selecting the

Edge Device

radio box and then adding users to the user database (see

“Extended

Authentication (XAUTH) Configuration” on page 6-22

and

“User Database Configuration” on

page 6-24

, respectively). As an alternative to the local user database, you can also choose a

RADIUS server.

Page 110 / 218

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

6-8

Virtual Private Networking Using IPsec

v1.0, October 2008

Configuring the VPN Client

From a PC with the Netgear Prosafe VPN Client installed, you can configure a VPN client policy

to connect to the SRXN3205.

To configure your VPN client:

1.

Right-click on the VPN client icon in your Windows toolbar and choose

Security Policy

Editor

.

2.

In the upper left of the Policy Editor window, click the New Document icon to open a New

Connection. Give the New Connection a name, such as

SRXN

.

3.

From the

ID Type

pull-down menu, choose

IP Subnet

.

4.

Enter the LAN IP

Subnet Address

and

Subnet Mask

of the SRXN3205 LAN. Check the

Connect using

radio box and choose

Secure Gateway Tunnel

from the pull-down menu.

5.

From the

first

ID Type

pull-down menus, choose

Domain Name

and enter the FQDN address

of the SRXN3205.

6.

From the second

ID Type

pull-down menu, choose

Gateway IP Address

and enter the WAN

IP Gateway address of the SRXN3205.

Figure 6-5

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share