Page 46 / 117 Scroll up to view Page 41 - 45
TD-W8980
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
37
)
Note:
You could also use other VPN Routers to set VPN tunnels with TD-W8980. TD-W8980 supports
up to 10 VPN tunnels simultaneously.
Click
Add New Connection
in Figure 4-21 and then you will enter the screen shown in Figure
4-22.
Figure 4-22
¾
IPSec Connection Name:
Enter a name for your VPN.
¾
Remote IPSec Gateway Address (URL):
Enter the destination gateway IP address in the box
which is the public WAN IP or Domain Name of the remote VPN server endpoint. (For example:
Input
219.134.112.247
in
Device1
, Input
219.134.112.246
in
Device 2
)
Page 47 / 117
TD-W8980
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
38
¾
Tunnel access from local IP addresses:
Choose Subnet if you want the Whole LAN to join
the VPN network, or else choose Single Address if you want single IP to join the VPN network.
¾
IP Address for VPN:
Enter the IP address of your LAN. (For example: Input
192.168.1.1
in
Device1
, Input
192.168.2.1
in
Device2
)
¾
IP Subnetmask:
Enter the Subnet mask of your LAN. ( For example: Input
255.255.255.0
in
both
Device1
and
Device2
)
¾
Tunnel access from remote IP addresses:
Choose Subnet if you want the Remote Whole
LAN to join the VPN network, or else choose Single Address if you want single IP to join the
VPN network.
¾
IP Address for VPN:
Enter the IP address of the Remote LAN. ( For example: Input
192.168.2.1
in
Device1
,Input
192.168.1.1
in
Device2
)
¾
IP Subnetmask:
Enter the subnetmask of the remote LAN. ( For example: Input
255.255.255.0
in both
Device1
and
Device2
)
¾
Key Exchange Method:
Select Auto (IKE) or Manual.
¾
Authentication Method:
Select Pre-Shared Key (recommended).
¾
Pre-Shared Key:
Input the Pre-Shared key for Authentication. (For example: Input 12345678)
¾
Perfect Forward Secrecy:
PFS is an additional security protocol.
We recommend you leave the Advanced Settings as default value.
After complete the basic settings and click Save/Apply in both
Device1
and
Device2
, PCs in LAN1
could communicate with PCs in remote LAN2. (For example: You can ping the IP address of PC2
which is 192.168.2.100 in PC1)
)
Note:
The VPN Servers Endpoint from both ends must use the same pre-shared keys and Perfect
Forward Secrecy settings.
Click
Show Advanced Settings
and then you can configure the Advanced Settings.
Page 48 / 117
TD-W8980
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
39
Figure 4-23
¾
Mode:
Select Main Mode to configure the standard negotiation parameters for IKE phase1.
¾
Aggressive Mode:
Select Aggressive Mode to configure IKE phase1 of the VPN Tunnel to
carry out negotiation in a shorter amount of time. (Not Recommended-Less Secure)
)
Note:
The difference between the two is that aggressive mode will pass more information in fewer
packets, with the benefit of slightly faster connection establishment, at the cost of transmitting the
identities of the security firewall in the clear. When using aggressive mode, some configuration
parameters such as Diffie-Hellman groups, and PFS can not be negotiated, resulting in a greater
importance of having "compatible" configuration on both ends.
¾
Key Life Time:
Enter the number of seconds for the IPSec lifetime. It is the period of time to
pass before establishing a new IPSec security association (SA) with the remote endpoint. The
default value is 3600.
)
Note:
If you want to change the default settings of
Advanced Settings
, please make sure that both VPN
server endpoints use the same Encryption Algorithm, Integrity Algorithm, Diffie-Hellman Group
and Key Life time in both
phase1
and
phase2
.
4.6 DHCP Server
Choose “
DHCP Server
”, you can see the next submenus:
Page 49 / 117
TD-W8980
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
40
Click any of them, and you will be able to configure the corresponding function.
4.6.1 DHCP Settings
Choose menu “
DHCP Server
Æ
DHCP Settings
”, you can configure the DHCP Server on the
page as shown in Figure 4-24.The modem router is set up by default as a DHCP (Dynamic Host
Configuration Protocol) server, which provides the TCP/IP configuration for all the PC(s) that are
connected to the modem router on the LAN.
Figure 4-24
¾
Start IP Address:
Enter a value for the DHCP server to start with when issuing IP addresses.
Because the default IP address for the modem router is 192.168.1.1, the default Start IP
Address is
192.168.1.100
, and the Start IP Address must be 192.168.1.100 or greater, but
smaller than 192.168.1.254.
¾
End IP Address:
Enter a value for the DHCP server to end with when issuing IP addresses.
The End IP Address must be smaller than 192.168.1.254. The default End IP Address is
192.168.1.254
.
¾
Address Lease Time:
The Leased Time is the amount of time in which a network user will be
allowed connection to the modem router with their current dynamic IP address. Enter the
amount of time, in hours, then the user will be “leased” this dynamic IP address. After the
dynamic IP address has expired, the user will be automatically assigned a new dynamic IP
address. The default is
24
hours.
¾
Default Gateway -
(Optional.) It is suggested to input the IP address of the LAN port of the
modem router. The default value is 192.168.1.1.
¾
Default Domain -
(Optional.) Input the domain name of your network.
¾
Primary DNS -
(Optional.) Input the DNS IP address provided by your ISP or consult your
ISP.
Page 50 / 117
TD-W8980
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router User Guide
41
¾
Secondary DNS -
(Optional.) Input the IP address of another DNS server if your ISP
provides two DNS servers.
¾
DHCP Relay:
Select
Relay
, then you will see the next screen, and the modem router will work
as a DHCP Relay. A DHCP relay is a computer that forwards DHCP data between computers
that request IP addresses and the DHCP server that assigns the addresses. Each of the
device's interfaces can be configured as a DHCP relay. If it is enabled, the DHCP requests
from local PCs will forward to the DHCP server runs on WAN side. To have this function
working properly, please run on router mode only, disable the DHCP server on the LAN port,
and make sure the routing table has the correct routing entry.
)
Note:
1)
To use the DHCP server function of the modem router, you must configure all computers on
the LAN as "Obtain an IP Address automatically".
2)
You have to disable NAT of the WAN connections, or the DHCP Relay may not take effect.
3)
If you select
Disabled
, the DHCP function will not take effect.
Click the
Save
button to save your settings.
4.6.2 Clients List
Choose menu “
DHCP Server
Æ
Clients List
”, you can view the information about the clients
attached to the modem router in the screen as shown in Figure 4-25.
Figure 4-25
¾
Client Name
:
The name of the DHCP client
¾
MAC Address
:
The MAC address of the DHCP client
¾
IP Address
:
The IP address that the modem router has allocated to the DHCP client
¾
Valid Time
:
The time of the DHCP client leased. After the dynamic IP address has expired,
a new dynamic IP address will be automatically assigned to the user.
You cannot change any of the values on this page. To update this page and to show the current
attached devices, click the
Refresh
button.

Rate

3.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top