Download
Share
Print this page
  1. Manuals
  2. Brands
  3. NETGEAR Manuals
  4. Modem
  5. DG834GSP
  6. Reference manual

NETGEAR DG834GSP Reference Manual

Adsl modem wireless router
Hide thumbs Also See for DG834GSP:

Advertisement

Quick Links

Download this manual See also: Reference Manual
DG834GSP to FVL328
This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR
DG834GSP to a FVL328. This case study follows the VPN Consortium interoperability profile
guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html).
Configuration Profile
The configuration in this document follows the addressing and configuration mechanics defined
by the VPN Consortium. Gather all the necessary information before you begin the configuration
process. Verify whether the firmware is up to date, all of the addresses that will be necessary, and
all of the parameters that need to be set on both sides. Check that there are no firewall restrictions.
Table B-1.
Profile Summary
VPN Consortium Scenario:
Type of VPN
Security Scheme:
IP Addressing:
NETGEAR-Gateway A
NETGEAR-Gateway B
NETGEAR VPN Configuration
NETGEAR VPN Configuration
Scenario 1
LAN-to-LAN or Gateway-to-Gateway (not PC/Client-to-Gateway)
IKE with Preshared Secret/Key (not Certificate-based)
Static IP address
Static IP address
v1.0, June 2007
Appendix B
B-1

Advertisement

loading

Related Manuals for NETGEAR DG834GSP

Summary of Contents for NETGEAR DG834GSP

  • Page 1 DG834GSP to FVL328 This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DG834GSP to a FVL328. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html). Configuration Profile The configuration in this document follows the addressing and configuration mechanics defined by the VPN Consortium.
  • Page 2 Note: Product updates are available on the NETGEAR, Inc. web site at http://kbserver.netgear.com/DG834GSP.asp. Step-By-Step Configuration 1. Configure the DG834GSP as in the Gateway-to-Gateway procedures using the VPN Wizard (see “How to Set Up a Gateway-to-Gateway VPN Configuration” on page to use appropriate network addresses for the environment.
  • Page 3 Reference Manual for the ADSL Modem Wireless Router DG834GSP 10.5.6.1 toFVL328 Figure B-2 NETGEAR VPN Configuration Click VPN Policies under Advanced - VPN to invoke this screen 172.23.9.1 toFVL328 v1.0, June 2007 22.23.24.25 10 10...
  • Page 4 Reference Manual for the ADSL Modem Wireless Router DG834GSP 2. Configure the FVL328 as in the Gateway-to-Gateway procedures for the VPN Wizard (see “How to Set Up a Gateway-to-Gateway VPN Configuration” on page use appropriate network addresses for the environment.
  • Page 5 Reference Manual for the ADSL Modem Wireless Router DG834GSP toDG834 22.23.24.25 14.15.16.17 Click IKE Policies under VPN to invoke this screen toDG834 172.23.9.1 Click VPN Policies under VPN to invoke this screen Figure B-3 NETGEAR VPN Configuration 10.5.6.1 v1.0, June 2007 toDG834 22.23.24.25...

  • Page 6: Configuration Profile

    DG834GSP with FQDN to FVL328 This appendix is a case study on how to configure a VPN tunnel from a NETGEAR DG834GSP to a FVL328 using a Fully Qualified Domain Name (FQDN) to resolve the public address of one or both routers.
  • Page 7 FDQN 10.5.6.0/24 Network Interface Addressing Gateway A LAN IP 10.5.6.1 dg834g.dyndns.org DG834G Figure B-5 Note: Product updates are available on the NETGEAR, Inc. web site at http://kbserver.netgear.com/DG834GSP.asp. NETGEAR VPN Configuration VPNC Example Gateway B WAN IP WAN IP fvl328.dyndns.org (FQDN) (FQDN) v1.0, June 2007...
  • Page 8 Step-By-Step Configuration 1. Log in to the DG834GSP labeled Gateway A as in the illustration. Out of the box, the DG834GSP is set for its default LAN address of http://10.1.1.1 with its default user name of admin assume you have set the local LAN address as 10.5.6.1 for Gateway A and have set your own...
  • Page 9 Reference Manual for the ADSL Modem Wireless Router DG834GSP 3. On the DG834GSP, configure the Dynamic DNS settings. a. Browse to the Dynamic DNS Setup Screen (see Figure B-6 b. Configure this screen with appropriate account and hostname settings and then click Apply.
  • Page 10 Reference Manual for the ADSL Modem Wireless Router DG834GSP 4. On the FVL328, configure the Dynamic DNS settings. Assume a properly configured DynDNS account. a. Browse to the Dynamic DNS Setup Screen (see Figure B-8 b. Select the DynDNS.org radio button (see and hostname settings (see •...
  • Page 11 Reference Manual for the ADSL Modem Wireless Router DG834GSP Figure B-9 c. Click Show Status. The resulting screen should show Update OK: good (see Figure B-10). Figure B-10 NETGEAR VPN Configuration B-11 v1.0, June 2007...
  • Page 12 IP Address = 10.5.6.1 • Subnet Mask = 255.255.255.0 7. Test the VPN tunnel by pinging the remote network from a PC attached to the DG834GSP. a. Open the command prompt (Start -> Run -> cmd) b. ping 172.23.9.1 B-12 LAN Subnet Mask 255.255.255.0...
  • Page 13 Reference Manual for the ADSL Modem Wireless Router DG834GSP Figure B-11 Note: The pings may fail the first time. If this happens, try the pings a second time. NETGEAR VPN Configuration B-13 v1.0, June 2007...

  • Page 14: Configuration Summary (Telecommuter Example)

    Figure B-12 Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a network gateway involves the following two steps: • Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office.

  • Page 15: Step 1: Configuring The Client-To-Gateway Vpn Tunnel On The Vpn Router At The Employer's Main Office

    Reference Manual for the ADSL Modem Wireless Router DG834GSP • Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office Follow this procedure to configure a client-to-gateway VPN tunnel by filling out the VPN Auto Policy screen.
  • Page 16 Reference Manual for the ADSL Modem Wireless Router DG834GSP Figure B-13 B-16 fromDG834GSP (in the example) Dynamic IP address IKE Keep Alive is optional; must match Remote LAN IP Address when enabled (remote PC must respond to pings) Subnet address 192.168.0.1 (in this example)
  • Page 17 Reference Manual for the ADSL Modem Wireless Router DG834GSP 2. Click Apply when done to get the VPN Policies screen. Figure B-14 To view or modify the tunnel settings, select the radio button next to the tunnel entry and click Edit.

  • Page 18: Step 2: Configuring The Netgear Prosafe Vpn Client On The Remote Pc At The Telecommuter's Home Office

    This procedure describes how to configure the 54 Mbps ADSL Modem Wireless Router Model DG834GSP. We will assume the PC running the client has a dynamically assigned IP address. The PC must have a VPN client program installed that supports IPSec (in this case study, the NETGEAR VPN ProSafe Client is used).
  • Page 19 From the Edit menu of the Security Policy Editor, click Add, then Connection. A New Connection listing appears in the list of policies. Rename the New Connection so that it matches the Connection Name you entered in the VPN Settings of the DG834GSP on Gateway A.
  • Page 20 In this example, type 10.1.1.1 in the Subnet field as the network address of the DG834GSP. Enter 255.255.255.0 in the Mask field as the LAN Subnet Mask of the DG834GSP. g. Select All in the Protocol menu to allow all traffic through the VPN tunnel.
  • Page 21 In this step, you will provide information about the remote VPN client PC. You will need to provide the Pre-Shared Key that you configured in the DG834GSP and either a fixed IP address or a “fixed virtual” IP address of the VPN client PC.
  • Page 22 Reference Manual for the ADSL Modem Wireless Router DG834GSP a. In the Network Security Policy list on the left side of the Security Policy Editor window, click My Identity. Figure B-18 b. Choose None in the Select Certificate menu. c. Select Domain Name in the ID Type menu and enter toDG834G.com (in this example) in the box below it.
  • Page 23 Reference Manual for the ADSL Modem Wireless Router DG834GSP e. Click the Pre-Shared Key button. Figure B-19 In the Pre-Shared Key dialog box, click the Enter Key button. Enter the DG834GSP's Pre-Shared Key and click OK. In this example, 12345678 is entered. This field is case sensitive.
  • Page 24 Reference Manual for the ADSL Modem Wireless Router DG834GSP Figure B-20 c. In the Authentication Method menu, select Pre-Shared key. d. In the Encrypt Alg menu, select the type of encryption. In this example, use Triple DES. e. In the Hash Alg menu, select SHA-1.
  • Page 25 Reference Manual for the ADSL Modem Wireless Router DG834GSP a. Expand the Key Exchange subheading by double clicking its name or clicking on the “+” symbol. Then select Proposal 1 below Key Exchange. Figure B-21 b. In the SA Life menu, select Unspecified.
  • Page 26 Select Connect to open the My Connections list. c. Choose toDG834G. The 54 Mbps ADSL Modem Wireless Router Model DG834GSP will report the results of the attempt to connect. Once the connection is established, you can access resources of the network connected to the VPN router.
  • Page 27 Reference Manual for the ADSL Modem Wireless Router DG834GSP c. Type ping -t 10.1.1.1, and then click OK. Figure B-23 This will cause a continuous ping to be sent to the VPN router. After between several seconds and two minutes, the ping response should change from timed out to reply.

  • Page 28: Monitoring The Vpn Tunnel (Telecommuter Example)

    1. To launch this function, click on the Windows Start button, then select Programs, then 54 Mbps ADSL Modem Wireless Router Model DG834GSP, then Log Viewer. Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the VPN tunnel or some reason outside the VPN tunnel.

  • Page 29: Viewing The Vpn Router's Vpn Status And Log Information

    Reference Manual for the ADSL Modem Wireless Router DG834GSP While the connection is being established, the Connection Name field in this menu will show SA before the name of the connection. When the connection is successful, the SA will change to the yellow key symbol.
  • Page 30 Reference Manual for the ADSL Modem Wireless Router DG834GSP 2. To view the VPN tunnels status, click the VPN Status link on the right side of the main menu. Figure B-27 B-30 NETGEAR VPN Configuration v1.0, June 2007...
  • Page 31 Reference Manual for the ADSL Modem Wireless Router DG834GSP NETGEAR VPN Configuration B-31 v1.0, June 2007...
  • Page 32 Reference Manual for the ADSL Modem Wireless Router DG834GSP B-32 NETGEAR VPN Configuration v1.0, June 2007...

This manual is also suitable for:

Fvl328