NETGEAR DG834G 54 Mbps Wireless ADSL Firewall DG834G DG834G User Manual
Wireless adsl2+ modem router
Hide thumbs
Also See for DG834G 54 Mbps Wireless ADSL Firewall DG834G DG834G:
- Reference manual (178 pages) ,
- Setup manual (44 pages) ,
- Reference manual (268 pages)
Related Manuals for NETGEAR DG834G 54 Mbps Wireless ADSL Firewall DG834G DG834G
Summary of Contents for NETGEAR DG834G 54 Mbps Wireless ADSL Firewall DG834G DG834G
- Page 1 Wireless ADSL2+ Modem Router DG834G User Manual NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10363-01 May 2008...
-
Page 2: Fcc Statement
In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein. - Page 3 European Union Statement of Compliance Hereby, NETGEAR, Inc. declares that this modem router is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC. Èesky NETGEAR, Inc. [Czech] Model DG834G ustanoveními smìrnice 1999/5/ES. Dansk Undertegnede NETGEAR, Inc.
- Page 4 Nederlands Hierbij verklaart [Dutch] Router Model DG834G relevante bepalingen van richtlijn 1999/5/EG. Malti Hawnhekk, NETGEAR, Inc. [Maltese] Model DG834G hemm fid-Dirrettiva 1999/5/EC. Magyar Alulírott, NETGEAR, Inc. [Hungarian] Router Model DG834G EC irányelv egyéb elõírásainak. Polski Niniejszym NETGEAR, Inc. [Polish] Model DG834G postanowieniami Dyrektywy 1999/5/EC.
- Page 5 Refer to the Support Information Card that shipped with your 54 Mbps Wireless ADSL2+ Modem Router Model DG834G. World Wide Web NETGEAR maintains a World Wide Web home page that you can access at the universal resource locator (URL) http://www.netgear.com . A direct connection to the Internet and a Web browser such as Internet Explorer or Mozilla Firefox are required.
- Page 6 v1.0, May 2008...
-
Page 7: Table Of Contents
Wireless ADSL2+ Modem Router DG834G User Manual About This Manual Conventions, Formats, and Scope ... i How to Use This Manual ... ii How to Print this Manual ... ii Chapter 1 Configuring Your Internet Connection What You Need Before You Begin ...1-1 Using the Smart Wizard to Set Up Your Router ...1-2 Logging In to the Modem Router ...1-3 Using the Setup Wizard to Auto-Detect Your Internet Connection ...1-4... - Page 8 Controlling Wireless Station Access ...2-16 Restricting Access by MAC Address ...2-17 Chapter 3 Protecting Your Network Protecting Access to Your ADSL2+ Modem Wireless Router ...3-1 Changing the Built-In Password ...3-1 Changing the Administrator Login Time-out ...3-2 Configuring Basic Firewall Services ...3-2 Blocking Keywords, Sites, and Services ...3-3 Blocking Keywords and Sites ...3-3 Firewall Rules ...3-5...
- Page 9 Setting Up a Client-to-Gateway VPN Configuration ...6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 ...6-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...6-10 Setting Up a Gateway-to-Gateway VPN Configuration ...6-18 VPN Tunnel Control ...6-25 Activating a VPN Tunnel ...6-25...
- Page 10 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office ... B-12 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office ... B-14 Monitoring the VPN Tunnel (Telecommuter Example) ... B-22 Viewing the PC Client’s Connection Monitor and Log Viewer ...
- Page 11 Viewing the VPN Router’s VPN Status and Log Information ... B-23 Appendix C Related Documents v1.0, May 2008...
- Page 12 v1.0, May 2008...
-
Page 13: About This Manual
The NETGEAR ® Wireless ADSL2+ Modem Router DG834G User Manual describes how to install, configure, and troubleshoot the 54 Mbps Wireless ADSL2+ Modem Router Model DG834G. The information in this manual is intended for readers with intermediate computer and Internet skills. -
Page 14: How To Use This Manual
• button to access the full NETGEAR, Inc. online knowledge base for the product model. • Links to PDF versions of the full manual and individual chapters. - Page 15 – Click the PDF of This Chapter link at the top left of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window. – Your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files.
- Page 16 Wireless ADSL2+ Modem Router DG834G User Manual v1.0, May 2008...
-
Page 17: Configuring Your Internet Connection
When you perform the initial configuration of your modem router using the Resource CD as described in the NETGEAR Router Setup Manual, these settings are configured automatically for you. This chapter provides further details about these settings, as well as instructions on how to log in to the modem router for further configuration. -
Page 18: Using The Smart Wizard To Set Up Your Router
For first-time installation of your modem router, refer to the NETGEAR Router Setup Manual. The Setup Manual explains how to launch the NETGEAR Smart Wizard on the Resource CD to step you through the procedure to connect your router, modem, and computers. The Smart Wizard will assist you in configuring your wireless settings and enabling wireless security for your network. -
Page 19: Logging In To The Modem Router
Logging In to the Modem Router You can log in to the modem router to view or change its settings. Note: Your computer must be configured for DHCP. For help with configuring DHCP, see the documentation that came with your computer or see the link to the online document in “Preparing a Computer for Network Access”... -
Page 20: Using The Setup Wizard To Auto-Detect Your Internet Connection
Wireless ADSL2+ Modem Router DG834G User Manual Using the Setup Wizard to Auto-Detect Your Internet Connection The Setup Wizard searches your Internet connection for servers and protocols to determine your ISP configuration. Note: The wizard cannot detect a PPTP connection with your ISP. If your ISP uses this protocol, then you must configure your connection manually (see Manually Configuring Your ISP Settings”... - Page 21 • DNS servers are required to perform the function of translating an Internet name such as www.netgear.com address. For a fixed IP address configuration, you must obtain DNS server addresses from your ISP and enter them manually here.
-
Page 22: Viewing Or Manually Configuring Your Isp Settings
Basic Settings screen. See must install the ADSL filters and connect the modem router to the ADSL line as described in the NETGEAR Router Setup Manual before you configure the settings in the Basic Settings screen. To view or configure the basic settings: 1. - Page 23 ISP does not require login Figure 1-4 The fields on the Basic Settings screen depend on whether or not your Internet connection requires a login. The Basic Settings screen is explained in Description”. 3. Select Yes or No depending on whether your ISP requires a login. This selection changes the fields available on the Basic Settings screen.
- Page 24 5. If no login is required, you can specify the MAC Address setting. 6. Click Apply to save your settings. 7. Click Test to test your Internet connection. If the NETGEAR website does not appear within one minute, refer to...
- Page 25 Table 1-2. Basic Settings Fields Description Settings Internet IP Address Domain Name Server (DNS) Address NAT (Net Address Translation) Configuring Your Internet Connection Wireless ADSL2+ Modem Router DG834G User Manual Description • Get Dynamically from ISP. Your ISP uses DHCP to assign your IP address.
-
Page 26: Changing Your Adsl Settings
LAN side of the router. Changing Your ADSL Settings Note: For information about how to install ADSL filters, see the NETGEAR Router Setup Manual. The default ADSL settings of your modem router work fine for most ISPs. However, some ISPs use a specific multiplexing method and virtual circuit number for the virtual path identifier (VPI) and virtual channel identifier (VCI). -
Page 27: How The Internet Connection Works
Wireless ADSL2+ Modem Router DG834G User Manual 4. Type a number between 32 and 65535 for the VCI. The default is 35. 5. Click Apply. How the Internet Connection Works Your modem router is now configured to provide Internet access for your network. Your modem router automatically connects to the Internet when one of your computers requires access. - Page 28 Wireless ADSL2+ Modem Router DG834G User Manual 1-12 Configuring Your Internet Connection v1.0, May 2008...
-
Page 29: Configuring Your Wireless Network
Fi Protected Setup (WPS) to automatically set the SSID and implement WPA/WPA2 security. • To manually configure the wireless settings, you must know the following: – SSID. The default SSID for the modem router is NETGEAR. – The wireless mode (802.11g, or 802.11b) that each wireless adapter supports. and Security Settings the modem router and wireless computers or wireless v1.0, May 2008... -
Page 30: Wireless Placement And Range Guidelines
Wireless ADSL2+ Modem Router DG834G User Manual – Wireless security option. To successfully implement wireless security, check each wireless adapter to determine which wireless security option it supports. “Manually Configuring Your Wireless Settings and Security” on page • Push 'N' Connect (WPS) automatically implements wireless security on the modem router while, at the same time, allowing you to automatically implement wireless security on any WPS-enabled devices (such as wireless computers and wireless adapter cards). -
Page 31: Wireless Security Options
The time it takes to establish a wireless connection can vary depending on both your security settings and placement. WEP connections can take slightly longer to establish. Also, WEP encryption can consume more battery power on a notebook computer. Wireless Security Options Indoors, computers can connect over 802.11g wireless networks at a maximum range of up to 300 feet. -
Page 32: Manually Configuring Your Wireless Network
Wireless ADSL2+ Modem Router DG834G User Manual You also can increase your security by implementing one or more of the following features: • Restrict Access Based on MAC Address. You can allow only trusted PCs to connect so that unknown PCs cannot wirelessly connect to the modem router. Restricting access by MAC address adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed (see •... - Page 33 Figure 2-2 The settings for this screen are explained in 3. Select the region in which the modem router will operate. 4. For initial configuration and test, leave the other settings unchanged. 5. To save your changes, click Apply. 6. Configure and test your computers for wireless connectivity. After testing your wireless connectivity, select a security method (see Program the wireless adapter of your computers to have the same SSID and wireless security settings as your modem router.
- Page 34 Windows XP, but the data is still exposed to equipment like wireless sniffers. For this reason NETGEAR recommends that you also enable wireless security. This feature is disabled by default. If it is enabled, wireless stations cannot communicate with each other or with stations on the wired network.
-
Page 35: Configuring Your Wireless Security
Description • Disabled. You can use this setting to establish wireless connectivity before implementing wireless security. NETGEAR strongly recommends that you implement wireless security. • WEP (Wired Equivalent Privacy). Use encryption keys and data encryption for data security. You can select 64-bit or 128-bit encryption. -
Page 36: Configuring Wep
Wireless ADSL2+ Modem Router DG834G User Manual Configuring WEP To configure WEP data encryption: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin, and default password of password, or using whatever user name, password, and LAN address you have chosen for the modem router. -
Page 37: Configuring Wpa, Wpa2, Or Wpa/Wpa2
• Passphrase. To use a passphrase to generate the keys, enter a passphrase, and click Generate. This automatically creates the keys. Wireless stations must use the passphrase or keys to access the modem router. Note: Not all wireless adapters support passphrase key generation. •... -
Page 38: Using Push 'N' Connect (Wps) To Configure Your Wireless Network
WPS supports only WPA-PSK and WPA2-PSK wireless security. WEP security is not supported by WPS. • NETGEAR’s Push 'N' Connect feature is based on the WPS standard. All other Wi-Fi-certified and WPS-capable products should be compatible with NETGEAR products that implement Push 'N' Connect. -
Page 39: Using A Wps Button To Add A Wps Client
Any wireless computer or wireless adapter that will connect to the modem router wirelessly is a client. The client must support a WPS button, and must have a WPS configuration utility, such as the NETGEAR Smart Wizard or Atheros Jumpstart. To use the modem router WPS button to add a WPS client: 1. -
Page 40: Using Pin Entry To Add A Wps Client
The client must support a WPS PIN, and must have a WPS configuration utility, such as the NETGEAR Smart Wizard or Atheros Jumpstart. The first time you add a WPS client, make sure that the Keep Existing Wireless Settings check box on the WPS Settings screen is cleared. - Page 41 2. On the modem router main menu, select Add a WPS Client (computers that will connect wirelessly to the modem router are clients), and then click Next. The Add WPS Client screen displays: Figure 2-6 3. Select the PIN Number radio button. 4.
-
Page 42: Connecting Additional Wireless Client Devices After Wps Setup
Wireless ADSL2+ Modem Router DG834G User Manual Connecting Additional Wireless Client Devices After WPS Setup You can add more WPS clients to your wireless network, or you can add a combination of WPS- enabled clients and clients without WPS. Note: Your wireless settings remain the same when you add another WPS-enabled client, as long as the Keep Existing Wireless Settings checkbox is selected in the Advanced Wireless screen (listed under the Advanced heading in the modem router main menu). -
Page 43: Advanced Wireless Settings For Wps And Wds
The settings that you configured in Step 2 are broadcast to the WPS devices so that they can connect to the modem router. Note: To make sure that your new wireless settings remain in effect, verify that the Keep Existing Wireless Settings checkbox is selected in the WPS Settings screen. -
Page 44: Controlling Wireless Station Access
Wireless ADSL2+ Modem Router DG834G User Manual • WDS. Select this radio button to configure a wireless distribution system (WDS). You can build large bridged wireless networks. See (WDS)” in Chapter Controlling Wireless Station Access By default, any wireless PC that is configured with the correct SSID and wireless security settings is allowed access to your wireless network. -
Page 45: Restricting Access By Mac Address
Restricting Access by MAC Address For increased security, you can restrict access to the wireless network to allow only specific PCs based on their MAC addresses. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the ADSL2+ Modem Wireless Router. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. - Page 46 Wireless ADSL2+ Modem Router DG834G User Manual 3. Adjust the list as needed for your network. You can add devices to the Trusted Wireless Stations list using either of the following methods: • If the computer is in the Available Wireless Stations table, select the radio button of that computer to capture its MAC address.
-
Page 47: Protecting Your Network
Note: The user name and password are not the same as a user name or password you might use to log in to your Internet connection. NETGEAR recommends that you change this password to a more secure password. The ideal password should contain no dictionary words from any language, and should be a mixture of both upper and lower case letters, numbers, and symbols. -
Page 48: Changing The Administrator Login Time-Out
Wireless ADSL2+ Modem Router DG834G User Manual 2. From the main menu, under the Maintenance heading, select Set Password to display the Set Password screen: Figure 3-2 3. To change the password, first enter the old password, and then enter the new password twice. 4. -
Page 49: Blocking Keywords, Sites, And Services
Blocking Keywords, Sites, and Services The modem router provides a variety of options for blocking Internet-based content and communications services. With its content filtering feature, the modem router prevents objectionable content from reaching your PCs. You can control access to Internet content by screening for keywords within Web addresses. - Page 50 Wireless ADSL2+ Modem Router DG834G User Manual 3. To enable keyword blocking, select one of the following: • Per Schedule. Turn on keyword blocking according to the settings on the Schedule screen. • Always. Turn on keyword blocking all the time, independent of the setting in the Schedule screen.
-
Page 51: Firewall Rules
Firewall Rules Firewall rules block or allow specific traffic passing through from one side of the modem router to the other. Inbound rules (WAN to LAN) restrict access by outsiders to private resources, selectively allowing only specific outside users to access specific resources. Outbound rules (LAN to WAN) determine what outside resources local users can have access to. -
Page 52: Inbound Rules (Port Forwarding)
Wireless ADSL2+ Modem Router DG834G User Manual Inbound Rules (Port Forwarding) modem router Because the uses Network Address Translation (NAT), your network presents only one IP address to the Internet, and outside users cannot directly access any of your local computers. - Page 53 • Action. Select when you want this type of traffic to be handled. You can block or allow always, or you can choose to block or allow according to the schedule you have defined in the Schedule screen. • Send to LAN Server. Enter the IP address of the computer or server on your LAN which will receive the inbound traffic covered by this rule.
-
Page 54: Outbound Rules (Service Blocking)
Wireless ADSL2+ Modem Router DG834G User Manual Considerations for Inbound Rules If your external IP address is assigned dynamically by your ISP, the IP address might change periodically as the DHCP lease expires. Consider using the Dynamic DNS feature so that external users can always find your network. - Page 55 The following screen shows AIM selected in the Service list: Figure 3-7 The Outbound Services screen includes the following fields: • Service. Select the application or service from the drop-down list to be allowed or blocked. You can use the Add Custom Service feature to add any additional services or applications that are not in the list;...
-
Page 56: Order Of Precedence For Rules
Wireless ADSL2+ Modem Router DG834G User Manual Order of Precedence for Rules As you define new rules, they are added to the tables in the Firewall Rules screen, as shown: Figure 3-8 For any traffic attempting to pass through the firewall, the packet information is subjected to the rules in the order shown in the rules table, beginning at the top and proceeding to the default rules at the bottom. -
Page 57: Setting Times And Scheduling Firewall Services
To define a service: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin default password of password, or using whatever password and LAN address you have chosen for the modem router. 2. - Page 58 Enabling daylight savings time causes 1 hour to be added to the standard time. 4. The modem router has a list of NETGEAR NTP servers. If you prefer to use a particular NTP server as the primary server, enter its IP address in the Use this NTP Server field.
-
Page 59: Scheduling Firewall Services
Scheduling Firewall Services If you enabled services blocking in the Block Services screen or port forwarding in the Ports screen, you can set up a schedule for when blocking occurs or when access is not restricted. 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin default password of password, or using whatever password and LAN address you have chosen for the modem router. - Page 60 Wireless ADSL2+ Modem Router DG834G User Manual 3-14 Protecting Your Network v1.0, May 2008...
-
Page 61: Managing Your Network
This chapter describes how to perform network management tasks with your ADSL2+ Modem Wireless Router. Backing Up, Restoring, or Erasing Your Settings The configuration settings of the modem router are stored in a configuration file in the modem router. This file can be backed up to your computer, restored, or reverted to factory default settings. -
Page 62: Restoring The Configuration From A File
The software of the modem router is stored in flash memory, and can be upgraded as new software is released by NETGEAR. Upgrade files can be downloaded from the NETGEAR website. If the upgrade file is compressed (a .zip file), you must first extract the binary (.bin or .img) file before uploading it to the modem router. - Page 63 NETGEAR recommends that you back up your configuration before doing a firmware upgrade. After the upgrade is complete, you might need to restore your configuration settings. To upgrade the modem firmware: 1. Download and unzip the new software file from NETGEAR.
-
Page 64: Network Management Information
Wireless ADSL2+ Modem Router DG834G User Manual Network Management Information The modem router provides a variety of status and usage information which is discussed below. Viewing Modem Router Status and Usage Statistics From the main menu, below the Maintenance heading, select Router Status to view this screen. Figure 4-3 The Router Status screen provides status and usage information. - Page 65 Table 4-1. Modem Router Status Fields (continued) Field ADSL Port MAC Address IP Address Network Type IP Subnet Mask Domain Name Server (DNS) LAN Port MAC Address IP Address DHCP IP Subnet Mask Modem ADSL Firmware Version Modem Status Downstream Speed Upstream Speed Managing Your Network Wireless ADSL2+ Modem Router DG834G User Manual...
-
Page 66: Viewing Statistics
Wireless ADSL2+ Modem Router DG834G User Manual Table 4-1. Modem Router Status Fields (continued) Field Wireless Port Name (SSID) These are set in Region the Wireless Channel Settings page; see “Manually Configuring Your Wireless AP Wireless Security” on page 2-7. Broadcast Name Viewing Statistics Click the Show Statistics button on the Router Status screen to display modem router usage... - Page 67 This following table explains the statistic fields. Table 4-2. Router Statistics Fields Field WAN (Internet), Status LAN, or WLAN TxPkts (Wireless LAN) statistics RxPkts Collisions Tx B/s Rx B/s Up Time ADSL Link Connection Speed Downstream or Upstream Line Attenuation These statistics might help your Noise Margin...
-
Page 68: Viewing Attached Devices
Wireless ADSL2+ Modem Router DG834G User Manual This screen shows the following statistics: Table 4-3. Connection Status Fields for PPPoA Field Description Connection Time The time elapsed since the last connection to the Internet via the ADSL port. Connecting to The connection status. -
Page 69: Viewing, Selecting, And Saving Logged Information
Viewing, Selecting, and Saving Logged Information The modem router logs security-related events such as denied incoming service requests, hacker probes, and administrator logins. If you enabled content filtering in the Block Sites screen, the Logs screen can show you when someone on your network tries to access a blocked site. If you enabled e-mail notification, you receive these logs in an e-mail message. - Page 70 Wireless ADSL2+ Modem Router DG834G User Manual Table 4-4. Security Log Entry Descriptions Field Description Source IP The IP address of the initiating device for this log entry. Source port and The service port number of the initiating device, and whether it interface originated from the LAN or WAN.
-
Page 71: Log Message Examples
Following are examples of log messages. In all cases, the log entry shows the timestamp as: Day, Year-Month-Date Hour:Minute:Second. Activation and Administration Tue, 2002-05-21 18:48:39 - NETGEAR activated [This entry indicates a power-up or reboot with initial time entry.] Tue, 2002-05-21 18:55:00 - Administrator login successful - IP:192.168.0.2 Thu, 2002-05-21 18:56:58 - Administrator logout - IP:192.168.0.2... -
Page 72: Enabling Security Event E-Mail Notification
Wireless ADSL2+ Modem Router DG834G User Manual Enabling Security Event E-mail Notification To receive logs and alerts by e-mail, you must provide your e-mail information in the E-mail screen: Figure 4-8 • Turn e-mail notification on. Select this check box if you want to receive e-mail logs and alerts from the modem router. -
Page 73: Running Diagnostic Utilities And Rebooting The Modem Router
• Send alert immediately. Select the corresponding check box if you would like immediate notification of a significant security event, such as a known attack, port scan, or attempted access to a blocked site. • Send logs according to this schedule. Specifies how often to send the logs: Hourly, Daily, Weekly, or When Full. -
Page 74: Enabling Remote Management
Wireless ADSL2+ Modem Router DG834G User Manual From the main menu, under the Maintenance heading, select Modem Router Diagnostics to display the Diagnostics screen: Figure 4-9 Enabling Remote Management Using the Remote Management screen, you can allow a user or users on the Internet to configure, upgrade, and check the status of your modem router. - Page 75 2. Under the Advanced heading of the main menu, select Remote Management to display the Remote Management screen: Figure 4-10 3. Select the Turn Remote Management On check box. 4. Specify which external addresses will be allowed to access the modem router’s remote management.
- Page 76 Wireless ADSL2+ Modem Router DG834G User Manual When accessing your modem router from the Internet, you will type your modem router WAN IP address in your Internet browser address or location field, followed by a colon (:) and the custom port number. For example, if your external address is 134.177.0.123 and you use port number 8080, enter: http://134.177.0.123:8080 Note: In this case, you must include http:// in the address.
-
Page 77: Advanced Configuration
This chapter describes how to configure the advanced features of your ADSL2+ Modem Wireless Router. The ADSL2+ Modem Wireless Router provides a variety of advanced features, such as the following: • “Modifying Your WAN Setup” • “Configuring Your LAN IP Settings” •... - Page 78 Wireless ADSL2+ Modem Router DG834G User Manual 2. From the main menu, select WAN Setup to display the WAN Setup screen: Figure 5-1 3. Make the changes that you want, and then click Apply to save the settings. The WAN Setup fields are described in the following table: Table 5-1.
-
Page 79: Setting Up A Default Dmz Server
Table 5-1. WAN Setup Settings Setting Description Respond to Pin on Internet If you want the modem router to respond to a ping from the Internet, WAN Port select this check box. This should be used only as a diagnostic tool, since it allows your modem router to be discovered. -
Page 80: Configuring Your Lan Ip Settings
Wireless ADSL2+ Modem Router DG834G User Manual Configuring Your LAN IP Settings The LAN IP Setup screen allows configuration of LAN IP services such as DHCP and RIP. These features can be found under the Advanced heading in the modem router main menu. The modem router is shipped preconfigured to use private IP addresses on the LAN side, and to act as a DHCP server. - Page 81 2. Change the settings. For more information, see DHCP Server” on page 5-6 3. Click Apply to save the changes. The LAN TCP/IP Setup parameters are explained in the following table. Table 5-2. LAN IP Setup Settings LAN TCP/IP IP Address Setup IP Subnet Mask RIP Direction...
-
Page 82: Using The Modem Router As A Dhcp Server
Wireless ADSL2+ Modem Router DG834G User Manual Table 5-2. LAN IP Setup Settings Address Reservation For more information, see “Using the Modem Router as a DHCP Server” on page Using the Modem Router as a DHCP Server By default, the modem router functions as a Dynamic Host Configuration Protocol (DHCP) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the modem router’s LAN. -
Page 83: Defining Reserved Ip Addresses
• WINS Server (Windows Internet Naming Service Server), determines the IP address associated with a particular Windows computer. A WINS server records and reports a list of names and IP address of Windows PCs on its local network. If you connect to a remote network that contains a WINS server, enter the server’s IP address here. -
Page 84: Configuring Dynamic Dns
Wireless ADSL2+ Modem Router DG834G User Manual Configuring Dynamic DNS If your network has a permanently assigned IP address, you can register a domain name and have that name linked with your IP address by public Domain Name Servers (DNS). However, if your Internet account uses a dynamically assigned IP address, you will not know in advance what your IP address will be, and the address can change frequently. -
Page 85: Using Static Routes
For example, for dyndns.org, go to www.dyndns.org. 4. Select the Use a Dynamic DNS Service check box. 5. Select the name of your dynamic DNS service provider. 6. Fill in the Host Name, User Name, and Password fields. The dynamic DNS service provider may call the host name a domain name. If your URL is myName.dyndns.org, then your host name is myName. -
Page 86: Configuring Static Routes
Wireless ADSL2+ Modem Router DG834G User Manual In this case you must define a static route, telling your router that 134.177.0.0 should be accessed through the ISDN router at 192.168.0.100. The static route would look like In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. -
Page 87: Configuring Universal Plug And Play (Upnp)
3. Click Add or Edit to display the following screen: Figure 5-5 4. Fill in or change the fields: • Route Name. The route name is for identification purposes only. • Private. Select this check box if you want to limit access to the LAN only. The static route will not be reported in RIP. - Page 88 Wireless ADSL2+ Modem Router DG834G User Manual 1. Select UPnP on the main menu to display the UPnP screen: Figure 5-6 2. Fill in the settings on the UPnP screen: • Turn UPnP On. UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is enabled.
-
Page 89: Configuring Wireless Bridging And Repeating (Wds)
• Click Refresh to update the portmap table and to show the active ports that are currently opened by UPnP devices. Configuring Wireless Bridging and Repeating (WDS) You can build large bridged wireless networks by using the modem router to configure a wireless distribution system (WDS). -
Page 90: Point-To-Point Bridge Configuration
Wireless ADSL2+ Modem Router DG834G User Manual • Multi-Point bridge. The modem router is the “master” for a group of bridge-mode wireless stations. Then all traffic is sent to this “master,” rather than to other access points. See Point Bridge Configuration”. -
Page 91: Multi-Point Bridge Configuration
• Both APs must use the same SSID, channel, authentication mode, if any, and security settings if security is in use. 4. Disable the DHCP server on AP2. AP1 will then be the DHCP server. 5. Verify connectivity across LAN Segment 1 and LAN Segment 2. A computer on either LAN segment should be able to connect to the Internet or share files and printers of any other PCs or servers connected to LAN Segment 1 or LAN Segment 2. - Page 92 Wireless ADSL2+ Modem Router DG834G User Manual 1. Configure the operating mode of the modem routers. • Because it is in a central location, configure the DG834G v5 modem router (AP 1) on LAN Segment 1 in Point-to-Multi-Point Bridge mode and enter the MAC addresses of AP 2 and AP 3 in the Remote MAC Address 1 and Remote MAC Address 2 fields.
-
Page 93: Repeater With Wireless Client Association
Repeater with Wireless Client Association In this mode, the ADSL2+ Modem Wireless Router sends all traffic to a remote AP. For Repeater mode, you must enter the MAC address of the remote “parent” access point. Alternatively, you can configure the ADSL2+ Modem Wireless Router as the parent by entering the address of a “child” access point. - Page 94 Wireless ADSL2+ Modem Router DG834G User Manual • The APs must be on the same LAN. That is, the LAN IP addresses for the APs must be in the same subnet. • AP devices must use the same SSID, channel, authentication mode, and encryption. 3.
-
Page 95: Virtual Private Networking
“Setting Up a Client-to-Gateway VPN Configuration” on page 6-5 to configure a VPN tunnel between a remote PC and a network gateway using the VPN Wizard and the NETGEAR ProSafe VPN Client. • “Setting Up a Gateway-to-Gateway VPN Configuration” on page 6-18 needed to configure a VPN tunnel between two network gateways using the VPN Wizard. -
Page 96: Client-To-Gateway Vpn Tunnels
Figure 6-2 A VPN between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet. VPN tunnels also enable access to network resources across the Internet. -
Page 97: Planning A Vpn
Planning a VPN When you set up a VPN, it is helpful to plan the network configuration and record the configuration parameters on a worksheet: Table 6-1. VPN Tunnel Configuration Worksheet Connection Name: Pre-Shared Key: Secure Association -- Main Mode or Manual Keys: Perfect Forward Secrecy -- Enabled or Disabled: Encryption Protocol -- DES or 3DES: Authentication Protocol -- MD5 or SHA-1:... -
Page 98: Vpn Tunnel Configuration
Wireless ADSL2+ Modem Router DG834G User Manual • Will either endpoint use fully qualified domain names (FQDNs)? FQDNs supplied by Dynamic DNS providers (see can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel request. Otherwise, the side using a dynamic IP address must always be the initiator. -
Page 99: Setting Up A Client-To-Gateway Vpn Configuration
Look on the NETGEAR website at www.netgear.com Setting Up a Client-to-Gateway VPN Configuration Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a network gateway involves these two steps: •... -
Page 100: Step 1: Configuring The Client-To-Gateway Vpn Tunnel On The Dg834Gv5
Wireless ADSL2+ Modem Router DG834G User Manual Figure 6-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 Note: This section uses the VPN Wizard to set up the VPN tunnel using the VPNC default parameters listed in not covered by these VPNC-recommended parameters, refer to Tunnels in Special Circumstances”... - Page 101 Table 6-3. VPN Tunnel Configuration Worksheet (continued) VPN Endpoint Local IPSec ID Client toDG834 DG834Gv5 toClient To configure a client-to-gateway VPN tunnel using the VPN Wizard, follow this procedure: 1. Log in to the modem router at its LAN address of http://192.168.0.1 with its default user name of admin and password of password.
- Page 102 Wireless ADSL2+ Modem Router DG834G User Manual Tip: The connection name is arbitrary and not relevant to how the configuration functions. The Summary screen displays: Figure 6-6 v1.0, May 2008 Virtual Private Networking...
- Page 103 Wireless ADSL2+ Modem Router DG834G User Manual To view the VPNC-recommended authentication and encryption settings used by the VPN Wizard, click the here link. You can click Back to return to the Summary screen. Figure 6-7 3. Click Done on the Summary screen to complete the configuration procedure. The VPN Policies screen displays, showing that the new tunnel is enabled: Figure 6-8 Virtual Private Networking...
-
Page 104: Step 2: Configuring The Netgear Prosafe Vpn Client On The Remote Pc
PC running the client has a dynamically assigned IP address. The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go to the NETGEAR website (http://www.netgear.com) for information about how to purchase the NETGEAR ProSafe VPN Client. - Page 105 b. From the Edit menu of the Security Policy Editor, click Add, and then click Connection. Figure 6-9 A New Connection listing appears in the list of policies. Rename the New Connection so that it matches the Connection Name field in the VPN Settings screen of the DG834Gv5 on LAN A.
- Page 106 Type drop-down list. In this example, 22.23.24.25 is used. The resulting connection settings are shown in 3. Configure the security policy in the NETGEAR ProSafe VPN Client software: a. In the Network Security Policy list, expand the new connection by double-clicking its name or clicking the + symbol.
- Page 107 a. In the Network Security Policy list on the left side of the Security Policy Editor window, click My Identity. Figure 6-11 b. In the Select Certificate drop-down list, select None. c. Select IP Address in the ID Type drop-down list. If you are using a virtual fixed IP address, enter this address in the Internal Network IP Address field.
- Page 108 Wireless ADSL2+ Modem Router DG834G User Manual Click Enter Key. Enter the DG834Gv5 pre-shared key, and then click OK. In this example, 12345678 is entered. This field is case-sensitive. 5. Configure the VPN Client Authentication Proposal. In this step, you provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the DG834Gv5 configuration.
- Page 109 In this step, you provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the DG834Gv5 configuration. a. Expand the Key Exchange subheading by double-clicking its name or clicking the + symbol.
- Page 110 DG834Gv5 modem router’s network by using the Connect option in the NETGEAR ProSafe menu bar. The NETGEAR ProSafe client reports the results of the attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request.
- Page 111 To launch this function, click the Windows Start button, then select Programs > NETGEAR ProSafe VPN Client > Log Viewer. The Log Viewer screen for a successful connection is shown in the following figure: Figure 6-17 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the VPN tunnel or some reason outside the VPN tunnel.
-
Page 112: Setting Up A Gateway-To-Gateway Vpn Configuration
Wireless ADSL2+ Modem Router DG834G User Manual While the connection is being established, the Connection Name field in this screen displays SA before the name of the connection. When the connection is successful, the SA changes to the yellow key symbol shown in the previous figure. Note: While your PC is connected to a remote LAN through a VPN, you might not have normal Internet access. - Page 113 DG834Gv5_A DG834Gv5_B Note: The LAN IP address ranges of each VPN endpoint must be different. The connection will fail if both are using the NETGEAR default address range of 192.168.0.x. To configure a gateway-to-gateway VPN tunnel using the VPN Wizard:...
- Page 114 Wireless ADSL2+ Modem Router DG834G User Manual 1. Log in to the DG834Gv5 on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of password. Select VPN Wizard on the main menu.
- Page 115 3. Fill in the connection name and pre-shared key fields. Select the radio button for the type of target end point, and then click Next to proceed. The Step 2 of 3 screen displays: Figure 6-22 4. Fill in the IP address or FQDN for the target VPN endpoint WAN connection, and then click Next.
- Page 116 Wireless ADSL2+ Modem Router DG834G User Manual The VPN Wizard Summary screen displays: Figure 6-24 To view the VPNC-recommended authentication and encryption settings used by the VPN Wizard, click the here link (see screen. Figure 6-25 6-22 Figure 6-24). You can click Back to return to the Summary v1.0, May 2008 Virtual Private Networking...
- Page 117 6. Click Done on the Summary screen (see procedure. The VPN Policies screen displays, showing that the new tunnel is enabled. Figure 6-26 Note: See “Using Auto Policy to Configure VPN Tunnels” on page 6-32 information about how to enable the IKE keepalive capability on an existing VPN tunnel.
- Page 118 Wireless ADSL2+ Modem Router DG834G User Manual a. On the DG834Gv5 main menu, select VPN Status. The VPN Status/Log screen displays: Figure 6-27 b. Click the VPN Status button to get the Current VPN Tunnels (SAs) screen: Figure 6-28 c. Click Connect for the VPN tunnel you want to activate. View the VPN Status/Log screen (Figure 6-29) to verify that the tunnel is connected.
-
Page 119: Vpn Tunnel Control
VPN Tunnel Control Activating a VPN Tunnel There are three ways to activate a VPN tunnel: • Use the VPN Status screen. • Activate the VPN tunnel by pinging the remote endpoint. • Start using the VPN tunnel. Note: See “Using Auto Policy to Configure VPN Tunnels”... - Page 120 PC to the DG834Gv5’s network by using the Connect option in the NETGEAR ProSafe menu bar. The NETGEAR ProSafe client reports the results of the attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request.
- Page 121 c. Type ping -t 192.168.3.1, and then click OK. Figure 6-31 This causes a continuous ping to be sent to the first DG834Gv5. Within two minutes, the ping response should change from timed out to reply. Note: You can use Ctrl-C to stop the pinging. Figure 6-32 Once the connection is established, you can open a browser on the PC and enter the LAN IP address of the remote DG834Gv5.
-
Page 122: Verifying The Status Of A Vpn Tunnel
Wireless ADSL2+ Modem Router DG834G User Manual b. Type ping 192.168.3.1. Figure 6-33 Note: The pings may fail the first time. If so, then try the pings a second time. Start Using a VPN Tunnel to Activate It To use a VPN tunnel, use a Web browser to go to a URL whose IP address or range is covered by the policy for that VPN tunnel. - Page 123 This log shows the details of recent VPN activity, including the building of the VPN tunnel. If there is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the problem. •...
-
Page 124: Deactivating A Vpn Tunnel
Wireless ADSL2+ Modem Router DG834G User Manual Deactivating a VPN Tunnel Sometimes a VPN tunnel must be deactivated for testing purposes. You can deactivate a VPN tunnel from two places: • Policy table on VPN Policies screen • VPN Status screen Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel To use the VPN Policies screen to deactivate a VPN tunnel: 1. -
Page 125: Deleting A Vpn Tunnel
2. On the main menu, select VPN Policies to display the VPN Policies screen. Figure 6-37 3. Click VPN Status. The Current VPN Tunnels (SAs) screen displays: Figure 6-38 4. Click Drop for the VPN tunnel that you want to deactivate. Deleting a VPN Tunnel To delete a VPN tunnel: 1. -
Page 126: Setting Up Vpn Tunnels In Special Circumstances
Wireless ADSL2+ Modem Router DG834G User Manual 2. On the main menu, select VPN Policies to display the VPN Policies screen. In the Policy Table, select the radio button for the VPN tunnel to be deleted, and then click Delete. Figure 6-39 Setting Up VPN Tunnels in Special Circumstances When the VPN Wizard and its VPNC defaults (see... - Page 127 Wireless ADSL2+ Modem Router DG834G User Manual Configuring VPN Network Connection Parameters All VPN tunnels on the modem router requires that you configure several network parameters. This section describes those parameters and how to access them. The most common configuration scenarios will use IKE to manage the authentication and encryption keys.
- Page 128 Wireless ADSL2+ Modem Router DG834G User Manual Table 6-5. VPN-Auto Policy Screen Settings Fields and Settings General Policy Name Remote VPN Endpoint IKE Keep-alive. Local LAN Subnet Mask The remote Single/Start IP VPN endpoint Address must have these IP addresses entered as its remote Finish IP...
- Page 129 Table 6-5. VPN-Auto Policy Screen Settings (continued) Fields and Settings Remote LAN IP Address The remote VPN endpoint must have these IP addresses Single/Start IP entered as its Address Local addresses. Finish IP Address Subnet Mask Direction Exchange Mode Ensure that the remote VPN endpoint is set to use Main Mode. Diffie-Hellman (DH) Group Local Identity...
- Page 130 Wireless ADSL2+ Modem Router DG834G User Manual Table 6-5. VPN-Auto Policy Screen Settings (continued) Fields and Settings Parameters Encryption Algorithm Authentication Algorithm Pre-shared key SA Life Time Enable IPSec PFS (Perfect Forward Secrecy) 6-36 Description The encryption algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN Gateway.
- Page 131 Example of Using Auto Policy Figure 6-41 To use Auto Policy: 1. Set the LAN IPs on each DG834Gv5 modem router to different subnets and configure each properly for the Internet. The following settings are assumed for this example: Table 6-6. VPN Tunnel Configuration Worksheet Connection Name: Pre-Shared Key: Secure Association -- Main Mode or Manual Keys:...
- Page 132 Wireless ADSL2+ Modem Router DG834G User Manual 2. On the main menu, select VPN Policies to display the VPN Policies screen: Figure 6-42 6-38 Virtual Private Networking v1.0, May 2008...
- Page 133 Wireless ADSL2+ Modem Router DG834G User Manual 3. Click Add Auto Policy. The VPN Auto Policy screen displays: Figure 6-43 Virtual Private Networking 6-39 v1.0, May 2008...
- Page 134 Wireless ADSL2+ Modem Router DG834G User Manual 4. Enter these policy settings: Auto Policy Field General Policy Name Remote VPN Endpoint Address Type Remote VPN Endpoint Address Data Local LAN Remote LAN IP Address Start IP Address Subnet Mask Direction Exchange Mode Diffie-Hellman (DH) Group Local Identity Type...
- Page 135 6. Repeat these steps for the DG834Gv5 on LAN B. Pay special attention to the following network settings: • General, Remote Address Data (for example, 14.15.16.17) • Remote LAN, Start IP Address – IP Address (for example, 192.168.0.1) – Subnet Mask (for example, 255.255.255.0) –...
-
Page 136: Using Manual Policy To Configure Vpn Tunnels
Wireless ADSL2+ Modem Router DG834G User Manual Using Manual Policy to Configure VPN Tunnels As an alternative to IKE, you may use manual keying, in which you must specify each phase of the connection. A manual VPN policy requires all settings for the VPN tunnel to be manually input at each end (both VPN endpoints). - Page 137 he following table explains the fields in the VPN Manual Policy screen. Table 6-7. VPN Manual Policy Fields and Settings Fields and Settings General Policy Name The DG834Gv5 VPN tunnel network connection fields. Remote VPN Endpoint Local LAN Subnet Mask The remote VPN Single PC - no endpoint must have...
- Page 138 Wireless ADSL2+ Modem Router DG834G User Manual Table 6-7. VPN Manual Policy Fields and Settings (continued) Fields and Settings Remote LAN IP Address The remote VPN endpoint must have these IP addresses entered as its Local Single/Start IP addresses. Address Finish IP Address Subnet Mask...
-
Page 139: Basic Functioning
This chapter gives information about troubleshooting your ADSL2+ Modem Wireless Router. After each problem description, instructions are provided to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the router on? •... -
Page 140: Power Led Is Not On
• Check that you are using the 12V DC power adapter supplied by NETGEAR for this product. If the error persists, you have a hardware problem and should contact technical support. -
Page 141: Troubleshooting The Isp Connection
• Make sure your computer’s IP address is on the same subnet as the router. If you are using the recommended addressing scheme, your computer’s address should be in the range of 192.168.0.2 to 192.168.0.254. See the online document listed in Network Access”... - Page 142 Wireless ADSL2+ Modem Router DG834G User Manual ADSL Link If your router is unable to access the Internet, you should first determine whether you have an ADSL link with the service provider. The state of this connection is indicated with the DSL LED. DSL LED Is Solid Green If your DSL LED is solid green then you have a good ADSL connection.
-
Page 143: Obtaining A Wan Ip Address
ISP. You can determine whether the request was successful using the browser interface. To check the WAN IP address from the browser interface: 1. Launch your browser, and select an external site such as www.netgear.com. 2. Access the modem router main menu at http://192.168.0.1. -
Page 144: Troubleshooting Pppoe Or Pppoa
Wireless ADSL2+ Modem Router DG834G User Manual Troubleshooting PPPoE or PPPoA The PPPoA or PPPoA connection can be debugged as follows: 1. Access the main menu of the router at http://192.168.0.1. 2. Under the Maintenance heading, select Router Status. 3. Click Connection Status. 4. -
Page 145: Troubleshooting A Tcp/Ip Network Using The Ping Utility
Troubleshooting a TCP/IP Network Using the Ping Utility Most TCP/IP terminal devices and routers contain a ping utility that sends an echo request packet to the designated device. The device then responds with an echo reply. Troubleshooting a TCP/IP network is made very easy by using the ping utility in your computer. Testing the LAN Path to Your Router You can ping the router from your PC to verify that the LAN path to your router is set up correctly. -
Page 146: Testing The Path From Your Computer To A Remote Device
Wireless ADSL2+ Modem Router DG834G User Manual Testing the Path from Your Computer to a Remote Device After verifying that the LAN path works correctly, test the path from your PC to a remote device. 1. From the Windows toolbar, click the Start button, and select Run. 2. -
Page 147: Problems With Date And Time
• Press both the Wireless button and WPS button on the side of the modem router for 5 seconds. Use this method for cases when the administration password or IP address is not known. Note: Pressing the reset button on the modem router reboots the unit but does not restore the factory default settings. - Page 148 Wireless ADSL2+ Modem Router DG834G User Manual 7-10 Troubleshooting v1.0, May 2008...
-
Page 149: Technical Specifications
This appendix provides technical specifications for the 54 Mbps Wireless ADSL2+ Modem Router Model DG834G. Network Protocol and Standards Compatibility Data and Routing Protocols: Power Adapter North America: United Kingdom, Australia: Europe: Japan: All regions (output): Physical Specifications Dimensions: Weight: Environmental Specifications Operating temperature: Operating humidity:... - Page 150 Wireless ADSL2+ Modem Router DG834G User Manual Technical Specifications v1.0, May 2008...
-
Page 151: Netgear Vpn Configuration
DG834G v5 to FVL328 This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DG834G v5 to a FVL328. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html). -
Page 152: Step-By-Step Configuration
Wireless ADSL2+ Modem Router DG834G User Manual Figure B-1 Note: Product updates are available on the NETGEAR website at http://www.netgear.com. Step-By-Step Configuration 1. Configure the DG834G v5 as in the gateway-to-gateway procedures using the VPN Wizard (see “Setting Up a Gateway-to-Gateway VPN Configuration” on page use appropriate network addresses for the environment. - Page 153 10.5.6.1 toFVL328 Figure B-2 NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual Click VPN Policies under the Advanced - VPN heading to display this screen. 172.23.9.1 toFVL328 v1.0, May 2008 22.23.24.25 10 10...
- Page 154 IP Address: 10.5.6.1 • Subnet Mask: 255.255.255.0 toDG834 22.23.24.25 14.15.16.17 Select IKE Policies under the VPN heading to display the IKE Policy Configuration screen. Figure B-3 6-18), being certain to use NETGEAR VPN Configuration v1.0, May 2008 toDG834 22.23.24.25 14.15.16.17...
- Page 155 Open the command prompt (Start > Run > cmd) b. Type ping 172.23.9.1 Figure B-5 Note: The pings might fail the first time. If this happens, try the pings a second time. NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual 10.5.6.1 v1.0, May 2008 toDG834 toDG834 14.15.16.17...
-
Page 156: Dg834G V5 With Fqdn To Fvl328
DG834G v5 with FQDN to FVL328 This section is a case study on how to configure a VPN tunnel from a NETGEAR DG834G v5 to a FVL328 using a fully qualified domain name (FQDN) to resolve the public address of one or both routers. -
Page 157: Step-By-Step Configuration
Note: Product updates are available on the NETGEAR website at http://www.netgear.com. Using a Fully Qualified Domain Name (FQDN) Many ISPs (Internet Service Providers) provide connectivity to their customers using dynamic instead of static IP addressing. This means that a user’s IP address does not remain constant over time, which presents a challenge for gateways attempting to establish VPN connectivity. - Page 158 In the Password field enter the account password. c. Click Show Status. The resulting screen should show Update OK: good: Figure B-8 3. On the FVL328, configure the Dynamic DNS settings. Assume a correctly configured DynDNS account. NETGEAR VPN Configuration v1.0, May 2008...
- Page 159 In the Host and Domain Name field enter fvl328.dyndns.org. • In the User Name field enter the account user name. • In the Password field enter the account password. NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual v1.0, May 2008...
- Page 160 Enter dg834g.dyndns.org for the remote WAN's IP address. c. Enter the following: • IP Address: 10.5.6.1 • Subnet Mask: 255.255.255.0 B-10 LAN Subnet Mask 255.255.255.0 255.255.255.0 6-18), being certain to use NETGEAR VPN Configuration v1.0, May 2008 6-18), being certain to...
-
Page 161: Configuration Summary (Telecommuter Example
Type of VPN: PC/client-to-gateway, with client behind NAT router Security Scheme: IKE with Pre-shared Secret/Key (not certificate-based) IP Addressing: Gateway Fully Qualified Domain Name (FQDN) Client Dynamic NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual v1.0, May 2008 B-11... -
Page 162: Setting Up The Client-To-Gateway Vpn Configuration (Telecommuter Example
Figure B-13 Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a network gateway involves two steps: • Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office. - Page 163 Figure B-14 NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual fromDG834G (in the example) Dynamic IP address IKE Keep Alive is optional; must match Remote LAN IP Address when enabled (remote PC must respond to pings) Subnet address 192.168.0.1 (in this example)
-
Page 164: Step 2: Configuring The Netgear Prosafe Vpn Client On The Remote Pc At The Telecommuter's Home Office
The PC must have a VPN client program installed that supports IPSec (in this case study, the NETGEAR VPN ProSafe Client is used). Go to the NETGEAR website (http://www.netgear.com) for information about how to purchase the NETGEAR ProSafe VPN Client. - Page 165 Double-click the system tray icon to open the Security Policy Editor. 2. Add a new connection. a. Run the NETGEAR ProSafe Security Policy Editor program, and create a VPN Connection. b. From the Edit menu of the Security Policy Editor, click Add, and then click Connection.
- Page 166 In the Network Security Policy list, expand the new connection by double-clicking its name or clicking on the + symbol. My Identity and Security Policy appear below the connection name. B-16 Figure B-17. NETGEAR VPN Configuration v1.0, May 2008...
- Page 167 In this step, you provide information about the remote VPN client PC. You must provide the pre-shared key that you configured in the DG834G v5 and either a fixed IP address or a fixed virtual IP address of the VPN client PC. NETGEAR VPN Configuration B-17 v1.0, May 2008...
- Page 168 Click the Pre-Shared Key button. Figure B-20 In the Pre-Shared Key screen, click Enter Key. Enter the DG834G v5’s pre-shared key and click OK. In this example, 12345678 is entered. This field is case-sensitive. B-18 NETGEAR VPN Configuration v1.0, May 2008...
- Page 169 In this step, you provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the VPN router configuration. NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual v1.0, May 2008...
- Page 170 After you have configured and saved the VPN client information, your PC automatically opens the VPN connection when you attempt to access any IP addresses in the range of the remote VPN router’s LAN. B-20 NETGEAR VPN Configuration v1.0, May 2008...
- Page 171 On the Windows taskbar, click the Start button, and then click Run. c. Type ping -t 192.168.0.1, and then click OK. Figure B-24 NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual Right-mouse-click the system tray icon to open the pop up menu.
-
Page 172: Monitoring The Vpn Tunnel (Telecommuter Example
Wireless ADSL2+ Modem Router Model DG834G > Log Viewer. Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the VPN tunnel or some reason outside the VPN tunnel. B-22 NETGEAR VPN Configuration v1.0, May 2008... - Page 173 Viewing the VPN Router’s VPN Status and Log Information To view information about the status of the VPN client connection, open the VPN router’s VPN Status screen by following these steps: NETGEAR VPN Configuration Wireless ADSL2+ Modem Router DG834G User Manual v1.0, May 2008...
- Page 174 1. On the modem router main menu, select Router Status, and then click the VPN Status button. The VPN Status/Log screen for a connection is shown below: Figure B-27 2. To view the VPN tunnels status, click VPN Status. Figure B-28 B-24 NETGEAR VPN Configuration v1.0, May 2008...
- Page 175 This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Internet Networking and TCP/IP Addressing Wireless Communications Preparing a Computer for Network Access Virtual Private Networking (VPN)
- Page 176 Wireless ADSL2+ Modem Router DG834G User Manual Related Documents v1.0, May 2008...