NETGEAR FVL328 Reference Manual
Adsl modem wireless router
Hide thumbs
Also See for FVL328:
- Reference manual (240 pages) ,
- Configuration manual (21 pages) ,
- Faq (9 pages)
Advertisement
Quick Links
DG834G to FVL328
This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR
DG834G to a FVL328. This case study follows the VPN Consortium interoperability profile
guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html).
Configuration Profile
The configuration in this document follows the addressing and configuration mechanics defined
by the VPN Consortium. Gather all the necessary information before you begin the configuration
process. Verify whether the firmware is up to date, all of the addresses that will be necessary, and
all of the parameters that need to be set on both sides. Check that there are no firewall restrictions.
Table B-1.
Profile Summary
VPN Consortium Scenario:
Type of VPN
Security Scheme:
Date Tested:
Model/Firmware Tested:
NETGEAR-Gateway A
NETGEAR-Gateway B
IP Addressing:
NETGEAR-Gateway A
NETGEAR-Gateway B
NETGEAR VPN Configuration
NETGEAR VPN Configuration
Scenario 1
LAN-to-LAN or Gateway-to-Gateway (not PC/Client-to-Gateway)
IKE with Preshared Secret/Key (not Certificate-based)
June 2004
DG834G firmware version V2.10.17
FVL328 with firmware version V2.0_07
Static IP address
Static IP address
v1.0, November 2005
Appendix B
B-1
Advertisement
Related Manuals for NETGEAR FVL328
Summary of Contents for NETGEAR FVL328
- Page 1 DG834G to FVL328 This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DG834G to a FVL328. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html). Configuration Profile The configuration in this document follows the addressing and configuration mechanics defined by the VPN Consortium.
- Page 2 LAN IP 10.5.6.1 DG834G Figure B-1 Note: Product updates are available on the NETGEAR, Inc. web site at http://kbserver.netgear.com/DG834G.asp. Step-By-Step Configuration 1. Configure the DG834G as in the Gateway-to-Gateway procedures using the VPN Wizard (see “How to Set Up a Gateway-to-Gateway VPN Configuration” on page use appropriate network addresses for the environment.
- Page 3 10.5.6.1 toFVL328 Figure B-2 NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G Click VPN Policies under Advanced - VPN to invoke this screen 172.23.9.1 v1.0, November 2005 toFVL328 22.23.24.25 10 10...
- Page 4 Reference Manual for the ADSL Modem Wireless Router DG834G 2. Configure the FVL328 as in the Gateway-to-Gateway procedures for the VPN Wizard (see “How to Set Up a Gateway-to-Gateway VPN Configuration” on page use appropriate network addresses for the environment.
- Page 5 Click IKE Policies under VPN to invoke this screen toDG834 172.23.9.1 Click VPN Policies under VPN to invoke this screen Figure B-3 NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G 10.5.6.1 v1.0, November 2005 toDG834 22.23.24.25 14.15.16.17...
-
Page 6: Configuration Profile
DG834G with FQDN to FVL328 This appendix is a case study on how to configure a VPN tunnel from a NETGEAR DG834G to a FVL328 using a Fully Qualified Domain Name (FQDN) to resolve the public address of one or both routers. - Page 7 Gateway A LAN IP 10.5.6.1 dg834g.dyndns.org DG834G Figure B-5 Note: Product updates are available on the NETGEAR, Inc. web site at http://kbserver.netgear.com/DG834G.asp. NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G VPNC Example Gateway B WAN IP WAN IP fvl328.dyndns.org...
- Page 8 2. Click on the Dynamic DNS link on the left side of the Settings management GUI. This will take you to the Dynamic DNS Menu. party service in lieu of a permanent and unchanging IP and default password of password v1.0, November 2005 . For this example we will NETGEAR VPN Configuration...
- Page 9 • Password = <user's account password> c. Click Show Status. The resulting screen should show Update OK: good (see Figure B-7 NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G Figure v1.0, November 2005 B-6) in the Advanced menu.
- Page 10 Reference Manual for the ADSL Modem Wireless Router DG834G 4. On the FVL328, configure the Dynamic DNS settings. Assume a properly configured DynDNS account. a. Browse to the Dynamic DNS Setup Screen (see Figure B-8 b. Select the DynDNS.org radio button (see and hostname settings (see •...
- Page 11 Reference Manual for the ADSL Modem Wireless Router DG834G Figure B-9 c. Click Show Status. The resulting screen should show Update OK: good (see Figure B-10). Figure B-10 NETGEAR VPN Configuration B-11 v1.0, November 2005...
- Page 12 IP Address = 172.23.9.1 • Subnet Mask = 255.255.255.0 6. Configure the FVL328 as in the Gateway-to-Gateway procedures for the VPN Wizard (see “How to Set Up a Gateway-to-Gateway VPN Configuration” on page use appropriate network addresses for the environment.
- Page 13 Reference Manual for the ADSL Modem Wireless Router DG834G Figure B-11 Note: The pings may fail the first time. If this happens, try the pings a second time. NETGEAR VPN Configuration B-13 v1.0, November 2005...
-
Page 14: Configuration Summary (Telecommuter Example)
Security Scheme: IKE with Preshared Secret/Key (not Certificate-based) Date Tested: May 2005 Model/Firmware Tested: Gateway DG834G firmware version v2.10.20 Client NETGEAR ProSafe VPN Client v10.5.1 (build 8) IP Addressing: Gateway Fully Qualified Domain Name (FQDN) Client Dynamic 192.168.0.1/24 Telecommuter Example... -
Page 15: Setting Up The Client-To-Gateway Vpn Configuration (Telecommuter Example)
Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a network gateway involves the following two steps: • Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office. - Page 16 (Remote NAT router must have Address Reservation set and VPN Passthrough enabled) Main Mode Fully Qualified Domain Name fromDG834G.com (in this example) Fully Qualified Domain Name toDG834G.com (in this example) 3DES 12345678 (in this example) 3600 NETGEAR VPN Configuration v1.0, November 2005...
- Page 17 Reference Manual for the ADSL Modem Wireless Router DG834G 2. Click Apply when done to get the VPN Policies screen. Figure B-14 To view or modify the tunnel settings, select the radio button next to the tunnel entry and click Edit. NETGEAR VPN Configuration B-17 v1.0, November 2005...
-
Page 18: Step 2: Configuring The Netgear Prosafe Vpn Client On The Remote Pc At The Telecommuter's Home Office
The system should show the ProSafe icon ( e. Double-click the system tray icon to open the Security Policy Editor. 2. Add a new connection. a. Run the NETGEAR ProSafe Security Policy Editor program and create a VPN Connection. B-18 ) in the system tray after rebooting. - Page 19 B-16) because Connection Names are arbitrary to how the VPN tunnel functions. Tip: Choose Connection Names that make sense to the people using and administrating the VPN. Figure B-15 NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G v1.0, November 2005 B-19...
- Page 20 In the Network Security Policy list, expand the new connection by double clicking its name or clicking on the “+” symbol. My Identity and Security Policy subheadings appear below the connection name. B-20 Figure B-16. NETGEAR VPN Configuration v1.0, November 2005...
- Page 21 In this step, you will provide information about the remote VPN client PC. You will need to provide the Pre-Shared Key that you configured in the DG834G and either a fixed IP address or a “fixed virtual” IP address of the VPN client PC. NETGEAR VPN Configuration B-21 v1.0, November 2005...
- Page 22 In the Internet Interface box, select Intel PRO/100VE Network Connection (in this example, your Ethernet adapter may be different) in the Name menu and enter 192.168.2.3 (in this example) in the IP Addr box. B-22 NETGEAR VPN Configuration v1.0, November 2005...
- Page 23 “+” symbol. b. Expand the Authentication subheading by double clicking its name or clicking on the “+” symbol. Then select Proposal 1 below Authentication. NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G v1.0, November 2005...
- Page 24 6. Configure the VPN Client Key Exchange Proposal. In this step, you will provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the VPN router configuration. B-24 NETGEAR VPN Configuration v1.0, November 2005...
- Page 25 VPN connection when you attempt to access any IP addresses in the range of the remote VPN router’s LAN. 8. Check the VPN Connection. NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G v1.0, November 2005...
- Page 26 To perform a ping test using our example, start from the remote PC: a. Establish an Internet connection from the PC. b. On the Windows taskbar, click the Start button, and then click Run. B-26 Right-mouse-click on the system tray icon to open the popup menu. NETGEAR VPN Configuration v1.0, November 2005...
- Page 27 Note: You can use the VPN router diagnostic utilities to test the VPN connection from the VPN router to the client PC. Run ping tests from the Diagnostics link of the VPN router main menu. NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G v1.0, November 2005...
-
Page 28: Monitoring The Vpn Tunnel (Telecommuter Example)
Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the VPN tunnel or some reason outside the VPN tunnel. 2. The Connection Monitor screen is shown below: Figure B-25 B-28 NETGEAR VPN Configuration v1.0, November 2005... -
Page 29: Viewing The Vpn Router's Vpn Status And Log Information
1. To view this screen, click the Router Status link of the VPN router’s main menu, then click the VPN Status button. The VPN Status/Log screen for a connection is shown below: Figure B-26 NETGEAR VPN Configuration Reference Manual for the ADSL Modem Wireless Router DG834G v1.0, November 2005... - Page 30 Reference Manual for the ADSL Modem Wireless Router DG834G 2. To view the VPN tunnels status, click the VPN Status link on the right side of the main menu. Figure B-27 B-30 NETGEAR VPN Configuration v1.0, November 2005...
- Page 31 Reference Manual for the ADSL Modem Wireless Router DG834G NETGEAR VPN Configuration B-31 v1.0, November 2005...
- Page 32 Reference Manual for the ADSL Modem Wireless Router DG834G B-32 NETGEAR VPN Configuration v1.0, November 2005...