D-Link NetDefendOS User Manual page 709

A. Create a pre-shared key for IPsec authentication:
gw-world:/> add PSK my_scecret_key Type=ASCII PSKascii=somesecretasciikey
B. Configure the IPsec tunnel:
gw-world:/> add Interface IPsecTunnel ipsec_roaming
C. Create an IP rule to allow traffic from clients:
gw-world:/> add IPRule Action=Allow
Web Interface
A. Create a pre-shared key object for IPsec authentication:
1. Go to: Objects > Key Ring > Add > Pre-Shared Key
2. Now enter:
• Name: Enter a name for the key, for example my_secret_key
• Shared Secret: Enter a secret passphrase
• Confirm Secret: Enter the secret passphrase again
3. Click OK
B. Configure the IPsec tunnel object:
1. Go to: Network > Interfaces and VPN > IPsec > Add > IPsec Tunnel
2. Now enter:
• Name: ipsec_roaming
• Local Network: 172.16.1.0/24
• Remote Network: all-nets
3. Under Authentication enter Pre-Shared Key: my_secret_key
4. Click OK
C. Create an IP rule to allow traffic from clients:
LocalNetwork=172.16.1.0/24
RemoteNetwork=all-nets
PSK=my_secret_key
Service=all_services
SourceInterface=ipsec_roaming
SourceNetwork=all-nets
DestinationInterface=lan
DestinationNetwork=172.16.1.0/24
Name=roaming_clients_to_hq
709
Chapter 9: VPN