NETGEAR ProSafe FVX538 Application Note
Netgear prosafe fvx538: supplementary guide
Hide thumbs
Also See for ProSafe FVX538:
- Reference manual (222 pages) ,
- Datasheet (3 pages) ,
- Installation manual (2 pages)
Advertisement
Quick Links
Configuring a Hub-and-Spoke VPN Using the NETGEAR
VPN Client
Summary
A Hub-and-Spoke VPN allows multiple sites to communicate through a central hub site.
This application note describes how to configure a Hub-and-Spoke VPN when one of the
spokes is the NETGEAR VPN client. It has been tested with the FVX538 router,
firmware version 2.x and NETGEAR ProSafe® VPN client, version 10.7.2 (Build 12).
Note: See Hub-and-Spoke VPN for general instructions on configuration that does not
use the VPN Client.
In this configuration, there is a gateway-to-gateway VPN tunnel between FVX538 #1 and
FVX538 #2. By establishing a VPN connection to the FVX538#1, the software VPN
client gains access to Local Area Network #2 behind FVX538 #2 through FVX538 #1.
Procedure
This procedure was developed and tested using:
• NETGEAR FVX538 ProSafe VPN Firewall with version 2.x firmware
o WAN1 (10.1.1.2 ) IP address: 192.168.1.0
o WAN1 IP address subnet: 255.255.255.0
o WAN2 (10.1.2.2) IP address: 192.168.2.0
Application Note
Advertisement
Related Manuals for NETGEAR ProSafe FVX538
Summary of Contents for NETGEAR ProSafe FVX538
- Page 1 This application note describes how to configure a Hub-and-Spoke VPN when one of the spokes is the NETGEAR VPN client. It has been tested with the FVX538 router, firmware version 2.x and NETGEAR ProSafe® VPN client, version 10.7.2 (Build 12).
- Page 2 WAN2 IP address subnet: 255.255.255.0 • NETGEAR ProSafe VPN client, version 10.7.2 (Build 12) o IP address: 192.168.1.100 IP Address Requirements This configuration requires advanced IP address planning. The VPN client policy needs to address both Local Area Network #1 and Local Area Network #2 in the same client policy profile.
- Page 3 3. Create a VPN client policy. First create the IKE policy for the VPN client.
- Page 4 4. Create a VPN policy using the IKE policy created in Step 3. The local subnet is Any. The remote subnet is the internal IP address to be defined in the VPN client policy profile. In this example, 192.168.4.100. 5. Create the VPN policy that will allow the VPN client to access the network behind FVX538 #2.
- Page 5 Configuring the FVX538 #2 To configure the FVX538 #2: 1. Create an IKE policy to FVX538 #1. 2. Create a VPN policy using the IKE policy created in Step 1. For the local subnet, use the LAN subnet behind FVX538 #2. For the remote subnet, use the LAN subnet behind FVX538 #1.
- Page 6 3. From the command prompt, ping both the subnets behind FVX538 #1 and FVX538 #2. Conclusion If user wants to configure two remote locations so their traffic goes through a central location instead of directly between them, please refer to this document. November 27, 2006 Copyright © 2006 NETGEAR®...