Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
The responder sends its own Diffie-Hellman value.
b.
The initiator confirms the exchange.
c.
Key Exchange: Phase 2
Quick mode is used in the second phase. Quick mode negotiates the IPSec SA.
•
Once the SA has been established, the parties use Quick mode to negotiate security services
and generate fresh key material.
•
A single SA negotiation results in two SAs, one inbound and one outbound. Both SAs are
one-way.
Two Common Applications of VPN
Two common applications of VPN are:
•
Secure access from a remote PC, such as a telecommuter connecting to an office network
•
Secure access between two networks, such as a branch office and a main office
These applications are described below.
Accessing Network Resources from a VPN Client PC
VPN client remote access allows a remote PC to connect to your network from any location on the
Internet. In this case, the remote PC is one tunnel endpoint, running VPN client software. The
NETGEAR VPN-enabled router on your network is the other tunnel endpoint, as shown below.
CLIENT
A T L
A N T A
B A Y
C L A
S A N
R A
T A
Figure 8-7: Client to LAN access through VPN router
Network, Routing, Firewall, and Wireless Basics
INTERNET
VPN
ROUTER
LAN
B-23