Download
Share
Print this page
  1. Manuals
  2. Brands
  3. SMC Networks Manuals
  4. Wireless Router
  5. SMC7004WFW
  6. Configuration manual

SMC Networks SMC7004WFW Configuration Manual

Vpn ipsec & pptp configuration guide
Hide thumbs Also See for SMC7004WFW:

Advertisement

Quick Links

Download this manual
Barricade Plus
VPN IPSEC & PPTP

Configuration Guide

The Information in this guide applies to the:
Barricade™ Plus Cable/DSL Broadband Router (SMC7004FW)
Barricade™ Plus Wireless Cable/DSL Broadband Router (SMC7004WFW)
NEXT – Table of Contents

Advertisement

loading

Related Manuals for SMC Networks SMC7004WFW

Summary of Contents for SMC Networks SMC7004WFW

  • Page 1: Configuration Guide

    Barricade Plus VPN IPSEC & PPTP Configuration Guide The Information in this guide applies to the: Barricade™ Plus Cable/DSL Broadband Router (SMC7004FW) Barricade™ Plus Wireless Cable/DSL Broadband Router (SMC7004WFW) NEXT – Table of Contents...
  • Page 2 BACK - Introduction This document will guide you through configuring and implementing secure, remote connections to your LAN using the VPN functionality of your Barricade Plus Cable/DSL Broadband Router. This document is divided into the following sections: Installing Virtual Private Network Protocols Windows 95/98/98SE Windows Me Windows NT...
  • Page 3 BACK - Table of Contents SECTION 1: Installing VPN Protocols This section outlines the process for installing the necessary VPN protocols on the following operating systems: Windows 95/98/98SE § Windows Me § Windows NT § Windows 2000/XP § Before you begin this configuration process please verify that you have the following: Original (Licensed) Windows CD §...
  • Page 4 BACK - Installing VPN Protocols NEXT – Windows Me Windows 95/98/98SE Step 1: Click on the [Start] button, then choose [Settings], then select [Control Panel]. Figure 1.0 Step 2: Locate and double-click the [Add/Remove Programs] icon. Figure 1.1 Step 3: Click on the [Windows Setup] tab and highlight the [Communication] component, then click on the [Details…] button.
  • Page 5 Figure 1.2 Step 4: In the [Communication] dialog box, verify that the following 2 options are selected: [Dial-Up Networking] § [Virtual Private Networking] §...
  • Page 6 Figure 1.3 Figure 1.4 When you have verified or selected these 2 options, click the [OK] button to save the...
  • Page 7 settings and close the [Communications] dialog box. If you already had these options selected, click the [Cancel] button to close the [Communications] dialog box, then click the [Cancel] button again to close the [Add / Remove Programs] dialog box. Skip to Section 2! Step 5: The [Communications] option should now be checked.
  • Page 8 Figure 1.7 Step 7: When prompted with the dialog box below, click the [Yes] button to reboot your computer and complete the installation process. Figure 1.8...
  • Page 9 BACK – NEXT – Windows NT Windows 95/98/98SE Windows Me Step 1: Click on the [Start] button, then choose [Settings], then select [Control Panel] Figure 1.0 Step 2: Locate and double-click the [Dial-Up Networking] icon. Figure 1.1 Step 3: Click on the [Windows Setup] tab and highlight the [Communication]...
  • Page 10 component, then click on the [Details…] button. Figure 1.2 Step 4: In the [Communication] dialog box, verify that the following 2 options are selected: [Dial-Up Networking] § [Virtual Private Networking] §...
  • Page 11 Figure 1.3 Figure 1.4...
  • Page 12 When you have verified or selected these 2 options, click the [OK] button to save the settings and close the [Communications] dialog box. If you already had these options selected, click the [Cancel] button to close the [Communications] dialog box, then click the [Cancel] button again to close the [Add / Remove Programs] dialog box.
  • Page 13 Figure 1.7 Step 7: When prompted with the dialog box below, click the [Yes] button to reboot your computer and complete the installation process. Figure 1.8...
  • Page 14 BACK – NEXT – Windows 2000/XP Windows Me Windows NT Step 1: Click on the [Start] button, then choose [Settings], then select [Control Panel] Figure 1.0 Step 2: Double-click [Network]. Figure 1.1...
  • Page 15 Figure 1.2 Step 3: On the [Protocols] tab, click [Add] and select [Point-to-Point Tunneling Protocol]. Then press [OK].
  • Page 16 Figure 1.3 Step 4: After the protocol is installed, Remote Access Service (RAS) will initialize. You must add at least one VPN port as a port in the RAS setup interface. Figure 1.4 Figure 1.5 Step 5: At this time, specify which protocols you want to run for that VPN port. You can install up to 256 VPN ports.
  • Page 17 least one VPN is configured for dial-out. Figure 1.6 Step 6: Press [Close] and restart the machine when requested to do so. Figure 1.7...
  • Page 18 BACK - Windows NT NEXT – Configuring the PPTP Client Windows 2000/XP Windows 2000 and Windows XP already have the required VPN communication components installed. Please verify that you can connect to the Internet either through a dial-up connection or through a LAN. If you can connect to the Internet, please go to the Section 2.
  • Page 19 BACK - Windows 2000/XP SECTION 2: Configuring your MS PPTP Client This section outlines the process for configuring a PPTP client on the following operating systems: Windows 95/98/98SE § Windows Me § Windows NT § Windows 2000 § Windows XP §...
  • Page 20 BACK - Configuring the PPTP Client NEXT – Windows Me Windows 95/98/98SE Step 1: Double-click the [My Computer] icon on your Desktop. Step 2: In the [My Computer] window, locate and double-click the [Dial-Up Networking] icon to launch the [Welcome to Dial-Up Networking] wizard Figure 1.0 NOTE: If the network wizard does not prompt you, locate and click on the [Make a New Connection] icon to launch it.
  • Page 21 Figure 1.1 Step 4: In the dialog box show below: Enter a name for this VPN connection and § Verify that you have the [Microsoft VPN Adapter] selected under the [Select a § device:] drop down menu Then click the [Next >] button to continue. Figure 1.2 Step 5: In the [Host name or IP Address:] text box, enter the WAN IP address of the...
  • Page 22 Barricade Plus that you are connecting to and then click the [Next] button to continue. Figure 1.3 Step 6: Once you have completed the [Make New Connection] wizard, click the [Finish] button to save this configuration. Step 7: Double-click the [My Computer] icon on your Desktop. Step 8: Locate and double-click the [Dial-Up Networking] icon.
  • Page 23 you created. To access this connection, double-click the connection icon. Figure 1.5 Step 10: When prompted with the [Connect To] dialog box shown below, please provide and verify the following information: Username § Password § The [VPN server:] text box has WAN IP address of the Barricade Plus you are §...
  • Page 24 Figure 1.6 Step 11: To verify your VPN connection, locate and double-click the connection icon that is displayed in the system tray. Once you are connected you should see two new monitor icons in the system tray, and you will be able to access the computers on the remote network as if they were on your local LAN.
  • Page 25 BACK - NEXT – Windows NT Windows 95/98/98SE Windows Me Step 1: Double-click the [My Computer] icon on your desktop and then click the [Dial- Up Networking] link on the bottom left hand corner of the window. Figure 1.0 Step 2: A Welcome window should appear. Click [Next >] to continue. Figure 1.1 Step 3: If this is your first time configuring a VPN session, you will be asked to enter your area code.
  • Page 26 Figure 1.2 Step 4: Enter a name for the VPN connection you wish to establish and click [Next >]. (i.e. – Barricade VPN) Figure 1.3 Step 5: Enter the WAN IP address of the Barricade Plus you wish to connect to and click [Next >].
  • Page 27 Figure 1.4 Step 6: You have completed the VPN client setup. Click [Finish] to exit. Step 7: Go back into [My Computer] and click on the [Dial-Up Networking] link again. You should now see the new VPN connection that you just configured. Go ahead and double-click on the name of the connection.
  • Page 28 tunnel. Figure 1.6 Figure 1.7...
  • Page 29 BACK - NEXT – Windows 2000 Windows Me Windows NT Step 1: Double-click on the [My Computer] icon on your Desktop. Then double-click the [Dial-up Networking] icon. Figure 1.0 Step 2: If this is your first time configuring a VPN session, you will be asked to enter your area code.
  • Page 30 Step 3: You will also be asked to make an entry in the Phonebook. Press [OK] to continue. Figure 1.2 Step 4: Enter a name for this entry and click the [Next >] button. (i.e. – Barricade VPN) Figure 1.3 Step 5: Enter the WAN IP Address of the Barricade Plus that you are connecting to and click [Next >]...
  • Page 31 Figure 1.4 Step 6: Press [Finish] to exit the wizard. Figure 1.5 Step 7: Now you can review the settings you configured and choose to [Dial] the PPTP Server. The [Phone number preview:] section should show the WAN IP address of the Barricade Plus you are connecting to.
  • Page 32 Figure 1.6 Step 8: Enter the username and password that the Administrator of the remote network has given you. Verify that the VPN Server field has the correct WAN IP address. Then press the [OK] button. (Note: Be sure to enter this correctly as you will NOT be able to connect without the correct login data) Figure 1.7 Once you are connected you should see two new monitor icons in the system tray, and...
  • Page 33 Figure 1.8...

  • Page 34: Windows 2000

    BACK - NEXT – Windows XP Windows NT Windows 2000 Step 1: Right-click the [My Network Places] icon on your desktop and click [Properties]. Figure 1.0 Step 2: Double-click [Make New Connection]. Figure 1.1 Step 3: If this is your first time configuring a VPN session, you may be asked to enter...
  • Page 35 your area code. Please do so and press [OK] to continue. Figure 1.2 Step 4: A wizard will appear. Please click [Next >] to continue. Figure 1.3...
  • Page 36 Step 5: Select the [Connect to a private network through the Internet] option and click [Next >]. Figure 1.4 Step 6: Enter the WAN IP address of the Barricade Plus that you wish to establish a connection with. Then click [Next >]. Figure 1.5...
  • Page 37 Step 7: If you would like to give other users access to this VPN, select [For all users]. Otherwise, select [Only for myself] and click [Next >] to continue. Figure 1.6 Step 8: You have completed the VPN client setup. Click [Finish] to exit. Step 9: Enter the username and password that the Administrator of the remote network has given you.
  • Page 38 Figure 1.7 Once you are connected you should see two new monitor icons in the system tray, and you will be able to access the computers on the remote network as if they were on your local LAN. You can double-click on the two linked monitors to view properties of the VPN tunnel.
  • Page 39 Figure 1.9...
  • Page 40 BACK - NEXT – Barricade Plus PPTP Client Windows 2000 Windows XP Step 1: Go into the Control Panel. Figure 1.0 Step 2: Click the [Network and Internet Connections] link. Figure 1.1 Step 3: Click the [Create a connection to the network at your workplace] link.
  • Page 41 Figure 1.2 Step 4: Select the [Virtual Private Network connection] option and click [Next >] to continue. Figure 1.3 Step 5: Enter a name for the VPN connection you wish to establish and click [Next >]. (i.e. – Barricade VPN)
  • Page 42 Figure 1.4 Step 6: Enter the WAN IP address of the Barricade Plus that you wish to establish a connection with. Then click [Next >].
  • Page 43 Figure 1.5 Step 7: You have completed the VPN client setup. Click [Finish] to exit. Step 8: Go back into the [Network and Internet Connections] (see Step 2) window and click the [Network Connections] link. Figure 1.6 Step 9: You should now see the new VPN connection that you just created. Double-click on this connection.
  • Page 44 you will be able to access the computers on the remote network as if they were on your local LAN. You can double-click on the two linked monitors to view properties of the VPN tunnel. Figure 1.8 Figure 1.9...
  • Page 45 BACK - NEXT – Barricade Plus PPTP Server Windows XP SECTION 3: Configuring the Barricade Plus as a PPTP Client IMPORTANT NOTE: When setting up a VPN connection, your local LAN and the remote network must be on different subnets (i.e. – If the remote gateway/router has a LAN IP of 192.168.1.1, your Barricade Plus should be set to 192.168.x.1 where X is equal to a number between 2 and 254) Step 1: Open up your web browser and type in the IP Address of your Barricade Plus.
  • Page 46 Tunnel from the Barricade Plus to another Barricade Plus or a Windows-based PPTP Server. Figure 1.1 User name: Used by the server to identify the PPTP Client Password: Used by the server to authorize the PPTP Client’s request for a Tunnel Idle Time Out: When there is no activity for this amount of Idle Time, the Tunnel will be broken IP: Enter the LAN subnet of the remote network you are connecting to.
  • Page 47 Step 6: Once all the required fields have been filled in, press the [OK] button to continue. Then check the [Accept to Connect] box. Step 7: Scroll down to the section labeled [IP Address Pool]. Change the IP scheme to match that of the PPTP server's internal network.
  • Page 48 Figure 1.4 Step 9: Press [Connect] and the router will begin to establish a connection using the settings previously configured in the VPN | PPTP section. Once the connection is established, the information will be displayed on the STATUS page and in the SECURITY LOG as well.
  • Page 49 BACK - Barricade Plus PPTP Client NEXT – Barricade Plus IPSec Tunnels SECTION 4: Configuring the Barricade Plus as a PPTP Server IMPORTANT NOTE: When setting up a VPN connection, your local LAN and the remote network must be on different subnets (i.e. – If the remote gateway/router has a LAN IP of 192.168.1.1, your Barricade Plus should be set to 192.168.x.1 where X is equal to a number between 2 and 254) Step 1: Open up your web browser and type in the IP Address of your Barricade Plus.
  • Page 50 Tunnel from the Barricade Plus to another Barricade Plus or a Windows-based PPTP Client. Figure 1.1 User name: The name you want to use to identify a particular PPTP Client Password: The password you wish to use to authorize a particular PPTP Client Idle Time Out: When there is no activity for this amount of Idle Time, the Tunnel will be broken IP: Enter the LAN subnet of the remote network that will connect to this router.
  • Page 51 Step 6: Once all the required fields have been filled in, press the [OK] button to continue. Then check the [Accept to Connect] box. Step 7: Scroll down to the section labeled [IP Address Pool]. Change the IP scheme to match that of the PPTP server's internal network.
  • Page 52 Figure 1.4 Step 9: Press [Disconnect] and the Server will begin to terminate the PPTP VPN session. Once the connection has been broken, the information will be displayed on the STATUS page and in the SECURITY LOG as well. The PPTP Server should show that the Line is [Disconnected].
  • Page 53 BACK - Barricade Plus PPTP Server NEXT – Glossary SECTION 5: Barricade Plus IPSec Tunnel Configuration IMPORTANT NOTE: When setting up a VPN connection, your local LAN and the remote network must be on different subnets (i.e. – If the remote gateway/router has a LAN IP of 192.168.1.1, your Barricade Plus should be set to 192.168.x.1 where X is equal to a number between 2 and 254) Step 1: Open up your web browser and type in the IP Address of your Barricade Plus.
  • Page 54 Figure 1.0: Tunnel 1 SPI: Security Parameter Index – This value must be the same for the Local Tunnel and the Remote Tunnel (i.e. – The Barricade Plus on the remote end must have the same value for SPI) Local IP Address: Enter the subnet of the local LAN. (i.e. – If your router’s LAN IP is 192.168.2.1, type in 192.168.2.0) Subnet Mask: This will always be a Class C subnet mask.
  • Page 55 Figure 1.1: Tunnel 2 Figure 1.2: Tunnel 3...
  • Page 56 Figure 1.3 The above image shows that the Barricade Plus has a LAN IP of 192.168.2.1 and it has been configured to connect to three other Barricade Plus units. Note that each of the remote Barricade Plus units have DIFFERENT LAN IP addresses. This is essential to the successful establishment of the IPSec VPN.
  • Page 57 IP addresses, so that when a domain name is requested (as in typing " www.smc.com" into your Internet browser), the user is sent to the proper IP address. The DNS server address used by the computers on your home network is the location of the DNS server your ISP has assigned.
  • Page 58 IPSecurity IPSec provides IP network-layer encryption. IPSec can support large encryption networks (such as the Internet) by using digital certificates for device authentication. It works at the Layer 3 and secures everything on the network. This is a communications network that serves users within a confined geographical area. It is made up of servers, workstations, a network operating system and a communications link.
  • Page 59 FTP) to a public address. This secures your network from direct attack by hackers, and provides more flexible management by allowing you to change internal IP addresses without affecting outside access to your network. NAT must be enabled to provide multi- user access to the Internet or to use the Virtual Server function.
  • Page 60 Security Parameter Index is a 32-bit value which, together with an IP address and security protocol, uniquely identifies a particular security association. It is a number that tells the packet recipient which security protocols the sender is using. This information includes which algorithms and keys are being applied by the sending device.
  • Page 61 machines as if it were actually on that local network.

This manual is also suitable for:

7004fw - annexe 27004wfw - annexe 2Barricade plusBarricade plus smc7004fwBarricade plus smc7004wfw