1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-210 - NetDefend - Security Appliance
  6. User manual

D-Link NetDefend DFL-210 User Manual page 257

Network security firewall
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

9.4.3. Roaming Clients
3.
Click OK
4.
Go to Objects > VPN Objects > ID List > Sales > Add > ID
5.
Enter the name for the client
6.
Select Email as Type
7.
In the Email address field, enter the email address selected when you created the certificate on the client
8.
Create a new ID for every client that you want to grant access rights according to the instructions above
C. Configure the IPsec tunnel:
1.
Go to Interfaces > IPsec > Add > IPsec Tunnel
2.
Now enter:
Name: RoamingIPsecTunnel
Local Network: 10.0.1.0/24 (This is the local network that the roaming users will connect to)
Remote Network: all-nets
Remote Endpoint: (None)
Encapsulation Mode: Tunnel
3.
For Algorithms enter:
IKE Algorithms: Medium or High
IPsec Algorithms: Medium or High
4.
For Authentication enter:
Choose X.509 Certificate as authentication method
Root Certificate(s): Select your CA server root certificate imported earlier and add it to the Selected list
Gateway Certificate: Choose your newly created firewall certificate
Identification List: Select your ID List that you want to associate with your VPN Tunnel. In our case that
will be sales
5.
Under the Routing tab:
Enable the option: Dynamically add route to the remote network when a tunnel is established
6.
Click OK
D. Finally configure the IP rule set to allow traffic inside the tunnel.
9.4.3.4. Using Config Mode
IKE Configuration Mode (Config Mode) is an extension to IKE that allows NetDefendOS to
provide LAN configuration information to remote VPN clients. It is used to dynamically configure
IPsec clients with IP addresses and corresponding netmasks, and to exchange other types of
information associated with DHCP. The IP address provided to a client can be either be based on a
range of predefined static IP addresses defined for Config Mode or it can come from DHCP servers
associated with an IP Pool object.
An IP pool is a cache of IP addresses collected from DHCP servers and leases on these addresses are
automatically renewed when the lease time is about to expire. IP Pools also manage additional
information such as DNS and WINS/NBNS, just as an ordinary DHCP server would. (For detailed
information on pools see Section 5.5, "IP Pools".)
Defining the Config Mode Object
257
Chapter 9. VPN

Advertisement

Table of Contents
loading

Related Manuals for D-Link NetDefend DFL-210

Related Products for D-Link NetDefend DFL-210

This manual is also suitable for:

Dfl-800Netdefend dfl-2500Dfl-1600Netdefend dfl-860Netdefend dfl-260Netdefend dfl-800 ... Show all

Table of Contents