1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Firewall
  5. DFL-210 - NetDefend - Security Appliance
  6. User manual

Setting Up A Psk Based Vpn Tunnel For Roaming Clients - D-Link NetDefend DFL-210 User Manual

Network security firewall
Hide thumbs Also See for NetDefend DFL-210:
Table of Contents

Advertisement

9.4.3. Roaming Clients
computer from different locations is a typical example of a roaming client. Apart from the need for
secure VPN access, the other major issue with roaming clients is that the mobile user's IP address is
often not known beforehand. To handle the unknown IP address the NetDefendOS can dynamically
add routes to the routing table as tunnels are established.
Dealing with Unknown IP addresses
If the IP address of the client is not known before hand then the D-Link Firewall needs to create a
route in its routing table dynamically as each client connects. In the example below this is the case
and the IPsec tunnel is configured to dynamically add routes.
If clients are to be allowed to roam in from everywhere, irrespective of their IP address, then the
Remote Network needs to be set to all-nets (IP address: 0.0.0.0/0) which will allow all existing
IPv4-addresses to connect through the tunnel.
When configuring VPN tunnels for roaming clients it is usually not necessary to add to or modify
the proposal lists that are pre-configured in NetDefendOS.
9.4.3.1. PSK based client tunnels
Example 9.4. Setting up a PSK based VPN tunnel for roaming clients
This example describes how to configure an IPsec tunnel at the head office D-Link Firewall for roaming clients
that connect to the office to gain remote access. The head office network uses the 10.0.1.0/24 network span with
external firewall IP wan_ip.
Web Interface
A. Create a pre-shared key for IPsec authentication:
1.
Go to Objects > Authentication Objects > Add > Pre-Shared Key
2.
Now enter:
Name: Enter a name for the pre-shared key, SecretKey for instance
Shared Secret: Enter a secret passphrase
Confirm Secret: Enter the secret passphrase again
3.
Click OK
B. Configure the IPsec tunnel:
1.
Go to Interfaces > IPsec > Add > IPsec Tunnel
2.
Now enter:
Name: RoamingIPsecTunnel
Local Network: 10.0.1.0/24 (This is the local network that the roaming users will connect to)
Remote Network: all-nets
Remote Endpoint: (None)
Encapsulation Mode: Tunnel
3.
For Algorithms enter:
IKE Algorithms: Medium or High
IPsec Algorithms: Medium or High
4.
For Authentication enter:
Pre-Shared Key: Select the pre-shared key created earlier
254
Chapter 9. VPN

Advertisement

Table of Contents
loading

Related Manuals for D-Link NetDefend DFL-210

Related Content for D-Link NetDefend DFL-210

This manual is also suitable for:

Dfl-800Netdefend dfl-2500Dfl-1600Netdefend dfl-860Netdefend dfl-260Netdefend dfl-800 ... Show all

Table of Contents