DG834Gv3 Reference Manual
Page 9
... Log Messages 5-12 Enabling Security Event E-mail Notification 5-13 Running Diagnostic Utilities and Rebooting the Modem Router 5-15 Enabling Remote Management 5-16 Configuring Remote Management 5-16 Chapter 6 Advanced Configuration Configuring Advanced Security ...VPN Configuration 7-2 Client-to-Gateway VPN Tunnels 7-2 Gateway-to-Gateway VPN Tunnels 7-3 Planning a VPN ...7-4 VPN Tunnel Configuration 7-6 How to Set Up a Client-to-Gateway VPN Configuration 7-7 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v3 ...........7-7 Step 2: Configuring the NETGEAR ProSafe VPN...
... Log Messages 5-12 Enabling Security Event E-mail Notification 5-13 Running Diagnostic Utilities and Rebooting the Modem Router 5-15 Enabling Remote Management 5-16 Configuring Remote Management 5-16 Chapter 6 Advanced Configuration Configuring Advanced Security ...VPN Configuration 7-2 Client-to-Gateway VPN Tunnels 7-2 Gateway-to-Gateway VPN Tunnels 7-3 Planning a VPN ...7-4 VPN Tunnel Configuration 7-6 How to Set Up a Client-to-Gateway VPN Configuration 7-7 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v3 ...........7-7 Step 2: Configuring the NETGEAR ProSafe VPN...
DG834Gv3 Reference Manual
Page 10
...Connection 8-4 ADSL link ...8-4 Obtaining a WAN IP Address 8-5 Troubleshooting PPPoE or PPPoA 8-6 Troubleshooting Internet Browsing 8-7 Troubleshooting a TCP/IP Network Using the Ping Utility 8-7 Testing the LAN Path to Your Router 8-7 ...Testing the Path from Your Computer to a Remote Device 8-8 Restoring the Default Configuration and Password 8-9 Using the Reset button 8-9 Problems with Date and Time 8-9 Appendix A Technical Specifications Appendix B NETGEAR VPN Configuration DG834G v3 to FVL328 B-1 Configuration Profile B-1 Step-By-Step Configuration B-2 DG834G v3...
...Connection 8-4 ADSL link ...8-4 Obtaining a WAN IP Address 8-5 Troubleshooting PPPoE or PPPoA 8-6 Troubleshooting Internet Browsing 8-7 Troubleshooting a TCP/IP Network Using the Ping Utility 8-7 Testing the LAN Path to Your Router 8-7 ...Testing the Path from Your Computer to a Remote Device 8-8 Restoring the Default Configuration and Password 8-9 Using the Reset button 8-9 Problems with Date and Time 8-9 Appendix A Technical Specifications Appendix B NETGEAR VPN Configuration DG834G v3 to FVL328 B-1 Configuration Profile B-1 Step-By-Step Configuration B-2 DG834G v3...
DG834Gv3 Reference Manual
Page 13
... resources. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is used to intermediate computer and Internet skills. About This Manual 1-1 v1.0, January 2006 Tip: This format is provided in the Appendices and on the NETGEAR, Inc. Web site at http://kbserver.netgear.com/products/DG834G v3.asp. This guide uses the following formats...
... resources. However, basic computer network, Internet, firewall, and VPN technologies tutorial information is used to intermediate computer and Internet skills. About This Manual 1-1 v1.0, January 2006 Tip: This format is provided in the Appendices and on the NETGEAR, Inc. Web site at http://kbserver.netgear.com/products/DG834G v3.asp. This guide uses the following formats...
DG834Gv3 Reference Manual
Page 18
...ADSL Modem Wireless Router DG834G Key Features The ADSL Modem Wireless Router provides the following features: • A built-in ADSL modem • A powerful, true firewall • 802.11g standards-based wireless networking • Easy, Web-based setup for installation and management • Extensive Internet protocol support • Trustworthy VPN Communications over the Internet • VPN Wizard for easy VPN..., and administrator logins. A Powerful, True Firewall Unlike simple Internet sharing NAT routers, the DG834G v3 is a true firewall, using stateful packet inspection to your LAN....
...ADSL Modem Wireless Router DG834G Key Features The ADSL Modem Wireless Router provides the following features: • A built-in ADSL modem • A powerful, true firewall • 802.11g standards-based wireless networking • Easy, Web-based setup for installation and management • Extensive Internet protocol support • Trustworthy VPN Communications over the Internet • VPN Wizard for easy VPN..., and administrator logins. A Powerful, True Firewall Unlike simple Internet sharing NAT routers, the DG834G v3 is a true firewall, using stateful packet inspection to your LAN....
DG834Gv3 Reference Manual
Page 21
...participate in online games, videoconferencing and other VPN products. • Supports 3DES encryption for the ADSL Modem Wireless Router DG834G • Dynamic DNS Dynamic DNS services allow... Connections With its internal 4-port 10/100 switch, the DG834G v3 can connect to many other peer-to make the right ...router incorporates Auto UplinkTM technology. That port will accommodate either a 10 Mbps standard Ethernet network or a 100 Mbps Fast Ethernet network. Reference Manual for maximum security. • VPN Wizard based on VPNC recommended settings. The modem router...
...participate in online games, videoconferencing and other VPN products. • Supports 3DES encryption for the ADSL Modem Wireless Router DG834G • Dynamic DNS Dynamic DNS services allow... Connections With its internal 4-port 10/100 switch, the DG834G v3 can connect to many other peer-to make the right ...router incorporates Auto UplinkTM technology. That port will accommodate either a 10 Mbps standard Ethernet network or a 100 Mbps Fast Ethernet network. Reference Manual for maximum security. • VPN Wizard based on VPNC recommended settings. The modem router...
DG834Gv3 Reference Manual
Page 96
...DG834G v3 supports both of these types of VPN Configuration Two common scenarios for configuring VPN tunnels are between a remote personal computer and a network gateway and between two or more network gateways. Client-to-Gateway VPN Tunnels Client-to-Gateway VPN...network is one tunnel endpoint, running the VPN client software. The ADSL Modem Wireless Router on the Internet. Reference Manual for the ADSL Modem Wireless Router DG834G Overview of VPN configurations. DG834G VPN Tunnel PCs Figure 7-1 PC (Running NETGEAR ProSafe VPN Client) A VPN client access allows a remote PC to connect...
...DG834G v3 supports both of these types of VPN Configuration Two common scenarios for configuring VPN tunnels are between a remote personal computer and a network gateway and between two or more network gateways. Client-to-Gateway VPN Tunnels Client-to-Gateway VPN...network is one tunnel endpoint, running the VPN client software. The ADSL Modem Wireless Router on the Internet. Reference Manual for the ADSL Modem Wireless Router DG834G Overview of VPN configurations. DG834G VPN Tunnel PCs Figure 7-1 PC (Running NETGEAR ProSafe VPN Client) A VPN client access allows a remote PC to connect...
DG834Gv3 Reference Manual
Page 97
... for the ADSL Modem Wireless Router DG834G Gateway-to-Gateway VPN Tunnels • Gateway-to-Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet. VPN tunnels also ...Up a Gateway-to-Gateway VPN Configuration" on each end of the tunnel to form the VPN tunnel end points. In this case, use DG834G v3s on page 7-21 to network resources across the Internet. DG834G VPN Firewall A VPN Tunnel DG834G VPN Firewall B PCs PCs Figure 7-2 A VPN between networks, such as...
... for the ADSL Modem Wireless Router DG834G Gateway-to-Gateway VPN Tunnels • Gateway-to-Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet. VPN tunnels also ...Up a Gateway-to-Gateway VPN Configuration" on each end of the tunnel to form the VPN tunnel end points. In this case, use DG834G v3s on page 7-21 to network resources across the Internet. DG834G VPN Firewall A VPN Tunnel DG834G VPN Firewall B PCs PCs Figure 7-2 A VPN between networks, such as...
DG834Gv3 Reference Manual
Page 100
... (see Table 7-2) are not appropriate for your DG834G v3 and the corresponding VPN endpoint gateway or client workstation. See "How to Set Up a Client-to configure a VPN tunnel (recommended for most situations): - Look on the NETGEAR web site at www.netgear.com for these interoperability scenarios. 7-6 Virtual Private ... each phase of the connection. You manually enter all the authentication and key parameters. Reference Manual for the ADSL Modem Wireless Router DG834G VPN Tunnel Configuration There are two tunnel configurations and three ways to configure them: • Use the...
... (see Table 7-2) are not appropriate for your DG834G v3 and the corresponding VPN endpoint gateway or client workstation. See "How to Set Up a Client-to configure a VPN tunnel (recommended for most situations): - Look on the NETGEAR web site at www.netgear.com for these interoperability scenarios. 7-6 Virtual Private ... each phase of the connection. You manually enter all the authentication and key parameters. Reference Manual for the ADSL Modem Wireless Router DG834G VPN Tunnel Configuration There are two tunnel configurations and three ways to configure them: • Use the...
DG834Gv3 Reference Manual
Page 101
... Table 7-2 on page 7-5. Reference Manual for the ADSL Modem Wireless Router DG834G How to Set Up a Client-to-Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 7-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between the remote PC and network gateway. • "Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC" on page...
... Table 7-2 on page 7-5. Reference Manual for the ADSL Modem Wireless Router DG834G How to Set Up a Client-to-Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 7-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between the remote PC and network gateway. • "Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC" on page...
DG834Gv3 Reference Manual
Page 102
...: Perfect Forward Secrecy -- Reference Manual for the ADSL Modem Wireless Router DG834G Table 7-3. MD5 or SHA-1: Diffie-Hellman (DH) Group -- Group 1 or Group 2: Key Life in seconds: IKE Life Time in seconds: RoadWarrior 12345678 Main Disabled Enabled 3DES SHA-1 Group 2 28800 (8 hours) 3600 (1 hour) VPN Endpoint Client DG834G v3 Local IPSec ID toDG834 toClient LAN IP Address...
...: Perfect Forward Secrecy -- Reference Manual for the ADSL Modem Wireless Router DG834G Table 7-3. MD5 or SHA-1: Diffie-Hellman (DH) Group -- Group 1 or Group 2: Key Life in seconds: IKE Life Time in seconds: RoadWarrior 12345678 Main Disabled Enabled 3DES SHA-1 Group 2 28800 (8 hours) 3600 (1 hour) VPN Endpoint Client DG834G v3 Local IPSec ID toDG834 toClient LAN IP Address...
DG834Gv3 Reference Manual
Page 103
Figure 7-4 2. Virtual Private Networking 7-9 v1.0, January 2006 Reference Manual for the ADSL Modem Wireless Router DG834G 1. Log in to the DG834G v3 at its LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and click Next... key: (e.g., 12345678) Select the radio button: A remote VPN client (single PC) Figure 7-5 Tip: The Connection Name is arbitrary and not relevant to proceed. Fill in the main menu to proceed. Click Next to how the configuration functions. Click the VPN Wizard link in the Connection Name and the pre-shared...
Figure 7-4 2. Virtual Private Networking 7-9 v1.0, January 2006 Reference Manual for the ADSL Modem Wireless Router DG834G 1. Log in to the DG834G v3 at its LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and click Next... key: (e.g., 12345678) Select the radio button: A remote VPN client (single PC) Figure 7-5 Tip: The Connection Name is arbitrary and not relevant to proceed. Fill in the main menu to proceed. Click Next to how the configuration functions. Click the VPN Wizard link in the Connection Name and the pre-shared...
DG834Gv3 Reference Manual
Page 107
...Connection Names that it does not have to how the VPN tunnel functions. d. Reference Manual for the ADSL Modem Wireless Router DG834G b. Select All in the VPN Settings of the DG834G v3 on the gateway side of the DG834G v3. Rename the "New Connection" so that make sense ...to allow all traffic through the VPN tunnel. Virtual Private Networking v1.0,...
...Connection Names that it does not have to how the VPN tunnel functions. d. Reference Manual for the ADSL Modem Wireless Router DG834G b. Select All in the VPN Settings of the DG834G v3 on the gateway side of the DG834G v3. Rename the "New Connection" so that make sense ...to allow all traffic through the VPN tunnel. Virtual Private Networking v1.0,...
DG834Gv3 Reference Manual
Page 108
... Main Mode in the NETGEAR ProSafe VPN Client software: a. Configure the Security Policy in the Select Phase 1 Negotiation Mode check-box group. 4. Enter the public WAN IP Address of the DG834G v3 in the DG834G v3 and either a fixed ...IP address or a "fixed virtual" IP address of the VPN client PC. 7-14 v1.0, January 2006 Virtual Private Networking My Identity and Security Policy subheadings appear below the ID Type menu. In this example, 22.23.24.25 would be used. Reference Manual for the ADSL Modem Wireless Router DG834G...
... Main Mode in the NETGEAR ProSafe VPN Client software: a. Configure the Security Policy in the Select Phase 1 Negotiation Mode check-box group. 4. Enter the public WAN IP Address of the DG834G v3 in the DG834G v3 and either a fixed ...IP address or a "fixed virtual" IP address of the VPN client PC. 7-14 v1.0, January 2006 Virtual Private Networking My Identity and Security Policy subheadings appear below the ID Type menu. In this example, 22.23.24.25 would be used. Reference Manual for the ADSL Modem Wireless Router DG834G...
DG834Gv3 Reference Manual
Page 110
...DES or 3DES) to be used for the ADSL Modem Wireless Router DG834G e. In the Pre-Shared Key dialog box, click the Enter Key button. Then select Proposal 1 below Authentication. Enter the DG834G v3's Pre-Shared Key and click OK. This selection... must match your selection in the DG834G v3 configuration. Reference Manual for this connection. a. Figure 7-12 5. Configure the VPN...
...DES or 3DES) to be used for the ADSL Modem Wireless Router DG834G e. In the Pre-Shared Key dialog box, click the Enter Key button. Then select Proposal 1 below Authentication. Enter the DG834G v3's Pre-Shared Key and click OK. This selection... must match your selection in the DG834G v3 configuration. Reference Manual for this connection. a. Figure 7-12 5. Configure the VPN...
DG834Gv3 Reference Manual
Page 111
...the type of encryption (DES or 3DES) to be used for the Encryption Protocol in the DG834G v3 in Table 7-3 on the "+" symbol. Figure 7-14 b. Check the Encapsulation Protocol (ESP)... to correspond with what was configured for this example, use Triple DES. Configure the VPN Client Key Exchange Proposal. In the SA Life menu, select Unspecified. In the Compression... Alg menu, select the type of encryption to correspond with what was configured for the ADSL Modem Wireless Router DG834G c. Expand the Key Exchange subheading by double clicking its name or clicking on page 7-8....
...the type of encryption (DES or 3DES) to be used for the Encryption Protocol in the DG834G v3 in Table 7-3 on the "+" symbol. Figure 7-14 b. Check the Encapsulation Protocol (ESP)... to correspond with what was configured for this example, use Triple DES. Configure the VPN Client Key Exchange Proposal. In the SA Life menu, select Unspecified. In the Compression... Alg menu, select the type of encryption to correspond with what was configured for the ADSL Modem Wireless Router DG834G c. Expand the Key Exchange subheading by double clicking its name or clicking on page 7-8....
DG834Gv3 Reference Manual
Page 112
...DG834G v3's network by using our example, start from the remote PC to connect. Figure 7-15 7-18 v1.0, January 2006 Virtual Private Networking Leave the Authentication Protocol (AH) checkbox unchecked. 7. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. Reference Manual for the ADSL Modem Wireless Router DG834G f. Save the VPN... Client Settings. To check the VPN Connection, you attempt to access any IP addresses in the NETGEAR ProSafe menu bar. On ...
...DG834G v3's network by using our example, start from the remote PC to connect. Figure 7-15 7-18 v1.0, January 2006 Virtual Private Networking Leave the Authentication Protocol (AH) checkbox unchecked. 7. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. Reference Manual for the ADSL Modem Wireless Router DG834G f. Save the VPN... Client Settings. To check the VPN Connection, you attempt to access any IP addresses in the NETGEAR ProSafe menu bar. On ...
DG834Gv3 Reference Manual
Page 113
...ADSL Modem Wireless Router DG834G This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer. Reference Manual for a successful connection is shown below: Figure 7-17 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is established, you should change from "timed out" to the first DG834G v3... see the login screen of the Modem Router (unless another PC already has the DG834G v3 management interface open the browser of the PC and enter the LAN IP address of the VPN client connection can open ). To launch ...
...ADSL Modem Wireless Router DG834G This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer. Reference Manual for a successful connection is shown below: Figure 7-17 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is established, you should change from "timed out" to the first DG834G v3... see the login screen of the Modem Router (unless another PC already has the DG834G v3 management interface open the browser of the PC and enter the LAN IP address of the VPN client connection can open ). To launch ...
DG834Gv3 Reference Manual
Page 114
...WAN address of 22.23.24.25. • The DG834G v3 has a LAN IP address of 192.168.3.1. • The VPN client PC has a dynamically assigned address of the connection. The Connection Monitor screen for the ADSL Modem Wireless Router DG834G 9. When the connection is successful, the "SA" ...will change to the yellow key symbol shown in order to close the VPN connection in the illustration above. Reference Manual for this connection ...
...WAN address of 22.23.24.25. • The DG834G v3 has a LAN IP address of 192.168.3.1. • The VPN client PC has a dynamically assigned address of the connection. The Connection Monitor screen for the ADSL Modem Wireless Router DG834G 9. When the connection is successful, the "SA" ...will change to the yellow key symbol shown in order to close the VPN connection in the illustration above. Reference Manual for this connection ...
DG834Gv3 Reference Manual
Page 134
...field, and the desired network mask in the "Single/Start IP address" field. The NETBIOS protocol is used only to the remote VPN endpoint. Local LAN. The Ping IP Address must have these IP addresses entered as follows: General. The remote keep-alive IP address ..." periodically to make a single Server on your LAN are defined as its "Remote VPN Endpoint". • NETBIOS Enable-check this if you wish to generate traffic for the ADSL Modem Wireless Router DG834G The DG834G v3 VPN tunnel network connection fields are covered by this policy. This name is not supplied to...
...field, and the desired network mask in the "Single/Start IP address" field. The NETBIOS protocol is used only to the remote VPN endpoint. Local LAN. The Ping IP Address must have these IP addresses entered as follows: General. The remote keep-alive IP address ..." periodically to make a single Server on your LAN are defined as its "Remote VPN Endpoint". • NETBIOS Enable-check this if you wish to generate traffic for the ADSL Modem Wireless Router DG834G The DG834G v3 VPN tunnel network connection fields are covered by this policy. This name is not supplied to...
DG834Gv3 Reference Manual
Page 143
... must be provided as follows: • Policy Name-enter a unique name to the remote VPN endpoint. Typically, this setting is selected, no LAN (only a single PC) at the remote endpoint. The DG834G v3 VPN tunnel network connection fields are defined as follows: • Single PC - no Subnet-select ... "Single/Start IP address" field, and the finish IP address in the "Finish IP address" field. Reference Manual for the ADSL Modem Wireless Router DG834G General. The NETBIOS protocol is not supplied to identify this option if there is no additional data is used when you wish NETBIOS...
... must be provided as follows: • Policy Name-enter a unique name to the remote VPN endpoint. Typically, this setting is selected, no LAN (only a single PC) at the remote endpoint. The DG834G v3 VPN tunnel network connection fields are defined as follows: • Single PC - no Subnet-select ... "Single/Start IP address" field, and the finish IP address in the "Finish IP address" field. Reference Manual for the ADSL Modem Wireless Router DG834G General. The NETBIOS protocol is not supplied to identify this option if there is no additional data is used when you wish NETBIOS...