DG834Gv5 Reference Manual
Page 9
... Repeater with Wireless Client Association 5-17 Chapter 6 Virtual Private Networking Overview of VPN Configuration 6-1 Client-to-Gateway VPN Tunnels 6-2 Gateway-to-Gateway VPN Tunnels 6-2 Planning a VPN ...6-3 VPN Tunnel Configuration 6-4 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 6-6 Step 2: Configuring the NETGEAR ProSafe VPN...
... Repeater with Wireless Client Association 5-17 Chapter 6 Virtual Private Networking Overview of VPN Configuration 6-1 Client-to-Gateway VPN Tunnels 6-2 Gateway-to-Gateway VPN Tunnels 6-2 Planning a VPN ...6-3 VPN Tunnel Configuration 6-4 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 6-6 Step 2: Configuring the NETGEAR ProSafe VPN...
DG834Gv5 Reference Manual
Page 95
... to configure VPN tunnels when there are between two or more about VPN. The DG834Gv5 supports both of these types of the ADSL2+ Modem Wireless Router. The two alternatives for activating, verifying, deactivating, and deleting a VPN tunnel once... the VPN tunnel has been configured. • "Setting Up VPN Tunnels in Appendix C to learn more network gateways. VPN tunnels provide secure, encrypted communications between two network gateways using the VPN Wizard and the NETGEAR...
... to configure VPN tunnels when there are between two or more about VPN. The DG834Gv5 supports both of these types of the ADSL2+ Modem Wireless Router. The two alternatives for activating, verifying, deactivating, and deleting a VPN tunnel once... the VPN tunnel has been configured. • "Setting Up VPN Tunnels in Appendix C to learn more network gateways. VPN tunnels provide secure, encrypted communications between two network gateways using the VPN Wizard and the NETGEAR...
DG834Gv5 Reference Manual
Page 96
...See "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-18 for information about how to set up this configuration. Wireless ADSL2+ Modem Router DG834G User Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide secure access from any location on the Internet. VPN tunnels...VPN Tunnels Gateway-to form the VPN tunnel end points. In this case, use DG834Gv5s on each end of the tunnel to -Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is the other tunnel endpoint. Figure 6-1 A VPN client access allows a remote ...
...See "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-18 for information about how to set up this configuration. Wireless ADSL2+ Modem Router DG834G User Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide secure access from any location on the Internet. VPN tunnels...VPN Tunnels Gateway-to form the VPN tunnel end points. In this case, use DG834Gv5s on each end of the tunnel to -Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is the other tunnel endpoint. Figure 6-1 A VPN client access allows a remote ...
DG834Gv5 Reference Manual
Page 99
...have more opportunities for these two steps: • "Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5" on page 6-10 shows how to configure the NETGEAR ProSafe VPN Client endpoint. Setting Up a Client-to-Gateway VPN Configuration Setting up a VPN between the remote PC... to automate the Internet Key Exchange (IKE) setup. • See "Using Manual Policy to Configure VPN Tunnels" on page 6-5. - Wireless ADSL2+ Modem Router DG834G User Manual • Use the VPN Wizard to configure a VPN tunnel (recommended for your special circumstances and you must specify each phase of...
...have more opportunities for these two steps: • "Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5" on page 6-10 shows how to configure the NETGEAR ProSafe VPN Client endpoint. Setting Up a Client-to-Gateway VPN Configuration Setting up a VPN between the remote PC... to automate the Internet Key Exchange (IKE) setup. • See "Using Manual Policy to Configure VPN Tunnels" on page 6-5. - Wireless ADSL2+ Modem Router DG834G User Manual • Use the VPN Wizard to configure a VPN tunnel (recommended for your special circumstances and you must specify each phase of...
DG834Gv5 Reference Manual
Page 100
...: RoadWarrior 12345678 Main Disabled 3DES SHA-1 Group 2 28800 (8 hours) 3600 (1 hour) 6-6 Virtual Private Networking v1.0, May 2008 Wireless ADSL2+ Modem Router DG834G User Manual Figure 6-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 Note: This section uses the VPN Wizard to set up the VPN tunnel using the VPNC default parameters...
...: RoadWarrior 12345678 Main Disabled 3DES SHA-1 Group 2 28800 (8 hours) 3600 (1 hour) 6-6 Virtual Private Networking v1.0, May 2008 Wireless ADSL2+ Modem Router DG834G User Manual Figure 6-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5 Note: This section uses the VPN Wizard to set up the VPN tunnel using the VPNC default parameters...
DG834Gv5 Reference Manual
Page 101
... connection name, for the type of password. Figure 6-5 Virtual Private Networking 6-7 v1.0, May 2008 VPN Tunnel Configuration Worksheet (continued) VPN Endpoint Client DG834Gv5 Local IPSec ID toDG834 toClient LAN IP Address - 192.168.3.1 Subnet Mask - 255.255.255.0 FQDN or Gateway IP (WAN IP Address) Dynamic... the Connection Name and the pre-shared key fields. On the main menu, select VPN Wizard. Wireless ADSL2+ Modem Router DG834G User Manual Table 6-3. Fill in to the modem router at its LAN address of http://192.168.0.1 with its default user name of admin and password ...
... connection name, for the type of password. Figure 6-5 Virtual Private Networking 6-7 v1.0, May 2008 VPN Tunnel Configuration Worksheet (continued) VPN Endpoint Client DG834Gv5 Local IPSec ID toDG834 toClient LAN IP Address - 192.168.3.1 Subnet Mask - 255.255.255.0 FQDN or Gateway IP (WAN IP Address) Dynamic... the Connection Name and the pre-shared key fields. On the main menu, select VPN Wizard. Wireless ADSL2+ Modem Router DG834G User Manual Table 6-3. Fill in to the modem router at its LAN address of http://192.168.0.1 with its default user name of admin and password ...
DG834Gv5 Reference Manual
Page 105
.... c. d. Tip: Choose connection names that it does not have to allow all traffic through the VPN tunnel. Virtual Private Networking v1.0, May 2008 6-11 Wireless ADSL2+ Modem Router DG834G User Manual b. Select the Connect using and administering the VPN. Note: In this example, type 192.168.3.1 as the network address of the...: • Connection Security: Secure. • ID Type: IP Subnet. • Subnet: In this example, the connection name used on the client side of the DG834Gv5. • Protocol: Select All to match the RoadWarrior connection name used on LAN A.
.... c. d. Tip: Choose connection names that it does not have to allow all traffic through the VPN tunnel. Virtual Private Networking v1.0, May 2008 6-11 Wireless ADSL2+ Modem Router DG834G User Manual b. Select the Connect using and administering the VPN. Note: In this example, type 192.168.3.1 as the network address of the...: • Connection Security: Secure. • ID Type: IP Subnet. • Subnet: In this example, the connection name used on the client side of the DG834Gv5. • Protocol: Select All to match the RoadWarrior connection name used on LAN A.
DG834Gv5 Reference Manual
Page 106
...shown in the ID Type drop-down list. Figure 6-10 c. Wireless ADSL2+ Modem Router DG834G User Manual e. My Identity and Security Policy subheadings appear below the ID Type drop-down list. b. Enter the public WAN IP Address of the DG834Gv5 in the NETGEAR ProSafe VPN Client software: a. Configure the security policy in the... Policy list, expand the new connection by double-clicking its name or clicking the + symbol. In this step, you configured in the DG834Gv5 and either a fixed IP address or a fixed virtual IP address of the screen, select the Main Mode radio button. 4.
...shown in the ID Type drop-down list. Figure 6-10 c. Wireless ADSL2+ Modem Router DG834G User Manual e. My Identity and Security Policy subheadings appear below the ID Type drop-down list. b. Enter the public WAN IP Address of the DG834Gv5 in the NETGEAR ProSafe VPN Client software: a. Configure the security policy in the... Policy list, expand the new connection by double-clicking its name or clicking the + symbol. In this step, you configured in the DG834Gv5 and either a fixed IP address or a fixed virtual IP address of the screen, select the Main Mode radio button. 4.
DG834Gv5 Reference Manual
Page 108
Click Enter Key. b. d. In the SA Life drop-down list, select Pre-Shared key. Wireless ADSL2+ Modem Router DG834G User Manual f. Configure the VPN Client Authentication Proposal. In the Authentication Method drop-down list, select Unspecified. e. In this connection. This ... In the Encrypt Alg drop-down list, select the type of encryption (DES or 3DES) to be used for the Encryption Protocol in the DG834Gv5 in the DG834Gv5 configuration. In the Hash Alg drop-down list, select Diffie-Hellman Group 2. 6. a. Then select Proposal 1 below Authentication. Figure 6-13 c. In...
Click Enter Key. b. d. In the SA Life drop-down list, select Pre-Shared key. Wireless ADSL2+ Modem Router DG834G User Manual f. Configure the VPN Client Authentication Proposal. In the Authentication Method drop-down list, select Unspecified. e. In this connection. This ... In the Encrypt Alg drop-down list, select the type of encryption (DES or 3DES) to be used for the Encryption Protocol in the DG834Gv5 in the DG834Gv5 configuration. In the Hash Alg drop-down list, select Diffie-Hellman Group 2. 6. a. Then select Proposal 1 below Authentication. Figure 6-13 c. In...
DG834Gv5 Reference Manual
Page 109
... Alg drop-down list, select the type of the remote VPN router's LAN. g. Leave the Authentication Protocol (AH) check box cleared. 7. After you have configured and saved the VPN client information, your selection in the DG834Gv5 configuration. Expand the Key Exchange subheading by double-clicking its name ... > Save. Virtual Private Networking v1.0, May 2008 6-15 In the SA Life drop-down list, select SHA-1. Figure 6-14 b. Wireless ADSL2+ Modem Router DG834G User Manual In this step, you provide the type of encryption (DES or 3DES) to access any IP addresses in the range of...
... Alg drop-down list, select the type of the remote VPN router's LAN. g. Leave the Authentication Protocol (AH) check box cleared. 7. After you have configured and saved the VPN client information, your selection in the DG834Gv5 configuration. Expand the Key Exchange subheading by double-clicking its name ... > Save. Virtual Private Networking v1.0, May 2008 6-15 In the SA Life drop-down list, select SHA-1. Figure 6-14 b. Wireless ADSL2+ Modem Router DG834G User Manual In this step, you provide the type of encryption (DES or 3DES) to access any IP addresses in the range of...
DG834Gv5 Reference Manual
Page 110
... is established, you should change from the PC. Check the VPN connection. Establish an Internet connection from timed out to the DG834Gv5 modem router's network by opening the NETGEAR ProSafe Log Viewer. 6-16 v1.0, May 2008 Virtual Private Networking c. After between several seconds and two minutes, the ping response... reply. Type ping -t 192.168.3.1, and then click OK. Figure 6-15 This causes a continuous ping to be sent to connect. b. The NETGEAR ProSafe client reports the results of the remote DG834Gv5. Wireless ADSL2+ Modem Router DG834G User Manual 8.
... is established, you should change from the PC. Check the VPN connection. Establish an Internet connection from timed out to the DG834Gv5 modem router's network by opening the NETGEAR ProSafe Log Viewer. 6-16 v1.0, May 2008 Virtual Private Networking c. After between several seconds and two minutes, the ping response... reply. Type ping -t 192.168.3.1, and then click OK. Figure 6-15 This causes a continuous ping to be sent to connect. b. The NETGEAR ProSafe client reports the results of the remote DG834Gv5. Wireless ADSL2+ Modem Router DG834G User Manual 8.
DG834Gv5 Reference Manual
Page 111
...NETGEAR ProSafe VPN Client > Log Viewer. The Connection Monitor screen for a successful connection is shown in the following figure: Figure 6-17 Note: Use the active VPN tunnel information and pings to the VPN tunnel or some reason outside the VPN tunnel. 9. Virtual Private Networking v1.0, May 2008 6-17 Wireless ADSL2+ Modem Router DG834G... User Manual To launch this connection is due to determine whether a failed connection is shown in the following figure: Figure 6-18 In this example you can see these settings: • The DG834Gv5 ...
...NETGEAR ProSafe VPN Client > Log Viewer. The Connection Monitor screen for a successful connection is shown in the following figure: Figure 6-17 Note: Use the active VPN tunnel information and pings to the VPN tunnel or some reason outside the VPN tunnel. 9. Virtual Private Networking v1.0, May 2008 6-17 Wireless ADSL2+ Modem Router DG834G... User Manual To launch this connection is due to determine whether a failed connection is shown in the following figure: Figure 6-18 In this example you can see these settings: • The DG834Gv5 ...
DG834Gv5 Reference Manual
Page 113
... different. DES or 3DES: Authentication Protocol -- VPN Tunnel Configuration Worksheet Connection Name: Pre-Shared Key: Secure Association -- Wireless ADSL2+ Modem Router DG834G User Manual Set the LAN IPs on each DG834Gv5 to -gateway VPN tunnel using the NETGEAR default address range of each properly for the Internet. Group 1 or Group 2: Key Life in seconds: IKE...
... different. DES or 3DES: Authentication Protocol -- VPN Tunnel Configuration Worksheet Connection Name: Pre-Shared Key: Secure Association -- Wireless ADSL2+ Modem Router DG834G User Manual Set the LAN IPs on each DG834Gv5 to -gateway VPN tunnel using the NETGEAR default address range of each properly for the Internet. Group 1 or Group 2: Key Life in seconds: IKE...
DG834Gv5 Reference Manual
Page 114
Select the radio button: A remote VPN Gateway. Wireless ADSL2+ Modem Router DG834G User Manual 1. Figure 6-21 6-20 v1.0, May 2008 Virtual Private Networking Click Next to the DG834Gv5 on the main menu. The VPN Wizard screen displays: Figure 6-20 2. Enter the pre-shared key: (for example, GtoG). Select VPN Wizard on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of 3 screen displays: Enter the new connection name: (for example, 12345678). Log in to proceed, and the Step 1 of password.
Select the radio button: A remote VPN Gateway. Wireless ADSL2+ Modem Router DG834G User Manual 1. Figure 6-21 6-20 v1.0, May 2008 Virtual Private Networking Click Next to the DG834Gv5 on the main menu. The VPN Wizard screen displays: Figure 6-20 2. Enter the pre-shared key: (for example, GtoG). Select VPN Wizard on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of 3 screen displays: Enter the new connection name: (for example, 12345678). Log in to proceed, and the Step 1 of password.
DG834Gv5 Reference Manual
Page 117
... remote VPN gateway: - Repeat these steps for example, 14.15.16.17) • LAN IP settings of the remote VPN gateway (for the DG834Gv5 on LAN B, and pay special attention to enable the IKE keepalive capability on the Summary screen (see Figure 6-24) to active a VPN tunnel. ....255.0) - The VPN Policies screen displays, showing that the new tunnel is only one of three ways to complete the configuration procedure. Wireless ADSL2+ Modem Router DG834G User Manual 6. Subnet Mask (for information about how to using the following steps: Note: The VPN Status screen is enabled.
... remote VPN gateway: - Repeat these steps for example, 14.15.16.17) • LAN IP settings of the remote VPN gateway (for the DG834Gv5 on LAN B, and pay special attention to enable the IKE keepalive capability on the Summary screen (see Figure 6-24) to active a VPN tunnel. ....255.0) - The VPN Policies screen displays, showing that the new tunnel is only one of three ways to complete the configuration procedure. Wireless ADSL2+ Modem Router DG834G User Manual 6. Subnet Mask (for information about how to using the following steps: Note: The VPN Status screen is enabled.
DG834Gv5 Reference Manual
Page 118
Wireless ADSL2+ Modem Router DG834G User Manual a. Click the VPN Status button to verify that the tunnel is connected. 6-24 v1.0, May 2008 Virtual Private Networking On the DG834Gv5 main menu, select VPN Status. The VPN Status/Log screen displays: Figure 6-27 b. View the VPN Status/Log screen (Figure 6-29) to get the Current VPN Tunnels (SAs) screen: Figure 6-28 c. Click Connect for the VPN tunnel you want to activate.
Wireless ADSL2+ Modem Router DG834G User Manual a. Click the VPN Status button to verify that the tunnel is connected. 6-24 v1.0, May 2008 Virtual Private Networking On the DG834Gv5 main menu, select VPN Status. The VPN Status/Log screen displays: Figure 6-27 b. View the VPN Status/Log screen (Figure 6-29) to get the Current VPN Tunnels (SAs) screen: Figure 6-28 c. Click Connect for the VPN tunnel you want to activate.
DG834Gv5 Reference Manual
Page 120
... Start button, and then click Run. 6-26 v1.0, May 2008 Virtual Private Networking To check the VPN connection, you want to the DG834Gv5's network by Pinging the Remote Endpoint Note: This section uses 192.168.3.1 for the VPN tunnel that you can initiate a request from ...the remote PC to activate. b. Click Connect for an example remote endpoint LAN IP address. The NETGEAR ProSafe client reports the results of the attempt to connect. Activating the VPN Tunnel by using our example, start from the PC. Wireless ADSL2+ Modem Router DG834G User Manual 3.
... Start button, and then click Run. 6-26 v1.0, May 2008 Virtual Private Networking To check the VPN connection, you want to the DG834Gv5's network by Pinging the Remote Endpoint Note: This section uses 192.168.3.1 for the VPN tunnel that you can initiate a request from ...the remote PC to activate. b. Click Connect for an example remote endpoint LAN IP address. The NETGEAR ProSafe client reports the results of the attempt to connect. Activating the VPN Tunnel by using our example, start from the PC. Wireless ADSL2+ Modem Router DG834G User Manual 3.
DG834Gv5 Reference Manual
Page 121
...minutes, the ping response should see the login screen of the modem router (unless another PC already has the DG834Gv5 management interface open a browser on the PC and enter the LAN IP address of the remote DG834Gv5. Figure 6-32 Once the connection is established, you should change from...2008 6-27 Note: You can open ). • Gateway-to the first DG834Gv5. Type ping -t 192.168.3.1, and then click OK. Wireless ADSL2+ Modem Router DG834G User Manual c. After a short wait, you can use Ctrl-C to the DG834Gv5. Test the VPN tunnel by pinging the remote network from a PC attached to...
...minutes, the ping response should see the login screen of the modem router (unless another PC already has the DG834Gv5 management interface open a browser on the PC and enter the LAN IP address of the remote DG834Gv5. Figure 6-32 Once the connection is established, you should change from...2008 6-27 Note: You can open ). • Gateway-to the first DG834Gv5. Type ping -t 192.168.3.1, and then click OK. Wireless ADSL2+ Modem Router DG834G User Manual c. After a short wait, you can use Ctrl-C to the DG834Gv5. Test the VPN tunnel by pinging the remote network from a PC attached to...
DG834Gv5 Reference Manual
Page 126
... generate the encryption keys. • Manual Policy. Rather, you must match to the inbound VPN settings on page 6-37 for your DG834Gv5 and the corresponding VPN endpoint gateway or client workstation. Using Auto Policy to Configure VPN Tunnels You need to Configure VPN Tunnels" on ...Manual policy does not use one end must specify each phase of using Auto Policy. 6-32 v1.0, May 2008 Virtual Private Networking Wireless ADSL2+ Modem Router DG834G User Manual 2. however, the process is more control over the process; The outbound VPN settings on one of Using Auto Policy"...
... generate the encryption keys. • Manual Policy. Rather, you must match to the inbound VPN settings on page 6-37 for your DG834Gv5 and the corresponding VPN endpoint gateway or client workstation. Using Auto Policy to Configure VPN Tunnels You need to Configure VPN Tunnels" on ...Manual policy does not use one end must specify each phase of using Auto Policy. 6-32 v1.0, May 2008 Virtual Private Networking Wireless ADSL2+ Modem Router DG834G User Manual 2. however, the process is more control over the process; The outbound VPN settings on one of Using Auto Policy"...
DG834Gv5 Reference Manual
Page 127
... The DG834Gv5 VPN tunnel network connection fields are defined in the following table. Virtual Private Networking v1.0, May 2008 6-33 Select VPN Policies on the modem router requires that you configure several network parameters. The most common configuration scenarios will use IKE to manage the authentication and encryption keys. Wireless ADSL2+ Modem Router DG834G User...
... The DG834Gv5 VPN tunnel network connection fields are defined in the following table. Virtual Private Networking v1.0, May 2008 6-33 Select VPN Policies on the modem router requires that you configure several network parameters. The most common configuration scenarios will use IKE to manage the authentication and encryption keys. Wireless ADSL2+ Modem Router DG834G User...