DG834Gv4 Reference Manual
Page 9
...Planning a VPN ...6-3 VPN Tunnel Configuration 6-5 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 ...........6-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........6-9 Setting Up a Gateway-to-Gateway VPN Configuration 6-18 VPN Tunnel Control ...6-25 Activating a VPN Tunnel 6-25... 6-30 Deleting a VPN Tunnel 6-31 Setting Up VPN Tunnels in Special Circumstances 6-32 Using Auto Policy to Configure VPN Tunnels 6-32 Using Manual Policy to Configure VPN Tunnels 6-41 3 v2.0, September 2007
...Planning a VPN ...6-3 VPN Tunnel Configuration 6-5 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 ...........6-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........6-9 Setting Up a Gateway-to-Gateway VPN Configuration 6-18 VPN Tunnel Control ...6-25 Activating a VPN Tunnel 6-25... 6-30 Deleting a VPN Tunnel 6-31 Setting Up VPN Tunnels in Special Circumstances 6-32 Using Auto Policy to Configure VPN Tunnels 6-32 Using Manual Policy to Configure VPN Tunnels 6-41 3 v2.0, September 2007
DG834Gv4 Reference Manual
Page 14
... This Chapter link at http://kbserver.netgear.com/products/DG834G v4.asp. How to where the topic is described in the HTML view. Double-click on the browser toolbar to access the full NETGEAR, Inc. Use the PDF of any page. How to Print this Manual To print this manual includes the following: • Buttons, and...
... This Chapter link at http://kbserver.netgear.com/products/DG834G v4.asp. How to where the topic is described in the HTML view. Double-click on the browser toolbar to access the full NETGEAR, Inc. Use the PDF of any page. How to Print this Manual To print this manual includes the following: • Buttons, and...
DG834Gv4 Reference Manual
Page 25
...firewall disabled, the protections usually provided to disabling NAT. The Ethernet MAC address that you want to use the MAC address of that the DG834G v4 uses. Disable NAT only if you plan to masquerade as that you do not require it. This disables NAT, but leaves the firewall active... router on the LAN side of the network interface card in a setting where you directly manage the IP addresses that computer. You must be manually administering the IP address space on the Internet port. Classical routing should be used by the ISP. • Use This MAC Address. Classical...
...firewall disabled, the protections usually provided to disabling NAT. The Ethernet MAC address that you want to use the MAC address of that the DG834G v4 uses. Disable NAT only if you plan to masquerade as that you do not require it. This disables NAT, but leaves the firewall active... router on the LAN side of the network interface card in a setting where you directly manage the IP addresses that computer. You must be manually administering the IP address space on the Internet port. Classical routing should be used by the ISP. • Use This MAC Address. Classical...
DG834Gv4 Reference Manual
Page 58
ADSL2+ Modem Wireless Router DG834G Reference Manual Table 4-1. The country where the unit is set ID, also known as the wireless network name. Indicates if the access point feature is configured to ... Router Status Fields (continued) Field Wireless Port Name (SSID) These are set in Chapter 2. The current channel, which determines the operating frequency. Indicates if the DG834G v4 is disabled or not.
ADSL2+ Modem Wireless Router DG834G Reference Manual Table 4-1. The country where the unit is set ID, also known as the wireless network name. Indicates if the access point feature is configured to ... Router Status Fields (continued) Field Wireless Port Name (SSID) These are set in Chapter 2. The current channel, which determines the operating frequency. Indicates if the DG834G v4 is disabled or not.
DG834Gv4 Reference Manual
Page 82
...-to LAN Segment 1 or LAN Segment 2. 5-14 v2.0, September 2007 Advanced Configuration ADSL2+ Modem Wireless Router DG834G Reference Manual Point-to-Point Bridge Configuration In Point-to protect this communication. Use wireless security to -Point Bridge mode, the DG834G v4 modem router communicates as an access point with another bridge-mode wireless station. The...
...-to LAN Segment 1 or LAN Segment 2. 5-14 v2.0, September 2007 Advanced Configuration ADSL2+ Modem Wireless Router DG834G Reference Manual Point-to-Point Bridge Configuration In Point-to protect this communication. Use wireless security to -Point Bridge mode, the DG834G v4 modem router communicates as an access point with another bridge-mode wireless station. The...
DG834Gv4 Reference Manual
Page 83
...wireless client associations are disabled-only wired clients can be connected. Configure the operating mode of the DG834G v4 modem router. The figure below shows an example of this DG834G v4 as the Remote MAC Address. • Using wireless security to multiple peer access points simultaneously.... shown in the fields provided. • Setting the other access points in Figure 5-9: 1. ADSL2+ Modem Wireless Router DG834G Reference Manual Multi-Point Bridge Configuration Multi-Point Bridge mode allows a modem router to bridge to protect this traffic. Multi-Point Bridge...
...wireless client associations are disabled-only wired clients can be connected. Configure the operating mode of the DG834G v4 modem router. The figure below shows an example of this DG834G v4 as the Remote MAC Address. • Using wireless security to multiple peer access points simultaneously.... shown in the fields provided. • Setting the other access points in Figure 5-9: 1. ADSL2+ Modem Wireless Router DG834G Reference Manual Multi-Point Bridge Configuration Multi-Point Bridge mode allows a modem router to bridge to protect this traffic. Multi-Point Bridge...
DG834Gv4 Reference Manual
Page 84
...automatically (DHCP Client) in the IP Address Source section of the Basic IP Settings screen. • All APs, including the DG834G v4 modem router, must use the same SSID, channel, authentication mode, if any, and encryption in use additional access points configured .... • All APs, including the DG834G v4 modem router, must have the option of disabling client associations with Wireless Client Association In this ADSL2+ Modem Wireless Router. 5-16 v2.0, September 2007 Advanced Configuration ADSL2+ Modem Wireless Router DG834G Reference Manual • Configure the access point (AP3...
...automatically (DHCP Client) in the IP Address Source section of the Basic IP Settings screen. • All APs, including the DG834G v4 modem router, must use the same SSID, channel, authentication mode, if any, and encryption in use additional access points configured .... • All APs, including the DG834G v4 modem router, must have the option of disabling client associations with Wireless Client Association In this ADSL2+ Modem Wireless Router. 5-16 v2.0, September 2007 Advanced Configuration ADSL2+ Modem Wireless Router DG834G Reference Manual • Configure the access point (AP3...
DG834Gv4 Reference Manual
Page 85
... with wireless client association: 1. ADSL2+ Modem Wireless Router DG834G Reference Manual • You cannot configure a sequence of AP 1 in the Remote MAC Address field. 2. Configure the operating mode of the devices. • Configure AP 1 the DG834G v4 modem router in the IP Address Source section of a ...configured to Obtain an IP address automatically (DHCP Client) in the previous figure) on the same LAN. Wireless PC associated with AP 1 DG834G v4 Modem Router Wireless PC associated with AP2 Internet 192.168.0.1 AP 2 in Repeater mode PCs AP 1 (parent AP in Repeater mode)...
... with wireless client association: 1. ADSL2+ Modem Wireless Router DG834G Reference Manual • You cannot configure a sequence of AP 1 in the Remote MAC Address field. 2. Configure the operating mode of the devices. • Configure AP 1 the DG834G v4 modem router in the IP Address Source section of a ...configured to Obtain an IP address automatically (DHCP Client) in the previous figure) on the same LAN. Wireless PC associated with AP 1 DG834G v4 Modem Router Wireless PC associated with AP2 Internet 192.168.0.1 AP 2 in Repeater mode PCs AP 1 (parent AP in Repeater mode)...
DG834Gv4 Reference Manual
Page 87
... defaults of VPN Configuration Two common scenarios for configuring VPN tunnels are Auto Policy and Manual Policy. Chapter 6 Virtual Private Networking This chapter describes how to use the virtual private... configure a VPN tunnel between a remote PC and a network gateway using the VPN Wizard and the NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-18 provides...C to configure a VPN tunnel between two or more about VPN. The DG834G v4 supports up , along with the VPN Committee (VPNC) recommended default parameters set up to five concurrent tunnels....
... defaults of VPN Configuration Two common scenarios for configuring VPN tunnels are Auto Policy and Manual Policy. Chapter 6 Virtual Private Networking This chapter describes how to use the virtual private... configure a VPN tunnel between a remote PC and a network gateway using the VPN Wizard and the NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-18 provides...C to configure a VPN tunnel between two or more about VPN. The DG834G v4 supports up , along with the VPN Committee (VPNC) recommended default parameters set up to five concurrent tunnels....
DG834Gv4 Reference Manual
Page 88
...6-2 A VPN between networks, such as a telecommuter connecting to -Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to network resources across the Internet. Gateway-to-Gateway VPN Tunnels Gateway-to an ...Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide secure access from any location on page 6-5 to form the VPN tunnel end points. Figure 6-1 A VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running the VPN client software. In this case, use DG834G v4s...
...6-2 A VPN between networks, such as a telecommuter connecting to -Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to network resources across the Internet. Gateway-to-Gateway VPN Tunnels Gateway-to an ...Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide secure access from any location on page 6-5 to form the VPN tunnel end points. Figure 6-1 A VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running the VPN client software. In this case, use DG834G v4s...
DG834Gv4 Reference Manual
Page 91
... Exchange (IKE) setup. • See "Using Manual Policy to configure a VPN tunnel (recommended for most situations): - See "Setting Up a Client-to -Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 6-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between your DG834G v4 and the corresponding VPN endpoint gateway or...
... Exchange (IKE) setup. • See "Using Manual Policy to configure a VPN tunnel (recommended for most situations): - See "Setting Up a Client-to -Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 6-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between your DG834G v4 and the corresponding VPN endpoint gateway or...
DG834Gv4 Reference Manual
Page 92
...ADSL2+ Modem Wireless Router DG834G Reference Manual • "Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4" on page 6-6 describes how to use the VPN Wizard to configure the VPN tunnel between the remote PC and network gateway. • "Step 2: Configuring the NETGEAR ProSafe VPN Client on ...the Remote PC" on page 6-9 shows how to set up the VPN tunnel. Main Mode or Manual Keys: Perfect Forward Secrecy -- Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 Note: This section uses the VPN...
...ADSL2+ Modem Wireless Router DG834G Reference Manual • "Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4" on page 6-6 describes how to use the VPN Wizard to configure the VPN tunnel between the remote PC and network gateway. • "Step 2: Configuring the NETGEAR ProSafe VPN Client on ...the Remote PC" on page 6-9 shows how to set up the VPN tunnel. Main Mode or Manual Keys: Perfect Forward Secrecy -- Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 Note: This section uses the VPN...
DG834Gv4 Reference Manual
Page 96
... connection name used on page 6-6, create a VPN connection. a. Figure 6-9 A New Connection listing appears in the system tray. Run the NETGEAR ProSafe Security Policy Editor program, and, using the "VPN Tunnel Configuration Worksheet" on the client side of the VPN tunnel is in the ...ADSL2+ Modem Wireless Router DG834G Reference Manual If you might see the warning message stating "The NETGEAR ProSafe VPN Component requires at least one dial-up adapter be installed." You can disregard this example, the connection name used on the gateway side of the DG834G v4 on LAN A. Add a...
... connection name used on page 6-6, create a VPN connection. a. Figure 6-9 A New Connection listing appears in the system tray. Run the NETGEAR ProSafe Security Policy Editor program, and, using the "VPN Tunnel Configuration Worksheet" on the client side of the VPN tunnel is in the ...ADSL2+ Modem Wireless Router DG834G Reference Manual If you might see the warning message stating "The NETGEAR ProSafe VPN Component requires at least one dial-up adapter be installed." You can disregard this example, the connection name used on the gateway side of the DG834G v4 on LAN A. Add a...
DG834Gv4 Reference Manual
Page 97
... DG834G Reference Manual Tip: Choose connection names that make sense to view the Security Policy settings. d. Select IP Address in the field directly below the connection name. Figure 6-10 Virtual Private Networking v2.0, September 2007 6-11 The resulting connection settings are shown in the NETGEAR ...ProSafe VPN Client software: a. Select the Connect using and administering the VPN. Enter the public WAN IP Address of the DG834G v4. • Protocol: Select All to allow all traffic through the ...
... DG834G Reference Manual Tip: Choose connection names that make sense to view the Security Policy settings. d. Select IP Address in the field directly below the connection name. Figure 6-10 Virtual Private Networking v2.0, September 2007 6-11 The resulting connection settings are shown in the NETGEAR ...ProSafe VPN Client software: a. Select the Connect using and administering the VPN. Enter the public WAN IP Address of the DG834G v4. • Protocol: Select All to allow all traffic through the ...
DG834Gv4 Reference Manual
Page 98
... the Internet. Figure 6-11 b. c. d. If you will be switching between adapters or if you are using a virtual fixed IP address, enter this address in the DG834G v4 and either a fixed IP address or a fixed virtual IP address of the screen, select the adapter that you configured in the Internal Network IP Address... the Select Certificate drop-down list. If you have only one adapter, select Any. 6-12 v2.0, September 2007 Virtual Private Networking ADSL2+ Modem Wireless Router DG834G Reference Manual c. Configure the VPN client identity. In this field empty.
... the Internet. Figure 6-11 b. c. d. If you will be switching between adapters or if you are using a virtual fixed IP address, enter this address in the DG834G v4 and either a fixed IP address or a fixed virtual IP address of the screen, select the adapter that you configured in the Internal Network IP Address... the Select Certificate drop-down list. If you have only one adapter, select Any. 6-12 v2.0, September 2007 Virtual Private Networking ADSL2+ Modem Wireless Router DG834G Reference Manual c. Configure the VPN client identity. In this field empty.
DG834Gv4 Reference Manual
Page 99
ADSL2+ Modem Wireless Router DG834G Reference Manual e. Click Enter Key. This selection must match your selection in the DG834G v4 configuration. The Pre-Shared Key screen displays: Figure 6-12 f. In this step, you provide the type of the screen, click the Pre-Shared Key button. Enter the DG834G v4 pre-shared key, and then click OK. In...
ADSL2+ Modem Wireless Router DG834G Reference Manual e. Click Enter Key. This selection must match your selection in the DG834G v4 configuration. The Pre-Shared Key screen displays: Figure 6-12 f. In this step, you provide the type of the screen, click the Pre-Shared Key button. Enter the DG834G v4 pre-shared key, and then click OK. In...
DG834Gv4 Reference Manual
Page 100
...) to be used for this step, you provide the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in the DG834G v4 configuration. Expand the Key Exchange subheading by double-clicking its name or clicking the + symbol. Figure 6-14 b. Select the...Hash Alg drop-down list, select Unspecified. In the SA Life drop-down list, select Diffie-Hellman Group 2. 6. d. ADSL2+ Modem Wireless Router DG834G Reference Manual c. c. a. This selection must match your selection in Table 6-3 on page 6-6. e. d. Then select Proposal 1 below Key Exchange. In the Key...
...) to be used for this step, you provide the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in the DG834G v4 configuration. Expand the Key Exchange subheading by double-clicking its name or clicking the + symbol. Figure 6-14 b. Select the...Hash Alg drop-down list, select Unspecified. In the SA Life drop-down list, select Diffie-Hellman Group 2. 6. d. ADSL2+ Modem Wireless Router DG834G Reference Manual c. c. a. This selection must match your selection in Table 6-3 on page 6-6. e. d. Then select Proposal 1 below Key Exchange. In the Key...
DG834Gv4 Reference Manual
Page 101
...Virtual Private Networking v2.0, September 2007 6-15 g. In the Security Policy Editor window, select File > Save. c. h. ADSL2+ Modem Wireless Router DG834G Reference Manual f. Save the VPN Client Settings. To perform a ping test using the Connect option in the range of the attempt to access any IP ...NETGEAR ProSafe menu bar. On the Windows taskbar, click the Start button, and then click Run. After you have configured and saved the VPN client information, your PC automatically opens the VPN connection when you can initiate a request from the remote PC to the DG834G v4 ...
...Virtual Private Networking v2.0, September 2007 6-15 g. In the Security Policy Editor window, select File > Save. c. h. ADSL2+ Modem Wireless Router DG834G Reference Manual f. Save the VPN Client Settings. To perform a ping test using the Connect option in the range of the attempt to access any IP ...NETGEAR ProSafe menu bar. On the Windows taskbar, click the Start button, and then click Run. After you have configured and saved the VPN client information, your PC automatically opens the VPN connection when you can initiate a request from the remote PC to the DG834G v4 ...
DG834Gv4 Reference Manual
Page 102
...login screen of the modem router (unless another PC already has the DG834G v4 management interface open a browser on the PC and enter the LAN IP address of the VPN client connection by opening the NETGEAR ProSafe Log Viewer. To launch this function, click the Windows Start... button, then select Programs > NETGEAR ProSafe VPN Client > Log Viewer. After a short wait, you can view information about the progress and status of the remote DG834G v4. Figure 6-16 Once the connection is due to reply. ADSL2+ Modem Wireless Router DG834G Reference Manual This causes a continuous ping to...
...login screen of the modem router (unless another PC already has the DG834G v4 management interface open a browser on the PC and enter the LAN IP address of the VPN client connection by opening the NETGEAR ProSafe Log Viewer. To launch this function, click the Windows Start... button, then select Programs > NETGEAR ProSafe VPN Client > Log Viewer. After a short wait, you can view information about the progress and status of the remote DG834G v4. Figure 6-16 Once the connection is due to reply. ADSL2+ Modem Wireless Router DG834G Reference Manual This causes a continuous ping to...
DG834Gv4 Reference Manual
Page 103
... (public IP WAN address) of 22.23.24.25. • The DG834G v4 has a Remote Address (LAN IP address) of 192.168.3.1. • The VPN client PC has a Local Address (dynamically assigned address) of the connection. ADSL2+ Modem Wireless Router DG834G Reference Manual 9. Virtual Private Networking v2.0, September 2007 6-17 Note: While your PC...
... (public IP WAN address) of 22.23.24.25. • The DG834G v4 has a Remote Address (LAN IP address) of 192.168.3.1. • The VPN client PC has a Local Address (dynamically assigned address) of the connection. ADSL2+ Modem Wireless Router DG834G Reference Manual 9. Virtual Private Networking v2.0, September 2007 6-17 Note: While your PC...