DG834Gv4 Reference Manual
Page 9
...Planning a VPN ...6-3 VPN Tunnel Configuration 6-5 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 ...........6-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........6-9 Setting Up a Gateway-to-Gateway VPN Configuration 6-18 VPN Tunnel Control ...6-25 Activating a VPN Tunnel 6-25... 6-30 Deleting a VPN Tunnel 6-31 Setting Up VPN Tunnels in Special Circumstances 6-32 Using Auto Policy to Configure VPN Tunnels 6-32 Using Manual Policy to Configure VPN Tunnels 6-41 3 v2.0, September 2007
...Planning a VPN ...6-3 VPN Tunnel Configuration 6-5 Setting Up a Client-to-Gateway VPN Configuration 6-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 ...........6-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........6-9 Setting Up a Gateway-to-Gateway VPN Configuration 6-18 VPN Tunnel Control ...6-25 Activating a VPN Tunnel 6-25... 6-30 Deleting a VPN Tunnel 6-31 Setting Up VPN Tunnels in Special Circumstances 6-32 Using Auto Policy to Configure VPN Tunnels 6-32 Using Manual Policy to Configure VPN Tunnels 6-41 3 v2.0, September 2007
DG834Gv4 Reference Manual
Page 14
... How to Print this Manual To print this manual includes the following options, according to the NETGEAR website in Appendix C, "Related Documents". Use the Print button on the NETGEAR, Inc. website at the top left of This Chapter link at http://kbserver.netgear.com/products/DG834G v4.asp. Use the PDF... of any page. Each page in the HTML version of the manual is written for the ADSL2+ Modem Wireless...
... How to Print this Manual To print this manual includes the following options, according to the NETGEAR website in Appendix C, "Related Documents". Use the Print button on the NETGEAR, Inc. website at the top left of This Chapter link at http://kbserver.netgear.com/products/DG834G v4.asp. Use the PDF... of any page. Each page in the HTML version of the manual is written for the ADSL2+ Modem Wireless...
DG834Gv4 Reference Manual
Page 25
...is disabled, only standard routing is enabled. • Disable. This feature allows your network are disabled. ADSL2+ Modem Wireless Router DG834G Reference Manual Table 1-2. The modem router will be selected only by "cloning" its configuration settings to LAN-connected devices. • Enable. Configuring... use the MAC address of that computer. They will be using . Enter the MAC address that the DG834G v4 uses. Classical routing should be manually administering the IP address space on the Internet port. This disables NAT, but leaves the firewall active. ...
...is disabled, only standard routing is enabled. • Disable. This feature allows your network are disabled. ADSL2+ Modem Wireless Router DG834G Reference Manual Table 1-2. The modem router will be selected only by "cloning" its configuration settings to LAN-connected devices. • Enable. Configuring... use the MAC address of that computer. They will be using . Enter the MAC address that the DG834G v4 uses. Classical routing should be manually administering the IP address space on the Internet port. This disables NAT, but leaves the firewall active. ...
DG834Gv4 Reference Manual
Page 58
ADSL2+ Modem Wireless Router DG834G Reference Manual Table 4-1. Indicates if the access point feature is set up for use. The current channel, which determines the operating frequency. Broadcast Name Description The service ..., also known as the wireless network name. see Channel "Viewing or Changing Wireless AP Wireless Settings" in Region the Wireless Settings page; Indicates if the DG834G v4 is configured to display modem router usage statistics: Figure 4-4 4-6 Managing Your Network v2.0, September 2007 If not enabled, the Wireless LED on the Router Status...
ADSL2+ Modem Wireless Router DG834G Reference Manual Table 4-1. Indicates if the access point feature is set up for use. The current channel, which determines the operating frequency. Broadcast Name Description The service ..., also known as the wireless network name. see Channel "Viewing or Changing Wireless AP Wireless Settings" in Region the Wireless Settings page; Indicates if the DG834G v4 is configured to display modem router usage statistics: Figure 4-4 4-6 Managing Your Network v2.0, September 2007 If not enabled, the Wireless LED on the Router Status...
DG834Gv4 Reference Manual
Page 82
...5-14 v2.0, September 2007 Advanced Configuration only wired clients can be the DHCP server. 5. Use wireless security to -Point Bridge mode, the DG834G v4 modem router communicates as an access point with another bridge-mode wireless station. Both APs (access points) are disabled- Internet 192.168.0.1 AP... connect to the Internet or share files and printers of Point-to -Point Bridge mode. 2. ADSL2+ Modem Wireless Router DG834G Reference Manual Point-to-Point Bridge Configuration In Point-to protect this communication. Configure and verify the following figure shows an example of ...
...5-14 v2.0, September 2007 Advanced Configuration only wired clients can be the DHCP server. 5. Use wireless security to -Point Bridge mode, the DG834G v4 modem router communicates as an access point with another bridge-mode wireless station. Both APs (access points) are disabled- Internet 192.168.0.1 AP... connect to the Internet or share files and printers of Point-to -Point Bridge mode. 2. ADSL2+ Modem Wireless Router DG834G Reference Manual Point-to-Point Bridge Configuration In Point-to protect this communication. Configure and verify the following figure shows an example of ...
DG834Gv4 Reference Manual
Page 83
... wireless client associations are disabled-only wired clients can be connected. The DG834v4 is AP 1, which is in a central location, configure the DG834G v4 modem router (AP 1) on LAN Segment 1 in Point-to-Multi-Point Bridge mode and enter the MAC addresses of a Multi-Point Bridge ... Configure the access point (AP2) on LAN Segment 2 in Point-to multiple peer access points simultaneously. ADSL2+ Modem Wireless Router DG834G Reference Manual Multi-Point Bridge Configuration Multi-Point Bridge mode allows a modem router to bridge to -Multi-Point Bridge mode. Configure the operating mode...
... wireless client associations are disabled-only wired clients can be connected. The DG834v4 is AP 1, which is in a central location, configure the DG834G v4 modem router (AP 1) on LAN Segment 1 in Point-to-Multi-Point Bridge mode and enter the MAC addresses of a Multi-Point Bridge ... Configure the access point (AP2) on LAN Segment 2 in Point-to multiple peer access points simultaneously. ADSL2+ Modem Wireless Router DG834G Reference Manual Multi-Point Bridge Configuration Multi-Point Bridge mode allows a modem router to bridge to -Multi-Point Bridge mode. Configure the operating mode...
DG834Gv4 Reference Manual
Page 84
... addresses must be in the same network. • If using DHCP, all traffic to -point APs must enter the MAC address of the DG834G v4 modem router. 2. Repeater with Wireless Client Association In this ADSL2+ Modem Wireless Router. 5-16 v2.0, September 2007 Advanced Configuration That is configured... in Point-toMulti-Point Bridge mode; If you require wireless stations to access any LAN segment. ADSL2+ Modem Wireless Router DG834G Reference Manual • Configure the access point (AP3) on LAN Segment 3 in Point-to-Point Bridge mode with the remote MAC address of ...
... addresses must be in the same network. • If using DHCP, all traffic to -point APs must enter the MAC address of the DG834G v4 modem router. 2. Repeater with Wireless Client Association In this ADSL2+ Modem Wireless Router. 5-16 v2.0, September 2007 Advanced Configuration That is configured... in Point-toMulti-Point Bridge mode; If you require wireless stations to access any LAN segment. ADSL2+ Modem Wireless Router DG834G Reference Manual • Configure the access point (AP3) on LAN Segment 3 in Point-to-Point Bridge mode with the remote MAC address of ...
DG834Gv4 Reference Manual
Page 85
...DG834G Reference Manual • You cannot configure a sequence of AP 1 in the Remote MAC Address field. • Configure AP 3 with wireless client association: 1. The following for the APs must be in the same network. • If you are limited to only one parent AP, although if the DG834G v4...example of AP 1 in the previous figure) on the same LAN. Advanced Configuration v2.0, September 2007 5-17 Wireless PC associated with AP 1 DG834G v4 Modem Router Wireless PC associated with AP2 Internet 192.168.0.1 AP 2 in Repeater mode PCs AP 1 (parent AP in Repeater mode) AP ...
...DG834G Reference Manual • You cannot configure a sequence of AP 1 in the Remote MAC Address field. • Configure AP 3 with wireless client association: 1. The following for the APs must be in the same network. • If you are limited to only one parent AP, although if the DG834G v4...example of AP 1 in the previous figure) on the same LAN. Advanced Configuration v2.0, September 2007 5-17 Wireless PC associated with AP 1 DG834G v4 Modem Router Wireless PC associated with AP2 Internet 192.168.0.1 AP 2 in Repeater mode PCs AP 1 (parent AP in Repeater mode) AP ...
DG834Gv4 Reference Manual
Page 87
... on page 6-25 provides the step-by-step procedures for configuring VPN tunnels are between two or more about VPN. The DG834G v4 supports up , along with the VPN Committee (VPNC) recommended default parameters set by the VPN Wizard. • "VPN ...NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-3 provides a worksheet for configuring VPN tunnels are inappropriate. This chapter is organized as follows: • "Overview of VPN Configuration" on page 6-1 provides an overview of the VPN Wizard are Auto Policy and Manual Policy. The DG834G v4...
... on page 6-25 provides the step-by-step procedures for configuring VPN tunnels are between two or more about VPN. The DG834G v4 supports up , along with the VPN Committee (VPNC) recommended default parameters set by the VPN Wizard. • "VPN ...NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 6-3 provides a worksheet for configuring VPN tunnels are inappropriate. This chapter is organized as follows: • "Overview of VPN Configuration" on page 6-1 provides an overview of the VPN Wizard are Auto Policy and Manual Policy. The DG834G v4...
DG834Gv4 Reference Manual
Page 88
... a Gateway-to-Gateway VPN Configuration" on each end of the tunnel to form the VPN tunnel end points. In this case, use DG834G v4s on page 6-18 for information about how to set up this configuration. VPN tunnels also enable access to network resources across the Internet. In...Gateway-to-Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet. ADSL2+ Modem Wireless Router DG834G Reference Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide ...
... a Gateway-to-Gateway VPN Configuration" on each end of the tunnel to form the VPN tunnel end points. In this case, use DG834G v4s on page 6-18 for information about how to set up this configuration. VPN tunnels also enable access to network resources across the Internet. In...Gateway-to-Gateway VPN Tunnels provide secure access between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners over the Internet. ADSL2+ Modem Wireless Router DG834G Reference Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide ...
DG834Gv4 Reference Manual
Page 91
... Up a Client-to-Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 6-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between your DG834G v4 and the corresponding VPN endpoint gateway or client workstation. ADSL2+ Modem Wireless Router DG834G Reference Manual VPN Tunnel Configuration There are not appropriate for your special...
... Up a Client-to-Gateway VPN Configuration 22.23.24.25 DG834G VPN Tunnel 0.0.0.0 192.168.3.1 PCs Figure 6-3 PC (Running NETGEAR ProSafe VPN Client) Setting up a VPN between your DG834G v4 and the corresponding VPN endpoint gateway or client workstation. ADSL2+ Modem Wireless Router DG834G Reference Manual VPN Tunnel Configuration There are not appropriate for your special...
DG834Gv4 Reference Manual
Page 92
.... Enabled or Disabled: Encryption Protocol -- DES or 3DES: Authentication Protocol -- Main Mode or Manual Keys: Perfect Forward Secrecy -- Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 Note: This section uses the VPN Wizard to configure the NETGEAR ProSafe VPN Client endpoint. Table 6-3. The worksheet in Table 6-3 identifies the parameters used...
.... Enabled or Disabled: Encryption Protocol -- DES or 3DES: Authentication Protocol -- Main Mode or Manual Keys: Perfect Forward Secrecy -- Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v4 Note: This section uses the VPN Wizard to configure the NETGEAR ProSafe VPN Client endpoint. Table 6-3. The worksheet in Table 6-3 identifies the parameters used...
DG834Gv4 Reference Manual
Page 96
... client side of the VPN tunnel is in the VPN Settings screen of the DG834G v4 on LAN A. The ProSafe icon ( ) is toDG834, and it matches the Connection Name field in the system tray. Run the NETGEAR ProSafe Security Policy Editor program, and, using the "VPN Tunnel Configuration Worksheet"... so that it does not have a modem or dial-up adapter be installed." ADSL2+ Modem Wireless Router DG834G Reference Manual If you might see the warning message stating "The NETGEAR ProSafe VPN Component requires at least one dial-up adapter installed in the list of policies. Reboot the remote...
... client side of the VPN tunnel is in the VPN Settings screen of the DG834G v4 on LAN A. The ProSafe icon ( ) is toDG834, and it matches the Connection Name field in the system tray. Run the NETGEAR ProSafe Security Policy Editor program, and, using the "VPN Tunnel Configuration Worksheet"... so that it does not have a modem or dial-up adapter be installed." ADSL2+ Modem Wireless Router DG834G Reference Manual If you might see the warning message stating "The NETGEAR ProSafe VPN Component requires at least one dial-up adapter installed in the list of policies. Reboot the remote...
DG834Gv4 Reference Manual
Page 97
...10. 3. Click the Security Policy subheading to the people using Secure Gateway Tunnel check box. ADSL2+ Modem Wireless Router DG834G Reference Manual Tip: Choose connection names that make sense to view the Security Policy settings. My Identity and Security Policy subheadings appear below... below the connection name. Enter the public WAN IP Address of the DG834G v4. • Protocol: Select All to allow all traffic through the VPN tunnel. The resulting connection settings are shown in the NETGEAR ProSafe VPN Client software: a. Enter the following settings: • Connection...
...10. 3. Click the Security Policy subheading to the people using Secure Gateway Tunnel check box. ADSL2+ Modem Wireless Router DG834G Reference Manual Tip: Choose connection names that make sense to view the Security Policy settings. My Identity and Security Policy subheadings appear below... below the connection name. Enter the public WAN IP Address of the DG834G v4. • Protocol: Select All to allow all traffic through the VPN tunnel. The resulting connection settings are shown in the NETGEAR ProSafe VPN Client software: a. Enter the following settings: • Connection...
DG834Gv4 Reference Manual
Page 98
...address in the ID Type drop-down list, select None. Select IP Address in the Internal Network IP Address field. ADSL2+ Modem Wireless Router DG834G Reference Manual c. In the Select Phase 1 Negotiation Mode section of the Security Policy Editor window, click My Identity. Figure 6-11 b. If you are using...leave this field empty. If you will be switching between adapters or if you have a dial-up Internet account, select PPP Adapter in the DG834G v4 and either a fixed IP address or a fixed virtual IP address of the VPN client PC. a. In the Network Security Policy list on the...
...address in the ID Type drop-down list, select None. Select IP Address in the Internal Network IP Address field. ADSL2+ Modem Wireless Router DG834G Reference Manual c. In the Select Phase 1 Negotiation Mode section of the Security Policy Editor window, click My Identity. Figure 6-11 b. If you are using...leave this field empty. If you will be switching between adapters or if you have a dial-up Internet account, select PPP Adapter in the DG834G v4 and either a fixed IP address or a fixed virtual IP address of the VPN client PC. a. In the Network Security Policy list on the...
DG834Gv4 Reference Manual
Page 99
... the left side of the Security Policy Editor window, expand the Security Policy heading by double clicking its name or clicking the + symbol. b. Enter the DG834G v4 pre-shared key, and then click OK. This field is entered. Configure the VPN Client Authentication Proposal. Click Enter Key. a. Figure 6-13 Virtual Private Networking... of the screen, click the Pre-Shared Key button. The Pre-Shared Key screen displays: Figure 6-12 f. This selection must match your selection in the DG834G v4 configuration. ADSL2+ Modem Wireless Router DG834G Reference Manual e.
... the left side of the Security Policy Editor window, expand the Security Policy heading by double clicking its name or clicking the + symbol. b. Enter the DG834G v4 pre-shared key, and then click OK. This field is entered. Configure the VPN Client Authentication Proposal. Click Enter Key. a. Figure 6-13 Virtual Private Networking... of the screen, click the Pre-Shared Key button. The Pre-Shared Key screen displays: Figure 6-12 f. This selection must match your selection in the DG834G v4 configuration. ADSL2+ Modem Wireless Router DG834G Reference Manual e.
DG834Gv4 Reference Manual
Page 100
ADSL2+ Modem Wireless Router DG834G Reference Manual c. In the Authentication Method drop-down list, select Diffie-Hellman Group 2. 6. In the Key Group drop-down list... 6-14 b. In the Encrypt Alg drop-down list, select the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in Table 6-3 on page 6-6. f. Configure the VPN client key exchange proposal. Then select Proposal 1 below Key Exchange. In the ...this step, you provide the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in the DG834G v4 configuration.
ADSL2+ Modem Wireless Router DG834G Reference Manual c. In the Authentication Method drop-down list, select Diffie-Hellman Group 2. 6. In the Key Group drop-down list... 6-14 b. In the Encrypt Alg drop-down list, select the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in Table 6-3 on page 6-6. f. Configure the VPN client key exchange proposal. Then select Proposal 1 below Key Exchange. In the ...this step, you provide the type of encryption that is configured for the Encryption Protocol in the DG834G v4 in the DG834G v4 configuration.
DG834Gv4 Reference Manual
Page 101
ADSL2+ Modem Wireless Router DG834G Reference Manual f. In the Security Policy Editor window, select File > Save. The NETGEAR ProSafe client reports the results of the remote VPN router's LAN. 8. To perform a ping test using the Connect option in ... NETGEAR ProSafe menu bar. Establish an Internet connection from the remote PC: a. g. In the Encapsulation drop-down list, select SHA-1. b. c. Save the VPN Client Settings. h. Leave the Authentication Protocol (AH) check box cleared. 7. Check the VPN connection. To check the VPN Connection, you attempt to the DG834G v4...
ADSL2+ Modem Wireless Router DG834G Reference Manual f. In the Security Policy Editor window, select File > Save. The NETGEAR ProSafe client reports the results of the remote VPN router's LAN. 8. To perform a ping test using the Connect option in ... NETGEAR ProSafe menu bar. Establish an Internet connection from the remote PC: a. g. In the Encapsulation drop-down list, select SHA-1. b. c. Save the VPN Client Settings. h. Leave the Authentication Protocol (AH) check box cleared. 7. Check the VPN connection. To check the VPN Connection, you attempt to the DG834G v4...
DG834Gv4 Reference Manual
Page 102
...failed connection is established, you should change from timed out to the first DG834G v4. After a short wait, you can view information about the progress and status of the remote DG834G v4. ADSL2+ Modem Wireless Router DG834G Reference Manual This causes a continuous ping to be sent to reply. After between ...minutes, the ping response should see the login screen of the modem router (unless another PC already has the DG834G v4 management interface open a browser on the PC and enter the LAN IP address of the VPN client connection by opening the NETGEAR ProSafe Log Viewer.
...failed connection is established, you should change from timed out to the first DG834G v4. After a short wait, you can view information about the progress and status of the remote DG834G v4. ADSL2+ Modem Wireless Router DG834G Reference Manual This causes a continuous ping to be sent to reply. After between ...minutes, the ping response should see the login screen of the modem router (unless another PC already has the DG834G v4 management interface open a browser on the PC and enter the LAN IP address of the VPN client connection by opening the NETGEAR ProSafe Log Viewer.
DG834Gv4 Reference Manual
Page 103
... (public IP WAN address) of 22.23.24.25. • The DG834G v4 has a Remote Address (LAN IP address) of 192.168.3.1. • The VPN client PC has a Local Address (dynamically assigned address) of the connection. ADSL2+ Modem Wireless Router DG834G Reference Manual 9. Virtual Private Networking v2.0, September 2007 6-17 If this is connected...
... (public IP WAN address) of 22.23.24.25. • The DG834G v4 has a Remote Address (LAN IP address) of 192.168.3.1. • The VPN client PC has a Local Address (dynamically assigned address) of the connection. ADSL2+ Modem Wireless Router DG834G Reference Manual 9. Virtual Private Networking v2.0, September 2007 6-17 If this is connected...