FVG318 Reference Manual
Page 9
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 5-5 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-7 Monitoring the Progress and Status of the VPN Client Connection 5-15 Transferring a Security Policy to Another Client 5-17 Setting Up a Gateway-to-Gateway VPN Configuration 5-19 Activating a VPN Tunnel 5-23 Verifying the Status of...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 5-5 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-7 Monitoring the Progress and Status of the VPN Client Connection 5-15 Transferring a Security Policy to Another Client 5-17 Setting Up a Gateway-to-Gateway VPN Configuration 5-19 Activating a VPN Tunnel 5-23 Verifying the Status of...
FVG318 Reference Manual
Page 11
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The FVG318-to-FVS318v2 Case C-7 Configuring the VPN Tunnel C-7 Viewing and Editing the VPN Parameters C-8 Initiating and Checking the VPN Connections C-9 The FVG318-to-FVL328 Case C-10 Configuring the VPN Tunnel C-10 Viewing and Editing the VPN Parameters C-11 Initiating and Checking the VPN Connections C-12 The FVG318-to-VPN Client Case C-13 Client-to-Gateway VPN Tunnel Overview C-13 Configuring the VPN Tunnel C-14 Initiating and Checking the VPN Connections C-18 Contents xi v1.0, September 2007
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The FVG318-to-FVS318v2 Case C-7 Configuring the VPN Tunnel C-7 Viewing and Editing the VPN Parameters C-8 Initiating and Checking the VPN Connections C-9 The FVG318-to-FVL328 Case C-10 Configuring the VPN Tunnel C-10 Viewing and Editing the VPN Parameters C-11 Initiating and Checking the VPN Connections C-12 The FVG318-to-VPN Client Case C-13 Client-to-Gateway VPN Tunnel Overview C-13 Configuring the VPN Tunnel C-14 Initiating and Checking the VPN Connections C-18 Contents xi v1.0, September 2007
FVG318 Reference Manual
Page 72
... be enabled. To define a new service, first you have the port number information, go the Security > Services. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Attack Check Type Description VPN Pass through IPSec/PPTP/L2TPa Typically, the router is used as a VPN Client or Gateway that connects to 65535 by the authors of the application. The service numbers for the...
... be enabled. To define a new service, first you have the port number information, go the Security > Services. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Attack Check Type Description VPN Pass through IPSec/PPTP/L2TPa Typically, the router is used as a VPN Client or Gateway that connects to 65535 by the authors of the application. The service numbers for the...
FVG318 Reference Manual
Page 79
... a network gateway using the VPN Wizard. • "Activating a VPN Tunnel" on how to configure a secure IPSec VPN tunnel from a NETGEAR FVG318 to use the virtual private networking (VPN) features of the VPN firewall. This case study follows the VPN Consortium interoperability profile guidelines (found...the steps needed to configure a VPN tunnel between two network gateways using the VPN Wizard and the NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 5-19 provides the steps needed to configure VPN tunnels when there are special circumstances ...
... a network gateway using the VPN Wizard. • "Activating a VPN Tunnel" on how to configure a secure IPSec VPN tunnel from a NETGEAR FVG318 to use the virtual private networking (VPN) features of the VPN firewall. This case study follows the VPN Consortium interoperability profile guidelines (found...the steps needed to configure a VPN tunnel between two network gateways using the VPN Wizard and the NETGEAR ProSafe VPN Client. • "Setting Up a Gateway-to-Gateway VPN Configuration" on page 5-19 provides the steps needed to configure VPN tunnels when there are special circumstances ...
FVG318 Reference Manual
Page 80
... page 5-5 to set up to -gateway VPN tunnels provide secure access between two or more network gateways. See "Setting Up a Client-to your network is one tunnel endpoint, running the VPN client software. FVG318 Figure 5-1 A VPN client access allows a remote PC to connect to -Gateway VPN Configuration" on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Overview of VPN configurations. In this configuration.
... page 5-5 to set up to -gateway VPN tunnels provide secure access between two or more network gateways. See "Setting Up a Client-to your network is one tunnel endpoint, running the VPN client software. FVG318 Figure 5-1 A VPN client access allows a remote PC to connect to -Gateway VPN Configuration" on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Overview of VPN configurations. In this configuration.
FVG318 Reference Manual
Page 83
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration Setting up the VPN tunnel using the VPN Wizard. 1. Basic Virtual Private Networking 5-5 v1.0, September 2007 FVG318 Figure 5-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 Note: This section uses the VPN Wizard to set up the VPN tunnel. Follow this procedure to configure a client-to-gateway VPN tunnel using the...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration Setting up the VPN tunnel using the VPN Wizard. 1. Basic Virtual Private Networking 5-5 v1.0, September 2007 FVG318 Figure 5-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 Note: This section uses the VPN Wizard to set up the VPN tunnel. Follow this procedure to configure a client-to-gateway VPN tunnel using the...
FVG318 Reference Manual
Page 84
...) Figure 5-4 3. Note: The Connection Name is arbitrary and is used for access by remote PCs running VPN client software. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. Check the VPN Client radio button and enter the Connection Name and the pre-shared key. Select VPN > VPN Wizard from the menu. The End Point Information will display. The WPN Wizard screen will be...
...) Figure 5-4 3. Note: The Connection Name is arbitrary and is used for access by remote PCs running VPN client software. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. Check the VPN Client radio button and enter the Connection Name and the pre-shared key. Select VPN > VPN Wizard from the menu. The End Point Information will display. The WPN Wizard screen will be...
FVG318 Reference Manual
Page 85
... link on the VPN Wizard screen to display the VPN default values shown below. The VPN Policies screen will display showing that the new tunnel is enabled. Click Apply on the VPN Wizard screen to complete the configuration procedure. To enable/disable the tunnel, select the checkbox and click Enable or Disable. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
... link on the VPN Wizard screen to display the VPN default values shown below. The VPN Policies screen will display showing that the new tunnel is enabled. Click Apply on the VPN Wizard screen to complete the configuration procedure. To enable/disable the tunnel, select the checkbox and click Enable or Disable. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
FVG318 Reference Manual
Page 86
... policy from scratch. a. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The PC must have the option to install either the VPN Adapter or the IPSec Component or both. Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off any virus protection or firewall software you entered in your PC. 1. You may have the NETGEAR ProSafe VPN Client program installed that has...
... policy from scratch. a. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The PC must have the option to install either the VPN Adapter or the IPSec Component or both. Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off any virus protection or firewall software you entered in your PC. 1. You may have the NETGEAR ProSafe VPN Client program installed that has...
FVG318 Reference Manual
Page 88
...fvg_local.com would be used. Click on the "+" symbol. c. a. b. The resulting Connection Settings are shown in the NETGEAR ProSafe VPN Client software. In the Network Security Policy list, expand the new connection by double clicking its name or clicking on the ...to show the Security Policy menu. Enter the public WAN IP Domain Name of the FVG318 in the field directly below the check box. Configure the Security Policy in Figure 5-8. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual f. Select Domain Name in the Select Phase 1 Negotiation Mode check box....
...fvg_local.com would be used. Click on the "+" symbol. c. a. b. The resulting Connection Settings are shown in the NETGEAR ProSafe VPN Client software. In the Network Security Policy list, expand the new connection by double clicking its name or clicking on the ...to show the Security Policy menu. Enter the public WAN IP Domain Name of the FVG318 in the field directly below the check box. Configure the Security Policy in Figure 5-8. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual f. Select Domain Name in the Select Phase 1 Negotiation Mode check box....
FVG318 Reference Manual
Page 89
Provide information about the remote VPN client PC. In the Network Security Policy list on the left side of the VPN client PC. Configure the VPN Client Identity. Either a fixed IP address or a "fixed virtual" IP address of the Security Policy Editor window, click on My Identity. You will need to provide: - Figure 5-10 Basic Virtual Private Networking v1.0, September 2007 5-11 a. The Pre-Shared Key that you configured in the FVG318. - ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-9 5.
Provide information about the remote VPN client PC. In the Network Security Policy list on the left side of the VPN client PC. Configure the VPN Client Identity. Either a fixed IP address or a "fixed virtual" IP address of the Security Policy Editor window, click on My Identity. You will need to provide: - Figure 5-10 Basic Virtual Private Networking v1.0, September 2007 5-11 a. The Pre-Shared Key that you configured in the FVG318. - ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-9 5.
FVG318 Reference Manual
Page 90
...address in the Internal Network IP Address box. Expand the Authentication subheading by double clicking its name or clicking on the "+" symbol. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual b. Choose None in the ID Type box. c. If you use to be switching between adapters or if you have ...one adapter. You may also choose Any if you will be used for this box empty. Enter the FVG318's Pre-Shared Key and click OK. Configure the VPN Client Authentication Proposal. This selection must match your Ethernet adapter if you have a dial-up Internet account. ...
...address in the Internal Network IP Address box. Expand the Authentication subheading by double clicking its name or clicking on the "+" symbol. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual b. Choose None in the ID Type box. c. If you use to be switching between adapters or if you have ...one adapter. You may also choose Any if you will be used for this box empty. Enter the FVG318's Pre-Shared Key and click OK. Configure the VPN Client Authentication Proposal. This selection must match your Ethernet adapter if you have a dial-up Internet account. ...
FVG318 Reference Manual
Page 91
..., select None. g. In the Authentication Method menu, select Pre-Shared key. In the Encrypt Alg menu, select the type of encryption. e. Configure the VPN Client Key Exchange Proposal. b. e. h. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-12 c. In the SA Life menu, select Unspecified. d. In the Encrypt Alg menu, select the type of encryption. Leave the Authentication...
..., select None. g. In the Authentication Method menu, select Pre-Shared key. In the Encrypt Alg menu, select the type of encryption. e. Configure the VPN Client Key Exchange Proposal. b. e. h. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-12 c. In the SA Life menu, select Unspecified. d. In the Encrypt Alg menu, select the type of encryption. Leave the Authentication...
FVG318 Reference Manual
Page 92
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-13 8. Save the VPN Client Settings. The NETGEAR ProSafe client will automatically open the VPN connection when you attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. To check the VPN connection. Establish an ...of the attempt to access any IP addresses in the NETGEAR ProSafe menu bar. After you have configured and saved the VPN client information, your PC will report the results of the remote VPN firewall's LAN. From the File menu at the top of...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-13 8. Save the VPN Client Settings. The NETGEAR ProSafe client will automatically open the VPN connection when you attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. To check the VPN connection. Establish an ...of the attempt to access any IP addresses in the NETGEAR ProSafe menu bar. After you have configured and saved the VPN client information, your PC will report the results of the remote VPN firewall's LAN. From the File menu at the top of...
FVG318 Reference Manual
Page 93
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-14 This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer. Monitoring the Progress and Status of the VPN Client Connection Information on the progress and status of the VPN Firewall Router (unless another PC already has the FVG318 management interface open the browser of the PC and enter the LAN...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-14 This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer. Monitoring the Progress and Status of the VPN Client Connection Information on the progress and status of the VPN Firewall Router (unless another PC already has the FVG318 management interface open the browser of the PC and enter the LAN...
FVG318 Reference Manual
Page 94
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-16 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the yellow key symbol shown in this example you can see the following: • The FVG318 has a public IP WAN address of 22.23.24.25. • The FVG318... has a LAN IP address of 192.168.3.1. • The VPN client PC has a dynamically assigned address of the connection. The Connection ...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-16 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the yellow key symbol shown in this example you can see the following: • The FVG318 has a public IP WAN address of 22.23.24.25. • The FVG318... has a LAN IP address of 192.168.3.1. • The VPN client PC has a dynamically assigned address of the connection. The Connection ...
FVG318 Reference Manual
Page 95
...a security policy as an .spd file so that an existing NETGEAR ProSafe VPN Client configuration can be copied to other PCs running the NETGEAR ProSafe VPN Client. In this is the case, you will need to close the VPN connection in order to have normal Internet access. Transferring a Security ... store the client policy, click Export. If this example, the exported policy is named policy.spd and is being stored on the C drive. Select Export Security Policy from the File pull-down menu. To export a security policy: 1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note...
...a security policy as an .spd file so that an existing NETGEAR ProSafe VPN Client configuration can be copied to other PCs running the NETGEAR ProSafe VPN Client. In this is the case, you will need to close the VPN connection in order to have normal Internet access. Transferring a Security ... store the client policy, click Export. If this example, the exported policy is named policy.spd and is being stored on the C drive. Select Export Security Policy from the File pull-down menu. To export a security policy: 1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note...
FVG318 Reference Manual
Page 96
In this example, the security policy file is named FVS318v3_clientpolicy_direct.spd and located on the Desktop. Figure 5-21 The security policy is Scenario_1 5-18 v1.0, September 2007 Basic Virtual Private Networking Figure 5-20 2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To import an existing Security Policy: 1. Invoke the NETGEAR ProSafe VPN Client and select Import Security Policy from the File pull-down menu. Select the security policy to import. In this example, the connection name is now imported.
In this example, the security policy file is named FVS318v3_clientpolicy_direct.spd and located on the Desktop. Figure 5-21 The security policy is Scenario_1 5-18 v1.0, September 2007 Basic Virtual Private Networking Figure 5-20 2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To import an existing Security Policy: 1. Invoke the NETGEAR ProSafe VPN Client and select Import Security Policy from the File pull-down menu. Select the security policy to import. In this example, the connection name is now imported.
FVG318 Reference Manual
Page 114
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Whenever an IKE policy receives the certificate from a peer, it checks for information on how to purchase the NETGEAR ProSafe VPN Client. Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off any product implementation details • VPN Consortium Scenarios based on your organization. If the certificate is to get the systems from different...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Whenever an IKE policy receives the certificate from a peer, it checks for information on how to purchase the NETGEAR ProSafe VPN Client. Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off any product implementation details • VPN Consortium Scenarios based on your organization. If the certificate is to get the systems from different...
FVG318 Reference Manual
Page 157
...8226; FVS318v3 to FVL328 (see page C-13) Note: Product updates are no firewall restrictions. Gather all of the parameters that there are available on the NETGEAR, Inc. VPN Configuration of NETGEAR FVG318 C-1 v1.0, September 2007 Check that need to be necessary, and all the ...Interop-01.html). Appendix C VPN Configuration of NETGEAR FVG318 This is a case study on how to VPN Client (see page C-10) • FVS318v3 to configure a secure IPSec VPN tunnel on a NETGEAR FVS318v3. Gather the network information 2. Activate the VPN tunnel Gathering the Network Information The...
...8226; FVS318v3 to FVL328 (see page C-13) Note: Product updates are no firewall restrictions. Gather all of the parameters that there are available on the NETGEAR, Inc. VPN Configuration of NETGEAR FVG318 C-1 v1.0, September 2007 Check that need to be necessary, and all the ...Interop-01.html). Appendix C VPN Configuration of NETGEAR FVG318 This is a case study on how to VPN Client (see page C-10) • FVS318v3 to configure a secure IPSec VPN tunnel on a NETGEAR FVS318v3. Gather the network information 2. Activate the VPN tunnel Gathering the Network Information The...