D-Link DFL-800-AV-12 User Manual - Page 231
VPN Quickstart Guide, 9.2.1. IPsec LAN to LAN with Pre-shared Keys
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 231 highlights
9.2. VPN Quickstart Guide Chapter 9. VPN 9.2. VPN Quickstart Guide Later sections in this chapter will explore VPN components in detail. To help put those later sections in context, this section is a quickstart summary of the key steps in VPN setup. It outlines the individual steps in setting up VPNs for the most common VPN scenarios. These are: • IPsec LAN to LAN with Pre-shared Keys • IPsec Roaming Clients with Pre-shared Keys • IPsec Roaming Clients with Certificates • L2TP Roaming Clients with Pre-Shared Keys • L2TP Roaming Clients with Certificates • PPTP Roaming Clients 9.2.1. IPsec LAN to LAN with Pre-shared Keys 1. Create a Pre-shared Key object. 2. Optionally create a new IKE Proposal List object and/or an IPsec Proposal List object if the default list settings are not satisfactory. This will depend on the capabilities of the device at the other side of the tunnel. 3. In Hosts & Networks create IP objects for: • The remote VPN gateway which is the IP address of the network device at the other end of the tunnel (let's call this object remote_gw). • The remote network which lies behind the remote VPN gateway (let's call this object remote_net). • The local network behind the D-Link Firewall which will communicate across the tunnel. Here we will assume that this is the pre-defined address lannet and this network is attached to the NetDefendOS lan interface. 4. Create an IPsec Tunnel object (let's call this object ipsec_tunnel). Specify the following tunnel parameters: • Set Local Network to lannet. • Set Remote Network to remote_net. • Set Remote Gateway to remote_gw. • Set Encapsulation mode to Tunnel. • Choose the IKE and IPsec proposal lists to be used. • For Authentication select the Pre-shared Key object defined in step (1) above. The IPsec Tunnel object can be treated exactly like any NetDefendOS Interface object in later steps. 5. Set up two IP rules in the IP rule set for the tunnel: • An Allow rule for outbound traffic that has the previously defined ipsec_tunnel object as 231