Netgear SRX5308 Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client
Netgear SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Manual
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear SRX5308 manual content summary:
- Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 1
-Spoke VPN allows multiple sites to communicate through a central hub site. This application note describes how to configure a Hub-and-Spoke VPN when one of the spokes is the NETGEAR VPN client. It has been tested with the FVX538 router, firmware version 2.x and NETGEAR ProSafe® VPN client, version - Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 2
the IKE and VPN policies manually. Configuring the Hub-and-Spoke VPN To configure the FVX538 #1 (the Hub): 1. Create an IKE policy for VPN to FVX538 #2. 2. Create a VPN policy using the IKE policy created in Step 1. The local IP subnet is the LAN subnet behind FVX538 #1. The remote IP subnet is the - Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 3
3. Create a VPN client policy. First create the IKE policy for the VPN client. - Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 4
policy using the IKE policy created in Step 3. The local subnet is Any. The remote subnet is the internal IP address to be defined in the VPN client policy profile. In this example, 192.168.4.100. 5. Create the VPN policy that will allow the VPN client to access the network behind FVX538 #2. In the - Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 5
subnet mask 255.255.255.0. Configuring the VPN Client Software To configure the VPN client software: 1. To create a new connection, under Remote Party Identity and Addressing, define an object to cover both LANs behind FVX538 #1 and FVX538 #2. In this case, select IP Address Range as the ID Type - Netgear SRX5308 | Configuring a Hub-and-Spoke VPN Using the NETGEAR VPN Client - Page 6
" message. Eventually the message will show that there is a successful connection to the FVX538. 3. From the command prompt, ping both the subnets behind FVX538 #1 and FVX538 #2. Conclusion If user wants to configure two remote locations so their traffic goes through a central location instead of
Application Note
Configuring a Hub-and-Spoke VPN Using the NETGEAR
VPN Client
Summary
A Hub-and-Spoke VPN allows multiple sites to communicate through a central hub site.
This application note describes how to configure a Hub-and-Spoke VPN when one of the
spokes is the NETGEAR VPN client. It has been tested with the FVX538 router,
firmware version 2.x and NETGEAR ProSafe® VPN client, version 10.7.2 (Build 12).
Note:
See Hub-and-Spoke VPN for general instructions on configuration that does not
use the VPN Client.
In this configuration, there is a gateway-to-gateway VPN tunnel between FVX538 #1 and
FVX538 #2. By establishing a VPN connection to the FVX538#1, the software VPN
client gains access to Local Area Network #2 behind FVX538 #2 through FVX538 #1.
Procedure
This procedure was developed and tested using:
•
NETGEAR FVX538 ProSafe VPN Firewall with version 2.x firmware
o
WAN1 (10.1.1.2 ) IP address: 192.168.1.0
o
WAN1 IP address subnet:
255.255.255.0
o
WAN2 (10.1.2.2)
IP address: 192.168.2.0