D-Link DSR-150N DSR-150 User Manual - Page 122

Configuring VPN clients, PPTP / L2TP Tunnels

Get D-Link DSR-150N PDF manuals and user guides View all D-Link DSR-150N manuals
Add to My Manuals
Save this manual to your list of manuals

Page 122 highlights

Unified Services Router User Manual W ith a configured RADIUS s erver, the router connects to a RADIUS s erver and p as s es t o it t h e credent ials t h at it receiv es fro m t h e VPN clien t . Yo u can s ecu re t h e connection between the router and the RADIUS s erver with the authenticat ion protocol s upported by the s erver (PAP or CHAP). For RADIUS - PAP, the router firs t checks in the user database to s ee if the us er credentials are available; if they are not, the router connects to the RADIUS s erver. 6.2.2 Internet ov er IPSec tunnel In t h is feat u re all t h e t raffic will p as s t h rou gh t h e VPN Tu n n el an d fro m t h e Remo t e Gat eway t h e p acket will b e ro u t ed t o In t ern et . On t h e remo t e g at eway s id e, t h e outgoing packet will be SNAT'ed. 6.3 Configuring VPN clients Remo t e VPN clien t s mu s t b e co nfig u red wit h t h e s ame VPN p o licy p aramet ers used in t h e VPN t u n n el t h at t h e clien t wis h es t o u se: en crypt io n, au thent icat ion , life t ime, an d PFS key -g ro u p . Up o n es t ab lis h in g t h es e au t h en t icat io n p aramet ers , t h e VPN Clien t u s er d at ab a s e mu s t als o b e p o p u lat ed wit h an acco u n t t o g iv e a u s er acces s t o t h e t u n n e l.  VPN clien t s o ft ware is req uired t o es t ab lis h a VPN t u n n el b et ween t h e ro u t er an d remo t e en d p o in t. Op en so urce s o ftware (s uch as Op en VPN o r Op en s wan ) as well as M icro s o ft IPs ec VPN s o ft ware can b e co n fig u red wit h t h e req u ired IKE p o licy p aramet ers t o est ab lish an IPs ec VPN t u n n el. Refer t o t h e clien t s o ft ware g u id e fo r detailed ins tructions on s etup as well as the router's online help. Th e u s er d at abase co nt ain s t he lis t o f VPN u s er acco un ts t h at are au t h o rized t o u s e a g iv en VPN t u n n el. A lt ern at iv ely VPN t u n n el u s ers can b e au t h en t icat ed u s in g a co n fig u red Rad iu s d at ab ase. Refer t o t h e o nlin e h elp t o d et ermin e h o w t o p o pu late the us er databas e and/or configure RADIUS authenticat ion. 6.4 PPTP / L2TP Tunnels Th is ro u t er s up port s VPN t u n n els fro m eit h er PPTP o r L2TP ISP s erv ers . Th e ro u t er acts as a broker device to allow the ISP's s erver to create a TCP control connection b et ween t h e LA N VPN clien t an d t h e VPN s erv er. 6.4.1 PPTP Tunnel Support Setup > VPN Settings > PPTP > PPTP Client PPTP VPN Clien t can b e co n fig u red o n t h is ro u ter. Us in g t h is clien t we can acces s remo t e n et wo rk wh ich is lo cal t o PPTP s erv er. On ce clien t is en ab led , t h e u s er can acces s Sta tus > Active VPNs p ag e an d es t ab lis h PPTP VPN t u n n el clickin g Connect. To dis connect the tunnel, click Drop. 120

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
Unified Services Router
User Manual
120
With a configured RADIUS server, the router connects to a RADIUS server and
passes to it the credentials that it receives from the VPN client. You can secure the
connection between the router and the RADIUS server with the authentication
protocol supported by the server (PAP or CHAP). For RADIUS
PAP, the router
first checks in the user database to see if the user credentials are available; if they
are not, the router connects to the RADIUS server.
6.2.2
Internet over IPSec tunnel
In this feature all the traffic will pass through the VPN Tunnel and from the Remote
Gateway the packet will be routed to Internet. On the remote gateway side, the
outgoing packet will be SNAT'ed.
6.3
Configuring VPN clients
Remote VPN clients must be configured with the same VPN policy parameters used in
the VPN tunnel that the client wishes to use: encryption, authentication, life time, and
PFS key-group. Upon establishing these authentication parameters, the VPN Client
user database must also be populated with an account to give a user access to the
tunnel.
VPN client software is required to establish a VPN tunnel between the router and
remote endpoint. Open source software (such as OpenVPN or Openswan) as well as
Microsoft IPsec VPN software can be configured with the required IKE policy
parameters to establish an IPsec VPN tunnel. Refer to the client software guide for
detailed instructions on setup as well as the router’s online help.
The user database contains the list of VPN user accounts that are authorized to use a
given VPN tunnel. Alternatively VPN tunnel users can be authenticated using a
configured Radius database. Refer to the online help to determine how to populate the
user database and/or configure RADIUS authentication.
6.4
PPTP / L2TP Tunnels
This router supports VPN tunnels from either PPTP or L2TP ISP servers. The router
acts as a broker device to allow the ISP's server to create a TCP control connection
between the LAN VPN client and the VPN server.
6.4.1 PPTP Tunnel Support
Setup > VPN Settings > PPTP > PPTP Client
PPTP VPN Client can be configured on this router. Using this client we can access
remote network which is local to PPTP server. Once client is enabled, the user can
access
Status > Active VPNs
page and establish PPTP VPN tunnel clicking
Connect. To disconnect the tunnel, click Drop.