Home » Netgear Manuals » Wireless » Netgear DG834G » Manual Viewer

Netgear DG834G DG834Gv5 Reference Manual - Page 129

Table 6-5., VPN-Auto Policy Screen Settings, continued

UPC - 606449029918

Add to My Manuals
Save this manual to your list of manuals

Page 129 highlights

Wireless ADSL2+ Modem Router DG834G User Manual Table 6-5. VPN-Auto Policy Screen Settings (continued) Fields and Settings Description Remote LAN IP Address The remote VPN endpoint must have these IP addresses entered as its Local Single/Start IP Address addresses. Finish IP Address Single PC - no Subnet. Select this option if there is no LAN (only a single PC) at the remote endpoint. If this option is selected, no additional data is required. The typical application is a PC running the VPN client at the remote end. • Enter an IP address that is on the remote LAN. You can use this setting when you want to access a server on the remote LAN. • For a range of addresses, enter the starting IP address. This must be an address range used on the remote LAN. • Any. Any outgoing traffic from the Local IP computers will trigger an attempted VPN connection to the remote VPN endpoint. Please be sure you want this option before selecting it. Enter the finish IP address for a range of addresses. This must be an address range used on the remote LAN. Subnet Mask Enter the network mask. IKE Direction This setting is used when determining if the IKE policy matches the current traffic. Select an option. • Responder only. Incoming connections are allowed, but outgoing connections are blocked. • Initiator and Responder. Both incoming and outgoing connections are allowed. Exchange Mode Ensure that the remote VPN endpoint is set to use Main Mode. Diffie-Hellman (DH) Group The Diffie-Hellman algorithm is used when exchanging keys. The DH Group setting determines the number of bit size used in the exchange. This value must match the value used on the remote VPN gateway. Local Identity Type Select an option to match the Remote Identity Type setting on the remote VPN endpoint. • WAN IP Address. Your Internet IP address. • Fully Qualified Domain Name. Your domain name. • Fully Qualified User Name. Your name, e-mail address, or other ID. Local Identity Data Enter the data for the local identity type that you selected. (If WAN IP Address is selected, no input is required.) Remote Identity Type Select the desired option to match the Local Identity Type setting on the remote VPN endpoint. • IP Address. The Internet IP address of the remote VPN endpoint. • Fully Qualified Domain Name. The domain name of the remote VPN endpoint. • Fully Qualified User Name. The name, E-mail address, or other ID of the remote VPN endpoint. Remote Identity Enter the data for the remote identity type that you selected. If IP Data Address is selected, no input is required. Virtual Private Networking v1.0, May 2008 6-35

Section	Page
Wireless ADSL2+ Modem Router DG834G User Manual	1
Contents	7
About This Manual	13
Conventions, Formats, and Scope	13
How to Use This Manual	14
How to Print this Manual	14
Chapter 1 Configuring Your Internet Connection	17
What You Need Before You Begin	17
Using the Smart Wizard to Set Up Your Router	18
Logging In to the Modem Router	19
Using the Setup Wizard to Auto-Detect Your Internet Connection	20
Viewing or Manually Configuring Your ISP Settings	22
Changing Your ADSL Settings	26
How the Internet Connection Works	27
Chapter 2 Configuring Your Wireless Network and Security Settings	29
Planning Your Wireless Network	29
Wireless Placement and Range Guidelines	30
Wireless Security Options	31
Manually Configuring Your Wireless Network	32
Configuring Your Wireless Security	35
Using Push 'N' Connect (WPS) to Configure Your Wireless Network	38
Using a WPS Button to Add a WPS Client	39
Using PIN Entry to Add a WPS Client	40
Connecting Additional Wireless Client Devices After WPS Setup	42
Advanced Wireless Settings for WPS and WDS	43
Controlling Wireless Station Access	44
Restricting Access by MAC Address	45
Chapter 3 Protecting Your Network	47
Protecting Access to Your ADSL2+ Modem Wireless Router	47
Changing the Built-In Password	47
Changing the Administrator Login Time-out	48
Configuring Basic Firewall Services	48
Blocking Keywords, Sites, and Services	49
Blocking Keywords and Sites	49
Firewall Rules	51
Inbound Rules (Port Forwarding)	52
Outbound Rules (Service Blocking)	54
Order of Precedence for Rules	56
Services	56
Setting Times and Scheduling Firewall Services	57
Scheduling Firewall Services	59
Chapter 4 Managing Your Network	61
Backing Up, Restoring, or Erasing Your Settings	61
Backing Up the Configuration to a File	61
Restoring the Configuration from a File	62
Erasing the Configuration	62
Upgrading the Modem Router Firmware	62
Network Management Information	64
Viewing Modem Router Status and Usage Statistics	64
Viewing Attached Devices	68
Viewing, Selecting, and Saving Logged Information	69
Log Message Examples	71
Enabling Security Event E-mail Notification	72
Running Diagnostic Utilities and Rebooting the Modem Router	73
Enabling Remote Management	74
Configuring Remote Management	74
Chapter 5 Advanced Configuration	77
Modifying Your WAN Setup	77
Setting Up a Default DMZ Server	79
Configuring Your LAN IP Settings	80
Using the Modem Router as a DHCP Server	82
Defining Reserved IP Addresses	83
Configuring Dynamic DNS	84
Using Static Routes	85
Static Route Example	85
Configuring Static Routes	86
Configuring Universal Plug and Play (UPnP)	87
Configuring Wireless Bridging and Repeating (WDS)	89
Point-to-Point Bridge Configuration	90
Multi-Point Bridge Configuration	91
Repeater with Wireless Client Association	93
Chapter 6 Virtual Private Networking	95
Overview of VPN Configuration	95
Client-to-Gateway VPN Tunnels	96
Gateway-to-Gateway VPN Tunnels	96
Planning a VPN	97
VPN Tunnel Configuration	98
Setting Up a Client-to-Gateway VPN Configuration	99
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5	100
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC	104
Setting Up a Gateway-to-Gateway VPN Configuration	112
VPN Tunnel Control	119
Activating a VPN Tunnel	119
Verifying the Status of a VPN Tunnel	122
Deactivating a VPN Tunnel	124
Deleting a VPN Tunnel	125
Setting Up VPN Tunnels in Special Circumstances	126
Using Auto Policy to Configure VPN Tunnels	126
Using Manual Policy to Configure VPN Tunnels	136
Chapter 7 Troubleshooting	139
Basic Functioning	139
Power LED Is Not On	140
Power LED Is Red	140
LAN or DSL or Internet Port LEDs Are Not On	140
Troubleshooting Access to the Modem Router Main Menu	140
Troubleshooting the ISP Connection	141
ADSL Link	141
ADSL Link	142
Obtaining a WAN IP Address	143
Troubleshooting PPPoE or PPPoA	144
Troubleshooting Internet Browsing	144
Troubleshooting a TCP/IP Network Using the Ping Utility	145
Testing the LAN Path to Your Router	145
Testing the Path from Your Computer to a Remote Device	146
Restoring the Default Configuration and Password	146
Problems with Date and Time	147
Appendix A Technical Specifications	149
Appendix B NETGEAR VPN Configuration	151
DG834G v5 to FVL328	151
Configuration Profile	151
Step-By-Step Configuration	152
DG834G v5 with FQDN to FVL328	156
Configuration Profile	156
Step-By-Step Configuration	157
Configuration Summary (Telecommuter Example)	161
Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example)	162
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office	162
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office	164
Monitoring the VPN Tunnel (Telecommuter Example)	172
Viewing the PC Client’s Connection Monitor and Log Viewer	172
Viewing the VPN Router’s VPN Status and Log Information	173

Match case Limit results 1 per page

Wireless ADSL2+ Modem Router DG834G User Manual

Virtual Private Networking

6-35

v1.0, May 2008

Remote LAN

The remote

VPN endpoint

must have these

IP addresses

entered as its

Local

addresses.

IP Address

Single PC - no Subnet

. Select this option if there is no LAN (only a

single PC) at the remote endpoint. If this option is selected, no

additional data is required. The typical application is a PC running the

VPN client at the remote end.

Single/Start IP

Address

•

Enter an IP address that is on the remote LAN. You can use this

setting when you want to access a server on the remote LAN.

•

For a range of addresses, enter the starting IP address. This must be

an address range used on the remote LAN.

•

Any

. Any outgoing traffic from the

Local IP

computers will trigger an

attempted VPN connection to the remote VPN endpoint. Please be

sure you want this option before selecting it.

Finish IP

Address

Enter the finish IP address for a range of addresses. This must be an

address range used on the remote LAN.

Subnet Mask

Enter the network mask.

IKE

Direction

This setting is used when determining if the IKE policy matches the

current traffic. Select an option.

•

Responder only

. Incoming connections are allowed, but outgoing

connections are blocked.

•

Initiator and Responder

. Both incoming and outgoing connections

are allowed.

Exchange Mode

Ensure that the remote VPN endpoint is set to use

Main Mode

Diffie-Hellman

(DH) Group

The Diffie-Hellman algorithm is used when exchanging keys. The DH

Group setting determines the number of bit size used in the exchange.

This value must match the value used on the remote VPN gateway.

Local Identity

Type

Select an option to match the Remote Identity Type setting on the

remote VPN endpoint.

•

WAN IP Address

Your Internet IP address.

•

Fully Qualified Domain Name

. Your domain name.

•

Fully Qualified User Name

. Your name, e-mail address, or other ID.

Local Identity

Data

Enter the data for the local identity type that you selected. (If

WAN IP

Address

is selected, no input is required.)

Remote Identity

Type

Select the desired option to match the

Local Identity Type

setting on

the remote VPN endpoint.

•

IP Address

. The Internet IP address of the remote VPN endpoint.

•

Fully Qualified Domain Nam

e. The domain name of the remote

VPN endpoint.

•

Fully Qualified User Name

. The name, E-mail address, or other ID

of the remote VPN endpoint.

Remote Identity

Data

Enter the data for the remote identity type that you selected. If

Address

is selected, no input is required.

Table 6-5.

VPN-Auto Policy Screen Settings

(continued)

Fields and Settings

Description