Home » Netgear Manuals » Wireless » Netgear DG834G » Manual Viewer

Netgear DG834G DG834Gv5 Reference Manual - Page 138

Table 6-7., VPN Manual Policy Fields and Settings, continued, Single PC - no Subnet, Local IP, SHA-1

UPC - 606449029918

Add to My Manuals
Save this manual to your list of manuals

Page 138 highlights

Wireless ADSL2+ Modem Router DG834G User Manual Table 6-7. VPN Manual Policy Fields and Settings (continued) Fields and Settings Remote LAN The remote VPN endpoint must have these IP addresses entered as its Local addresses. IP Address Single/Start IP Address ESP Configuration ESP (Encapsulating Security Payload) provides security for the payload (data) sent through the VPN tunnel. Finish IP Address Subnet Mask SPI Encryption Authentication Description Single PC - no Subnet. Select this option if there is no LAN (only a single PC) at the remote endpoint. If this option is selected, no additional data is required. The typical application is a PC running the VPN client at the remote end. • Enter an IP address that is on the remote LAN. You can use this setting when you want to access a server on the remote LAN. • For a range of addresses, enter the starting IP address. This must be an address range used on the remote LAN. • Any. Any outgoing traffic from the Local IP computers will trigger an attempted VPN connection to the remote VPN endpoint. Please be sure you want this option before selecting it. Enter the finish IP address for a range of addresses. This must be an address range used on the remote LAN. Enter the network mask. Enter the required Security Policy Indexes (SPIs). Each policy must have unique SPIs. These settings must match the remote VPN endpoint. The in setting here must match the out setting on the remote VPN endpoint, and the out setting here must match the in setting on the remote VPN endpoint. Select an encryption algorithm, and enter the key in the field provided. For 3DES, the keys should be 24 ASCII characters and for DES, the keys should be 8 ASCII characters. • DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56 bit key. Faster but less secure than 3DES. • 3DES. (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. Select the SHA-1 or MD5 authentication algorithm, and enter the key in the field provided. For MD5, the keys should be 16 ASCII characters. For SHA-1, the keys should be 20 ASCII characters. • MD5. 128 bits, faster but less secure. • SHA-1. (default)160 bits, slower but more secure. 6-44 v1.0, May 2008 Virtual Private Networking

Section	Page
Wireless ADSL2+ Modem Router DG834G User Manual	1
Contents	7
About This Manual	13
Conventions, Formats, and Scope	13
How to Use This Manual	14
How to Print this Manual	14
Chapter 1 Configuring Your Internet Connection	17
What You Need Before You Begin	17
Using the Smart Wizard to Set Up Your Router	18
Logging In to the Modem Router	19
Using the Setup Wizard to Auto-Detect Your Internet Connection	20
Viewing or Manually Configuring Your ISP Settings	22
Changing Your ADSL Settings	26
How the Internet Connection Works	27
Chapter 2 Configuring Your Wireless Network and Security Settings	29
Planning Your Wireless Network	29
Wireless Placement and Range Guidelines	30
Wireless Security Options	31
Manually Configuring Your Wireless Network	32
Configuring Your Wireless Security	35
Using Push 'N' Connect (WPS) to Configure Your Wireless Network	38
Using a WPS Button to Add a WPS Client	39
Using PIN Entry to Add a WPS Client	40
Connecting Additional Wireless Client Devices After WPS Setup	42
Advanced Wireless Settings for WPS and WDS	43
Controlling Wireless Station Access	44
Restricting Access by MAC Address	45
Chapter 3 Protecting Your Network	47
Protecting Access to Your ADSL2+ Modem Wireless Router	47
Changing the Built-In Password	47
Changing the Administrator Login Time-out	48
Configuring Basic Firewall Services	48
Blocking Keywords, Sites, and Services	49
Blocking Keywords and Sites	49
Firewall Rules	51
Inbound Rules (Port Forwarding)	52
Outbound Rules (Service Blocking)	54
Order of Precedence for Rules	56
Services	56
Setting Times and Scheduling Firewall Services	57
Scheduling Firewall Services	59
Chapter 4 Managing Your Network	61
Backing Up, Restoring, or Erasing Your Settings	61
Backing Up the Configuration to a File	61
Restoring the Configuration from a File	62
Erasing the Configuration	62
Upgrading the Modem Router Firmware	62
Network Management Information	64
Viewing Modem Router Status and Usage Statistics	64
Viewing Attached Devices	68
Viewing, Selecting, and Saving Logged Information	69
Log Message Examples	71
Enabling Security Event E-mail Notification	72
Running Diagnostic Utilities and Rebooting the Modem Router	73
Enabling Remote Management	74
Configuring Remote Management	74
Chapter 5 Advanced Configuration	77
Modifying Your WAN Setup	77
Setting Up a Default DMZ Server	79
Configuring Your LAN IP Settings	80
Using the Modem Router as a DHCP Server	82
Defining Reserved IP Addresses	83
Configuring Dynamic DNS	84
Using Static Routes	85
Static Route Example	85
Configuring Static Routes	86
Configuring Universal Plug and Play (UPnP)	87
Configuring Wireless Bridging and Repeating (WDS)	89
Point-to-Point Bridge Configuration	90
Multi-Point Bridge Configuration	91
Repeater with Wireless Client Association	93
Chapter 6 Virtual Private Networking	95
Overview of VPN Configuration	95
Client-to-Gateway VPN Tunnels	96
Gateway-to-Gateway VPN Tunnels	96
Planning a VPN	97
VPN Tunnel Configuration	98
Setting Up a Client-to-Gateway VPN Configuration	99
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834Gv5	100
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC	104
Setting Up a Gateway-to-Gateway VPN Configuration	112
VPN Tunnel Control	119
Activating a VPN Tunnel	119
Verifying the Status of a VPN Tunnel	122
Deactivating a VPN Tunnel	124
Deleting a VPN Tunnel	125
Setting Up VPN Tunnels in Special Circumstances	126
Using Auto Policy to Configure VPN Tunnels	126
Using Manual Policy to Configure VPN Tunnels	136
Chapter 7 Troubleshooting	139
Basic Functioning	139
Power LED Is Not On	140
Power LED Is Red	140
LAN or DSL or Internet Port LEDs Are Not On	140
Troubleshooting Access to the Modem Router Main Menu	140
Troubleshooting the ISP Connection	141
ADSL Link	141
ADSL Link	142
Obtaining a WAN IP Address	143
Troubleshooting PPPoE or PPPoA	144
Troubleshooting Internet Browsing	144
Troubleshooting a TCP/IP Network Using the Ping Utility	145
Testing the LAN Path to Your Router	145
Testing the Path from Your Computer to a Remote Device	146
Restoring the Default Configuration and Password	146
Problems with Date and Time	147
Appendix A Technical Specifications	149
Appendix B NETGEAR VPN Configuration	151
DG834G v5 to FVL328	151
Configuration Profile	151
Step-By-Step Configuration	152
DG834G v5 with FQDN to FVL328	156
Configuration Profile	156
Step-By-Step Configuration	157
Configuration Summary (Telecommuter Example)	161
Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example)	162
Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office	162
Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office	164
Monitoring the VPN Tunnel (Telecommuter Example)	172
Viewing the PC Client’s Connection Monitor and Log Viewer	172
Viewing the VPN Router’s VPN Status and Log Information	173

Match case Limit results 1 per page

Wireless ADSL2+ Modem Router DG834G User Manual

6-44

Virtual Private Networking

v1.0, May 2008

Remote LAN

The remote VPN

endpoint must have

these IP addresses

entered as its Local

addresses.

IP Address

Single PC - no Subnet

. Select this option if there is no LAN

(only a single PC) at the remote endpoint. If this option is

selected, no additional data is required. The typical application

is a PC running the VPN client at the remote end.

Single/Start IP

Address

•

Enter an IP address that is on the remote LAN. You can use

this setting when you want to access a server on the remote

LAN.

•

For a range of addresses, enter the starting IP address. This

must be an address range used on the remote LAN.

•

Any

. Any outgoing traffic from the

Local IP

computers will

trigger an attempted VPN connection to the remote VPN

endpoint. Please be sure you want this option before

selecting it.

Finish IP

Address

Enter the finish IP address for a range of addresses. This

must be an address range used on the remote LAN.

Subnet Mask

Enter the network mask.

ESP Configuration

ESP (Encapsulating

Security Payload)

provides security for the

payload (data) sent

through the VPN tunnel.

SPI

Enter the required Security Policy Indexes (SPIs). Each policy

must have unique SPIs. These settings must match the

remote VPN endpoint. The

setting here must match the

out

setting on the remote VPN endpoint, and the

out

setting here

must match the

setting on the remote VPN endpoint.

Encryption

Select an encryption algorithm, and enter the key in the field

provided. For 3DES, the keys should be 24 ASCII characters

and for DES, the keys should be 8 ASCII characters.

•

DES

. The Data Encryption Standard (DES) processes input

data that is 64 bits wide, encrypting these values using a 56

bit key. Faster but less secure than 3DES.

•

3DES

. (Triple DES) achieves a higher level of security by

encrypting the data three times using DES with three

different, unrelated keys.

Authentication

Select the SHA-1 or MD5 authentication algorithm, and enter

the key in the field provided. For MD5, the keys should be 16

ASCII characters. For SHA-1, the keys should be 20 ASCII

characters.

•

MD5

. 128 bits, faster but less secure.

•

SHA-1

. (default)160 bits, slower but more secure.

Table 6-7.

VPN Manual Policy Fields and Settings

(continued)

Fields and Settings

Description