Home » Netgear Manuals » Modems » Netgear DGND3300v2 » Manual Viewer

Netgear DGND3300v2 User Manual - Page 104

Table 5., VPN - Auto Policy Screen Settings, Continued, Fully Qualified Domain Name

Add to My Manuals
Save this manual to your list of manuals

Page 104 highlights

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual Table 5. VPN - Auto Policy Screen Settings (Continued) Fields and Settings Description IKE Direction This setting is used when the router determines if the IKE policy matches the current traffic. Select an option. • Responder only. Incoming connections are allowed, but outgoing connections are blocked. • Initiator and Responder. Both incoming and outgoing connections are allowed. Exchange Mode Ensure that the remote VPN endpoint is set to use Main Mode. Diffie-Hellman (DH) Group The Diffie-Hellman algorithm is used when keys are exchanged. The DH Group setting determines the bit size used in the exchange. This value must match the value used on the remote VPN gateway. Local Identity Type Select an option to match the Remote Identity Type setting on the remote VPN endpoint. • WAN IP Address. Your Internet IP address. • Fully Qualified Domain Name. Your domain name. • Fully Qualified User Name. Your name, email address, or other ID. Local Identity Data Enter the data for the local identity type that you selected. (If WAN IP Address is selected, no input is required.) Remote Identity Type Select the option that matches the Local Identity Type setting on the remote VPN endpoint. • IP Address. The Internet IP address of the remote VPN endpoint. • Fully Qualified Domain Name. The domain name of the remote VPN endpoint. • Fully Qualified User Name. The name, email address, or other ID of the remote VPN endpoint. Remote Identity Data Enter the data for the remote identity type that you selected. If IP Address is selected, no input is required. Parameters Encryption Algorithm The encryption algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway. DES and 3DES are supported. • DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56-bit key. Faster but less secure than 3DES. • 3DES. (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. Authentication Algorithm The authentication algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway. Auto, MD5, and SHA-1 are supported. Auto negotiates with the remote VPN endpoint and is not available in responder-only mode. • MD5. 128 bits, faster but less secure. • SHA-1. 160 bits, slower but more secure. This is the default. Pre-shared Key The key must be entered both here and on the remote VPN gateway. 104 | Chapter 6. Virtual Private Networking

Section	Page
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2	1
Table of Contents	3
1. Router Internet Setup	7
Using the Setup Manual	7
Logging In to Your N300 Wireless Modem Router	8
Using the Setup Wizard	9
Viewing or Manually Configuring Your ISP Settings	10
Configuring ADSL Settings	14
2. Wireless Settings	15
Planning Your Wireless Network	15
Wireless Placement and Range Guidelines	16
Wireless Security Options	17
Manually Configuring Your Wireless Settings	18
Configuring WEP Wireless Security	20
Configuring WPA, WPA2, or Mixed WPA2 + WPA Wireless Security	22
Using Push 'N' Connect (WPS) to Configure Your Wireless Network	24
Using a WPS Button to Add a WPS Client	24
Using PIN Entry to Add a WPS Client	25
Configuring Advanced WPS Settings	27
Connecting Additional Wireless Client Devices after WPS Setup	27
Adding More WPS Clients	28
Adding Both WPS and Non-WPS Clients	28
Restricting Access to Your N300 Wireless Modem Router	29
Wireless Guest Networks	30
Live Parental Controls	32
3. Security Settings	34
Protecting Access to Your N300 Wireless Modem Router	34
Changing the Built-In Password	35
Restricting Access by MAC Address	35
Blocking Access to Internet Sites	37
Firewall Rules	38
Port Forwarding	41
Adding a Pre-set Port Forwarding Rule	42
Adding a Custom Port Forwarding Rule	42
Port Triggering	43
Blocking Access to Internet Services	44
Scheduling Blocking	45
Viewing Logs of Web Access or Attempted Web Access	46
Configuring Email Alert and Web Access Log Notifications	47
Setting the Time	49
4. Network Maintenance	50
Upgrading the Firmware	50
Manually Check for Firmware Upgrades	51
Viewing N300 Wireless Modem Router Status Information	52
Connection Status	55
Statistics	56
Viewing a List of Attached Devices	57
Managing the Configuration File	57
Backing Up and Restoring the Configuration	58
Erasing the Configuration	58
Running Diagnostic Utilities and Rebooting the Router	58
Enabling Remote Management Access	59
Traffic Meter	61
5. USB Storage	64
USB Drive Requirements	65
File Sharing Scenarios	65
Sharing Photos with Friends and Family	66
Storing Files in a Central Location for Printing	66
Sharing Large Files with Colleagues	66
USB Storage Basic Settings	67
Editing a Network Folder	68
Configuring USB Storage Advanced Settings	69
Creating a Network Folder	71
Media Server Settings	72
Unmounting a USB Drive	72
Specifying Approved USB Devices	72
Connecting to the USB Drive from a Remote Computer	73
Locating the Internet Port IP Address	73
Accessing the Router’s USB Drive Remotely Using FTP	74
Connecting to the USB Drive with Microsoft Network Settings	74
Enabling File and Printer Sharing	74
6. Virtual Private Networking	76
Overview of VPN Configuration	76
Client-to-Gateway VPN Tunnels	77
Gateway-to-Gateway VPN Tunnels	77
Planning a VPN	78
VPN Tunnel Configuration	79
Setting Up a Client-to-Gateway VPN Configuration	80
Step 1: Configure the Client-to-Gateway VPN Tunnel	80
Step 2: Configure the NETGEAR ProSafe VPN Client	83
Setting Up a Gateway-to-Gateway VPN Configuration	90
VPN Tunnel Control	94
Activating a VPN Tunnel	94
Verifying the Status of a VPN Tunnel	97
Deactivating a VPN Tunnel	98
Deleting a VPN Tunnel	100
Setting Up VPN Tunnels in Special Circumstances	100
Using Auto Policy to Configure VPN Tunnels	101
Using Manual Policy to Configure VPN Tunnels	109
7. Advanced Settings (Part 1)	112
Using the LAN Setup Options	112
Using the N300 Wireless Modem Router as a DHCP Server	114
Address Reservation	115
Using a Dynamic DNS Service	116
Configuring the WAN Setup Options	117
Setting Up a Default DMZ Server	119
Setting Up Quality of Service (QoS)	119
Configuring QoS for Internet Access	120
Editing or Deleting an Existing QoS Policy	123
Configuring Static Routes	123
Wireless Repeating (Also Called WDS)	125
Wireless Repeating Function	126
Setting Up the Base Station	127
Setting Up a Repeater Unit	128
8. Advanced Settings (Part 2)	130
Common Connection Types	130
Assessing Your Speed Requirements	131
Optimizing Your Network Bandwidth	132
Optimizing Wireless Performance	133
Changing the MTU Size	134
Universal Plug and Play	135
A. Troubleshooting	137
Quick Tips	137
Troubleshooting with the LEDs	138
Cannot Access the N300 Wireless Modem Router Menu	140
Cannot Access the Internet	141
Checking the Configuration	141
Checking the WAN IP Address	141
Troubleshooting a Network Using the Ping Utility	142
Testing the LAN Path to Your Router	143
Testing the Path from Your Computer to a Remote Device	143
Problems with Date and Time	144
Wireless Connectivity	145
Viewing Available Networks	145
B. Default Configuration and Technical Specifications	147
Restoring the Factory Configuration Settings	147
Using the Restore Factory Settings Button	147
Technical Specifications	150
C. NETGEAR VPN Configuration	151
Configuration Profile	151
Step-by-Step Configuration	152
N300 Wireless Modem Router with FQDN to Gateway B	153
Configuration Profile	153
Step-by-Step Configuration	155
Configuration Summary (Telecommuter Example)	157
Setting Up Client-to-Gateway VPN (Telecommuter Example)	158
Step 1: Configure Gateway A (VPN Router at Main Office)	159
Step 2: Configure Gateway B (VPN Router at Regional Office)	160
Monitoring the VPN Tunnel (Telecommuter Example)	166
Viewing the VPN Router’s VPN Status and Log Information	167
D. Notification of Compliance	168
E. Related Documents	172

Match case Limit results 1 per page

104

Chapter 6.

Virtual Private Networking

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

IKE

Direction

This setting is used when the router determines if the IKE policy

matches the current traffic. Select an option.

•

Responder only

. Incoming connections are allowed, but outgoing

connections are blocked.

•

Initiator and Responder

. Both incoming and outgoing connections

are allowed.

Exchange Mode

Ensure that the remote VPN endpoint is set to use Main Mode.

Diffie-Hellman

(DH) Group

The Diffie-Hellman algorithm is used when keys are exchanged. The

DH Group setting determines the bit size used in the exchange. This

value must match the value used on the remote VPN gateway.

Local Identity Type

Select an option to match the Remote Identity Type setting on the

remote VPN endpoint.

•

WAN IP Address

. Your Internet IP address.

•

Fully Qualified Domain Name

. Your domain name.

•

Fully Qualified User Name

. Your name, email address, or other ID.

Local Identity Data

Enter the data for the local identity type that you selected. (If

WAN IP

Address

is selected, no input is required.)

Remote Identity

Type

Select the option that matches the Local Identity Type setting on the

remote VPN endpoint.

•

IP Address

. The Internet IP address of the remote VPN endpoint.

•

Fully Qualified Domain Nam

e. The domain name of the remote

VPN endpoint.

•

Fully Qualified User Name

. The name, email address, or other ID of

the remote VPN endpoint.

Remote Identity

Data

Enter the data for the remote identity type that you selected. If

Address

is selected, no input is required.

Parameters

Encryption

Algorithm

The encryption algorithm used for both IKE and IPSec. This setting

must match the setting used on the remote VPN gateway. DES and

3DES are supported.

•

DES

. The Data Encryption Standard (DES) processes input data that

is 64 bits wide, encrypting these values using a 56-bit key. Faster but

less secure than 3DES.

•

3DES

. (Triple DES) achieves a higher level of security by encrypting

the data three times using DES with three different, unrelated keys.

Authentication

Algorithm

The authentication algorithm used for both IKE and IPSec. This setting

must match the setting used on the remote VPN gateway. Auto, MD5,

and SHA-1 are supported. Auto negotiates with the remote VPN

endpoint and is not available in responder-only mode.

•

MD5

. 128 bits, faster but less secure.

•

SHA-1

. 160 bits, slower but more secure. This is the default.

Pre-shared Key

The key must be entered both here and on the remote VPN gateway.

Table 5.

VPN - Auto Policy Screen Settings

(Continued)

Fields and Settings

Description