Home » Netgear Manuals » Modems » Netgear DGND3300v2 » Manual Viewer

Netgear DGND3300v2 User Manual - Page 111

Table 7., VPN Manual Policy Fields and Settings, Continued, Fields and Settings, Description

Add to My Manuals
Save this manual to your list of manuals

Page 111 highlights

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual Table 7. VPN Manual Policy Fields and Settings (Continued) Fields and Settings Description Local LAN IP Address Subnet Mask Enter the network mask. The remote VPN endpoint must have these IP addresses entered as its remote addresses. Single PC - no Subnet Select this option if there is no LAN (only a single PC) at the remote endpoint. If this option is selected, no additional data is required. Single/Start IP Address • The IP address for a single address, or the starting address for an address range used on the LAN. If you want to make a single server on your LAN available to remote users, use a single address settings. • Any. The remote VPN endpoint can be at any IP address. Finish IP Address For an address range, enter the finish IP address. This must be an address range used on your LAN. Subnet Mask Enter the network mask. Remote LAN IP Address IP Address The remote VPN endpoint must have these IP addresses entered as its local addresses. Single/Start IP Address Single PC - no Subnet. Select this option if there is no LAN (only a single PC) at the remote endpoint. If this option is selected, no additional data is required. The typical application is a PC running the VPN client at the remote end. • Enter an IP address on the remote LAN. You can use this setting to access a server. • For a range of addresses, enter the starting IP address. This must be an address range used on the remote LAN. • Any. Any outgoing traffic from specified Local IP computers triggers an attempted VPN connection to the remote VPN endpoint. Be sure you want this option before selecting it. Finish IP Address Enter the finish IP address for a range of addresses. This must be an address range used on the remote LAN. Subnet Mask Enter the network mask. ESP Configuration SPI ESP (Encapsulating Security Payload) provides security for the payload (data) sent through the VPN tunnel. Encryption Enter the required Security Policy Indexes (SPIs). Each policy must have unique SPIs. These settings must match the remote VPN endpoint. The in setting here must match the out setting on the remote VPN endpoint, and the out setting here must match the in setting on the remote VPN endpoint. Select an encryption algorithm, and enter the key in the field provided. For 3DES, the keys should be 24 ASCII characters, and for DES, the keys should be 8 ASCII characters. • DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56-bit key. Faster but less secure than 3DES. • 3DES. (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. Authentication Chapter 6. Virtual Private Networking | 111

Section	Page
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2	1
Table of Contents	3
1. Router Internet Setup	7
Using the Setup Manual	7
Logging In to Your N300 Wireless Modem Router	8
Using the Setup Wizard	9
Viewing or Manually Configuring Your ISP Settings	10
Configuring ADSL Settings	14
2. Wireless Settings	15
Planning Your Wireless Network	15
Wireless Placement and Range Guidelines	16
Wireless Security Options	17
Manually Configuring Your Wireless Settings	18
Configuring WEP Wireless Security	20
Configuring WPA, WPA2, or Mixed WPA2 + WPA Wireless Security	22
Using Push 'N' Connect (WPS) to Configure Your Wireless Network	24
Using a WPS Button to Add a WPS Client	24
Using PIN Entry to Add a WPS Client	25
Configuring Advanced WPS Settings	27
Connecting Additional Wireless Client Devices after WPS Setup	27
Adding More WPS Clients	28
Adding Both WPS and Non-WPS Clients	28
Restricting Access to Your N300 Wireless Modem Router	29
Wireless Guest Networks	30
Live Parental Controls	32
3. Security Settings	34
Protecting Access to Your N300 Wireless Modem Router	34
Changing the Built-In Password	35
Restricting Access by MAC Address	35
Blocking Access to Internet Sites	37
Firewall Rules	38
Port Forwarding	41
Adding a Pre-set Port Forwarding Rule	42
Adding a Custom Port Forwarding Rule	42
Port Triggering	43
Blocking Access to Internet Services	44
Scheduling Blocking	45
Viewing Logs of Web Access or Attempted Web Access	46
Configuring Email Alert and Web Access Log Notifications	47
Setting the Time	49
4. Network Maintenance	50
Upgrading the Firmware	50
Manually Check for Firmware Upgrades	51
Viewing N300 Wireless Modem Router Status Information	52
Connection Status	55
Statistics	56
Viewing a List of Attached Devices	57
Managing the Configuration File	57
Backing Up and Restoring the Configuration	58
Erasing the Configuration	58
Running Diagnostic Utilities and Rebooting the Router	58
Enabling Remote Management Access	59
Traffic Meter	61
5. USB Storage	64
USB Drive Requirements	65
File Sharing Scenarios	65
Sharing Photos with Friends and Family	66
Storing Files in a Central Location for Printing	66
Sharing Large Files with Colleagues	66
USB Storage Basic Settings	67
Editing a Network Folder	68
Configuring USB Storage Advanced Settings	69
Creating a Network Folder	71
Media Server Settings	72
Unmounting a USB Drive	72
Specifying Approved USB Devices	72
Connecting to the USB Drive from a Remote Computer	73
Locating the Internet Port IP Address	73
Accessing the Router’s USB Drive Remotely Using FTP	74
Connecting to the USB Drive with Microsoft Network Settings	74
Enabling File and Printer Sharing	74
6. Virtual Private Networking	76
Overview of VPN Configuration	76
Client-to-Gateway VPN Tunnels	77
Gateway-to-Gateway VPN Tunnels	77
Planning a VPN	78
VPN Tunnel Configuration	79
Setting Up a Client-to-Gateway VPN Configuration	80
Step 1: Configure the Client-to-Gateway VPN Tunnel	80
Step 2: Configure the NETGEAR ProSafe VPN Client	83
Setting Up a Gateway-to-Gateway VPN Configuration	90
VPN Tunnel Control	94
Activating a VPN Tunnel	94
Verifying the Status of a VPN Tunnel	97
Deactivating a VPN Tunnel	98
Deleting a VPN Tunnel	100
Setting Up VPN Tunnels in Special Circumstances	100
Using Auto Policy to Configure VPN Tunnels	101
Using Manual Policy to Configure VPN Tunnels	109
7. Advanced Settings (Part 1)	112
Using the LAN Setup Options	112
Using the N300 Wireless Modem Router as a DHCP Server	114
Address Reservation	115
Using a Dynamic DNS Service	116
Configuring the WAN Setup Options	117
Setting Up a Default DMZ Server	119
Setting Up Quality of Service (QoS)	119
Configuring QoS for Internet Access	120
Editing or Deleting an Existing QoS Policy	123
Configuring Static Routes	123
Wireless Repeating (Also Called WDS)	125
Wireless Repeating Function	126
Setting Up the Base Station	127
Setting Up a Repeater Unit	128
8. Advanced Settings (Part 2)	130
Common Connection Types	130
Assessing Your Speed Requirements	131
Optimizing Your Network Bandwidth	132
Optimizing Wireless Performance	133
Changing the MTU Size	134
Universal Plug and Play	135
A. Troubleshooting	137
Quick Tips	137
Troubleshooting with the LEDs	138
Cannot Access the N300 Wireless Modem Router Menu	140
Cannot Access the Internet	141
Checking the Configuration	141
Checking the WAN IP Address	141
Troubleshooting a Network Using the Ping Utility	142
Testing the LAN Path to Your Router	143
Testing the Path from Your Computer to a Remote Device	143
Problems with Date and Time	144
Wireless Connectivity	145
Viewing Available Networks	145
B. Default Configuration and Technical Specifications	147
Restoring the Factory Configuration Settings	147
Using the Restore Factory Settings Button	147
Technical Specifications	150
C. NETGEAR VPN Configuration	151
Configuration Profile	151
Step-by-Step Configuration	152
N300 Wireless Modem Router with FQDN to Gateway B	153
Configuration Profile	153
Step-by-Step Configuration	155
Configuration Summary (Telecommuter Example)	157
Setting Up Client-to-Gateway VPN (Telecommuter Example)	158
Step 1: Configure Gateway A (VPN Router at Main Office)	159
Step 2: Configure Gateway B (VPN Router at Regional Office)	160
Monitoring the VPN Tunnel (Telecommuter Example)	166
Viewing the VPN Router’s VPN Status and Log Information	167
D. Notification of Compliance	168
E. Related Documents	172

Match case Limit results 1 per page

Chapter 6.

Virtual Private Networking

111

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

Local LAN IP Address

The remote VPN

endpoint must have

these IP addresses

entered as its remote

addresses.

Subnet Mask

Enter the network mask.

Single PC - no

Subnet

Select this option if there is no LAN (only a single PC) at the

remote endpoint. If this option is selected, no additional data is

required.

Single/Start IP

Address

•

The IP address for a single address, or the starting address for

an address range used on the LAN. If you want to make a single

server on your LAN available to remote users, use a single

address settings.

•

Any

. The remote VPN endpoint can be at any IP address.

Finish IP

Address

For an address range, enter the finish IP address. This must be an

address range used on your LAN.

Subnet Mask

Enter the network mask.

Remote LAN IP Address

The remote VPN

endpoint must have

these IP addresses

entered as its local

addresses.

IP Address

Single PC - no Subnet

. Select this option if there is no LAN (only

a single PC) at the remote endpoint. If this option is selected, no

additional data is required. The typical application is a PC running

the VPN client at the remote end.

Single/Start IP

Address

• Enter an IP address on the remote LAN. You can use this setting

to access a server.

• For a range of addresses, enter the starting IP address. This

must be an address range used on the remote LAN.

•

Any

. Any outgoing traffic from specified Local IP computers

triggers an attempted VPN connection to the remote VPN

endpoint. Be sure you want this option before selecting it.

Finish IP

Address

Enter the finish IP address for a range of addresses. This must be

an address range used on the remote LAN.

Subnet Mask

Enter the network mask.

ESP Configuration

ESP (Encapsulating

Security Payload)

provides security for the

payload (data) sent

through the VPN tunnel.

SPI

Enter the required Security Policy Indexes (SPIs). Each policy

must have unique SPIs. These settings must match the remote

VPN endpoint. The in setting here must match the out setting on

the remote VPN endpoint, and the out setting here must match the

in setting on the remote VPN endpoint.

Encryption

Select an encryption algorithm, and enter the key in the field

provided. For 3DES, the keys should be 24 ASCII characters, and

for DES, the keys should be 8 ASCII characters.

•

DES

. The Data Encryption Standard (DES) processes input data

that is 64 bits wide, encrypting these values using a 56-bit key.

Faster but less secure than 3DES.

•

3DES

. (Triple DES) achieves a higher level of security by

encrypting the data three times using DES with three different,

unrelated keys.

Authentication

Table 7.

VPN Manual Policy Fields and Settings

(Continued)

Fields and Settings

Description