Home » Netgear Manuals » Modems » Netgear DGND3300v2 » Manual Viewer

Netgear DGND3300v2 User Manual - Page 154

Using a Fully Qualified Domain Name FQDN, VPNC Example, Network Interface Addressing - custom firmware

Add to My Manuals
Save this manual to your list of manuals

Page 154 highlights

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual Verify that the firmware is up to date, and that you have all the addresses and parameters to be set on both sides. Check that there are no firewall restrictions. 10.506.0/24 172.23.9.0/24 Gateway A (DGND3300v2) Gateway B LAN IP 10.5.6.1 Internet WAN IP example.org (FQDN) WAN IP example2.org (FQDN) LAN IP 172.23.9.1 Figure 72. VPNC Example, Network Interface Addressing Table 9. N300 Wireless Modem Router with FQDN to Gateway B Profile Summary VPN Consortium Scenario Scenario 1 Type of VPN LAN-to-LAN or gateway-to-gateway (not PC/client-to-gateway) Security scheme: IKE with pre-shared secret/key (not certificate based) IP addressing: NETGEAR-Gateway A Fully qualified domain name (FQDN) NETGEAR-Gateway B FQDN Using a Fully Qualified Domain Name (FQDN) Many ISPs provide connectivity to their customers using dynamic instead of static IP addressing. This means that a user's IP address does not remain constant over time, which presents a challenge for gateways attempting to establish VPN connectivity. A Dynamic DNS (DDNS) service allows a user whose public IP address is dynamically assigned to be located by a host or domain name. It provides a central public database where information (such as email addresses, host names, and IP addresses) can be stored and retrieved. Now, a gateway can be configured to use a third-party service instead of a permanent and unchanging IP address to establish bidirectional VPN connectivity. To use DDNS, you must register with a DDNS service provider. Some DDNS service providers include: • DynDNS: www.dyndns.org • TZO.com: netgear.tzo.com • ngDDNS: ngddns.iego.net In this example, Gateway A is configured using a sample FQDN provided by a DDNS service provider. In this case we established the hostname dgnd3300v2.dyndns.org for Gateway A using the DynDNS service. Gateway B uses the DDNS service provider when establishing a VPN tunnel. 154 | Appendix C. NETGEAR VPN Configuration

Section	Page
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2	1
Table of Contents	3
1. Router Internet Setup	7
Using the Setup Manual	7
Logging In to Your N300 Wireless Modem Router	8
Using the Setup Wizard	9
Viewing or Manually Configuring Your ISP Settings	10
Configuring ADSL Settings	14
2. Wireless Settings	15
Planning Your Wireless Network	15
Wireless Placement and Range Guidelines	16
Wireless Security Options	17
Manually Configuring Your Wireless Settings	18
Configuring WEP Wireless Security	20
Configuring WPA, WPA2, or Mixed WPA2 + WPA Wireless Security	22
Using Push 'N' Connect (WPS) to Configure Your Wireless Network	24
Using a WPS Button to Add a WPS Client	24
Using PIN Entry to Add a WPS Client	25
Configuring Advanced WPS Settings	27
Connecting Additional Wireless Client Devices after WPS Setup	27
Adding More WPS Clients	28
Adding Both WPS and Non-WPS Clients	28
Restricting Access to Your N300 Wireless Modem Router	29
Wireless Guest Networks	30
Live Parental Controls	32
3. Security Settings	34
Protecting Access to Your N300 Wireless Modem Router	34
Changing the Built-In Password	35
Restricting Access by MAC Address	35
Blocking Access to Internet Sites	37
Firewall Rules	38
Port Forwarding	41
Adding a Pre-set Port Forwarding Rule	42
Adding a Custom Port Forwarding Rule	42
Port Triggering	43
Blocking Access to Internet Services	44
Scheduling Blocking	45
Viewing Logs of Web Access or Attempted Web Access	46
Configuring Email Alert and Web Access Log Notifications	47
Setting the Time	49
4. Network Maintenance	50
Upgrading the Firmware	50
Manually Check for Firmware Upgrades	51
Viewing N300 Wireless Modem Router Status Information	52
Connection Status	55
Statistics	56
Viewing a List of Attached Devices	57
Managing the Configuration File	57
Backing Up and Restoring the Configuration	58
Erasing the Configuration	58
Running Diagnostic Utilities and Rebooting the Router	58
Enabling Remote Management Access	59
Traffic Meter	61
5. USB Storage	64
USB Drive Requirements	65
File Sharing Scenarios	65
Sharing Photos with Friends and Family	66
Storing Files in a Central Location for Printing	66
Sharing Large Files with Colleagues	66
USB Storage Basic Settings	67
Editing a Network Folder	68
Configuring USB Storage Advanced Settings	69
Creating a Network Folder	71
Media Server Settings	72
Unmounting a USB Drive	72
Specifying Approved USB Devices	72
Connecting to the USB Drive from a Remote Computer	73
Locating the Internet Port IP Address	73
Accessing the Router’s USB Drive Remotely Using FTP	74
Connecting to the USB Drive with Microsoft Network Settings	74
Enabling File and Printer Sharing	74
6. Virtual Private Networking	76
Overview of VPN Configuration	76
Client-to-Gateway VPN Tunnels	77
Gateway-to-Gateway VPN Tunnels	77
Planning a VPN	78
VPN Tunnel Configuration	79
Setting Up a Client-to-Gateway VPN Configuration	80
Step 1: Configure the Client-to-Gateway VPN Tunnel	80
Step 2: Configure the NETGEAR ProSafe VPN Client	83
Setting Up a Gateway-to-Gateway VPN Configuration	90
VPN Tunnel Control	94
Activating a VPN Tunnel	94
Verifying the Status of a VPN Tunnel	97
Deactivating a VPN Tunnel	98
Deleting a VPN Tunnel	100
Setting Up VPN Tunnels in Special Circumstances	100
Using Auto Policy to Configure VPN Tunnels	101
Using Manual Policy to Configure VPN Tunnels	109
7. Advanced Settings (Part 1)	112
Using the LAN Setup Options	112
Using the N300 Wireless Modem Router as a DHCP Server	114
Address Reservation	115
Using a Dynamic DNS Service	116
Configuring the WAN Setup Options	117
Setting Up a Default DMZ Server	119
Setting Up Quality of Service (QoS)	119
Configuring QoS for Internet Access	120
Editing or Deleting an Existing QoS Policy	123
Configuring Static Routes	123
Wireless Repeating (Also Called WDS)	125
Wireless Repeating Function	126
Setting Up the Base Station	127
Setting Up a Repeater Unit	128
8. Advanced Settings (Part 2)	130
Common Connection Types	130
Assessing Your Speed Requirements	131
Optimizing Your Network Bandwidth	132
Optimizing Wireless Performance	133
Changing the MTU Size	134
Universal Plug and Play	135
A. Troubleshooting	137
Quick Tips	137
Troubleshooting with the LEDs	138
Cannot Access the N300 Wireless Modem Router Menu	140
Cannot Access the Internet	141
Checking the Configuration	141
Checking the WAN IP Address	141
Troubleshooting a Network Using the Ping Utility	142
Testing the LAN Path to Your Router	143
Testing the Path from Your Computer to a Remote Device	143
Problems with Date and Time	144
Wireless Connectivity	145
Viewing Available Networks	145
B. Default Configuration and Technical Specifications	147
Restoring the Factory Configuration Settings	147
Using the Restore Factory Settings Button	147
Technical Specifications	150
C. NETGEAR VPN Configuration	151
Configuration Profile	151
Step-by-Step Configuration	152
N300 Wireless Modem Router with FQDN to Gateway B	153
Configuration Profile	153
Step-by-Step Configuration	155
Configuration Summary (Telecommuter Example)	157
Setting Up Client-to-Gateway VPN (Telecommuter Example)	158
Step 1: Configure Gateway A (VPN Router at Main Office)	159
Step 2: Configure Gateway B (VPN Router at Regional Office)	160
Monitoring the VPN Tunnel (Telecommuter Example)	166
Viewing the VPN Router’s VPN Status and Log Information	167
D. Notification of Compliance	168
E. Related Documents	172

Match case Limit results 1 per page

154

Appendix C.

NETGEAR VPN Configuration

N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

Verify that the firmware is up to date, and that you have all the addresses and parameters to

be set on both sides. Check that there are no firewall restrictions.

Figure 72. VPNC Example, Network Interface Addressing

Using a Fully Qualified Domain Name (FQDN)

Many ISPs provide connectivity to their customers using dynamic instead of static IP

addressing. This means that a user’s IP address does not remain constant over time, which

presents a challenge for gateways attempting to establish VPN connectivity.

A Dynamic DNS (DDNS) service allows a user whose public IP address is dynamically

assigned to be located by a host or domain name. It provides a central public database where

information (such as email addresses, host names, and IP addresses) can be stored and

retrieved. Now, a gateway can be configured to use a third-party service instead of a

permanent and unchanging IP address to establish bidirectional VPN connectivity.

To use DDNS, you must register with a DDNS service provider. Some DDNS service

providers include:

•

DynDNS: www.dyndns.org

•

TZO.com: netgear.tzo.com

•

ngDDNS: ngddns.iego.net

In this example, Gateway A is configured using a sample FQDN provided by a DDNS service

provider. In this case we established the hostname dgnd3300v2.dyndns.org for Gateway A

using the DynDNS service. Gateway B uses the DDNS service provider when establishing a

VPN tunnel.

Table 9.

N300 Wireless Modem Router with FQDN to Gateway B Profile Summary

VPN Consortium Scenario

Scenario 1

Type of VPN

LAN-to-LAN or gateway-to-gateway (not PC/client-to-gateway)

Security scheme:

IKE with pre-shared secret/key (not certificate based)

IP addressing:

NETGEAR-Gateway A

Fully qualified domain name (FQDN)

NETGEAR-Gateway B

FQDN

Gateway A

WAN IP

Internet

10.506.0/24

(DGND3300v2)

LAN IP

10.5.6.1

example.org

WAN IP

example2.org

Gateway B

LAN IP

172.23.9.1

172.23.9.0/24

(FQDN)