Netgear FVS336G FVS336G Reference Manual - Page 122
Apply, IKE Policies, List of IKE Policies, Add IKE Policy, Mode Config, View selected, General
UPC - 606449052015
View all Netgear FVS336G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 122 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 11. Specify the VPN policy settings. These settings must match the configuration of the remote VPN client. Recommended settings are: • SA Lifetime: 3600 seconds • Authentication Algorithm: SHA-1 • Encryption Algorithm: 3DES 12. Click Apply. The new record should appear in the VPN Remote Host Mode Config Table. Next, you must configure an IKE Policy: 1. Click VPN > IPsec VPN in the main menu. The IKE Policies screen is displayed showing the current policies in the List of IKE Policies Table. (See Figure 5-10 on page 5-12.) 2. Click Add to configure a new IKE Policy. The Add IKE Policy screen is displayed.(See Figure 5-11 on page 5-12.) 3. Enable Mode Config by checking the Yes radio button and selecting the Mode Config record you just created from the pull-down menu. (You can view the parameters of the selected record by clicking the View selected radio button.) Mode Config works only in Aggressive Mode, and Aggressive Mode requires that both ends of the tunnel be defined by an FQDN. 4. In the General section: a. Enter a descriptive name in the Policy Name Field such as "salesperson". This name will be used as part of the remote identifier in the VPN client configuration. b. Set Direction/Type to Responder. c. The Exchange Mode will automatically be set to Aggressive. 5. For Local information: a. Select Fully Qualified Domain Name for the Local Identity Type. b. Enter an identifier in the Remote Identity Data field that is not used by any other IKE policies. This identifier will be used as part of the local identifier in the VPN client configuration. 6. Specify the IKE SA parameters. These settings must be matched in the configuration of the remote VPN client. Recommended settings are: • Encryption Algorithm: 3DES • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 5-26 Virtual Private Networking Using IPsec v1.2, June 2008