Beruflich Dokumente
Kultur Dokumente
This section describes how to configure a VPN connection between a Windows PC and the FVS336G VPN firewall. Using the FVS336G's VPN Wizard, we will create a single set of VPN client policies (IKE and VPN) that will allow up to 200 remote PCs to connect from locations in which their IP addresses are unknown in advance. The PCs may be directly connected to the Internet or may be behind NAT routers. If more PCs are to be connected, an additional policy or policies must be created. Each PC will use Netgear's ProSafe VPN Client software. Since the PC's IP address is assumed to be unknown, the PC must always be the initiator of the connection. This procedure was developed and tested using:
Netgear FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN Netgear ProSafe VPN Client NAT router: Netgear FR114P
The value entered under Domain Name will be of the form "<name><XY>.fvg_remote.com", where each user must use a different variation on the Domain Name entered here. The <name> is the policy name used in the FVS336G configuration. In this example, it is "home". X and Y are an arbitrary pair of numbers chosen for each user. X may not be zero! In this example, we have entered home11.fvg_remote.com. Up to 200 user variations can be served by one policy. 10. Leave Virtual Adapter disabled, and click your computer's Network Adapter. Your current IP address will appear. 1. Before leaving the My Identity menu, click Pre-Shared Key. 2. Click Enter Key and then enter your preshared key, and click OK. This key will be shared by all users of the FVS336G policy "home". 3. In the left frame, click Security Policy. 4. For the Phase 1 Negotiation Mode, check the Aggressive Mode radio box. 5. PFS should be disabled, and Enable Replay Detection should be enabled. 6. In the left frame, expand Authentication (Phase 1) and choose Proposal 1. The Proposal 1 fields should mirror those in the following figure. No changes should be necessary. 7. In the left frame, expand Key Exchange (Phase 2) and choose Proposal 1. The fields in this proposal should also mirror those in the following figure. No changes should be necessary. 8. In the upper left of the window, click the disk icon to save the policy.
of this chapter