Home > Netgear > Router > Netgear N600 Wireless Router User Manual

Netgear N600 Wireless Router User Manual

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual Netgear N600 Wireless Router User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 185
    Add page 101 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking101
 N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700
Note:  
While your PC is connected to a remote LAN through a VPN, you 
might not have normal Internet access. If this is the case, you have 
to close the VPN connection to have normal Internet access.
Set Up a Gateway-to-Gateway VPN Configuration
Note:  This section describes how to use the VPN Wizard to set up the  VPN tunnel using the VPNC default parameters listed in  Table  16 on 
page
  89. If you have special requirements not covered by these 
VPNC-recommended parameters, see  Set Up VPN Tunnels in 
Special Circumstances  on page  111 for information about how to set 
up the VPN tunnel.
Follow this procedure to configure a gateway-to-gateway VPN tunnel using\
 the VPN Wizard. 
VPN tunnel
Internet
IP: 192.168.0.1
IP:192.168.3.1
Gateway BGateway A
22.23.24.25
14.15.16.17
Figure 45. Gateway-to-gateway VPN tunnel
Set the LAN IPs on each wireless modem router to different subnets and c\
onfigure each 
correctly for the Internet. The subsequent examples assume the settings \
shown in the 
following table.
Table 18.  Gateway-to-gateway VPN tunnel configuration worksheet   
ParameterValue to Be EnteredField Selection
Connection Name GtoGrN/A
Pre-Shared Key 12345678N/A
Secure Association N/AMain ModeManual Keys
Perfect Forward Secrecy N/AEnabledDisabled
Encryption Protocol N/ADES3DES
    Add page 102 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking102
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700 
Note:  The LAN IP address ranges of each VPN endpoint has to be 
different. The connection will fail if both are using the NETGEAR 
default address range of 192.168.0.x.
To configure a gateway-to-gateway VPN tunnel using the VPN Wizard: 
1. Log in to Gateway A on LAN A. From the main menu, select  VPN Wizard. Click  Next, 
and the Step 1 of 3 screen displays.
2.  Fill in the Connection Name and pre-shared key fields. Select the radio \
button for the type of 
target endpoint, and click  Next, and the Step 2 of 3 screen displays.
Authentication Protocol N/AMD5SHA-1
Diffie-Hellman (DH) Group N/AGroup 1Group 2
Key Life in seconds 28800 (8 hours)N/A
IKE Life Time in seconds 3600 (1 hour)N/A
VPN Endpoint Local IPSecIDLAN IP AddressSubnet MaskFQDN or Gateway 
IP (WAN IP 
Address)
Gateway_A GW_A192.168.0.1255.255.255.014.15.16.17
Gateway_B GW_B192.168.3.1255.255.255.022.23.24.25
Table 18.  Gateway-to-gateway VPN tunnel configuration worksheet  (Cont\
inued)
ParameterValue to Be EnteredField Selection
    Add page 103 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking103
 N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700
3. 
Fill in the IP address or FQDN for the target VPN endpoint WAN connectio\
n, and click  Next. 
and the Step 3 of 3 screen displays.
 
4.  Fill in the IP Address  and Subnet Mask  fields for the target endpoint that can use this 
tunnel, and click  Next.
The VPN Wizard Summary screen displays: 
To view the VPNC-recommended authentication and encryption settings used\
 by the 
VPN Wizard, click the  here link. 
5.  Click  Done on the Summary screen. 
The VPN Policies screen displays, showing that the new tunnel is enabled\
.
    Add page 104 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking104
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700 
Note:  See Use Auto Policy to Configure VPN Tunnels 
on page
 112 for 
information about how to enable the IKE keep-alive capability on an 
existing VPN tunnel.
6.  Repeat these steps for the  gateway on
  LAN B, and pay special attention to the following 
network settings:
•     WAN IP of the remote VPN gateway (for example, 14.15.16.17)
•     LAN IP settings of the remote VPN gateway:
-     IP address (for example, 192.168.0.1)
-     Subnet mask (for example, 255.255.255.0)
-     Pre-shared key (for example, 12345678)
7.  Use the VPN Status screen to activate the VPN tunnel by performing the f\
ollowing steps:
Note:  The VPN Status screen is only one of three ways to active a VPN 
tunnel. See Activate a VPN Tunnel  on page  105 for information 
about the other ways.
a. On the wireless modem router menu, select  VPN Status. The VPN Status/Log screen 
displays:
    Add page 105 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking105
 N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700
b. 
Click the VPN Status button to display the Current VPN Tunnels (SAs) screen: 
c. Click  Connect for the VPN tunnel you want to activate. View the VPN Status/Log 
screen to verify that the tunnel is connected.
VPN Tunnel Control
Activate a VPN Tunnel
There are three ways to activate a VPN tunnel:
•     Use the VPN Status screen.
•     Ping the remote endpoint.
•     Start using the VPN tunnel.
Note:   See Use Auto Policy to Configure VPN Tunnels  on page  112 for 
information about how to enable the IKE keep-alive capability on an 
existing VPN tunnel.
Use the VPN Status Screen to Activate a VPN Tunnel
To use the VPN Status screen to activate a VPN tunnel:
1.  Log in to the wireless modem router.
    Add page 106 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking106
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700 
2. 
On the main menu, select VPN Status . The VPN Status/Log screen displays:
3. Click  VPN Status to display the Current VPN Tunnels (SAs) screen:
4. Click  Connect  for the VPN tunnel that you want to activate.
Activate the VPN Tunnel by Pinging the Remote Endpoint
Note:  This section uses 192.168.3.1 for a sample remote endpoint LAN IP 
address.
To activate the VPN tunnel by pinging the remote endpoint (for example,\
 192.168.3.1), 
perform the following steps depending on whether your configuration is c\
lient-to-gateway or 
gateway-to-gateway:
•     Client-to-gateway configuration. To check the VPN connection, you can initiate a  request from the remote PC to the N600 Wireless Dual Band Gigabit ADSL2+\
 Modem 
Router DGND3700’s network by using the Connect option in the NETGEAR \
ProSafe
    Add page 107 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking107
 N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700
menu bar. The NETGEAR ProSafe client reports the results of the attempt \
to connect. 
Since the remote PC has a dynamically assigned WAN IP address, it has to\
 initiate the 
request. 
To perform a ping test using our example, start from the remote PC:
a.
Establish an Internet connection from the PC.
b.  On the Windows taskbar, click the  Start button, and then select Run.
c.  Type   ping -t 192.168.3.1 , and then click OK.
Running a ping test
to the LAN from the PC
This causes a continuous ping to be sent to the first N600 Wireless Dual\
 Band Gigabit 
ADSL2+ Modem Router DGND3700. Within 2 minutes, the ping response should\
 
change from timed out to reply.
Note:  You can use  Ctrl-C to stop the pinging.
Once the connection is established, you can open a browser on the PC and\
 enter the 
LAN IP address of the remote N600 Wireless Dual Band Gigabit ADSL2+ Mode\
m Router 
DGND3700. After a short wait, you should see the login screen of the wir\
eless modem 
router (unless another PC already has the N600 Wireless Dual Band Gigab\
it ADSL2+ 
Modem Router DGND3700 management interface open).
•      Gateway-to-gateway configuration. Test the VPN tunnel by pinging the remote network 
from a PC attached to Gateway A (the wireless modem router).
a. Open a command prompt (for example, Start > Run > cmd).
b.  Type  ping 192.168.3.1.
    Add page 108 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking108
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700 
Note:  The pings might fail the first time. If they do, then try the pings a 
second time.
Start Using a VPN Tunnel to Activate It
To use a VPN tunnel, use a web browser to go to a URL whose IP address o\
r range is 
covered by the policy for that VPN tunnel.
Verify the Status of a VPN Tunnel
To use the VPN Status screen to determine the status of a VPN tunnel:
1. 
Log in to the wireless modem router.
2.  On the main menu, select VPN Status  to display the VPN Status/Log screen.
This log shows the details of recent VPN activity, including the buildin\
g of the VPN tunnel. 
If there is a problem with the VPN tunnel, refer to the log for informat\
ion about what might 
be the cause of the problem. 
•     Click Refresh to see the most recent entries. 
•     Click Clear Log to delete all log entries.
    Add page 109 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking109
 N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700
3. 
On the VPN Status/Log screen, click VPN Status to display the Current VPN Tunnels (SAs) 
screen.
This table lists the following data for each active VPN tunnel. 
•     SPI. Each SA has a unique SPI (security parameter index) for traffic in e\
ach direction. 
For manual key exchange, the SPI is specified in the policy definition. \
For automatic 
key exchange, the SPI is generated by the IKE protocol. 
•     Policy Name. The VPN policy associated with this SA. 
•     Remote Endpoint. The IP address on the remote VPN endpoint. 
•     Action. Either a Drop or a Connect button. 
•     SLifeTime (Secs). The remaining soft lifetime for this security association (SA) in  seconds. When the soft lifetime becomes 0 (zero), the SA is renegotiat\
ed. 
•      HLifeTime (Secs). The remaining hard lifetime for this SA in seconds. When the hard 
lifetime becomes 0 (zero), the SA is terminated. (It is reestablished\
 if required.) 
Deactivate a VPN Tunnel
Sometimes you need to deactivate a VPN tunnel for testing purposes. You \
can deactivate a 
VPN tunnel from two places:
•     Policy table on VPN Policies screen
•     VPN Status screen
Use the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunn\
el
To deactivate a VPN tunnel:
1.  Log in to the wireless modem router.
    Add page 110 to Favourites
    image text
    Enable zoom 
    							Virtual Private Networking110
N600 Wireless Dual Band Gigabit ADSL2+ Modem Router DGND3700 
2. 
On the main menu, select VPN Policies to display the VPN Policies screen:
3. In the Policy Table, clear the  Enable check box for the VPN tunnel that you want to 
deactivate, and then click  Apply. (To reactivate the tunnel, select the  Enable check box, and 
then click Apply .)
Use the VPN Status Screen to Deactivate a VPN Tunnel
To deactivate a VPN tunnel:
1. Log in to the wireless modem router.
2.  On the main menu, select VPN Policies to display the VPN Policies screen:
    All Netgear manuals Comments (0)

    Related Manuals for Netgear N600 Wireless Router User Manual