Netgear UTM9S – ProSECURE Unified Threat Management (UTM) Appliance with DSL and Wireless modules 参照マニュアル

Assign IP Addresses to Remote Users (Mode Config)

To simplify the process of connecting remote VPN clients to the UTM, use the Mode Config 
feature to automatically assign IP addresses to remote users, including a network access IP 
address, subnet mask, WINS server, and DNS address. Remote users are given IP 
addresses available in a secured network space so that remote users appear as seamless 
extensions of the network.

Mode Config Operation

After the IKE Phase 1 negotiation is complete, the VPN connection initiator (which is the 
remote user with a VPN client) requests the IP configuration settings such as the IP address, 
subnet mask, WINS server, and DNS address from the UTM. The Mode Config feature 
allocates an IP address from the configured IP address pool and activates a temporary IPSec 
policy, using the information that is specified in the Traffic Tunnel Security Level section of the 
Mode Config record (on the Add Mode Config Record screen that is shown in 

After configuring a Mode Config record, you need to manually 

configure an IKE policy and select the newly created Mode Config 
record from the Select Mode Config Record drop-down list (see 

on page 281). You do 

not need to make changes to any VPN policy.

An IP address that is allocated to a VPN client is released only after 

the VPN client has gracefully disconnected or after the SA liftetime 
for the connection has timed out.

Configure Mode Config Operation on the UTM

To configure Mode Config on the UTM, first create a Mode Config record, and then select the 
Mode Config record for an IKE policy.



Select VPN > IPSec VPN > Mode Config. The Mode Config screen displays: