Netgear LG6100D ユーザーガイド
Set up a Virtual Private Network (VPN)
115
IPsec Parameters
IPsec encryption places a heavy load on the gateway CPU. For this reason, the gateway
supports only up to four clients at the same time. If you are sending a large amount of traffic
over these links, you may need to use fewer tunnels.
supports only up to four clients at the same time. If you are sending a large amount of traffic
over these links, you may need to use fewer tunnels.
The IPsec parameters are as follows:
●
IKE
IKE Phase I and II encryption options are 3DES, AES-128, and AES-256. (AES-128
is the default setting.)
IKE Phase I and II authentication options are MD5, SHA1, and SHA256. (SHA1 is
the default setting.)
IKE Phase I and II key group options are DH1 (768), DH2 (1024), DH5 (1536), and
DH14 (2048). (DH2 is the default setting.)
●
Perfect Forwarding Secrecy (PFS) can be enabled or disabled. (It is enabled by default.)
●
NAT traversal is automatically enabled using NAT-D (NAT-Discovery) when establishing
IPsec tunnels. (It is disabled by default.)
IPsec tunnels. (It is disabled by default.)
●
Multiple subnets. You can specify multiple subnets and masks for each tunnel for the
local and remote networks.
local and remote networks.
Set Up a Remote Client-to-Gateway VPN
To set up a remote client-to-gateway VPN, you must complete the following tasks:
1. Configure remote clients in the gateway.
2. Use VPN client software to configure the remote clients.
Configure Remote Clients in the Gateway
Specify the VPN settings and add VPN users.
Note: The client-to-gateway VPN requires client configuration to be 3DES, SHA1, DH2 and PFS
disabled.
disabled.
To configure a remote client in the gateway:
1. On a computer or wireless device that is connected to your gateway, launch a Web
browser.
2. In the address or URL field of your browser, type http://myrouter.