Netgear FVM318 – Cable and DSL ProSafe Wireless VPN Security Firewall 참조 매뉴얼
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
Virtual Private Networking
5-7
•
Remote LAN IP Address in the FVM318 on LAN B: 192.168.3.1
and Remote Subnet Mask in the FVM318 on LAN B: 255.255.255.0
This is the LAN IP Address for the FVM318 on LAN A.
•
Remote WAN IP Address in the FVM318 on LAN A: 10.0.0.1
This is the WAN IP Address for the FVM318 on LAN B.
You can look up the WAN IP Address of the FVM318 on LAN B by viewing the its
WAN Status screen. When the FVM318 on LAN B is connected to the Internet, log in,
go to its Maintenance menu Router Status link. If you find the WAN Port DHCP field
says “DHCP Client” or “PPPOE,” then it is a dynamic address. For a dynamic
address, you would enter 0.0.0.0 in the configuration screen of the FVM318 on LAN
A as the WAN IP Address for the FVM318 on LAN B.
WAN Status screen. When the FVM318 on LAN B is connected to the Internet, log in,
go to its Maintenance menu Router Status link. If you find the WAN Port DHCP field
says “DHCP Client” or “PPPOE,” then it is a dynamic address. For a dynamic
address, you would enter 0.0.0.0 in the configuration screen of the FVM318 on LAN
A as the WAN IP Address for the FVM318 on LAN B.
Note: Only one side may have a dynamic IP address, and that side must always
initiate the connection.
initiate the connection.
•
Remote WAN IP Address in the FVM318 on LAN B: 24.0.0.1
This is the WAN IP Address for the FVM318 on LAN A.
c.
Under Secure Association, select Main Mode and fill in the settings below.
The IKE settings for each end point of the VPN tunnel must match exactly. To configure
the IKE settings, enter the following settings in each FVM318:
the IKE settings, enter the following settings in each FVM318:
•
Enable Perfect Forward Secrecy.
•
For Encryption Protocol, select: DES.
•
Enter the PreShared Key. In this example, enter r>T(h4&3@#kB as the PreShared
Key. With IKE, a preshared key that you make up is used for mutual identification.
The PreShared Key should be between 8 and 80 characters, and the letters are case
sensitive. Entering a combination of letters, numbers and symbols, such as
r>T(h4&3@#kB provides greater security.
Key. With IKE, a preshared key that you make up is used for mutual identification.
The PreShared Key should be between 8 and 80 characters, and the letters are case
sensitive. Entering a combination of letters, numbers and symbols, such as
r>T(h4&3@#kB provides greater security.
•
Key Life - Default is 3600 seconds (1 hour)
•
IKE Life Time - Default is 28800 seconds (8 hours). A shorter time increases security,
but users will be temporarily disconnected upon renegotiation.
but users will be temporarily disconnected upon renegotiation.
d.
If you need to run Microsoft networking functions such as Network Neighborhood, click
the NETBIOS Enable check box to allow NETBIOS traffic over the VPN tunnel.
the NETBIOS Enable check box to allow NETBIOS traffic over the VPN tunnel.
e.
Click Apply to save the Security Association tunnel settings into the table.