Netgear FVS318v3 – Cable/DSL ProSafe VPN Firewall with 8-Port Switch 참조 매뉴얼
ProSafe VPN Firewall FVS318v3 Reference Manual
Advanced Virtual Private Networking
5-11
v5.0, January 2012
The VPN Manual Policy fields are defined in the following table.
Table 5-3. VPN Manual Policy Configuration Fields
Field Description
General
These settings identify this policy and determine its major characteristics.
Policy Name
The name of the VPN policy. Each policy should have a unique policy
name. This name is not supplied to the remote VPN Endpoint. It is used to
help you identify VPN policies.
name. This name is not supplied to the remote VPN Endpoint. It is used to
help you identify VPN policies.
Remote VPN Endpoint
The WAN Internet IP address of the remote VPN firewall or client to which
you wish to connect. The remote VPN endpoint must have this
FVS318v3’s WAN Internet IP address entered as its Remote VPN
Endpoint.
you wish to connect. The remote VPN endpoint must have this
FVS318v3’s WAN Internet IP address entered as its Remote VPN
Endpoint.
Traffic Selector
These settings determine if and when a VPN tunnel will be established. If
network traffic meets all criteria, then a VPN tunnel will be created.
network traffic meets all criteria, then a VPN tunnel will be created.
Local IP
The drop down menu allows you to configure the source IP address of the
outbound network traffic for which this VPN policy will provide security.
Usually, this address is from your network address space. The choices are:
• ANY for all valid IP addresses in the Internet address space
• Single IP Address
• Range of IP Addresses
• Subnet Address
outbound network traffic for which this VPN policy will provide security.
Usually, this address is from your network address space. The choices are:
• ANY for all valid IP addresses in the Internet address space
• Single IP Address
• Range of IP Addresses
• Subnet Address
Remote IP
The drop down menu allows you to configure the destination IP address of
the outbound network traffic for which this VPN policy will provide security.
Usually, this address is from the remote site's corporate network address
space. The choices are:
• ANY for all valid IP addresses in the Internet address space
• Single IP Address
• Range of IP Addresses
• Subnet Address
the outbound network traffic for which this VPN policy will provide security.
Usually, this address is from the remote site's corporate network address
space. The choices are:
• ANY for all valid IP addresses in the Internet address space
• Single IP Address
• Range of IP Addresses
• Subnet Address
Authenticating Header (AH)
Configuration
Configuration
AH specifies the authentication protocol for the VPN header. These
settings must match the remote VPN endpoint.
Note: The Incoming settings here must match the Outgoing settings on the
remote VPN endpoint, and the Outgoing settings here must match the
Incoming settings on the remote VPN endpoint.
settings must match the remote VPN endpoint.
Note: The Incoming settings here must match the Outgoing settings on the
remote VPN endpoint, and the Outgoing settings here must match the
Incoming settings on the remote VPN endpoint.
SPI - Incoming
Enter a hexadecimal value (3 - 8 chars). Any value is acceptable, provided
the remote VPN endpoint has the same value in its Outgoing SPI field.
the remote VPN endpoint has the same value in its Outgoing SPI field.
SPI - Outgoing
Enter a hexadecimal value (3 - 8 chars). Any value is acceptable, provided
the remote VPN endpoint has the same value in its Incoming SPI field.
the remote VPN endpoint has the same value in its Incoming SPI field.
Enable Authentication
Use this check box to enable or disable AH. Authentication is often not
used. In this case, leave the check box unchecked.
used. In this case, leave the check box unchecked.