Netgear 05200007 사용자 설명서
Reference Manual for the NETGEAR ProSafe VPN Client
NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
C-5
202-10015-01
–
Type the IP Address of client B (0.0.0.0 in our example) in the Remote LAN Start IP
Address field. Entering 0.0.0.0 as the Remote LAN Start IP Address tells the FVS318 to
accept a connection from any IP address. This enables travelling users who will not know
the IP address of their connection to use this tunnel. It also allows telecommuters who
have a direct connection at their home with a dynamic IP address to use this tunnel.
Address field. Entering 0.0.0.0 as the Remote LAN Start IP Address tells the FVS318 to
accept a connection from any IP address. This enables travelling users who will not know
the IP address of their connection to use this tunnel. It also allows telecommuters who
have a direct connection at their home with a dynamic IP address to use this tunnel.
–
Leave the Remote WAN IP or FQDN address field blank.
Figure C-4: NETGEAR FVS318 VPN Settings – Main Mode
–
From the Secure Association drop-down box, select Main Mode.
–
Next to Perfect Forward Secrecy, select the Enabled radio button.
–
From the Encryption Protocol drop-down box, select 3DES.
–
In the PreShared Key box, type a unique text string to be used as the shared key between
the FVS318 and the VPN client. In this example, we used hr5xb84l6aa9r6. You must
make sure the key is entered correctly in both the gateway and the client.
the FVS318 and the VPN client. In this example, we used hr5xb84l6aa9r6. You must
make sure the key is entered correctly in both the gateway and the client.
–
In the Key Life box, enter 28800 seconds.
–
In the IKE Life Time, enter 86400 seconds.
Note:
Entering 0.0.0.0 as the Remote LAN Start IP Address uses two of the available 8
FVS318 tunnels. If you wish to provide a tunnel for home users who are connecting
through a home NAT router, use a reserved IP configuration for the PC on the home
router. Specifying a reserved IP address for a PC on the home NAT router assures that
PC will always receive the same IP address from the DHCP server in the home NAT
router. In such a case, you would enter the reserved IP address of the PC for the Remote
LAN Start IP Address. To avoid duplicate IP address conflicts, be sure the remote PC IP
address is on a different subnet than the FVS318.
through a home NAT router, use a reserved IP configuration for the PC on the home
router. Specifying a reserved IP address for a PC on the home NAT router assures that
PC will always receive the same IP address from the DHCP server in the home NAT
router. In such a case, you would enter the reserved IP address of the PC for the Remote
LAN Start IP Address. To avoid duplicate IP address conflicts, be sure the remote PC IP
address is on a different subnet than the FVS318.