Netgear LG6100D 사용자 가이드
Set up a Virtual Private Network (VPN)
124
s:ident-server-type:address
b:auth-mutual-psk:MTIzNDU2Nzg=
s:phase1-exchange:main
s:phase1-cipher:3des
s:phase1-hash:sha1
s:phase2-transform:esp-3des
s:phase2-hmac:sha1
s:ipcomp-transform:disabled
n:phase2-pfsgroup:-1
s:policy-level:auto
s:client-saved-username:admin
Set Up a Site-to-Site VPN
This example describes how to set up a site-to-site VPN tunnel between two gateways at
different locations. The LAN subnets of these two gateways must each be in a unique range.
different locations. The LAN subnets of these two gateways must each be in a unique range.
Note: If your remote gateway is behind a NAT firewall, make sure that each side of the tunnel
uses both a local identity and a remote identity. The local identity must match the remote
identity on the other side of the tunnel, and vice versa. You must initiate the VPN tunnel from
the side that is behind the NAT firewall.
uses both a local identity and a remote identity. The local identity must match the remote
identity on the other side of the tunnel, and vice versa. You must initiate the VPN tunnel from
the side that is behind the NAT firewall.
To do this, you must complete the following tasks:
1. Make sure that each gateway uses a different subnet range and that the ranges do not
overlap.
2. Specify the VPN connection for each gateway.
3. Enable the VPN on each gateway.
Add an IKE Policy
You must add an IKE policy before you configure the site-to-site VPN connection.
You can create up to ten IKE policies. An IKE policy that is in use (assigned to the site-to-site
configuration) cannot be deleted. You can create up to eight site-to-site VPN configurations, but
only four can be enabled at a time.
configuration) cannot be deleted. You can create up to eight site-to-site VPN configurations, but
only four can be enabled at a time.