Netgear FVX538NA 사용자 설명서
ProSafe VPN Firewall 200 FVX538 Reference Manual
5-4
Virtual Private Networking
v1.0, August 2006
determine the IPSec keys and VPN policies it sets up. It also will set the parameters for the
network connection: Security Association, traffic selectors, authentication algorithm, and
encryption. The parameters used by the VPN wizard are based on the VPNC recommendations.
network connection: Security Association, traffic selectors, authentication algorithm, and
encryption. The parameters used by the VPN wizard are based on the VPNC recommendations.
Creating a VPN Tunnel to a Gateway
You can set up multiple Gateway VPN tunnel policies through the VPN Wizard. You can also set
up multiple remote VPN Client policies through the VPN Wizard. A remote client policy can
support up to 200 clients.
up multiple remote VPN Client policies through the VPN Wizard. A remote client policy can
support up to 200 clients.
To set up a Gateway VPN Tunnel using the VPN Wizard:
1. Select Gateway as your VPN tunnel connection. The wizard needs to know if you are
planning to connect to a remote Gateway or setting up the connection for a remote client/PC to
establish a secure connection to this device.
establish a secure connection to this device.
2. Select a Connection Name. Enter an appropriate name for the connection. This name is not
supplied to the remote VPN Endpoint. It is used to help you manage the VPN settings.
3. Enter a Pre-shared Key. The key must be entered both here and on the remote VPN Gateway,
or the remote VPN Client. This key length should be minimum 8 characters and should not
exceed 49 characters. This method does not require using a CA (Certificate Authority).
exceed 49 characters. This method does not require using a CA (Certificate Authority).
4. Check the radio box for the WAN interface that will act as one end of this VPN tunnel: WAN
1 or WAN 2.
5. Enter the Remote WAN IP Address or Internet Name of the gateway you want to connect
to.
•
Both the remote WAN address and your local WAN address are required. When choosing
these addresses, follow the guidelines in
these addresses, follow the guidelines in
above.
•
The remote WAN IP address of the Gateway must be a public address or the Internet name
of the Gateway. The Internet name is the Fully Qualified Domain Name (FQDN) as setup
in a Dynamic DNS service. Both local and remote ends should be defined as either IP
addresses or Internet Names (FQDN). A combination of IP address and Internet Name is
not permissible.
of the Gateway. The Internet name is the Fully Qualified Domain Name (FQDN) as setup
in a Dynamic DNS service. Both local and remote ends should be defined as either IP
addresses or Internet Names (FQDN). A combination of IP address and Internet Name is
not permissible.
6. Enter the Local WAN IP Address or Internet Name of your gateway.
The Local WAN IP address is used in the IKE negotiation phase. Automatically, the WAN IP
address assigned by your ISP may display. You can modify the address to use your FQDN;
required if the WAN Mode you selected is auto-rollover.
address assigned by your ISP may display. You can modify the address to use your FQDN;
required if the WAN Mode you selected is auto-rollover.