D-Link DFL-1000 用户手册
DFL-1000 User Manual
100
Enable perfect forward secrecy
(PFS)
(PFS)
Select Select Select
Select
DH Group
5 5 5
5
Keylife
300 seconds
300 seconds
300 seconds
300 seconds
Autokey Keep Alive
Enable Enable Enable
Enable
Concentrator
Not selected
Not selected
Not selected
Not selected
Configuring the VPN concentrator
For the Main Office (the hub), create the VPN concentrator and add the appropriate members to it. Add
all the tunnels that are part of the same hub and spoke configuration to the same VPN concentrator.
all the tunnels that are part of the same hub and spoke configuration to the same VPN concentrator.
If you add a spoke to the configuration after you create the VPN concentrator, you can add the new VPN
tunnel to the VPN concentrator by selecting the concentrator name while you are configuring the tunnel.
tunnel to the VPN concentrator by selecting the concentrator name while you are configuring the tunnel.
Example VPN concentrator configuration
shows the information required to configure the VPN
concentrator.
Example VPN concentrator configuration
Field name
VPN concentrator information
Concentrator Name Main_Office_Concentrator
Members
Branch1_VPN
Branch2_VPN
Branch2_VPN
To add a VPN concentrator:
• Go to VPN > IPSec > Concentrator.
• Select New to add a VPN concentrator.
• Enter the name of the new VPN concentrator in the Concentrator Name field.
• Select Branch1_VPN in the Available Tunnels list and select the right arrow.
• Go to VPN > IPSec > Concentrator.
• Select New to add a VPN concentrator.
• Enter the name of the new VPN concentrator in the Concentrator Name field.
• Select Branch1_VPN in the Available Tunnels list and select the right arrow.
The tunnel moves to the Members list.
• Select Branch2_VPN in the Available Tunnels list and select the right arrow.
The tunnel moves to the Members list.
• Select OK to add the VPN concentrator.
Adding source and destination addresses
Add source and destination addresses for the Main Office, Branch 1, and Branch 2.
Use the procedure
Adding source and destination addresses for a remote client VPN
.
Use the information in
Example IPSec source and destination address information
to add the source and
destination addresses. You need to add the addresses for each location individually.
Example IPSec source and destination address information
Field name
Main Office information
Branch 1 information Branch 2 information
Source Address
Address Name Main_Office Branch1
Branch2
IP address
192.168.1.0 192.168.2.0
192.168.3.0
Netmask
255.255.255.0 255.255.255.0 255.255.255.0
Destination Address
Address Name Branch1 Branch2 Main_Office
Main_Office
IP address
192.168.2.0 192.168.3.0 192.168.1.0
192.168.1.0