Specifications
NETGEAR VPN Configuration
147
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2
N300 Wireless Modem Router with FQDN to Gateway B
This section is a case study on how to configure a VPN tunnel from a NETGEAR N300
wireless modem router to a gateway using a fully qualified domain name (FQDN) to resolve
the public address of one or both routers. This case study follows the VPN Consortium
interoperability profile guidelines (found at
http://www.vpnc.org/InteropProfiles/Interop-01.html).
Configuration Profile
The configuration in this section follows the addressing and configuration mechanics defined
by the VPN Consortium. Gather the necessary information before you begin configuration.
Verify that the firmware is up to date, and that you have all the addresses and parameters to
be set on both sides. Check that there are no firewall restrictions.
Gateway A
WAN IP
Internet
10.506.0/24
(DGND3300v2)
LAN IP
10.5.6.1
example.org
WAN IP
example2.org
Gateway B
LAN IP
172.23.9.1
172.23.9.0/24
(FQDN)
(FQDN)
Figure 8. VPNC Example, Network Interface Addressing
VPN Consortium Scenario Scenario 1
Type of VPN LAN-to-LAN or gateway-to-gateway (not computer/client-to-gateway)
Security scheme: IKE with preshared secret/Key (not certificate based)
IP addressing:
NETGEAR-Gateway A Fully aualified domain name (FQDN)
NETGEAR-Gateway B FDQN
Use a Fully Qualified Domain Name (FQDN)
Many ISPs provide connectivity to their customers using dynamic instead of static IP
addressing. This means that a user’s IP address does not remain constant over time, which
presents a challenge for gateways attempting to establish VPN connectivity.
A Dynamic DNS (DDNS) service allows a user whose public IP addre
ss is dynamically
assigned to be located by a host or domain name. It provides a central public database
where information (such as e-mail addresses, host names, and IP addresses) can be stored