Manualshelf

User's Manual

ManualsBrandsNetgear ManualsPC ComponentsNetgear FVM318
51525354555657585960
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
Virtual Private Networking 4-3
At least one side must have a fixed IP address.
If one side has a dynamic IP address, the side with a dynamic IP address must always be the
initiator of the connection.
Will you use the typical automated Internet Key Exchange (IKE) setup, or a Manual Keying
setup in which you must specify each phase of the connection?
IKE is an automated method for establishing a shared security policy and authenticated keys.
What level of encryption will you use, 56 bit DES or 168 bit 3DES? 3DES is more secure but
the throughput will be slower.
Sample Network to Network VPN Tunnel Configuration Worksheet
The sample configuration worksheet below is filled in with the parameters used in the procedure
examples below. A blank worksheet is provided below at
“Network to Network IKE VPN Tunnel
Configuration Worksheet” on page 4-26.
Table 4-1. Sample Network to Network IKE VPN Tunnel Configuration Worksheet
IKE Tunnel Security Association Settings
Connection Name:
VPNAB
PreShared Key:
r>T(h4&3@#kB
Secure Association -- Main Mode or Aggressive Mode:
Main
Perfect Forward Secrecy:
Enabled
Encryption Protocol -- Null, 56 bit DES, or 168 bit 3DES:
DES
Key Life in seconds:
3600 (1 hour)
IKE Life Time in seconds:
28800 (8 hours)
FVM318 firewall Network IP Settings
Network
Local IPSec
Identifier
LAN IP
Network Address Subnet Mask
Gateway IP
(WAN IP Address)
LAN A
LAN_A 192.168.3.1 255.255.255.0 24.0.0.1
LAN B
LAN_B 192.168.0.1 255.255.255.0 10.0.0.1
FVM318.book Page 3 Wednesday, September 18, 2002 5:20 PM