Wireless ADSL2+ Modem Router DG834Gv5 User Manual NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 USA 202-10363-02 March 2010 v1.
© 2010 by NETGEAR, Inc. All rights reserved. Trademarks NETGEAR and the NETGEAR logo are trademarks of Netgear, Inc. Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and product names are registered trademarks or trademarks of their respective holders.
European Union Statement of Compliance Hereby, NETGEAR, Inc. declares that this modem router is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC. Èesky [Czech] NETGEAR, Inc. tímto prohlašuje, že tento 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5 je ve shodì se základními požadavky a dalšími pøíslušnými ustanoveními smìrnice 1999/5/ES. Dansk Undertegnede NETGEAR, Inc.
Polski [Polish] Niniejszym NETGEAR, Inc. oœwiadcza, ¿e 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5 jest zgodny z zasadniczymi wymogami oraz pozosta³ymi stosownymi postanowieniami Dyrektywy 1999/5/EC. Português NETGEAR, Inc. declara que este 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5 [Portuguese] está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/CE. Slovensko NETGEAR, Inc.
World Wide Web NETGEAR maintains a World Wide Web home page that you can access at the universal resource locator (URL) http://www.netgear.com. A direct connection to the Internet and a Web browser such as Internet Explorer or Mozilla Firefox are required.
Contents Wireless ADSL2+ Modem Router DG834Gv5 User Manual About This Manual Conventions, Formats, and Scope ..................................................................................... i How to Print This Manual .................................................................................................. ii Revision History .................................................................................................................
Restricting Access by MAC Address ............................................................................2-17 Chapter 3 Protecting Your Network Protecting Access to Your ADSL2+ Modem Wireless Router ........................................3-1 Changing the Built-In Password ...............................................................................3-1 Changing the Administrator Login Time-out .............................................................3-2 Configuring Basic Firewall Services .......
Configuring Your LAN IP Settings ..................................................................................5-4 Using the Modem Router as a DHCP Server ...........................................................5-6 Defining Reserved IP Addresses .............................................................................5-7 Configuring Dynamic DNS ..............................................................................................5-8 Using Static Routes ....................................
ADSL Link ................................................................................................................7-3 ADSL Link ................................................................................................................7-4 Obtaining a WAN IP Address ...................................................................................7-5 Troubleshooting PPPoE or PPPoA ..........................................................................7-6 Troubleshooting Internet Browsing ...
About This Manual The NETGEAR® Wireless ADSL2+ Modem Router DG834G User Manual describes how to install, configure and troubleshoot the 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5. Conventions, Formats, and Scope The conventions, formats, and scope of this manual are described in the following paragraphs: • • Typographical Conventions.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Scope. This manual is written for the ADSL2+ Modem Wireless Router according to these specifications: Product Version 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5 Manual Publication Date March 2010 For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix C, “Related Documents.” Note: Product updates are available on the NETGEAR, Inc. website at http://kbserver.netgear.
Chapter 1 Configuring Your Internet Connection This chapter describes how to configure your modem router Internet connection. When you perform the initial configuration of your modem router using the Resource CD as described in the NETGEAR Router Setup Manual, these settings are configured automatically for you. This chapter provides further details about these settings, as well as instructions on how to log in to the modem router for further configuration.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Depending on how your ISP set up your Internet account, you need to know one or more of these settings: – Virtual path identifier (VPI) and Virtual channel identifier (VCI) parameters – Multiplexing method – Host and domain names • ASDL microfilters as explained in the NETGEAR Router Setup Manual. • Your computer must be set up to use DHCP to get its TCP/IP configuration from the modem router. This is usually the case.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Logging In to the Modem Router You can log in to the modem router to view or change its settings. Note: Your computer must be configured for DHCP. For help with configuring DHCP, see the documentation that came with your computer or see the link to the online document in “Preparing a Computer for Network Access” in Appendix C. To log in to the modem router: 1. Type http://routerlogin.net or http://192.168.0.1 in the address field of an Internet browser.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Using the Setup Wizard to Auto-Detect Your Internet Connection The Setup Wizard searches your Internet connection for servers and protocols to determine your ISP configuration. Note: The wizard cannot detect a PPTP connection with your ISP. If your ISP uses this protocol, then you must configure your connection manually (see “Viewing or Manually Configuring Your ISP Settings” on page 1-6).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. Change your password: Figure 1-4 3. Enter a new password twice, and then click Next. The modem router attempts to detect your Internet connection type: Figure 1-5 The Setup Wizard detects your ISP configuration. Depending on the type of connection, you are prompted to enter your ISP settings, as shown in the following table. Table 1-1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 1-1. Auto-Detected Internet Connection Types (continued) Connection Type ISP Information IP over ATM Classical IP assignment (RFC1577) • Enter the assigned IP address, subnet mask, and the IP address of your ISP’s primary DNS server. If a secondary DNS server address is available, enter it also. • DNS servers are required to perform the function of translating an Internet name such as www.netgear.com to a numeric IP address.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual must install the ADSL filters and connect the modem router to the ADSL line as described in the NETGEAR Router Setup Manual before you configure the settings in the Basic Settings screen. To view or configure the basic settings: 1. Log in to the modem router as described in “Logging In to the Modem Router”. 2. Select Basic Settings to display the Basic Settings screen.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Yes. If your ISP requires a login, select the encapsulation method. Enter the login name. If you want to change the login time-out, enter a new value in minutes. • No. If your ISP does not require a login, enter the account name, if required, and the domain name, if required. 4. Enter the settings for the IP address and DNS server. The default ADSL settings usually work fine. If you have problems with your connection, check the ADSL settings.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 1-2. Basic Settings Fields Description (continued) Settings Description Internet IP Address • Get Dynamically from ISP. Your ISP uses DHCP to assign your IP address. Your ISP automatically assigns these addresses. • Use Static IP Address. Enter the IP address that your ISP assigned. Also enter the IP subnet mask and the gateway IP address. The gateway is the ISP’s modem router to which your modem router will connect. • Use IP Over ATM (IFoA).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Changing Your ADSL Settings Note: For information about how to install ADSL filters, see the NETGEAR Router Setup Manual. The default ADSL settings of your modem router work fine for most ISPs. However, some ISPs use a specific multiplexing method and virtual circuit number for the virtual path identifier (VPI) and virtual channel identifier (VCI). Note: You must use the Setup Wizard to select the correct country for the default ADSL settings to work.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual How the Internet Connection Works Your modem router is now configured to provide Internet access for your network. Your modem router automatically connects to the Internet when one of your computers requires access. It is not necessary to run a dialer or login application such as dial-up networking or Enternet to connect, log in, or disconnect. The modem router performs these functions automatically as needed.
Chapter 2 Configuring Your Wireless Network and Security Settings For a wireless connection, the SSID, also called the wireless network name, and the wireless security setting must be the same for the modem router and wireless computers or wireless adapters. NETGEAR strongly recommends that you use wireless security. Warning: Computers can connect wirelessly at a range of several hundred feet. This can allow others outside of your immediate area to access your network.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual – Wireless security option. To successfully implement wireless security, check each wireless adapter to determine which wireless security option it supports. See “Manually Configuring Your Wireless Network” on page 2-4.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual The time it takes to establish a wireless connection can vary depending on both your security settings and placement. WEP connections can take slightly longer to establish. Also, WEP encryption can consume more battery power on a notebook computer. Wireless Security Options Indoors, computers can connect over 802.11g wireless networks at a maximum range of up to 300 feet.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual You also can increase your security by implementing one or more of the following features: • Restrict Access Based on MAC Address. You can allow only trusted PCs to connect so that unknown PCs cannot wirelessly connect to the modem router. Restricting access by MAC address adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed (see “Restricting Access by MAC Address” on page 2-17).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 2-2 The settings for this screen are explained in Table 2-1 on page 2-6. 3. Select the region in which the modem router will operate. 4. For initial configuration and test, leave the other settings unchanged. 5. To save your changes, click Apply. 6. Configure and test your computers for wireless connectivity. After testing your wireless connectivity, select a security method (see “Configuring Your Wireless Security” on page 2-7).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 2-1. Wireless Settings Settings Wireless Network Wireless Access Point Wireless Station Access List 2-6 Description Name (SSID) The SSID is also known as the wireless network name. Enter a 32-character (maximum) name. This field is case-sensitive. Wireless network names provide a means for separating traffic for different networks. Any device you want to join a wireless network must use the SSID.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 2-1. Wireless Settings (continued) Settings Security Options (see “Configuring Your Wireless Security”). Description • Disabled. You can use this setting to establish wireless connectivity before implementing wireless security. NETGEAR strongly recommends that you implement wireless security. • WEP (Wired Equivalent Privacy). Use encryption keys and data encryption for data security. You can select 64-bit or 128-bit encryption. See “Configuring WEP”.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Configuring WEP To configure WEP data encryption: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin, and default password of password, or using whatever user name, password, and LAN address you have chosen for the modem router. 2. From the main menu, select Wireless Settings to display the Wireless Settings screen. 3.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • WEP (Wired Equivalent Privacy) 128-bit encryption. Enter 26 hexadecimal digits (any combination of 0–9, a–f, or A–F). 6. Enter the encryption keys. You can manually or automatically program the four data encryption keys. These values must be identical on all computers and Access Points in your network: • Passphrase. To use a passphrase to generate the keys, enter a passphrase, and click Generate. This automatically creates the keys.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual To configure WPA or WPA2 in the modem router: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin and default password of password, or using whatever user name, password, and LAN address you have chosen for the modem router. 2. Select Wireless Settings from the main menu. 3. On the Wireless Setting screen, select the radio button for the WPA or WPA2 option of your choice. 4.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • NETGEAR’s Push 'N' Connect feature is based on the WPS standard. All other Wi-Fi-certified and WPS-capable products should be compatible with NETGEAR products that implement Push 'N' Connect. • If your wireless network will include a combination of WPS capable devices and non-WPS capable devices, NETGEAR suggests that you set up your wireless network and security settings manually first, and use WPS only for adding additional WPS capable devices.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual The modem router tries to communicate with the client for 2 minutes. 4. Go to the client wireless computer, and run a WPS configuration utility. Follow the utility’s instructions to click a WPS button. 5. Go back to the modem router screen to check for a message. The modem router WPS screen displays a message confirming that the client was added to the wireless network. The modem router generates an SSID, and implements WPA/WPA2 wireless security.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Using PIN Entry to Add a WPS Client Any wireless computer or wireless adapter that will connect to the modem router wirelessly is a client. The client must support a WPS PIN, and must have a WPS configuration utility, such as the NETGEAR Smart Wizard or Atheros Jumpstart. The first time you add a WPS client, make sure that the Keep Existing Wireless Settings check box on the WPS Settings screen is cleared.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 6. Note the new SSID and WPA/WPA2 password for the wireless network. You can view these settings in the Wireless Settings screen. See “Using Push 'N' Connect (WPS) to Configure Your Wireless Network” on page 2-10 To access the Internet from any computer connected to your modem router, launch a browser such as Microsoft Internet Explorer or Mozilla Firefox. You should see the modem router’s Internet LED blink, indicating communication to the ISP.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. Configure the network names (SSIDs), select the WPA/PSK + WPA2/PSK radio button on the Wireless Settings screen (see “Using Push 'N' Connect (WPS) to Configure Your Wireless Network” on page 2-10). and click Apply. On the WPA/PSK + WPA2/PSK screen, select a passphrase and click Apply. Record this information to add additional clients. 3.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual By default, the Keep Existing Wireless Settings check box is cleared. This allows the modem router to automatically generate the SSID and WPA/WPA2 security settings when it implements WPS. After WPS is implemented, the modem router automatically selects this check box so that your SSID and wireless security settings remain the same if other WPS-enabled devices are added later.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Restricting Access by MAC Address For increased security, you can restrict access to the wireless network to allow only specific computers based on their MAC addresses. You can restrict access to only trusted computers so that unknown computers cannot wirelessly connect to the modem router. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 3. Adjust the list as needed for your network. You can add devices to the Trusted Wireless Stations list using either of the following methods: • If the computer is in the Device Name table, select its radio button to capture its MAC address. • Use the Add button to enter the MAC address of the device to be added. The MAC address can usually be found on the bottom of the wireless device.
Chapter 3 Protecting Your Network This chapter describes how to use the basic firewall features of the ADSL2+ Modem Wireless Router to protect your network. Protecting Access to Your ADSL2+ Modem Wireless Router For security reasons, the modem router has its own user name and password. Also, after a period of inactivity for a set length of time, the administrator login automatically disconnects. When prompted, enter adminCfor the modem router user name and password for the modem router password.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. From the main menu, under the Maintenance heading, select Set Password to display the Set Password screen: Figure 3-2 3. To change the password, first enter the old password, and then enter the new password twice. 4. Click Apply to save your changes. Note: After changing the password, you must log in again to continue the configuration.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Blocking Keywords, Sites, and Services The modem router provides a variety of options for blocking Internet-based content and communications services. With its content filtering feature, the modem router prevents objectionable content from reaching your PCs. You can control access to Internet content by screening for keywords within Web addresses. Content filtering options include: • Keyword blocking of HTTP traffic. • Outbound service blocking.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. On the main menu, select Block Sites to display the Block Sites screen: Figure 3-3 3. To enable keyword blocking, select one of the following: • Per Schedule. Turn on keyword blocking according to the settings on the Schedule screen. • Always. Turn on keyword blocking all the time, independent of the setting in the Schedule screen. 4. Enter a keyword or domain in the Keyword field, click Add Keyword, and then click Apply.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Note: If you block sites, you can set up the modem router to log attempts to access them. See “Viewing, Selecting, and Saving Logged Information” on page 4-8. 5. To delete a keyword or domain, select it from the list, click Delete Keyword, and then click Apply. 6. To specify a trusted user, enter that computer’s IP address in the Trusted IP Address field, and then click Apply.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 3-4 • • • To edit an existing rule, select its button on the left side of the table and click Edit. To delete an existing rule, select its button on the left side of the table and click Delete. To move a rule to a different position in the table, select its button, and then click Move. At the prompt, enter the number of the desired new position, and then click OK.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual To add an inbound rule: 1. From the Firewall Rules screen, click Add in the Inbound Rules section to display the following screen: Figure 3-5 2. Either select a service from the Inbound Services drop-down list, or select User Defined and create a custom service. 3. When you are finished, click Apply. The settings are: • Service. From this list, select the application or service to be allowed or blocked.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual – – – – Never. No log entries will be made for this service. Always. Any traffic for this service type will be logged. Match. Traffic of this type that matches the rule will be logged. Not match. Traffic of this type that does not match the rule will be logged. Considerations for Inbound Rules If your external IP address is assigned dynamically by your ISP, the IP address might change periodically as the DHCP lease expires.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 3-6 2. Either select a service from the Inbound Services drop-down list, or select User Defined and create a custom service. 3. When you are finished, click Apply. The Outbound Services screen includes the following fields: • Service. Select the application or service from the drop-down list to be allowed or blocked.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Log. Select whether the traffic will be logged. The choices are: – Never. No log entries will be made for this service. – Always. Any traffic for this service type will be logged. – Match. Traffic of this type that matches the rule will be logged. – Not match. Traffic of this type that does not match the rule will be logged.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Although the modem router already holds a list of many service port numbers, you are not limited to these choices. Use the following procedure to define your own services. To define a service: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin default password of password, or using whatever password and LAN address you have chosen for the modem router. 2.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Setting Times and Scheduling Firewall Services The modem router uses network time protocol (NTP) to obtain the current time and date from one of several network time servers on the Internet. To localize the time for your log entries, you must specify your time zone: 1. Log in to the modem router at its default LAN address of http://192.168.0.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 4. The modem router has a list of NETGEAR NTP servers. If you prefer to use a particular NTP server as the primary server, enter its IP address in the Use this NTP Server field. 5. Click Apply to save your settings. Scheduling Firewall Services If you enabled services blocking in the Block Services screen or port forwarding in the Ports screen, you can set up a schedule for when blocking occurs or when access is not restricted. 1.
Chapter 4 Managing Your Network This chapter describes how to perform network management tasks with your ADSL2+ Modem Wireless Router. Backing Up, Restoring, or Erasing Your Settings The configuration settings of the modem router are stored in a configuration file in the modem router. This file can be backed up to your computer, restored, or reverted to factory default settings. The procedures below explain how to do these tasks. Backing Up the Configuration to a File 1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Restoring the Configuration from a File To restore the configuration: 1. Log in to the modem router at its default LAN address of http://192.168.0.1 with its default user name of admin default password of password, or using whatever user name, password and LAN address you have chosen for the modem router. 2. Under the Maintenance heading on the main menu, select Backup Settings. 3.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual NETGEAR recommends that you back up your configuration before doing a firmware upgrade. After the upgrade is complete, you might need to restore your configuration settings. To upgrade the modem firmware: 1. Download and unzip the new software file from NETGEAR. The Web browser used to upload new firmware into the modem router must support HTTP uploads. NETGEAR recommends using Microsoft Internet Explorer 5.0 or later, or Mozilla Firefox 2.0 or later. 2.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Network Management Information The modem router provides a variety of status and usage information which is discussed below. Viewing Modem Router Status and Usage Statistics From the main menu, below the Maintenance heading, select Router Status to view this screen. Figure 4-3 The Router Status screen provides status and usage information. This screen shows the following parameters: Managing Your Network 4-4 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 4-1. Modem Router Status Fields Field Description Account Name The host name assigned to the modem router in the Basic Settings screen. Firmware Version This field displays the modem router firmware version. ADSL Port LAN Port Modem MAC Address The Ethernet MAC address used by the ADSL port of the modem router. IP Address The IP address used by the ADSL port. If no address is shown, the modem router cannot connect to the Internet.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 4-1. Modem Router Status Fields (continued) Field Wireless Port These are set in the Wireless Settings page; see “Using Push 'N' Connect (WPS) to Configure Your Wireless Network” on page 2-10. Description Name (SSID) The service set ID, also known as the wireless network name. Region The country where the unit is set up for use. Channel The current channel, which determines the operating frequency.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 4-2. Router Statistics Fields Field WAN (Internet), LAN, or WLAN (Wireless LAN) statistics ADSL Link Downstream or Upstream These statistics might help your technical support representative if there is a connection problem. Description Status The link status of the port. TxPkts The number of packets transmitted on this port since reset or clear. RxPkts The number of packets received on this port since reset or clear.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual This screen shows the following statistics: Table 4-3. Connection Status Fields for PPPoA Field Description Connection Time The time elapsed since the last connection to the Internet via the ADSL port. Connecting to Sender The connection status. Negotiation Success or Off. Authentication Success or Off. IP Address The IP address assigned to the WAN port by the ADSL Internet Service Provider.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 4-7 Log entries are described in the following table. Table 4-4. Security Log Entry Descriptions Field Description Current time The date and time the log entry was recorded. Description or action The type of event and what action was taken if any. Source IP The IP address of the initiating device for this log entry. Source port and interface The service port number of the initiating device, and whether it originated from the LAN or WAN.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Selecting Which Information to Log Besides the standard information listed previously, you can choose to log additional information. Those optional selections are as follows: • Attempted access to blocked site • Connections to the Web-based interface of the modem router • Modem Router operation (start up, get time, etc.) • Known DoS attacks and port scans Saving Log Files on a Server You can choose to write the logs to a computer running a syslog program.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Running Diagnostic Utilities and Rebooting the Modem Router The modem router has a diagnostics feature. You can use the Diagnostics screen to perform the following functions from the modem router: • Ping an IP address to test connectivity to see if you can reach a remote host. If Ping VPN is enabled, the ping packet always goes through the VPN if the VPN tunnel is enabled and working.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Enabling Remote Management Using the Remote Management screen, you can allow a user or users on the Internet to configure, upgrade, and check the status of your modem router. Tip: Be sure to change the modem router default password to a very secure password. The ideal password should contain no dictionary words from any language, and should be a mixture of letters (both upper-case and lower-case), numbers, and symbols.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • To allow access from any IP address on the Internet, select Everyone. • To allow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and ending IP address to define the allowed range. • To allow access from a single IP address on the Internet, select Only This Computer. Enter the IP address that will be allowed access. 5. Specify the port number that will be used for accessing the management interface.
Chapter 5 Advanced Configuration This chapter describes how to configure the advanced features of your ADSL2+ Modem Wireless Router. The modem router provides a variety of advanced features, such as the following: • “Modifying Your WAN Setup” • “Configuring Your LAN IP Settings” • “Using the Modem Router as a DHCP Server” • “Configuring Dynamic DNS” • “Using Static Routes” • “Configuring Universal Plug and Play (UPnP)” These features are discussed in the following sections of this chapter.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. From the main menu, select WAN Setup to display the WAN Setup screen: Figure 5-1 3. Make the changes that you want, and then click Apply to save the settings. The WAN Setup fields are described in the following table: Table 5-1. WAN Setup Settings Setting Description Connect Automatically, as Required Usually, this check box is selected, so that an Internet connection is made automatically, whenever Internet-bound traffic is detected.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 5-1. WAN Setup Settings (continued) Setting Description Respond to Pin on Internet WAN Port If you want the modem router to respond to a ping from the Internet, select this check box. This should be used only as a diagnostic tool, since it allows your modem router to be discovered. Do not select this check box unless you have a specific reason to do so.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Configuring Your LAN IP Settings The LAN IP Setup screen allows configuration of LAN IP services such as DHCP and RIP. These features can be found under the Advanced heading in the modem router main menu. The modem router is shipped preconfigured to use private IP addresses on the LAN side, and to act as a DHCP server. The modem router default LAN IP configuration is: • LAN IP addresses: 192.168.0.1 • Subnet mask: 255.255.255.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 3. Click Apply to save the changes. The LAN TCP/IP Setup parameters are explained in the following table. Table 5-2. LAN IP Setup Settings LAN TCP/IP Setup DHCP Server For more information, see “Using the Modem Router as a DHCP Server” on page 5-6. Description IP Address The LAN IP address of the modem router. IP Subnet Mask The LAN subnet mask of the modem router.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Using the Modem Router as a DHCP Server By default, the modem router functions as a Dynamic Host Configuration Protocol (DHCP) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the modem router’s LAN. The assigned default gateway address is the LAN address of the modem router. IP addresses is assigned to the attached PCs from a pool of addresses specified in this screen.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Defining Reserved IP Addresses When you specify a reserved IP address for a computer on the LAN, that computer always receives the same IP address each time it access the modem router’s DHCP server. Reserved IP addresses should be assigned to servers that require permanent IP settings. To reserve an IP address: 1. Click the Add button. Figure 5-3 2. In the IP Address field, type the IP address to assign to the computer or server.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Configuring Dynamic DNS If your network has a permanently assigned IP address, you can register a domain name and have that name linked with your IP address by public Domain Name Servers (DNS). However, if your Internet account uses a dynamically assigned IP address, you will not know in advance what your IP address will be, and the address can change frequently.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual For example, for dyndns.org, go to www.dyndns.org. 4. Select the Use a Dynamic DNS Service check box. 5. Select the name of your dynamic DNS service provider. 6. Fill in the Host Name, User Name, and Password fields. The dynamic DNS service provider may call the host name a domain name. If your URL is myName.dyndns.org, then your host name is myName. The password can be a key for your dynamic DNS account. 7.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual In this case you must define a static route, telling your router that 134.177.0.0 should be accessed through the ISDN router at 192.168.0.100. The static route would look like Figure 5-6. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. • The Gateway IP Address fields specify that all traffic for these addresses should be forwarded to the ISDN router at 192.168.0.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 5-6 4. Fill in or change the fields: • Route Name. The route name is for identification purposes only. • Private. Select this check box if you want to limit access to the LAN only. The static route will not be reported in RIP. • Active. Select this check box to make this route effective. • Destination IP Address, and IP Subnet Mask. If the destination is a single host, type a subnet value of 255.255.255.255. • Gateway IP Address.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 1. Select UPnP on the main menu to display the UPnP screen: Figure 5-7 2. Fill in the settings on the UPnP screen: • Turn UPnP On. UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is enabled. If disabled, the modem router will not allow any device to automatically control the resources, such as port forwarding (mapping), of the modem router. • Advertisement Period.
Chapter 6 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ADSL2+ Modem Wireless Router. VPN communications paths are called tunnels. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer. See “Virtual Private Networking (VPN)” in Appendix C to learn more about VPN.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Client-to-Gateway VPN Tunnels Client-to-gateway VPN tunnels provide secure access from a remote PC, such as a telecommuter connecting to an office network. Figure 6-1 A VPN client access allows a remote PC to connect to your network from any location on the Internet. In this case, the remote PC is one tunnel endpoint, running the VPN client software. The modem router on your network is the other tunnel endpoint.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Planning a VPN When you set up a VPN, it is helpful to plan the network configuration and record the configuration parameters on a worksheet: Table 6-1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • • Will either endpoint use fully qualified domain names (FQDNs)? FQDNs supplied by Dynamic DNS providers (see “Using a Fully Qualified Domain Name (FQDN)” on page B-7) can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel request. Otherwise, the side using a dynamic IP address must always be the initiator.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Use the VPN Wizard to configure a VPN tunnel (recommended for most situations): – See “Setting Up a Client-to-Gateway VPN Configuration” on page 6-5. – See “Setting Up a Gateway-to-Gateway VPN Configuration” on page 6-18.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 6-3 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the DG834G v5 Note: This section uses the VPN Wizard to set up the VPN tunnel using the VPNC default parameters listed in Table 6-2 on page 6-4. If you have special requirements not covered by these VPNC-recommended parameters, refer to “Setting Up VPN Tunnels in Special Circumstances” on page 6-32 to set up the VPN tunnel.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 6-3. VPN Tunnel Configuration Worksheet (continued) Local IPSec ID LAN IP Address Subnet Mask FQDN or Gateway IP (WAN IP Address) Client toDG834 — — Dynamic DG834G v5 toClient 192.168.3.1 255.255.255.0 22.23.24.25 VPN Endpoint To configure a client-to-gateway VPN tunnel using the VPN Wizard, follow this procedure: 1. Log in to the modem router at its LAN address of http://192.168.0.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Tip: The connection name is arbitrary and not relevant to how the configuration functions. The Summary screen displays: Figure 6-6 To view the VPNC-recommended authentication and encryption settings used by the VPN Wizard, click the here link. You can click Back to return to the Summary screen. 6-8 Virtual Private Networking v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure 6-7 3. Click Done on the Summary screen to complete the configuration procedure. The VPN Policies screen displays, showing that the new tunnel is enabled: Figure 6-8 To view or modify the tunnel settings, select the radio button next to the tunnel entry and click Edit. Note: See “Using Auto Policy to Configure VPN Tunnels” on page 6-32 to enable the IKE keepalive capability on an existing VPN tunnel. Virtual Private Networking 6-9 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC This procedure describes how to configure the NETGEAR ProSafe VPN Client. These instructions assume that the PC running the client has a dynamically assigned IP address. The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go to the NETGEAR website (http://www.netgear.com) for information about how to purchase the NETGEAR ProSafe VPN Client.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual b. From the Edit menu of the Security Policy Editor, click Add, and then click Connection. Figure 6-9 A New Connection listing appears in the list of policies. Rename the New Connection so that it matches the Connection Name field in the VPN Settings screen of the DG834G v5 on LAN A.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual e. Select IP Address in the ID Type drop-down list. f. Enter the public WAN IP Address of the DG834G v5 in the field directly below the ID Type drop-down list. In this example, 22.23.24.25 is used. The resulting connection settings are shown in Figure 6-10. 3. Configure the security policy in the NETGEAR ProSafe VPN Client software: a. In the Network Security Policy list, expand the new connection by double-clicking its name or clicking the + symbol.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. In the Network Security Policy list on the left side of the Security Policy Editor window, click My Identity. Figure 6-11 b. In the Select Certificate drop-down list, select None. c. Select IP Address in the ID Type drop-down list. If you are using a virtual fixed IP address, enter this address in the Internal Network IP Address field. Otherwise, leave this field empty. d.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual f. Click Enter Key. Enter the DG834G v5 pre-shared key, and then click OK. In this example, 12345678 is entered. This field is case-sensitive. 5. Configure the VPN Client Authentication Proposal. In this step, you provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the DG834G v5 configuration. a.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual In this step, you provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the DG834G v5 configuration. a. Expand the Key Exchange subheading by double-clicking its name or clicking the + symbol. Then select Proposal 1 below Key Exchange. Figure 6-14 b. In the SA Life drop-down list, select Unspecified. c. In the Compression drop-down list, select None. d.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 8. Check the VPN connection. To check the VPN Connection, you can initiate a request from the remote PC to the DG834G v5 modem router’s network by using the Connect option in the NETGEAR ProSafe menu bar. The NETGEAR ProSafe client reports the results of the attempt to connect. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. To perform a ping test using our example, start from the remote PC: a.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual To launch this function, click the Windows Start button, then select Programs > NETGEAR ProSafe VPN Client > Log Viewer. The Log Viewer screen for a successful connection is shown in the following figure: Figure 6-17 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is due to the VPN tunnel or some reason outside the VPN tunnel. 9.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual While the connection is being established, the Connection Name field in this screen displays SA before the name of the connection. When the connection is successful, the SA changes to the yellow key symbol shown in the previous figure. Note: While your PC is connected to a remote LAN through a VPN, you might not have normal Internet access. If this is the case, you must close the VPN connection to have normal Internet access.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Set the LAN IPs on each DG834G v5 to different subnets and configure each properly for the Internet. The examples below assume the following settings: Table 6-4.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 1. Log in to the DG834G v5 on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of password. Select VPN Wizard on the main menu. The VPN Wizard screen displays: Figure 6-20 2. Click Next to proceed, and the Step 1 of 3 screen displays: Enter the new connection name: (for example, GtoG). Enter the pre-shared key: (for example, 12345678). Select the radio button: A remote VPN Gateway.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 3. Fill in the connection name and pre-shared key fields. Select the radio button for the type of target end point, and then click Next to proceed. The Step 2 of 3 screen displays: Enter the WAN IP address of the remote VPN gateway: (for example, 22.23.24.25) Figure 6-22 4. Fill in the IP address or FQDN for the target VPN endpoint WAN connection, and then click Next.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual The VPN Wizard Summary screen displays: Figure 6-24 To view the VPNC-recommended authentication and encryption settings used by the VPN Wizard, click the here link (see Figure 6-24). You can click Back to return to the Summary screen. Figure 6-25 6-22 Virtual Private Networking v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 6. Click Done on the Summary screen (see Figure 6-24) to complete the configuration procedure. The VPN Policies screen displays, showing that the new tunnel is enabled. Figure 6-26 Note: See “Using Auto Policy to Configure VPN Tunnels” on page 6-32 for information about how to enable the IKE keepalive capability on an existing VPN tunnel. 7.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. On the DG834G v5 main menu, select VPN Status. The VPN Status/Log screen displays: Figure 6-27 b. Click the VPN Status button to get the Current VPN Tunnels (SAs) screen: Figure 6-28 c. Click Connect for the VPN tunnel you want to activate. View the VPN Status/Log screen (Figure 6-29) to verify that the tunnel is connected. 6-24 Virtual Private Networking v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual VPN Tunnel Control Activating a VPN Tunnel There are three ways to activate a VPN tunnel: • Use the VPN Status screen. • Activate the VPN tunnel by pinging the remote endpoint. • Start using the VPN tunnel. Note: See “Using Auto Policy to Configure VPN Tunnels” on page 6-32 for information about how to enable the IKE keepalive capability on an existing VPN tunnel.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 3. Click VPN Status to get the Current VPN Tunnels (SAs) screen: Figure 6-30 4. Click Connect for the VPN tunnel that you want to activate. Activating the VPN Tunnel by Pinging the Remote Endpoint Note: This section uses 192.168.3.1 for an example remote endpoint LAN IP address. To activate the VPN tunnel by pinging the remote endpoint (for example, 192.168.3.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual c. Type ping -t 192.168.3.1, and then click OK. Running a ping test to the LAN from the PC Figure 6-31 This causes a continuous ping to be sent to the first DG834G v5. Within two minutes, the ping response should change from timed out to reply. Note: You can use Ctrl-C to stop the pinging. Figure 6-32 Once the connection is established, you can open a browser on the PC and enter the LAN IP address of the remote DG834G v5.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual b. Type ping 192.168.3.1. Figure 6-33 Note: The pings may fail the first time. If so, then try the pings a second time. Start Using a VPN Tunnel to Activate It To use a VPN tunnel, use a Web browser to go to a URL whose IP address or range is covered by the policy for that VPN tunnel. Verifying the Status of a VPN Tunnel To use the VPN Status screen to determine the status of a VPN tunnel: 1. Log in to the modem router. 2.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual This log shows the details of recent VPN activity, including the building of the VPN tunnel. If there is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the problem. • Click Refresh to see the most recent entries. • Click Clear Log to delete all log entries. 3. On the VPN Status/Log screen, click VPN Status to display the Current VPN Tunnels (SAs) screen.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Deactivating a VPN Tunnel Sometimes a VPN tunnel must be deactivated for testing purposes. You can deactivate a VPN tunnel from two places: • Policy table on VPN Policies screen • VPN Status screen Using the Policy Table on the VPN Policies Screen to Deactivate a VPN Tunnel To use the VPN Policies screen to deactivate a VPN tunnel: 1. Log in to the modem router. 2. On the main menu, select VPN Policies to display the VPN Policies screen. Figure 6-36 3.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. On the main menu, select VPN Policies to display the VPN Policies screen. Figure 6-37 3. Click VPN Status. The Current VPN Tunnels (SAs) screen displays: Figure 6-38 4. Click Drop for the VPN tunnel that you want to deactivate. Deleting a VPN Tunnel To delete a VPN tunnel: 1. Log in to the modem router. Virtual Private Networking 6-31 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. On the main menu, select VPN Policies to display the VPN Policies screen. In the Policy Table, select the radio button for the VPN tunnel to be deleted, and then click Delete. Figure 6-39 Setting Up VPN Tunnels in Special Circumstances When the VPN Wizard and its VPNC defaults (see Table 6-2) are not appropriate for your circumstances, use one of these alternatives: • Auto Policy.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Configuring VPN Network Connection Parameters All VPN tunnels on the modem router requires that you configure several network parameters. This section describes those parameters and how to access them. The most common configuration scenarios will use IKE to manage the authentication and encryption keys. The IKE protocol performs negotiations between the two VPN endpoints to automatically generate and update the required encryption parameters.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 6-5. VPN-Auto Policy Screen Settings Fields and Settings Description General Policy Name Enter a unique name to identify this policy. This name is not supplied to the remote VPN endpoint. It is used only to help you manage the policies. Remote VPN Endpoint • The remote VPN endpoint must have this VPN gateway's address entered as its remote VPN endpoint. • If the remote endpoint has a dynamic IP address, select Dynamic IP address.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 6-5. VPN-Auto Policy Screen Settings (continued) Fields and Settings Description IP Address Remote LAN The remote VPN endpoint must have these IP addresses Single/Start IP entered as its Address Local addresses. Single PC - no Subnet. Select this option if there is no LAN (only a single PC) at the remote endpoint. If this option is selected, no additional data is required. The typical application is a PC running the VPN client at the remote end.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 6-5. VPN-Auto Policy Screen Settings (continued) Fields and Settings Description Parameters Encryption Algorithm The encryption algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN Gateway. DES and 3DES are supported. • DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56-bit key. Faster but less secure than 3DES. • 3DES.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Example of Using Auto Policy Figure 6-41 To use Auto Policy: 1. Set the LAN IPs on each DG834G v5 modem router to different subnets and configure each properly for the Internet. The following settings are assumed for this example: Table 6-6.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. On the main menu, select VPN Policies to display the VPN Policies screen: Figure 6-42 6-38 Virtual Private Networking v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 3. Click Add Auto Policy. The VPN Auto Policy screen displays: Figure 6-43 Virtual Private Networking 6-39 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 4. Enter these policy settings: Auto Policy Field Setting General Policy Name GtoG Remote VPN Endpoint Address Type Fixed Remote VPN Endpoint Address Data 22.23.24.25 Local LAN Remote LAN IKE Parameters Use the default settings. IP Address Select Subnet address from the drop-down list. Start IP Address 192.168.3.1 Subnet Mask 255.255.255.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 6. Repeat these steps for the DG834G v5 on LAN B. Pay special attention to the following network settings: • General, Remote Address Data (for example, 14.15.16.17) • Remote LAN, Start IP Address – IP Address (for example, 192.168.0.1) – Subnet Mask (for example, 255.255.255.0) – Pre-shared Key (for example, 12345678) 7. Use the VPN Status screen to activate the VPN tunnel: Note: The VPN Status screen is only one of three ways to active a VPN tunnel.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Using Manual Policy to Configure VPN Tunnels As an alternative to IKE, you may use manual keying, in which you must specify each phase of the connection. A manual VPN policy requires all settings for the VPN tunnel to be manually input at each end (both VPN endpoints). On the main menu, select VPN Policies, and then click the Add Manual Policy radio button to display the VPN - Manual Policy screen: Figure 6-46 6-42 Virtual Private Networking v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual The following table explains the fields in the VPN Manual Policy screen. Table 6-7. VPN Manual Policy Fields and Settings Fields and Settings Description General The DG834G v5 VPN tunnel network connection fields. Policy Name Enter a unique name to identify this policy. This name is not supplied to the remote VPN endpoint. It is used only to help you manage the policies.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Table 6-7. VPN Manual Policy Fields and Settings (continued) Fields and Settings Remote LAN The remote VPN endpoint must have these IP addresses entered as its Local addresses. ESP Configuration ESP (Encapsulating Security Payload) provides security for the payload (data) sent through the VPN tunnel. Authentication Description IP Address Single PC - no Subnet. Select this option if there is no LAN (only a single PC) at the remote endpoint.
Chapter 7 Troubleshooting This chapter gives information about troubleshooting your ADSL2+ Modem Wireless Router. After each problem description, instructions are provided to help you diagnose and solve the problem. For the common problems listed, go to the section indicated. • Is the router on? • Have I connected the router correctly? Go to “Basic Functioning” on page 7-1. • I can’t access the router’s configuration with my browser.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual If any of these conditions does not occur, refer to the appropriate following section. Power LED Is Not On If the Power and other LEDs are off when your router is turned on: • Make sure that the power cord is properly connected to your router and that the power supply adapter is properly connected to a functioning power outlet. • Check that you are using the 12V DC power adapter supplied by NETGEAR for this product.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Make sure your computer’s IP address is on the same subnet as the router. If you are using the recommended addressing scheme, your computer’s address should be in the range of 192.168.0.2 to 192.168.0.254. See the online document listed in “Preparing a Computer for Network Access” in Appendix C to find your computer’s IP address. Note: If your computer’s IP address is shown as 169.254.x.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual ADSL Link If your router is unable to access the Internet, you should first determine whether you have an ADSL link with the service provider. The state of this connection is indicated with the DSL LED. DSL LED Is Solid Green If your DSL LED is solid green then you have a good ADSL connection. You can be confident that the service provider has connected your line correctly and that your wiring is correct.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Obtaining a WAN IP Address If your modem router is unable to access the Internet, and your Internet LED is green or blinking green, determine whether the modem router is able to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your modem router must request an IP address from the ISP. You can determine whether the request was successful using the browser interface.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Troubleshooting PPPoE or PPPoA The PPPoA or PPPoA connection can be debugged as follows: 1. Access the main menu of the router at http://192.168.0.1. 2. Under the Maintenance heading, select Router Status. 3. Click Connection Status. 4. If all of the steps indicate OK, then your PPPoE or PPPoA connection is up and working. 5. If any of the steps indicates Failed, you can attempt to reconnect by clicking Connect.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Troubleshooting a TCP/IP Network Using the Ping Utility Most TCP/IP terminal devices and routers contain a ping utility that sends an echo request packet to the designated device. The device then responds with an echo reply. Troubleshooting a TCP/IP network is made very easy by using the ping utility in your computer. Testing the LAN Path to Your Router You can ping the router from your PC to verify that the LAN path to your router is set up correctly.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Testing the Path from Your Computer to a Remote Device After verifying that the LAN path works correctly, test the path from your PC to a remote device. 1. From the Windows toolbar, click the Start button, and select Run. 2. In the Windows Run window, type: PING -n 10 IP address where IP address is the IP address of a remote device such as your ISP’s DNS server. If the path is functioning correctly, replies as in the previous section are displayed.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual • Press both the Wireless button and WPS button on the side of the modem router for 5 seconds. Use this method for cases when the administration password or IP address is not known. Note: Pressing the reset button on the modem router reboots the unit but does not restore the factory default settings. Problems with Date and Time The E-mail screen in the Content Filtering section displays the current date and time of day.
Appendix A Technical Specifications This appendix provides technical specifications for the 54 Mbps Wireless ADSL2+ Modem Router DG834Gv5.
Appendix B NETGEAR VPN Configuration DG834G v5 to FVL328 This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DG834G v5 to a FVL328. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html). Configuration Profile The configuration in this document follows the addressing and configuration mechanics defined by the VPN Consortium.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure B-1 Note: Product updates are available on the NETGEAR website at http://www.netgear.com. Step-By-Step Configuration 1. Configure the DG834G v5 as in the gateway-to-gateway procedures using the VPN Wizard (see “Setting Up a Gateway-to-Gateway VPN Configuration” on page 6-18), being certain to use appropriate network addresses for the environment.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Click VPN Policies under the Advanced - VPN heading to display this screen. toFVL328 10.5.6.1 172.23.9.1 toFVL328 22.23.24.25 10 5 6 172 23 9 Figure B-2 NETGEAR VPN Configuration B-3 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. Configure the FVL328 as in the gateway-to-gateway procedures for the VPN Wizard (see “Setting Up a Gateway-to-Gateway VPN Configuration” on page 6-18), being certain to use appropriate network addresses for the environment. a. Enter toDG834 for the connection name b. Enter 14.15.16.17 for the remote WAN’s IP address c. Enter the following: • IP Address: 10.5.6.1 • Subnet Mask: 255.255.255.0 toDG834 toDG834 22.23.24.25 14.15.16.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual toDG834 172.23.9.1 10.5.6.1 toDG834 toDG834 14.15.16.17 Click VPN Policies under the VPN heading to display this screen. 172 23 10 9 5 1 6 Figure B-4 3. Test the VPN tunnel by pinging the remote network from a PC attached to the DG834G v5. a. Open the command prompt (Start > Run > cmd) b. Type ping 172.23.9.1 Figure B-5 Note: The pings might fail the first time. If this happens, try the pings a second time.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual DG834G v5 with FQDN to FVL328 This section is a case study on how to configure a VPN tunnel from a NETGEAR DG834G v5 to a FVL328 using a fully qualified domain name (FQDN) to resolve the public address of one or both routers. This case study follows the VPN Consortium interoperability profile guidelines (found at http://www.vpnc.org/InteropProfiles/Interop-01.html).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Note: Product updates are available on the NETGEAR website at http://www.netgear.com. Using a Fully Qualified Domain Name (FQDN) Many ISPs (Internet Service Providers) provide connectivity to their customers using dynamic instead of static IP addressing. This means that a user’s IP address does not remain constant over time, which presents a challenge for gateways attempting to establish VPN connectivity.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. Under the Advanced Heading, select Dyanmic DNS to display the Dynamic DNS Setup screen: Figure B-7 b. Configure this screen with appropriate account and hostname settings and then click Apply. • Select the Use a Dynamic DNS Service check box. • In the Host Name field type dg834g.dyndns.org. • In the User Name field enter the account user name. • In the Password field enter the account password. c. Click Show Status.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. From the main menu, select Dynamic DNS to display the Dynamic DNS Setup screen: Figure B-9 b. Select the DynDNS.org radio button. The Dynamic DNS screen displays: Figure B-10 c. Configure the appropriate account and host name settings, and then click Apply. • In the Host and Domain Name field enter fvl328.dyndns.org. • In the User Name field enter the account user name. • In the Password field enter the account password.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual d. Click Show Status. The resulting screen should show Update OK: good: Figure B-11 4. Configure the DG834G v5 as in the gateway-to-gateway procedures using the VPN Wizard (see “Setting Up a Gateway-to-Gateway VPN Configuration” on page 6-18), being certain to use appropriate network addresses for the environment. The LAN addresses used in this example are as follows:1 Device LAN IP Address LAN Subnet Mask DG834G v5 10.5.6.1 255.255.255.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 6. Test the VPN tunnel by pinging the remote network from a PC attached to the DG834G v5. a. Open the command prompt (Start -> Run -> cmd) b. Type ping 172.23.9.1 Figure B-12 Note: The pings might fail the first time. If this happens, try the pings a second time. Configuration Summary (Telecommuter Example) The configuration in this section follows the addressing and configuration mechanics defined by the VPN Consortium.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure B-13 Setting Up the Client-to-Gateway VPN Configuration (Telecommuter Example) Setting up a VPN between a remote PC running the NETGEAR ProSafe VPN Client and a network gateway involves two steps: • Step 1: Configuring the Client-to-Gateway VPN Tunnel on the VPN Router at the Employer’s Main Office.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual fromDG834G (in the example) Dynamic IP address IKE Keep Alive is optional; must match Remote LAN IP Address when enabled (remote PC must respond to pings) Subnet address 192.168.0.1 (in this example) 255.255.255.0 Single address 192.168.2.3 (in this example) (Remote NAT router must have Address Reservation set and VPN Passthrough enabled) Main Mode Fully Qualified Domain Name fromDG834G.com (in this example) Fully Qualified Domain Name toDG834G.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. Click Apply when you are finished to display the VPN Policies screen. Figure B-15 To view or modify the tunnel settings, select the radio button next to the tunnel entry, and then click Edit. Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC at the Telecommuter’s Home Office This procedure describes how to configure the ADSL2+ Modem Wireless Router.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual c. Install the IPSec component. You might have the option to install either the VPN adapter or the IPSec component or both. The VPN adapter is not necessary. d. The system should show the ProSafe icon ( ) in the system tray after rebooting. e. Double-click the system tray icon to open the Security Policy Editor. 2. Add a new connection. a. Run the NETGEAR ProSafe Security Policy Editor program, and create a VPN Connection. b.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual Figure B-17 c. Select Secure in the Connection Security check-box group. d. Select IP Subnet in the ID Type drop-down list. e. In this example, type 192.168.0.1 in the Subnet field as the network address of the DG834G v5. f. Enter 255.255.255.0 in the Mask field as the LAN Subnet Mask of the DG834G v5. g. Select All in the Protocol drop-down list to allow all traffic through the VPN tunnel. h. Select the Connect using Secure Gateway Tunnel check box. i.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual b. Click Security Policy to show the Security Policy menu. Figure B-18 c. Select the Main Mode radio button in the Select Phase 1 Negotiation Mode group. 4. Configure the VPN client identity. In this step, you provide information about the remote VPN client PC. You must provide the pre-shared key that you configured in the DG834G v5 and either a fixed IP address or a fixed virtual IP address of the VPN client PC. NETGEAR VPN Configuration B-17 v1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. In the Network Security Policy list on the left side of the Security Policy Editor window, click My Identity. Figure B-19 b. Select None in the Select Certificate drop-down list. c. Select Domain Name in the ID Type drop down list, and then enter toDG834G.com (in this example). Select Disabled in the Virtual Adapter drop-down list. d.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 5. Configure the VPN Client Authentication Proposal. In this step, you will provide the type of encryption (DES or 3DES) to be used for this connection. This selection must match your selection in the VPN router configuration. a. In the Network Security Policy list on the left side of the Security Policy Editor window, expand the Security Policy heading by double-clicking its name or clicking the + symbol. b.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual a. Expand the Key Exchange subheading by double clicking its name or clicking the + symbol. Then select Proposal 1 below Key Exchange. Figure B-22 b. In the SA Life drop-down list, select Unspecified. c. In the Compression drop-down list, select None. d. Select the Encapsulation Protocol (ESP) check box. e. In the Encrypt Alg drop-down list, select the type of encryption. In this example, use Triple DES. f. In the Hash Alg drop-down list, select SHA-1.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 8. Check the VPN connection. To check the VPN Connection, you can initiate a request from the remote PC to the VPN router’s network by using the Connect option in the modem router menu (see Figure B-23). Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. a. Right-click the system tray icon to open the popup menu. b. Select Connect to open the My Connections list. c. Select toDG834G.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual This causes a continuous ping to be sent to the VPN router. Within two minutes, the ping response should change from timed out to reply. Figure B-25 Once the connection is established, you can open the browser on the PC and enter the LAN IP address of the VPN router. After a short wait, you should see the login screen of the VPN router (unless another PC already has the VPN router management interface open).
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 2. The Connection Monitor screen displays: Figure B-26 While the connection is being established, the Connection Name listed in this screen shows SA before the name of the connection. When the connection is successful, the SA changes to the yellow key symbol. Note: While your PC is connected to a remote LAN through a VPN, you might not have normal Internet access.
Wireless ADSL2+ Modem Router DG834Gv5 User Manual 1. On the modem router main menu, select Router Status, and then click the VPN Status button. The VPN Status/Log screen for a connection is shown below: Figure B-27 2. To view the VPN tunnels status, click VPN Status. Figure B-28 B-24 NETGEAR VPN Configuration v1.
Appendix C Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link Internet Networking and TCP/IP Addressing http://documentation.netgear.com/reference/enu/tcpip/index.htm Wireless Communications http://documentation.netgear.com/reference/enu/wireless/index.htm Preparing a Computer for Network Access http://documentation.netgear.com/reference/enu/wsdhcp/index.
