User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
C-2 NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
202-10015-01
Figure C-1: Addressing and Subnets Used for Examples
The Use of a Fully Qualified Domain Name (FQDN)
Many ISPs provide connectivity to their customers using dynamic instead of static IP addressing.
This means that a user’s IP address does not remain constant over time which presents a challenge
for gateways attempting to establish VPN connectivity.
A Dynamic DNS (DDNS) service allows a user whose public IP address is dynamically assigned
to be located by a host name or domain name. It provides a central public database where
information (such as email addresses, host names and IP addresses) can be stored and retrieved.
Now, a gateway can be configured to use a 3
rd
party service in lieu of a permanent and unchanging
IP address to establish bi-directional VPN connectivity.
To use DDNS, you must register with a DDNS service provider. Example DDNS Service
Providers include:
Note: This configuration case study is based on the FVS318 using FQDN. FQDN is the
best option when the Internet connection for the FVS318 uses a dynamic IP
configuration rather than a static IP configuration. However, the steps below can be used
when the FVS318 has a static IP configuration as well.
Gateway
0.0.0.0
FVSrouter.dydns.org
FQDN
192.168.0.1
WAN IP
WAN IP
LAN IP
Network Addresses
Client
PC with Netgear
ProSafe VPN client
FVS318