Allowing VPN Access into network with Netgear FVS318

My goal is allow VPN access into our network with a Netgear FVS318 using the simple Windows XP Pro SP2 VPN client that comes with the O/S (I do not want to use special VPN clients for the simplicity sake. The users are employees that have DSL/cable connections from their homes and I asssume that there are no firewall clients. All that I want to do is to give the users VPN access to our server to access network folders to work/create/save work documents from home.

For starters: here is the sample IP address information that is relevant for configuration (this is fake numbers):
WAN IP info:
- IP Address: 209.340.562.196
- Submet Mask:
- Default Gateway: 209.340.562.1

LAN (Internal) IP info of our server:
- IP Address:
- Subnet Mask:
- Default Gateway:

On the Netgear Router, I have created services for port 1723 (VPN), port 47 (GRE), port 500 (IKE) and port 1701 (L2TP). Whether I need these ports open on the firewall I do not know. These ports all resolve to the LAN IP address of our server. So what I need to know is what put in for the VPN Settings for this connection. The input fields are:
- Connection Name: (this I can name anything...right?)
- Local IPSec Identifier:
- Remote IPSec Identifier:
- Tunnel can be accessed from:
- Tunnel can access:
- Remote WAN IP or FQDN:

The Secure Association is in Main Mode. Perfect Forward Security is disabled (should it be enabled)? There is a PreShared Key. The encryption protocol is DES. The Key Life and IKE Life Time is at their defaults.

I would like help in properly configuring this firewall so all I need to do is to show the users how to setup a VPN Connection with the XP Pro VPN Client. I am sure that there is a way this can be done without the Netgear clients, I am stuck on what I need to do.

Who is Participating?
Rob WilliamsConnect With a Mentor Commented:
Sounds like you are wanting to set up the client to connect directly to the Netgear unit. To do this you need to use an IPSec client. The standard windows VPN client uses PPTP an cannot be configured to connect directly to the Netgear. It is possible to set up a Windows client using IPSec, but it is quite a challenge and there is little documentation available. The simplest options are:
1) to create a PPTP tunnel between a standard Windows client and a Windows VPN server behind the Netgear. These are the links the others have provided, or you can find these links for different O/S at:
In doing so you need only to set up a rule for port 1723, allowing port forwarding to the VPN server. You also need GRE protocol 47 (not port 47) but that is set up by default on the Netgear if you use the built in PPTP/1723 service. None of the other ports are required, because you are not using L2TP or IKE.  Port forward instructions:
2) you can set up an IPSec tunnel directly to the Netgear. Because you are connecting to the router rather than a server behind the router there is no port forwarding to configure. You need to run the VPN configuration wizard and then manually configure the IKE and VPN policies on the router, and on the client install the Netgear ProSafe VPN client. You need to buy the client software, but it is more efficient and more secure. Some details can be found at:,14,27&
Rick HobbsRETIREDCommented:
Rick HobbsRETIREDCommented:
Just in case, here is the Client Config:
The new generation of project management tools

With’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

Here is a decent link from Microsoft

I only had to do the port forwarding on 1723 to get it to work.
Rick HobbsRETIREDCommented:
It is my understanding that you will have to let the VPN be created between the XP clients and a Windows 2000 server or Windows 2003 server.   You won't be able to get the XP client to create a VPN with the Netgear.  The only other option would involve the Netgear client (that runs around %50), and you said you don't want to use a client other than the built in VPN client.
Rob WilliamsCommented:
Thanks Mgrodecki,
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.