Allowing VPN Access into network with Netgear FVS318
Posted on 2006-07-11
My goal is allow VPN access into our network with a Netgear FVS318 using the simple Windows XP Pro SP2 VPN client that comes with the O/S (I do not want to use special VPN clients for the simplicity sake. The users are employees that have DSL/cable connections from their homes and I asssume that there are no firewall clients. All that I want to do is to give the users VPN access to our server to access network folders to work/create/save work documents from home.
For starters: here is the sample IP address information that is relevant for configuration (this is fake numbers):
WAN IP info:
- IP Address: 209.340.562.196
- Submet Mask: 255.255.25.248
- Default Gateway: 209.340.562.1
LAN (Internal) IP info of our server:
- IP Address: 192.168.10.2
- Subnet Mask: 255.255.255.0
- Default Gateway: 192.168.10.1
On the Netgear Router, I have created services for port 1723 (VPN), port 47 (GRE), port 500 (IKE) and port 1701 (L2TP). Whether I need these ports open on the firewall I do not know. These ports all resolve to the LAN IP address of our server. So what I need to know is what put in for the VPN Settings for this connection. The input fields are:
- Connection Name: (this I can name anything...right?)
- Local IPSec Identifier:
- Remote IPSec Identifier:
- Tunnel can be accessed from:
- Tunnel can access:
- Remote WAN IP or FQDN:
The Secure Association is in Main Mode. Perfect Forward Security is disabled (should it be enabled)? There is a PreShared Key. The encryption protocol is DES. The Key Life and IKE Life Time is at their defaults.
I would like help in properly configuring this firewall so all I need to do is to show the users how to setup a VPN Connection with the XP Pro VPN Client. I am sure that there is a way this can be done without the Netgear clients, I am stuck on what I need to do.