ekurelowech
asked on
I have a DLINK DSR-250n, Need to setup Software VPN to it.
Does anyone have any detailed instructions on how to setup an IPSEC VPN on a DLink DSR-250n Router to ShrewSoft VPN Client (the only one that is free and runs on Windows 7)
I'm having problems translating settings from one to another.
The DLink DSR models are supposed to be all the same.
ShrewSoft VPN Settings (These are not my settings, This is just showing settings screen)
DLink DSR-250n router vpn settings (I want to know where these settings correspond to settings of the ShrewSoft VPN, and if any of these settings need changed)
DLink DSR-250n VPN Dropdown boxes choices:
Policy Type: Auto Policy / Manual Policy
IPSec Mode: Tunnel Mode / Transport Mode
Select Local Gateway: Dedicated WAN
Remote Endpoint: FQDN / IP Address
Protocol: AH / ESP
Local IP: Any / Single / Range / Subnet
Remote IP: Any / Single / Range / Subnet
Exchange Mode: Main / Aggressive
Direction/Type: Initiator / Responder / BothSelect Local Gateway:
Select Local Gateway:
Local Identifier Type: Local WAN IP / FQDN / User FQDN / DER ASN1 DN
Remote Identifier Type: Remote WAN IP / FQDN / User FQDN / DER ASN1 DN
Authentication Method: Pre-shared Key / RSA Signature
Diffie-Hellman (DH) Group: Group1(768bit) / Group2(1024bit) / Group5(1536) / DH_Group14 (2048bit) / DH_Group15(3072bit) / DH_Group16(4096bit) / DH_Group17(6144bit) / DH_Group18(8192bit)
PFS Key Group: Group1(768bit) / Group2(1024bit) / Group5(1536) / DH_Group14 (2048bit) / DH_Group15(3072bit) / DH_Group16(4096bit) / DH_Group17(6144bit) / DH_Group18(8192bit)
I'm having problems translating settings from one to another.
The DLink DSR models are supposed to be all the same.
ShrewSoft VPN Settings (These are not my settings, This is just showing settings screen)
DLink DSR-250n router vpn settings (I want to know where these settings correspond to settings of the ShrewSoft VPN, and if any of these settings need changed)
DLink DSR-250n VPN Dropdown boxes choices:
Policy Type: Auto Policy / Manual Policy
IPSec Mode: Tunnel Mode / Transport Mode
Select Local Gateway: Dedicated WAN
Remote Endpoint: FQDN / IP Address
Protocol: AH / ESP
Local IP: Any / Single / Range / Subnet
Remote IP: Any / Single / Range / Subnet
Exchange Mode: Main / Aggressive
Direction/Type: Initiator / Responder / BothSelect Local Gateway:
Select Local Gateway:
Local Identifier Type: Local WAN IP / FQDN / User FQDN / DER ASN1 DN
Remote Identifier Type: Remote WAN IP / FQDN / User FQDN / DER ASN1 DN
Authentication Method: Pre-shared Key / RSA Signature
Diffie-Hellman (DH) Group: Group1(768bit) / Group2(1024bit) / Group5(1536) / DH_Group14 (2048bit) / DH_Group15(3072bit) / DH_Group16(4096bit) / DH_Group17(6144bit) / DH_Group18(8192bit)
PFS Key Group: Group1(768bit) / Group2(1024bit) / Group5(1536) / DH_Group14 (2048bit) / DH_Group15(3072bit) / DH_Group16(4096bit) / DH_Group17(6144bit) / DH_Group18(8192bit)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
IPSec always uses 500/udp for first contact. It may switch to 4500/udp (NAT-T) if negotiated, or 10000/tcp for Cisco NAT-T. There are also some other proprietary ports, but in general, you only need to care about 500 and 4500.
ASKER
you were right on, the main problem was, I didn't reverse the FQDN's.
But I can't seem to get any DHCP working, The VPN works great if I configure the IP.
You have any ideas how to enable that to come from the router.
My router doesn't DHCP, my server does. Is this why it's not working.
On Dlink router Under GENERAL / Enable DHCP: I enable, but don't know where the DHCP is coming from.
On Shrewsoft Under GENERAL, I have AUTO CONFIGURATION: I tried all different settings.
All I get is DHCP timed out.
But I can't seem to get any DHCP working, The VPN works great if I configure the IP.
You have any ideas how to enable that to come from the router.
My router doesn't DHCP, my server does. Is this why it's not working.
On Dlink router Under GENERAL / Enable DHCP: I enable, but don't know where the DHCP is coming from.
On Shrewsoft Under GENERAL, I have AUTO CONFIGURATION: I tried all different settings.
All I get is DHCP timed out.
The D-Link has to act as the DHCP server for this to work, or run a DHCP Relay Agent service. I really can't help much on implementing a dynamic IP method here, as it is highly depending on the device used whether it works at all, and how it needs to be configured.
Enabling DHCP Relay should be easy, if I read the manuals correctly. In DHCP settings on the D-Link you should be able to add a DHCP Relay; just enter the DHCP Server's IP here.
You will then need to enable Mode Config in the VPN settings (first screenshot). If you are lucky, that's all to make it work.
Enabling DHCP Relay should be easy, if I read the manuals correctly. In DHCP settings on the D-Link you should be able to add a DHCP Relay; just enter the DHCP Server's IP here.
You will then need to enable Mode Config in the VPN settings (first screenshot). If you are lucky, that's all to make it work.
ASKER
I'll try it tomorrow,
On the 1st page of the shrewsoft,it has a port setting, is that the port that all vpn's use.
Or is there different ports used on different manufacturers, I don't see anything on the Dlink DSR-250n configuration.