beautypg.com

Vpn quickstart guide, Ipsec lan to lan with pre-shared keys – D-Link DFL-2500 User Manual

Page 231

background image

9.2. VPN Quickstart Guide

Later sections in this chapter will explore VPN components in detail. To help put those later
sections in context, this section is a quickstart summary of the key steps in VPN setup.

It outlines the individual steps in setting up VPNs for the most common VPN scenarios. These are:

IPsec LAN to LAN with Pre-shared Keys

IPsec Roaming Clients with Pre-shared Keys

IPsec Roaming Clients with Certificates

L2TP Roaming Clients with Pre-Shared Keys

L2TP Roaming Clients with Certificates

PPTP Roaming Clients

9.2.1. IPsec LAN to LAN with Pre-shared Keys

1.

Create a Pre-shared Key object.

2.

Optionally create a new IKE Proposal List object and/or an IPsec Proposal List object if the
default list settings are not satisfactory. This will depend on the capabilities of the device at the
other side of the tunnel.

3.

In Hosts & Networks create IP objects for:

The remote VPN gateway which is the IP address of the network device at the other end of
the tunnel (let's call this object remote_gw).

The remote network which lies behind the remote VPN gateway (let's call this object
remote_net).

The local network behind the D-Link Firewall which will communicate across the tunnel.
Here we will assume that this is the pre-defined address lannet and this network is attached
to the NetDefendOS lan interface.

4.

Create an IPsec Tunnel object (let's call this object ipsec_tunnel). Specify the following tunnel
parameters:

Set Local Network to lannet.

Set Remote Network to remote_net.

Set Remote Gateway to remote_gw.

Set Encapsulation mode to Tunnel.

Choose the IKE and IPsec proposal lists to be used.

For Authentication select the Pre-shared Key object defined in step (1) above.

The IPsec Tunnel object can be treated exactly like any NetDefendOS Interface object in later
steps.

5.

Set up two IP rules in the IP rule set for the tunnel:

An Allow rule for outbound traffic that has the previously defined ipsec_tunnel object as

9.2. VPN Quickstart Guide

Chapter 9. VPN

231