Support User Manuals

NETGEAR D6200 Network Router User Manual

Open as PDF

of 156

Advanced Settings

134

D6200 WiFi DSL Modem Router

- Subnet address. Enter an IP address in the Single/Start IP address field, and the

desired network mask in the Subnet Mask field.

The remote VPN endpoint must have these IP addresses entered as its local

addresses.

• IKE.

- Direction/Type. This setting is used to determine if the IKE policy matches the

current traffic. Select the desired option.

- Responder only. Incoming connections are allowed, but outgoing connections

are blocked.

- Initiator and Responder. Both incoming and outgoing connections are allowed.

- Exchange Mode. Currently, only Main Mode is supported. Ensure that the remote

VPN endpoint is set to use Main Mode.

- Diffie-Hellman (DH) Group. When the VPN connection keys are exchanged, the

Diffie-Hellman algorithm is used. The DH Group setting determines the bit size

used in the exchange. This value must match the value used on the remote VPN

gateway.

- Local Identity Type. Select the desired option to match the Remote Identity Type

setting on the remote VPN endpoint.

- WAN IP Address. Your Internet IP address.

- Fully Qualified Domain Name. Your domain name.

- Fully Qualified User Name. Your name, email address, or other ID.

- Local Identity Data. Enter the data for the selection. When WAN IP Address is

selected, no input is required.

- Remote Identity Type. Select the desired option to match the Local Identity Type

setting on the remote VPN endpoint.

- IP Address. The Internet IP address of the remote VPN endpoint.

- Fully Qualified Domain Name. The domain name of the remote VPN endpoint.

- Fully Qualified User Name. The name, email address, or other ID of the remote

VPN endpoint.

- Remote Identity Data. Enter the data for the selection. When IP Address is

selected, no input is required.

• Parameters.

- Encryption Algorithm. The encryption algorithm used for both IKE and IPSec.

This setting must match the setting used on the remote VPN gateway.

- Authentication Algorithm. The authentication algorithm used for both IKE and

IPSec. This setting must match the setting used on the remote VPN gateway.

- Pre-shared Key. The key has to be entered both here and on the remote VPN

gateway.

- SA Life Time. This setting determines the time interval before the SA (security

association) expires. (It is automatically reestablished as required.) While using a

short time period (or data amount) increases security, it also degrades

previous next