Filter
Top Products
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual
Virtual Private Networking Using IPsec 5-23
v1.2, June 2008
5. Enable a Backup RADIUS Server (if required).
6. Set the Time Out Period, in seconds, that the VPN firewall should wait for a response from
the RADIUS server.
7. Set the Maximum Retry Count. This is the number of tries the VPN firewall will make to the
RADIUS server before giving up.
8. Click Apply to save the settings.
Manually Assigning IP Addresses to Remote Users
(ModeConfig)
To simply the process of connecting remote VPN clients to the FVS336G, the ModeConfig
module can be used to assign IP addresses to remote users, including a network access IP address,
subnet mask, and name server addresses from the VPN firewall. Remote users are given IP
addresses available in secured network space so that remote users appear as seamless extensions of
the network.
In the following example, we configured the VPN firewall using ModeConfig, and then
configured a PC running ProSafe VPN Client software using these IP addresses.
• NETGEAR FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN
– WAN IP address: 172.21.4.1
– LAN IP address/subnet: 192.168.2.1/255.255.255.0
• NETGEAR ProSafe VPN Client software IP address: 192.168.1.2
Mode Config Operation
After IKE Phase 1 is complete, the VPN connection initiator (remote user/client) asks for IP
configuration parameters such as IP address, subnet mask and name server addresses. The Mode
Config module will allocate an IP address from the configured IP address pool and will activate a
Note: Selection of the Authentication Protocol, usually PAP or CHAP, is configured
on the individual IKE policy screens.