Advanced Users You can use an existing FQDN if your clients
actually connect from the IP address this name
resolves to.
‣
Encryption Algorithm: Select “3DES”
‣
Authentication Algorithm: Select “SHA-1”
‣
Authentication Method: Select “Pre-Shared Key”
‣
The pre-shared key is the password that users have to enter before
connecting. Make sure to set a strong password ➊
‣
Diffie-Hellman (DH) Group: Select “Group 2 (1024 Bit)”
‣
SA Lifetime: 3600 seconds
‣
Click “Apply” to add your new IKE policy
‣
Policy Name: Enter a name for the connection
‣
Direction / Type: Select “Responder”
‣
Exchange Mode: Select “Aggressive Mode”
‣
Local Identity Type: Select “Fully Qualified Domain Name”
‣
Local Identity Data: Enter the identifier to be used by the device, e.g.
“netgear.local”. Make sure to write down the exact identifier ➋
‣
Remote Identity Type: Select “Fully Qualified Domain Name”
‣
Remote Identity Data: Enter the identifier to be used by the client, e.g.
“vpntracker.local”. It should not be an actually existing name. Make sure
to write down the exact identifier ➌
Tip Use the form on page 9 of this document to keep track of the various settings. You will need again them later on.
To Next Page
Loading...
