Reference Manual for the ProSafe Wireless 802.11g VPN Firewall Model FVG318
VPN Configuration of NETGEAR FVG318 C-15
v1.0, October 2005
The FVG318-to-VPN Client Case
Client-to-Gateway VPN Tunnel Overview
The operational differences between gateway-to-gateway and client-to-gateway VPN tunnels are
summarized as follows:
Table B-1. Policy Summary
VPN Consortium Scenario: Scenario 1
Type of VPN PC/Client-to-Gateway
Security Scheme: IKE with Preshared Secret/Key
Date Tested:
Model/Firmware Tested:
NETGEAR-Gateway A FVG318 with firmware version v1.0
NETGEAR-Client B NETGEAR ProSafe VPN Client v10.3.5
IP Addressing:
NETGEAR-Gateway A Static IP address
NETGEAR-Client B Dynamic IP address
Table B-2. Differences between VPN tunnel types
Operation Gateway-to-Gateway VPN Tunnels Client-to-Gateway VPN Tunnels
Exchange Mode Main Mode—The IP addresses of both
gateways are known (especially when
FQDN is used), so each gateway can
use the Internet source of the traffic for
validation purposes.
Aggressive Mode—The IP address of
the client is not known in advance, so the
gateway is programmed to accept valid
traffic sourced from any Internet location
(i.e., less secure).
Direction/Type Both Directions—Either end of the VPN
tunnel may initiate traffic (usually).
Remote Access—The client end of the
VPN tunnel must initiate traffic because
its IP address is not know in advance,
which prevents the gateway end of the
VPN tunnel from initiating traffic.
To Next Page
Loading...
