VPN Configuration Guide D-Link DFL-800

Similar documents
VPN Configuration Guide D-Link DFL-200

VPN Configuration Guide Linksys RV042/RV082

VPN Configuration Guide Netgear FVS338 / FVX538 / FVS124G

VPN Configuration Guide LANCOM

VPN Configuration Guide. Parallels Remote Desktop for Mac

VPN Configuration Guide SonicWALL with SonicWALL Simple Client Provisioning

VPN Quick Configuration Guide. Astaro Security Gateway V8

VPN Configuration Guide SonicWALL with SonicWALL Simple Client Provisioning

VPN Configuration Guide. Cisco Small Business (Linksys) WRVS4400N / RVS4000

VPN Configuration Guide. Cisco Small Business (Linksys) RV016 / RV042 / RV082

VPN Configuration Guide. Cisco Small Business (Linksys) WRV210

VPN Configuration Guide. Juniper Networks NetScreen / SSG / ISG Series

VPN Tracker for Mac OS X

VPN Tracker for Mac OS X

VPN Configuration Guide DrayTek Vigor / VigorPro

VPN Configuration Guide WatchGuard Fireware XTM

VPN Configuration Guide. ZyWALL USG Series / ZyWALL 1050

VPN Tracker for Mac OS X

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

VPN Configuration Guide. Cisco ASA 5500 Series

VPN Configuration Guide. Dell SonicWALL

VPN Tracker for Mac OS X

DFL-210/260, DFL-800/860, DFL-1600/2500 How to setup IPSec VPN connection

VPN Tracker for Mac OS X

VPN Configuration Guide. AVM FRITZ!Box

How To Configure An Ipsec Tunnel On A Network With A Network Gateways (Dfl-800) On A Pnet 2.5V2.5 (Dlf-600) On An Ipse Vpn

VPN Configuration Guide. Dealing with Identical Local and Remote Network Addresses

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Global VPN Client Getting Started Guide

Configuration examples for the D-Link NetDefend Firewall series DFL-210/800/1600/2500

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Fortinet Firewall. Overview

Configuring a VPN for Dynamic IP Address Connections

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

Watchguard Firebox X Edge e-series

Configuring SSH Sentinel VPN client and D-Link DFL-500 Firewall

Configure an IPSec Tunnel between a Firebox Vclass & a Check Point FireWall-1

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Configuration Guide. How to establish IPsec VPN Tunnel between D-Link DSR Router and iphone ios. Overview

Configuration examples for the D-Link NetDefend Firewall series DFL-210/800/1600/2500

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Configuring a Check Point FireWall-1 to SOHO IPSec Tunnel

1 You will need the following items to get started:

Sharing files on Windows XP with Mac OS X clients

Remote Desktop How-To. How to log into your computer remotely using Windows XP, etc.

D-Link Central WiFiManager Configuration Guide

Back to My Mac User s Guide

Basic ViPNet VPN Deployment Schemes. Supplement to ViPNet Documentation

Setting up D-Link VPN Client to VPN Routers

Configuring an IPSec Tunnel between a Firebox & a Check Point FireWall-1

Netgear ProSafe VPN firewall (FVS318 or FVM318) to Cisco PIX firewall

UTM - VPN: Configuring a Site to Site VPN Policy using Main Mode (Static IP address on both sites) i...

How To Connect To An Egrabit With A Vpn On A Pc Or Mac Or Ipad (For Pc Or Ipa) With A Pv (For Mac) Or Ipv (Femalese) With An Ipv Or Ip

Cisco RV 120W Wireless-N VPN Firewall

Hallpass Instructions for Connecting to Mac with a Mac

How To Industrial Networking

Network/VPN Overlap How-To with SonicOS 2.0 Enhanced Updated 9/26/03 SonicWALL,Inc.

User Manual. 3CX VOIP client / Soft phone Version 6.0

VPNC Interoperability Profile

MultiSite Manager. Setup Guide

Global VPN Client Getting Started Guide

Establishing a VPN tunnel to CNet CWR-854 VPN router using WinXP IPSec client

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

Chapter 6 Virtual Private Networking

Application Note Configuring the UGate 3000 for use with ClipMail Pro and ClipExpress

OvisLink 8000VPN VPN Guide WL/IP-8000VPN. Version 0.6

Juniper NetScreen 5GT

Cisco SA 500 Series Security Appliance

Configuration Guide. How to Configure SSL VPN Features in DSR Series. Overview

Quick Installation Guide DAP Wireless N 300 Access Point & Router

Computer Science and Engineering MacOS Cisco VPN Client Installation and Setup Guide

Chapter 9 Monitoring System Performance

WatchGuard Mobile User VPN Guide

Windows XP VPN Client Example

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

Configuring Routers and Their Settings

WestermoConnect User Guide. VPNeFree Service

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

HWS Virtual Private Network Configuration and Setup Mac OS X 12/19/2006

Remote Access - Mac OS X

Macs are not directly compatible with Noetix.

Chapter 8 Lab B: Configuring a Remote Access VPN Server and Client

VPN L2TP Application. Installation Guide

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router:

How To Configure L2TP VPN Connection for MAC OS X client

Configure VPN between ProSafe VPN Client Software and FVG318

This chapter describes how to set up and manage VPN service in Mac OS X Server.

ReadyNAS Remote. Add-on Manual. 350 East Plumeria Drive San Jose, CA USA. May

GWA501 package contains: 1 Wireless-G Broadband Gateway 1 Power Adapter 1 Ethernet Cable 1 Manual CD 1 Quick Start Guide 1 Warranty/Registration Card

Accessing TP SSL VPN

Zeroshell: VPN Host-to-Lan

How to access peers with different VPN through IPSec. Tunnel

TheGreenBow IPsec VPN Client. Configuration Guide Cisco RV325 v1. Website: Contact:

STONEGATE IPSEC VPN 5.1 VPN CONSORTIUM INTEROPERABILITY PROFILE

GWA502 package contains: 1 Wireless-G Broadband Router 1 Power Adapter 1 Ethernet Cable 1 Manual CD 1 Quick Start Guide 1 Warranty/Registration Card

Using a simple crossover RJ45 cable, you can directly connect your Dexter to any computer.

Fireware How To VPN. Introduction. Is there anything I need to know before I start? Configuring a BOVPN Gateway

Time Machine How-To Guide

Transcription:

VPN Configuration Guide D-Link DFL-800 Revision 1.0.0

equinux AG and equinux USA, Inc. 2007 equinux USA, Inc. All rights reserved. Under the copyright laws, this manual may not be copied, in whole or in part, without the written consent of equinux AG or equinux USA, Inc. Your rights to the software are governed by the accompanying software license agreement. The equinux logo is a trademark of equinux AG and equinux USA, Inc., registered in the U.S. and other countries. Every effort has been made to ensure that the information in this manual is accurate. equinux is not responsible for printing or clerical errors. Apple, the Apple logo, ibook, Mac, Mac OS, MacBook, PowerBook are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. Finder and Mail are trademarks of Apple Computer, Inc. AppleCare is a service mark of Apple Computer, Inc., registered in the U.S. and other countries. FileMaker is a trademark of FileMaker, Inc. equinux shall have absolutely no liability for any direct or indirect, special or other consequential damages in connection with the use of the quick setup guide or any change to the router generally, including without limitation, any lost profits, business, or data, even if equinux has been advised of the possibility of such damages. Created using Apple Pages. www.equinux.com 2

Introduction... 5 Acquire more Licenses... 45 Prerequisites... 6 Scenario... 7 Task 1 Configure your D-Link DFL-800... 9 Step 1 - Setup your Objects... 10 Step 2 Configure your VPN Tunnel... 14 Step 3 - Add VPN Users... 22 Step 4 Add IP Rules... 26 Step 5 Activate your Changes... 28 Task 2 Configure VPN Tracker... 29 Step 1 - Create a new Connection... 29 Step 3 - Network Settings... 31 Step 4 - Authentication Settings... 32 Step 5 - Identifiers Settings... 33 Task 3 - Check the VPN connection... 34 It s time to go out!... 34 Test your connection... 34 Troubleshooting... 37 What s next?... 38 Introduction... 38 Known Limitations... 38 Accessing Files... 39 Accessing a FileMaker Database... 41 3

4

Introduction This document describes how VPN Tracker can be used to establish a connection between a Macintosh running Mac OS X and a D-Link DFL-800 router. The D-Link gateway is configured as a router connecting a company LAN to the Internet. This paper is only a supplement to, not a replacement for, the instructions that have been included with your D-Link DFL-800. Please be sure to read those instructions and understand them before starting. EQUINUX SHALL HAVE ABSOLUTELY NO LIABILITY FOR ANY DIRECT OR INDIRECT, SPECIAL OR OTHER CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE USE OF THE HOW-TO OR ANY CHANGE TO THE ROUTER GENERALLY, INCLUDING WITHOUT LIMITATION, ANY LOST PROFITS, BUSINESS, OR DATA, EVEN IF EQUINUX HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 5

Prerequisites First you have to make sure to use a recent D-Link DFL-800 firmware version. The latest release for your D-Link firewall can be obtained from http://www.d-link.com/ For this document, firmware version 2.11.03 has been used. Please note: VPN Tracker has been only been tested with the D-Link DFL-800 and the above firmware version. You will need one VPN Tracker Personal Edition license for each Mac connecting to the DFL-800. We recommend one VPN Tracker Professional Edition for the administrator s Mac in order to export configuration files to the clients. VPN Tracker is compatible with Mac OS X version 10.2.5+, 10.3 and 10.4.1+ 6

Scenario In our example, we need to connect an employee's Mac Book in San Francisco to an office in New York. The following diagram illustrates this scenario: The MacBook is directly connected to the Internet and has a public IP address, assigned by an ISP. The office's VPN gateway is also connected to the Internet and can be accessed via an static IP address. The VPN gateway also has a second interface which is connected to the internal office network. In our example, the office network has the IP range 192.168.13.0/24. A VPN tunnel will be established between the public interfaces in San Francisco and New York. Once the VPN tunnel is up, San Francisco can access the office network behind the VPN gateway. 7

Please note that the connection from a MacBook at home to an office network is just one possible scenario. The instructions also apply to connections from a desktop computer or notebook in your office to a VPN gateway at home or at another office. Please adapt the term "office network", which is used throughout this manual, to your scenario. 8

Task 1 Configure your D-Link DFL-800 This section describes the configuration of your D-Link DFL-800 router. When setting up a VPN, you ll have to handle a couple of parameters. Those parameters are marked with red dots with little numbers in it. Throughout the setup we will point back to those parameters. 9

Step 1 - Setup your Objects Connect to your DFL-800 Select Objects > Address Book > Authentication Objects Click Add 10

Assign a name to the key object (e.g. vpntracker_key ) Specify the desired passphrase Click OK! " 11

Select Objects > Address Book > InterfaceAddresses Click lannet 12

Set the network s IP adress, along with its subnet mask (e.g. 192.168.13.0/24 )! 13

Step 2 Configure your VPN Tunnel Select Interfaces > IPSec Click Add 14

Name: Choose a (unique) name for your VPN Tunnel Local Network: Choose the address object for your local network Remote Network: Choose all-nets IKE Algorithm: Choose High IKE Life Time: Enter 28800 IPSec Algorithm: Choose High IPSec Life Time: Enter 3600 15

Switch to the Authentication tab Select Pre-shared Key and your key object! 16

Switch to the Extended Authentication (XAUTH) tab Select Require IKE XAuth unser authentication for inbound IPSec tunnels 17

Switch to the Routing tab Activate Dynamically add route for the remote network when a tunnel is established 18

Switch to the IKE Settings tab Make sure that all settings match the settings in the screenshot to the left (these are the factory default settings) 19

Switch to the Keep-alive tab Select Disabled 20

Switch to the Advanced tab Activate Add route for remote network 21

Step 3 - Add VPN Users Select User Authentication > Local User Database Click Add to add a new user database Select a name for your database Click OK to save it 22

In the list of local user databases, click the newly created database (e.g. VPNUsers ) 23

Click Add to add a new user to the VPNUsers database 24

Enter a unique user name and password Click OK! " 25

Step 4 Add IP Rules Select Rules > IP Rules Click Add to add a new group of rules Select a name for your group Click OK Select the new rule group in the list of groups Click Add to add a new rule Name: Choose a unique name (e.g. ipsec_inbound ) Action: NAT Service: all_services Schedule: (None) Source Interface: Your policy s name (e.g. VPNTracker ) Source Network: all-nets Destination Interface: lan Destination Network: lannet Click OK 26

Click Add to add a new rule Name: Choose a unique name (e.g. ipsec_outbound ) Action: NAT Service: all_services Schedule: (None) Source Interface: lan Source Network: lannet Destination Interface: Your policy s name (e.g. VPNTracker ) Destination Network: all-nets Click OK 27

Step 5 Activate your Changes Select Configuration > Save and Activate Confirm the changes Wait for the DFL-800 to reboot 28

Task 2 Configure VPN Tracker This section describes the configuration of VPN Tracker for your D-Link router. Step 1 - Create a new Connection Click on New in the VPN Tracker main window. 29

Step 2 Connection Settings Select the vendor (D-Link) Select your VPN router model (DFL-800) Make sure to enable Initiate connection from this end TIP The pre-defined VPN Tracker connection for the D-Link DFL-800 VPN router is based on the default settings for your D-Link DFL-800 VPN router. If you or the administrator changed any of the settings while configuring the device, you might have to adjust the connection type in VPN Tracker by double-clicking the model. 30

Step 3 Network Settings VPN Server Address: public IP address of your VPN Gateway (e.g. 169.154.19.12) Remote Network/Mask: network address and netmask of your office network! 31

Step 4 Authentication Settings! Pre-shared key: Enter the pre-shared key you used earlier when configuring the D-Link DFL-800 Make sure to check Enable Extended Authentication (XAUTH) 32

Step 5 - Identifiers Settings Please use the local / remote endpoint IP addresses as identifiers 33

Task 3 - Check the VPN connection This section explains how to start and test your VPN connection. It s time to go out! You will not be able to test and use your VPN connection from within your office network. In order to test your connection, you'll need to connect from a different location. That s why it s now time to go out. Take your MacBook Pro and have a coffee at your favorite Internet cafe or go visit a friend. Test your connection To test if everything is setup correctly please follow the steps below: Get access to the Internet Make sure the Internet connection is working; open your Internet browser and try to connect to http://www.equinux.com Start VPN Tracker if it s not already running 34

Select the connection you configured for your D- Link device Hit the Start VPN button Provide the username and password defined earlier Click OK! " 35

If the light turns red after a few seconds, then please read the Troubleshooting section on the next page If the light turns green, that means you ve successfully established a connection Congratulations! You did it! 36

Troubleshooting I don t get a green light in the VPN Tracker main window Make sure that your computer is not connected directly to the office network you want to connect to. Make sure, that the Identifier and the Pre-shared key you've entered in the router configuration match the settings you entered in VPN Tracker. Verify that the public IP address you entered in VPN Tracker matches the public IP address of your router. Download our sample configuration and connect to our test device at http://www.vpntracker.com/connectiontest/ If the test connection cannot be established: Make sure, that the internet connection is working and verify that your local router is not blocking any connection attempts. If the test connection is established successfully: Your internet connection is working and does not block VPN connections. Please check the log file of your D-Link DFL-800 for error messages. If you re still having issues with your connection, please create some screenshots of your settings on both ends, gather the log files and send them over to our support team via http://www.equinux.com/us/products/vpntracker/contactus.html. 37

What s next? This section explains how to use your VPN connection. Introduction As the VPN connection has now been established, you should be able to access most of the resources in your office network. Known Limitations There are some limitations of a VPN connection compared to a direct connection to a office network. Bonjour: As Bonjour Chat is not supported over a VPN tunnel, you ll need to use ichat server in order to chat remotely. Browsing the network: You can t browse the remote network as you re normally used to. You need to connect to each machine manually, as described on the next page. 38

Accessing Files To access files in your office network, just follow the steps below: Go to the Finder application In the menu bar, click on Go->Connect To Server... 39

Enter the IP address of the machine you want to connect to. In our example network this would be the IP address 192.168.13.21 Click on the Connect button Enter your Username and Password to access the files TIP When connecting to a Windows fileserver, you ll need to prefix the IP address with smb://, e.g. smb://192.168.13.21. 40

Accessing a FileMaker Database To access a database available in your office network, just follow the steps below: Start the FileMaker application In the menu bar, click on File->Open Remote... 41

Click on the Add... button 42

Enter the IP address of the FileMaker server machine Enter a hostname for this machine (optional) Click on the Save button 43

Select a database from the list of Available Files and click Open You are now able to access your FileMaker databases as usual 44

Acquire more Licenses If two or more people need to access your office network via VPN, then you need to acquire more VPN Tracker licenses. To get more licenses, please contact your reseller and inquire about VPN Tracker Personal Edition. Or point your browser to http://store.equinux.com and buy additional VPN Tracker Personal Edition Licenses online. 45

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information