Table of ContentsPreviousNextSearch Knowledge Base

Complete PDF manual
PDF of this chapter


Configuration Profile

The configuration in this document follows the addressing and configuration mechanics defined by the VPN Consortium. Gather all the necessary information before you begin the configuration process. Verify whether the firmware is up to date, all of the addresses that will be necessary, and all of the parameters that need to be set on both sides. Check that there are no firewall restrictions.

Table B-2. Profile Summary
VPN Consortium Scenario:
Scenario 1
Type of VPN
LAN-to-LAN or Gateway-to-Gateway (not PC/Client-to-Gateway)
Security Scheme:
IKE with Preshared Secret/Key (not Certificate-based)
IP Addressing:
 
NETGEAR-Gateway A
Fully Qualified Domain Name (FQDN)
NETGEAR-Gateway B
FDQN

Figure B-5

Note: Product updates are available on the NETGEAR, Inc. web site at
http://kbserver.netgear.com/DG834G v3.asp.

The Use of a Fully Qualified Domain Name (FQDN)

Many ISPs (Internet Service Providers) provide connectivity to their customers using dynamic instead of static IP addressing. This means that a user's IP address does not remain constant over time which presents a challenge for gateways attempting to establish VPN connectivity.

A Dynamic DNS (DDNS) service allows a user whose public IP address is dynamically assigned to be located by a host or domain name. It provides a central public database where information (such as email addresses, host names and IP addresses) can be stored and retrieved. Now, a gateway can be configured to use a 3rd party service in lieu of a permanent and unchanging IP address to establish bi-directional VPN connectivity.

To use DDNS, you must register with a DDNS service provider. Example DDNS Service Providers include:

In this example, Gateway A is configured using an example FQDN provided by a DDNS Service provider. In this case we established the hostname dg834g.dyndns.org for gateway A using the DynDNS service. Gateway B will use the DDNS Service Provider when establishing a VPN tunnel.

In order to establish VPN connectivity Gateway A must be configured to use Dynamic DNS, and Gateway B must be configured to use a DNS hostname to find Gateway A provided by a DDNS Service Provider. Again, the following step-by-step procedures assume that you have already registered with a DDNS Service Provider and have the configuration information necessary to set up the gateways.


NETGEAR, Inc.
http://www.netgear.com
Table of ContentsPreviousNextSearch Knowledge Base 202-10155-01, October 2006