Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • How To - Establish IPSec VPN Using Vigor Draytek ADSL

    Încărcat de

    thangnm
    161 vizualizări8 pagini
    How to - Establish IPSec VPN Using Vigor Draytek ADSL

    Titlu original

    How to - Establish IPSec VPN Using Vigor Draytek ADSL

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    How to - Establish IPSec VPN Using Vigor Draytek ADSL

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    161 vizualizări8 pagini

    How To - Establish IPSec VPN Using Vigor Draytek ADSL

    Încărcat de

    thangnm
    How to - Establish IPSec VPN Using Vigor Draytek ADSL

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 8

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    This article describes a detailed configuration example that demonstrates how to set up a netto-net IPSec VPN connection between Cyberoam and Vigor Draytek ADSL using preshared key to authenticate VPN peers. Throughout the article we will use the network parameters as shown in the diagram below.

    Configuration Parameters IPSec Connection

    Cyberoam Local Network details WAN IP address 14.15.16.17 Local Internal Network 10.5.6.0/24 Preshared Key - 0123456789 Remote Network details Remote VPN server IP address 22.23.24.25 Remote Internal Network 172.23.9.0/24

    Draytek Local Network details WAN IP address 22.23.24.25 Local Internal Network 172.23.0.24 Preshared Key - 0123456789 Remote Network details Remote VPN server IP address 14.15.16.17 Remote Internal Network 10.5.6.0/24

    Note: If same subnets are configured at Draytek and Cyberoam then connection will not be established

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step by Step Configuration Draytek ADSL Step 1: Go to VPN and Remote Access Remote Access Control To allow the VPN traffic through routers, enable services as per following screen:

    Step 2: Go to VPN and Remote Access LAN to LAN Choose an unused profile, e.g. 1. and click Next to continue. The status of unused profile will be x

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step 3: Section 1: Common Settings Enter a Profile Name and enable the profile As Draytek router will always initiate the VPN connection, for Call Direction click DialOut and click Always on to enable always on VPN tunnel.

    Section 2: Dial- Out Settings Under Type of Server I am calling, click IPSec Tunnel and enter WAN IP address of Cyberoam i.e. 14.15.16.17 as Server IP/Host Name Under IKE Authentication Method, click Pre-Shared Key and enter Pre-Shared Key Under IPSec Security Method, click High (ESP) Click Advanced button

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    In Advanced settings enter parameters as follows: o IKE phase 1 mode: Main mode o IKE phase 1 proposal: 3DES_MD5_G2 o IKE phase 2 proposal: 3DES_MD5 o IKE phase 1 key lifetime: 28800 o IKE phase 2 key lifetime: 3600 o Perfect Forward Secret: Disable

    Section 3: Dial- in Settings: No configuration is required in this section

    Section 4: TCP/ IP Network Settings Enter following parameters o Remote Network IP 14.15.16.17 Cyberoams internal network IP o Remote Network Mask - 255.255.255.0 Do not change the default setting of any other parameters. Click OK button

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step by Step Configuration Cyberoam Step 4: Create VPN Policy Go to VPNPolicy Create Policy and create VPN Policy with following values: o Policy Name: Draytek o Using Template: None o Keying Method: Automatic o Allow Re-keying: Yes o Key Negotiation Tries: 3 o Authentication Mode: Main Mode o Perfect Forward Secrecy (PFS): No Phase 1 o o o Encryption Algorithm: 3DES Authentication Algorithm: MD5 DH Group (Key Group): 2 (DH1024) Key life: 28800 sec

    Phase 2 o o o Encryption Algorithm: 3DES Authentication Algorithm: MD5 DH Group (Key Group): 2 (DH1024) Key life: 3600 sec

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step 5: Create VPN Connection Go to VPN IPSec Connection Create Connection and specify parameters as follows: o Connection name: Draytek o Policy: Draytek o Action on restart: Active o Mode: Tunnel o Connection Type: Net to Net o Authentication Type Preshared Key o Preshared Key: 0123456789 o Local server IP address (WAN IP address) 14.15.16.17 o Local Internal Network 10.5.6.0/24 o Remote server IP address (WAN IP address) 22.23.24.25 o Remote Internal Network 172.23.9.0/24 o User Authentication Mode: Disabled o Protocol: All

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step 6: At Draytek site select Connection Management from VPN and Remote Access menu. Under Dial-out Tool, select Cyberoams public IP from the dropdown and click Dial button to initiate the connection.

    How To Establish IPSec VPN Connection between Cyberoam and Vigor Draytek ADSL

    Step 7: At Cyberoam site, under the Connection status indicates that the connection is successfully activated

    Document version:1.0-19/02/2009

    S-ar putea să vă placă și