background image

 

www.cnetusa.com 

1

VPN Setup for CNet’s CWR-854 802.11g Wireless Router  

 
The instructions below are for getting an IPSec client to connect CNet’s wireless 
broadband router CWR-854(F) with VPN capability.  The VPN feature can be used for 
secure remote access to a home  or work network from anywhere on the Internet. 
 

VPN Client Software 

used for this test is SSH-Sentinel v1.4 which is free for non-

commercial use.  
 

                 

 

 
 

                              

 

 
 

Applications: 

Summary of Contents for CWR-854

Page 1: ...g an IPSec client to connect CNet s wireless broadband router CWR 854 F with VPN capability The VPN feature can be used for secure remote access to a home or work network from anywhere on the Internet VPN Client Software used for this test is SSH Sentinel v1 4 which is free for non commercial use Applications ...

Page 2: ...SL modem or we are dialing up using a modem In the second scenario the client system is also behind a NAT route In this case the computer we re working on is connected to a router and through a Cable DSL modem to the Internet First Scenario To configure VPN both on the client system as well as the router we need to know about the IP address schema used on the home network By default the LAN IP of ...

Page 3: ...www cnetusa com 3 Router s VPN Configuration Please use the routers s default IP address 192 168 1 254 to access its configuration ...

Page 4: ...ite choose Subnet Address to allow access to the whole LAN network For remote site choose Any Address so that the router accepts VPN requests from any IP address Both local and remote systems are identified by IP Key management is auto IKE Click the advance key to see the settings for phase 1 and 2 negotiations In phase 1 peers are authenticated to each other and a secure encrypted link is establi...

Page 5: ...www cnetusa com 5 The last step to finalize VPN configuration is to enter the PSK Pre Shared Key and save settings The router is now ready to accept incoming VPN connections ...

Page 6: ...www cnetusa com 6 ...

Page 7: ...T router for example another CWR 854 The connection is from VPN client NAT router Cable DSL modem Internet Cable DSL modem VPN router The only difference in the configuration with scenario one is to configure the VPN router s remote site to be NAT T any address as below picture shows ...

Page 8: ...rst one involves the creation of a key management and the second one is the actual VPN security policy After the software is installed right click on the Sentinel icon in the task bar and select Run Policy Editor Configuring SSH Sentinel Key Management From the SSH Sentinel policy editor click on Key Management tab Then select the add button under My Keys folder ...

Page 9: ...www cnetusa com 9 From the New Authentication Key window select the create a pre shared key radio button and click next ...

Page 10: ...www cnetusa com 10 In the next window type a name and the same exact key you have entered in the router s VPN configuration and click Finish ...

Page 11: ... VPN connections and click on Add button In the Add VPN Connection window enter an IP address or a Domain Name associated with the WAN IP of the CNet router For remote network click the micro button and enter the remote network information The default LAN network address of CWR 854 is 192 168 1 0 with 255 255 255 0 for subnet mask ...

Page 12: ...www cnetusa com 12 Click OK to save the changes and return to the Rule Properties window ...

Page 13: ...www cnetusa com 13 Click on the IPSec IKE proposal settings button to view proposal parameters ...

Page 14: ...operties window Click on the Advanced tab to view Security association lifetimes as well as Audit and some other advanced settings If the VPN client system is sitting behind a NAT device you ll need to check the box next to Pass NAT device using NAT T ...

Page 15: ...test Click OK to go back to the SSH Sentinel Policy Editor window and click Apply to update security policy changes we ve made Now click on Diagnostics to start probing the connection to the VPN server If Diagnostics complete successfully it means that you can establish an IPSec protected connection to the VPN server ...

Page 16: ...www cnetusa com 16 We can now use the SSH Sentinel icon in the task bar select the VPN server and establish the VPN tunnel ...

Page 17: ...t the VPN connection bring up a DOS window and try a ping to the IP address of one of the computers at home If ping is successful then the connection is established and you should be able to see and map network drives to systems behind the VPN router ...

Reviews: