·
Select a Destination address.
·
Select the VPN Tunnel.
·
Select OK to save the VPN policy.
Configuring the IPSec VPN client
The VPN client PC must be running industry standard IPSec Autokey IKE VPN client software. D-Link
recommends the SafeNet/Soft-PK client from IRE, Inc.
Configure the client as required to connect to the DFL-500 VPN gateway using an IPSec VPN configuration.
Make sure the client configuration includes the settings in
. These settings should
match the VPN gateway configuration.
VPN client configuration
Description
Example
Setting
Tunnel Name
Should correspond to the VPN tunnel name used on the DFL-500 VPN gateway. Client_VPN
Remote Gateway
The External IP address of the DFL-500 VPN gateway.
1.1.1.1
Keylife
The Client key life should match the DFL-500 VPN gateway key life.
100
Authentication
Key
The Client authentication key should match the DFL-500 VPN gateway
authentication key.
ddcHH01887d
Dial-up VPN
Use the following procedures to add a dial-up VPN configuration so that your VPN gateway accepts IPSec
VPN connections from any IP address. A dial-up VPN configuration is most often used to allow clients with
dynamic IP addresses to connect to the VPN gateway. Clients with dynamic IP addresses can be home or
travelling users who dial into the Internet and are dynamically assigned an IP address by their ISP (using
PPPoE, DHCP, or a similar protocol).
To configure a dial-up VPN gateway, add a dial-up VPN tunnel. A dial-up VPN tunnel is an IPSec Autokey
IKE VPN tunnel with its remote gateway address set to 0.0.0.0. VPN policies and addresses are not required
on the dial-up VPN gateway.
Any remote IPSec VPN client or gateway that can match the dial-up VPN tunnel's authentication key can
connect to the dial-up VPN tunnel. The remote client or gateway must have a normal IPSec VPN tunnel
configuration. For example, a remote DFL-500 IPSec VPN gateway must be configured with a VPN tunnel,
VPN addresses, and VPN policies. Each remote client or gateway must have their VPN remote gateway set
to the external address of the dial-up VPN gateway.
Each client or gateway that connects to the dial-up VPN gateway negotiates with the dial-up VPN gateway to
create its own VPN tunnel. As these connections are made and the dial-up tunnels are created, they are
added to the Dial-up Monitor list (see
).
DFL-500 User Manual
63