![background image](http://html1.mh-extra.com/html/d-link/netdefend-soho-dfl-160/netdefend-soho-dfl-160_user-manual_3341027048.webp)
In summary, a VPN allows the public Internet to be used for setting up secure communications or
tunnels between DFL-160s or between a DFL-160 and other security gateway devices or clients.
VPN with the DFL-160
NetDefendOS supports setting up tunnels using the following types of tunnel protocols for secure
communication:
•
IPsec tunnels.
•
L2TP tunnels.
Using L2TP tunnels the DFL-160 can either be:
1.
An L2TP client - which connects to an L2TP server.
2.
Or an L2TP server - to which L2TP clients connect.
•
PPTP tunnels.
Using PPTP tunnels the DFL-160 can either be:
1.
A PPTP client - which connects to a PPTP server.
2.
Or a PPTP server - to which PPTP clients connect.
Pressing the Add button on the initial VPN page of the web interface allows the administrator to
define a tunnel based on one of these protocols. The following sections explore these options in
greater depth.
In the web interface, the L2TP and PPTP setup options are grouped together into the same pages.
This is because of their similarity. L2TP is a protocol that has superseded PPTP but PPTP is still
used in some scenarios.
4.4.1. IPsec
This section explains the IPsec options available when setting up an IPsec based VPN tunnel.
An IPsec Overview
Internet Protocol Security (IPsec) is a standardized set of protocols that provide highly secure data
transportation. IPsec is made up of two parts:
•
The Internet Key Exchange protocol (IKE)
•
IPsec protocols (AH and ESP)
The first part, IKE, is the initial negotiation phase, where two VPN tunnel endpoints agree on which
methods will be used to provide transportation and security for the data traffic. IKE manages
connections by creating a set of Security Associations (SAs) for each tunnel. An SA is unidirectional
so there are usually at least two for each IPsec connection.
The second part is the actual data transfer and this is done using the encryption and authentication
methods agreed upon in the IKE negotiation.
The flow of events for IPsec can be summarized as follows:
4.4.1. IPsec
Chapter 4. The Firewall Menu
48
Summary of Contents for NetDefend SOHO DFL-160
Page 11: ...1 3 The LED Indicators Chapter 1 Product Overview 11...
Page 22: ...2 4 Console Port Connection Chapter 2 Initial Setup 22...
Page 39: ...3 7 Dynamic DNS Settings Chapter 3 The System Menu 39...
Page 76: ...4 10 Schedules Chapter 4 The Firewall Menu 76...
Page 78: ...5 1 Ping Chapter 5 The Tools Menu 78...
Page 93: ...6 11 DHCP Server Status Chapter 6 The Status Menu 93...
Page 102: ...7 6 Technical Support Chapter 7 The Maintenance Menu 102...