manualshive.com logo in svg

NETGEAR DGND3300v2 - RangeMax Dual Band Wireless-N Modem Router, User Manual

The NETGEAR DGND3300v2 - RangeMax Dual Band Wireless-N Modem Router is a high-performance networking device that combines a modem and a router for seamless internet connectivity. To set up and configure this versatile device, simply download the free Installation Manual from manualshive.com. This comprehensive manual provides step-by-step instructions and valuable insights for smooth and hassle-free installation.

Share
Download
background image

  Appendix C.  NETGEAR VPN Configuration

 

   

|

     

151

C

C.   

NETGEAR VPN Configuration

Case study on how to set up a VPN

This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR 
DGND3300v2 to a FVL328. This case study follows the VPN Consortium interoperability profile 
guidelines (found at 

http://www.vpnc.org/InteropProfiles/Interop-01.html

).

Configuration Profile

The configuration in this appendix follows the addressing and configuration mechanics 
defined by the VPN Consortium. Gather necessary information before you begin 
configuration. Verify that the firmware is up to date, and that you have all the addresses and 
parameters to be set on both sides. Check that there are no firewall restrictions.

Figure 71. VPNC Example, Network Interface Addressing

Table 8.  N300 Wireless Modem Router to Gateway B Profile Summary

VPN Consortium Scenario

Scenario 1 (Identity Using Preshared Secrets)

Type of VPN 

LAN-to-LAN or gateway-to-gateway (not PC/client-to-gateway)

Security scheme:

IKE with pre-shared secret/key (not certificate based)

IP addressing:

NETGEAR-Gateway A

Static IP address

NETGEAR-Gateway B

Static IP address

Gateway A

WAN IP

Internet

10.506.0/24

(DGND3300v2)

LAN IP
10.5.6.1

14.15.16.17

WAN IP
22.23.24.25

Gateway B

LAN IP
172.23.9.1

172.23.9.0/24

Summary of Contents for DGND3300v2 - RangeMax Dual Band Wireless-N Modem Router

Page 1: ...350 East Plumeria Drive San Jose CA 95134 USA October 2010 202 10463 04 v1 0 N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 User Manual ...

Page 2: ...AR Phone Other Countries See Support information card Trademarks NETGEAR the NETGEAR logo ReadyNAS ProSafe Smart Wizard and Auto Uplink are trademarks or registered trademarks of NETGEAR Inc Microsoft Windows Windows NT and Vista are registered trademarks of Microsoft Corporation Other brand and product names are registered trademarks or trademarks of their respective holders Statement of Conditio...

Page 3: ...4 Using PIN Entry to Add a WPS Client 25 Configuring Advanced WPS Settings 27 Connecting Additional Wireless Client Devices after WPS Setup 27 Adding More WPS Clients 28 Adding Both WPS and Non WPS Clients 28 Restricting Access to Your N300 Wireless Modem Router 29 Wireless Guest Networks 30 Live Parental Controls 32 Chapter 3 Security Settings Protecting Access to Your N300 Wireless Modem Router ...

Page 4: ...ring Large Files with Colleagues 66 USB Storage Basic Settings 67 Editing a Network Folder 68 Configuring USB Storage Advanced Settings 69 Creating a Network Folder 71 Media Server Settings 72 Unmounting a USB Drive 72 Specifying Approved USB Devices 72 Connecting to the USB Drive from a Remote Computer 73 Locating the Internet Port IP Address 73 Accessing the Router s USB Drive Remotely Using FTP...

Page 5: ...Deleting an Existing QoS Policy 123 Configuring Static Routes 123 Wireless Repeating Also Called WDS 125 Wireless Repeating Function 126 Setting Up the Base Station 127 Setting Up a Repeater Unit 128 Chapter 8 Advanced Settings Part 2 Common Connection Types 130 Assessing Your Speed Requirements 131 Optimizing Your Network Bandwidth 132 Optimizing Wireless Performance 133 Changing the MTU Size 134...

Page 6: ...ep Configuration 152 N300 Wireless Modem Router with FQDN to Gateway B 153 Configuration Profile 153 Step by Step Configuration 155 Configuration Summary Telecommuter Example 157 Setting Up Client to Gateway VPN Telecommuter Example 158 Step 1 Configure Gateway A VPN Router at Main Office 159 Step 2 Configure Gateway B VPN Router at Regional Office 160 Monitoring the VPN Tunnel Telecommuter Exampl...

Page 7: ...ns Using the Setup Manual on page 7 Logging In to Your N300 Wireless Modem Router on page 8 Using the Setup Wizard on page 9 Viewing or Manually Configuring Your ISP Settings on page 10 Configuring ADSL Settings on page 14 Using the Setup Manual For first time installation of your wireless N300 wireless modem router refer to the Setup Manual The Setup Manual explains how to launch the NETGEAR Smar...

Page 8: ...t or http www routerlogin com or the N300 wireless modem router s LAN IP address the default is 192 168 0 1 in the address field of your browser and then press Enter A login window displays Figure 1 2 Enter admin for the N300 wireless modem router user name and your password or the default password For information about how to change the password see Changing the Built In Password on page 35 Note ...

Page 9: ...en reset to its factory default settings See Viewing N300 Wireless Modem Router Status Information on page 52 You can use the Setup Wizard to automatically detect your Internet connection as described in Using the Setup Wizard on page 9 or you can bypass the Setup Wizard and manually configure your Internet connection as described in Viewing or Manually Configuring Your ISP Settings on page 10 Usi...

Page 10: ...Setup Wizard click Test to verify your Internet connection If you have trouble connecting to the Internet see Troubleshooting in Appendix A Viewing or Manually Configuring Your ISP Settings To view or configure the basic settings 1 Log in to the N300 wireless modem router as described in Logging In to Your N300 Wireless Modem Router on page 8 2 From the N300 wireless modem router menu select Basic...

Page 11: ...nter the settings for the IP address and DNS server If you enter or change a DNS address restart the computers on your network so that these settings take effect 5 If no login is required you can specify the MAC Address setting 6 Click Apply to save your settings 7 Click Test to test your Internet connection If the NETGEAR website does not appear within one minute see Troubleshooting in Appendix A...

Page 12: ...e fields appear only if your ISP requires a login Login The login name provided by your ISP This is often an e mail address Password The password that you use to log in to your ISP Service Name If your ISP provided a service name enter it here Idle Timeout In minutes If you want to change the Internet login timeout enter a new value in minutes This determines how long the N300 wireless modem route...

Page 13: ...ctive Disable NAT only if you are sure that you do not require it When NAT is disabled only standard routing is performed by this router Classical routing lets you directly manage the IP addresses that the N300 wireless modem router uses Classical routing should be selected only by experienced usersa Disable firewall This disables the firewall in addition to disabling NAT With the firewall disable...

Page 14: ... virtual circuit number for the virtual path identifier VPI and virtual channel identifier VCI you can specify those settings here Note NETGEAR recommends using the Setup Wizard to automatically configure the ADSL settings If your ISP provided you with a multiplexing method or VPI VCI number then enter the setting 1 From the main menu select ADSL Settings to display the ADSL Settings screen Figure...

Page 15: ...ally Configuring Your Wireless Settings on page 18 Configuring WEP Wireless Security on page 20 Using Push N Connect WPS to Configure Your Wireless Network on page 24 Connecting Additional Wireless Client Devices after WPS Setup on page 27 Restricting Access to Your N300 Wireless Modem Router on page 29 Wireless Guest Networks on page 30 Live Parental Controls on page 32 Planning Your Wireless Net...

Page 16: ... Fi certified and WPS capable products should be compatible with NETGEAR products that implement Push N Connect To set up your wireless network using the WPS feature Use the N300 wireless modem router dome which works as a WPS button there is also an onscreen WPS button or enter the PIN of the wireless device Make sure that all wireless computers and wireless adapters on the network are Wi Fi cert...

Page 17: ... to access your network Unlike wired network data your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapter For this reason use the security features of your wireless equipment The N300 wireless modem router provides highly effective security features which are covered in detail in this chapter Deploy the security features appropriate to ...

Page 18: ...s modem router in the Wireless Settings screen If you want to make changes make sure to note the current settings first Note If you use a wireless computer to change the wireless network name SSID or wireless security settings you will be disconnected when you click Apply To avoid this use a computer with a wired connection to access the N300 wireless modem router To view or manually configure the...

Page 19: ...GHz Performance mode using channel expansion to achieve the 270 Mbps data rate The N300 wireless modem router uses the channel you selected as the primary channel and expands to the secondary channel primary channel 4 or 4 to achieve a 40 MHz frame by frame bandwidth The N300 wireless modem router detects channel usage and disables frame by frame expansion if the expansion would result in interfer...

Page 20: ...d for the 11N or 11G wireless networks Do not change the wireless channel unless you experience interference shown by lost connections or slow data transfers If this happens you might need to experiment with different channels to see which is the best Security Options Disable You can use this setting to establish wireless connectivity before implementing wireless security NETGEAR strongly recommen...

Page 21: ...assword and LAN address you have chosen for the N300 wireless modem router 2 From the main menu select Wireless Settings to display the Wireless Settings screen 3 In the Security Options section select the WEP radio button Figure 10 4 In the Authentication Type list select Automatic Open System or Shared Key The default is Open System Note The authentication scheme is separate from the data encryp...

Page 22: ...ata The four entries are disabled if WPA PSK or WPA authentication is selected 8 Click Apply to save your settings Configuring WPA WPA2 or Mixed WPA2 WPA Wireless Security To set up wireless security either you can manually configure it in the Wireless Settings screen or you can use Wi Fi Protected Setup WPS to automatically set the SSID and implement WPA WPA2 security see Using Push N Connect WPS...

Page 23: ...ct the radio button for the WPA or WPA2 option of your choice Figure 11 4 The settings displayed on the screen depend on which security option you select 5 For WPA PSK or WPA2 PSK enter the passphrase 6 If prompted enter the settings for the RADIUS server For WPA 802 1x or WPA2 802 1x these settings are required for communication with the primary RADIUS server Note RADIUS server applies only to WP...

Page 24: ...nsiderations regarding WPS are WPS supports only WPA PSK and WPA2 PSK wireless security WEP security is not supported by WPS If your wireless network will include a combination of WPS capable devices and non WPS capable devices NETGEAR suggests that you set up your wireless network and security settings manually first and use WPS only for adding additional WPS capable devices See Adding Both WPS a...

Page 25: ...eless security The N300 wireless modem router will keep these wireless settings unless you change them or you clear the Keep Existing Wireless Settings check box in the Advanced Wireless Settings screen See Restricting Access to Your N300 Wireless Modem Router on page 29 6 Note the new SSID and WPA WPA2 password for the wireless network You can view these settings in the Wireless Settings screen S...

Page 26: ...S Client screen displays Figure 13 3 Select the PIN Number radio button 4 Go to the client wireless computer Run a WPS configuration utility Follow the utility s instructions to generate a PIN Take note of the client PIN 5 From the N300 wireless modem router Add WPS Client screen enter the client PIN number and then click Next The N300 wireless modem router tries to communicate with the client for...

Page 27: ...uter to automatically generate the SSID and WPA WPA2 security settings when it implements WPS After WPS is implemented the N300 wireless modem router automatically selects this check box so that your SSID and wireless security settings remain the same if you add WPS enabled devices or if you manually add non WPS capable devices later Note If you clear the Keep Existing Wireless Settings check box ...

Page 28: ...wireless and Ethernet connected see Viewing a List of Attached Devices on page 57 Adding Both WPS and Non WPS Clients For non WPS clients you cannot use the WPS setup procedures to add them to the wireless network You must record and then manually enter your security settings see Manually Configuring Your Wireless Settings on page 18 To connect a combination of non WPS enabled and WPS enabled clie...

Page 29: ...llowing screen Figure 15 Enable Wireless Access Point You can completely turn off the wireless portion of the N300 wireless modem router For example if you use your notebook computer to wirelessly connect to your N300 wireless modem router and you take a business trip you can turn off the wireless portion of the N300 wireless modem router while you are traveling Other members of your household who...

Page 30: ... is automatically selected so that the SSID and security remain the same when additional clients are added For information about adding WPS clients see Using Push N Connect WPS to Configure Your Wireless Network on page 24 Restricting access by MAC address You can use the Wireless Card Access List to restrict access See Restricting Access by MAC Address on page 35 Wireless Guest Networks A wireles...

Page 31: ...n the Guest Wireless Network Name SSID field Note NETGEAR strongly recommends that you change the default guest network name SSID from the default name to a different name Note that the name is case sensitive For example GuestNetwork is not the same as Guestnetwork Up to 270 Mpbs Guest Network b g n NETGEAR 2 4G_n_Guest1 2 4GHz 802 11n 2 4GHz 802 11g 2 4GHz 802 11b Up to 145 Mbps at 5 GHz 54 Mbps ...

Page 32: ...ies of Internet content Live Parental Controls is an excellent solution for keeping your family safe online but like all Web filtering tools it is not perfect NETGEAR reminds you there is no substitute for keeping the family computer in a common area and in plain sight where you can monitor the websites your kids are visiting and taking caution when visiting websites requesting personal or financi...

Page 33: ... to customize configurations for different computing arrangements and personalize the settings for each person Per time setting allows Internet access during scheduled time slots to help manage the balance between work and play Minimal Software Installation This capability requires a one time installation of the management utility Once Live Parental Controls is set up the software runs in the back...

Page 34: ...ring Email Alert and Web Access Log Notifications on page 47 Setting the Time on page 49 Note For information about restricting access to USB storage devices see Configuring USB Storage Advanced Settings on page 69 Protecting Access to Your N300 Wireless Modem Router For security reasons the N300 wireless modem router has its own user name and password Also after a period of inactivity for a set l...

Page 35: ...tinue the configuration If you have backed up the N300 wireless modem router settings previously you should do a new backup so that the saved settings file includes the new password Restricting Access by MAC Address By default any wireless PC that is configured with the correct SSID will be allowed access to your wireless network For increased security you can restrict access to the wireless netwo...

Page 36: ... connect to the N300 wireless modem router based on their MAC addresses These wireless PCs must also have the correct SSID and wireless security settings to access the wireless network 3 Select the Turn Access Control On check box Figure 18 Note If the Turn Access Control On check box is selected and the Trusted Wireless Stations list is blank then no wireless PCs will be able to connect to your w...

Page 37: ... by a wireless station 5 When you are finished click Apply to save your changes Now only devices on the Trusted Devices list will be allowed to wirelessly connect to the N300 wireless modem router Blocking Access to Internet Sites The N300 wireless modem router allows you to restrict access based on Web addresses and Web address keywords Up to 255 entries are supported in the Keyword list Keyword ...

Page 38: ...t is exempt from blocking and logging Specify a trusted user by entering that computer s IP address in the Trusted IP Address fields Since the trusted user is identified by IP address you should configure that computer with a fixed IP address 5 Click Apply to save all your settings in the Block Sites screen Firewall Rules You can use this screen to create firewall rules to block or allow specific ...

Page 39: ...nly the default rule is listed The default rule blocks all inbound traffic Ports to enable MSN and AOL Instant Messaging are open by default To close these ports select the Close IM Ports radio button and then click Apply so that your changes take effect When these ports are closed Instant Messaging does not function To add or edit a rule from the Firewall Rules screen 1 To edit a rule select its ...

Page 40: ...es BLOCK rules are useful only if the traffic is already covered by an ALLOW rule that is you want to block a subset of traffic that is currently allowed by another rule To define the schedule used in these selections use the Schedule screen see Scheduling Blocking on page 45 LAN users outbound services only These settings determine which computers on your network are affected by this rule based o...

Page 41: ...of service application or game you will provide and the local IP address of the computer that will provide the service Be sure the computer s IP address never changes Select Security Port Forwarding in the main menu The Port Forwarding screen displays Figure 22 WAN Servers These settings determine which Internet locations are covered by the rule based on their destination WAN IP address Select the...

Page 42: ...t select the rule 3 Fill in the Server IP Address field and then click Apply Adding a Custom Port Forwarding Rule 1 From the Port Forwarding screen click Add 2 Select the Custom Rule radio button and the screen changes Figure 24 3 In the Service Name field enter a name 4 In the Service Type list select the protocol If you are unsure select TCP UDP 5 Fill in the Starting Port and Ending Port fields...

Page 43: ...ss modem router records this connection opens the incoming port or ports associated with this entry in the Port Triggering List and associates them with the PC 3 The remote system receives the PC s request and responds using a different port number 4 The N300 wireless modem router matches the response to the previous request and forwards the response to the PC Without port triggering this response...

Page 44: ...nes what the dynamic mapping is The connection type defines whether the dynamic mapping is for TCP traffic UDP traffic or TCP and UDP traffic The open port range is specified by the starting port and the ending port and this defines the port that the dynamic mapping is applied to 3 Click Apply to save your settings and activate the port triggers that you have enabled Blocking Access to Internet Se...

Page 45: ...cutive IP addresses or all computers on your network Enter the starting port and ending port numbers If the application uses a single port number enter that number in both fields You must determine which port number or range of numbers is used by the application The service port numbers for many common protocols are defined by the Internet Engineering Task Force IETF and published in RFC1700 Assig...

Page 46: ...e E mail screen as described in Setting the Time on page 49 3 Click Apply to save your settings Note For information about setting the time see Setting the Time on page 49 Viewing Logs of Web Access or Attempted Web Access The log is a detailed record of the websites you have accessed or attempted to access Up to 128 entries are stored in the log Log entries appear only when keyword blocking is en...

Page 47: ...lerts by e mail you must provide your e mail account information 1 From the main menu select Security E mail The E mail screen displays Field Description Date and time The date and time the log entry was recorded Source IP The IP address of the initiating device for this log entry Target address The name or IP address of the website or newsgroup visited or to which access was attempted Action Whet...

Page 48: ... a In the User Name field enter your user name for the outgoing email server b In the Password field enter your password for the outgoing email server 4 You can specify that logs are automatically sent by email with these options Send alert immediately Select this check box for immediate notification of attempted access to a blocked site or service Send Logs According to this Schedule Specifies ho...

Page 49: ...00 wireless modem router uses the Network Time Protocol NTP to obtain the current time and date from one of several network time servers on the Internet To localize the time for your log entries you must specify your time zone Time Zone Select your local time zone This setting is used for the blocking schedule and for time stamping log entries Adjust for Daylight Savings Time Select this check box...

Page 50: ...52 Viewing a List of Attached Devices on page 57 Managing the Configuration File on page 57 Running Diagnostic Utilities and Rebooting the Router on page 58 Enabling Remote Management Access on page 59 Traffic Meter on page 61 Upgrading the Firmware The N300 wireless modem router s firmware routing software is stored in flash memory By default when you log in to your N300 wireless modem router it ...

Page 51: ...closing the window clicking a link or loading a new page If the browser is interrupted it could corrupt the firmware When the upload is complete your N300 wireless modem router automatically restarts The upgrade process could take a few minutes Read the new firmware release notes to determine whether you must reconfigure the N300 wireless modem router after upgrading Manually Check for Firmware Up...

Page 52: ...outer WARNING When uploading firmware to the N300 wireless modem router do not interrupt the Web browser by closing the window clicking a link or loading a new page If the browser is interrupted it could corrupt the firmware When the upload is complete your N300 wireless modem router automatically restarts The upgrade process typically takes about one minute Read the new firmware release notes to ...

Page 53: ...w additional status information as described in Connection Status on page 55 and Statistics on page 56 The following table explains Router Status screen fields Field Description Account Name The host name assigned to the N300 wireless modem router Firmware Version The version of the N300 wireless modem router firmware It changes if you upgrade the N300 wireless modem router ...

Page 54: ...s is the unique physical address being used by the Ethernet LAN port of the N300 wireless modem router IP Address The IP address being used by the Ethernet LAN port of the N300 wireless modem router The default is 192 168 0 1 http www routerlogin net DHCP Identifies whether the firmware s built in DHCP server is active for the LAN attached devices IP Subnet Mask The IP subnet mask being used by th...

Page 55: ... to the online document Wireless Networking Basics in Appendix E for the frequencies used on each channel In Up to 300 Mbps at 2 4 GHz mode and Up to 145 Mbps at 2 4 GHz mode the 11G channel is not active Mode Indicates the wireless communication mode Up to 300 Mbps at 2 4 GHz Up to 300 Mbps at 5 GHz and 54 Mbps at 2 4 GHz default Up to 145 Mbps at 2 4 GHz Up to 145 Mbps at 5 GHz and 54 Mbps at 2 ...

Page 56: ...by the ADSL Internet Service Provider Item Description System Up Time The time elapsed since the N300 wireless modem router was last restarted Port The statistics for the WAN Internet and LAN Ethernet ports For each port the screen displays Status The link status of the port TxPkts The number of packets transmitted on this port since reset or manual clear RxPkts The number of packets received on t...

Page 57: ...if available and the Ethernet MAC address To force the N300 wireless modem router to look for attached devices click Refresh Note If the N300 Wireless Modem Router is rebooted the table data is lost until the N300 wireless modem router rediscovers the devices Managing the Configuration File The configuration settings of the N300 wireless modem router are stored within the unit in a configuration f...

Page 58: ...the file When you have located it click Restore to send the file to the N300 wireless modem router The N300 wireless modem router then reboots automatically WARNING Do not interrupt the reboot process Erasing the Configuration Under some circumstances for example if you move the N300 wireless modem router to a different network or if you have forgotten the password you might want to erase the conf...

Page 59: ... to verify that the DNS server configuration is working Display the Routing table to identify what other N300 wireless modem routers the N300 wireless modem router is communicating with Reboot the N300 wireless modem router to enable new network configurations to take effect or to clear problems with the N300 wireless modem router s network connection Enabling Remote Management Access The remote m...

Page 60: ...can be up to 30 characters To configure your N300 wireless modem router for remote management 1 Select the Turn Remote Management On check box 2 Under Allow Remote Access By specify what external IP addresses will be allowed to access the N300 wireless modem router s remote management Note For enhanced security restrict access to as few external IP addresses as practical To allow access from any I...

Page 61: ...is a common alternate for HTTP 4 Click Apply to have your changes take effect Note When accessing your N300 wireless modem router from the Internet type your N300 wireless modem router s WAN IP address into your browser s address or location field followed by a colon and the custom port number For example if your external address is 134 177 0 123 and you use port number 8080 then enter http 134 17...

Page 62: ...limit is reached Download only The restriction is applied to incoming traffic only Both Directions The restriction is applied to both incoming and outgoing traffic 3 You can limit the amount of data traffic allowed per month By specifying how many Mbytes per month are allowed By specifying how many hours of traffic are allowed 4 Under Traffic Counter specify a specific time and date to restart the...

Page 63: ...D3300v2 User Manual The Internet connection is disconnected and disabled 6 Under Internet Traffic Statistics set up monitoring the data traffic 7 Click the Traffic Status button if you want a live update on Internet traffic status on your router 8 Click Apply to save your settings ...

Page 64: ... connect computers USB modems printers CD drives or DVD drives to the N300 wireless modem router USB port This chapter includes the following sections USB Drive Requirements on page 65 File Sharing Scenarios on page 65 USB Storage Basic Settings on page 67 Configuring USB Storage Advanced Settings on page 69 Media Server Settings on page 72 Unmounting a USB Drive on page 72 Specifying Approved USB...

Page 65: ...ch case the device might not function or might function erratically Check the documentation for your USB device to be sure The N300 wireless modem router supports FAT FAT32 and NTFS read only file systems If your USB HD devices have an external power supply be sure to use it File Sharing Scenarios You can share files on the USB drive for a wide variety of business and recreational purposes The fil...

Page 66: ...ter s computers are not visible to each other on the network How can the daughter print her photos on the color printer attached to her mother s PC This is where the USB drive on the N300 wireless modem router can save you time and effort 1 The daughter accesses the USB drive by typing readyshare in the address field of her Web browser Then she copies the photos to the USB drive 2 The mother uses ...

Page 67: ...ettings You can view or edit basic settings for the USB storage device attached to your N300 wireless modem router On the N300 wireless modem router main menu select USB Storage Basic Settings The following screen displays Figure 43 By default the USB storage device is available to all computers on your local area network LAN To access your USB device from this screen you can click the network dev...

Page 68: ...ers Folder Name Full path of the used by the network folder Volume Name Volume name from the storage device either USB drive or HDD Total Free Space Shows the current utilization of the storage device Share Name You can click the name shown or you can type it in the address field of your Web browser If Not Shared is shown then the default share has been deleted and no other share for the root fold...

Page 69: ...ccess from All no password to admin The password for admin is the same one that is used to log in to the N300 wireless modem router main menu By default it is password Note You must click Apply in order for your changes to take effect Configuring USB Storage Advanced Settings To configure advanced USB settings from the main menu select USB Advanced Settings The USB Storage Advanced Settings screen...

Page 70: ...puter Workgroup If you are using a Windows Workgroup rather than a domain the workgroup name is displayed here Access Method Network Connection Enabled by default this allows all users on the LAN to have access to the USB drive HTTP Disabled by default If you enable this setting you can type http readyshare to access the USB drive HTTP via Internet Disabled by default If you enable this settings r...

Page 71: ... changes to take effect Available Network Folders Folder Name Full path of the used by the network folder Volume name Volume name from the storage device either USB drive or HDD Total Free Space The current utilization of the storage device Share Name You can click the name shown or you can type it into the address field of your Web browser If Not Shared is shown then the default share has been de...

Page 72: ... in the Media Server Name field is the name that shows up on media players 3 Under Content Scan select Automatic for media files whenever new files are added to the ReadyShare USB storage You can also schedule scans to run periodically or click Scan Now to scan for new media immediately Unmounting a USB Drive WARNING Unmount the USB drive first before physically unplugging it from the N300 wireles...

Page 73: ...ge goes into effect If you want to approve another USB device you must first use the Safely Remove USB Device button to unmount the currently connected USB device Connect the other USB device and then repeat this process Connecting to the USB Drive from a Remote Computer To connect to the USB drive from remote computers using a Web browser you must use the router s Internet port IP address Locatin...

Page 74: ...soft Network Settings You can access the USB drive from local computers on your home or office network using Microsoft Network settings You must be running Microsoft Windows 2000 XP or older versions of Windows with Microsoft networking enabled You can use normal Explorer operations such as drag and drop file open or cut and paste files from Microsoft Windows Start menu Run option Windows Explorer...

Page 75: ... any questions about File and Printer Sharing contact Microsoft for assistance Configuring Windows 2000 and Windows XP Right click the network connection for your local area network File and Printer Sharing for Microsoft Networks should be listed If it is not click Install and follow the installation prompts ...

Page 76: ...rn more about VPNs This chapter is organized as follows Overview of VPN Configuration on page 76 Planning a VPN on page 78 VPN Tunnel Configuration on page 79 Setting Up a Client to Gateway VPN Configuration on page 80 Setting Up a Gateway to Gateway VPN Configuration on page 90 VPN Tunnel Control on page 94 Setting Up VPN Tunnels in Special Circumstances on page 100 Overview of VPN Configuration ...

Page 77: ...how to set up this configuration Gateway to Gateway VPN Tunnels Gateway to gateway VPN tunnels provide secure access between networks such as a branch or home office and a main office Figure 50 VPN Tunnel between Networks A VPN between two or more NETGEAR VPN enabled routers is a good way to connect branch or home offices and business partners over the Internet VPN tunnels also enable access to ne...

Page 78: ...be any device on the remote LAN a portion of the remote network as defined by a subnet or by a range of IP addresses or a single PC Will either endpoint use fully qualified domain names FQDNs FQDNs supplied by Dynamic DNS providers see Using a Fully Qualified Domain Name FQDN on page 154 can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel request Otherwise the sid...

Page 79: ...nfigure a VPN tunnel recommended for most situations See Setting Up a Client to Gateway VPN Configuration on page 80 See Setting Up a Gateway to Gateway VPN Configuration on page 90 See Using Auto Policy to Configure VPN Tunnels on page 101 when the VPN Wizard and its VPNC defaults see Table 2 on page 79 are not appropriate for your special circumstances but you want to automate the Internet Key E...

Page 80: ...oint Figure 51 N300 Wireless Modem Router DGND3300v2 Client to Gateway VPN Tunnel Step 1 Configure the Client to Gateway VPN Tunnel This section describes using the VPN Wizard to set up the VPN tunnel using the VPNC default parameters listed in Table 2 on page 79 If you have special requirements not covered by these VPNC recommended parameters see Setting Up VPN Tunnels in Special Circumstances on...

Page 81: ...shared key fields The connection name is for convenience and does not affect how the VPN tunnel functions Authentication Protocol N A MD5 SHA 1 Diffie Hellman DH Group N A Group 1 Group 2 Key Life in seconds 28800 8 hours N A IKE Life Time in seconds 3600 1 hour N A VPN Endpoint Local IPSecID LAN IP Address Subnet Mask FQDN or Gateway IP WAN IP Address Client toGateway N A N A Dynamic Gateway toCl...

Page 82: ...DGND3300v2 User Manual 4 Select the radio button for the type of target end point and click Next 5 Enter the remote IP address and click Next The Summary screen displays Note To view the VPNC recommended authentication and encryption settings used by the VPN Wizard click the here link ...

Page 83: ...s IPSec Go to the NETGEAR website http www netgear com for information about how to purchase the NETGEAR ProSafe VPN Client Note Before installing the NETGEAR ProSafe VPN Client software be sure to turn off any virus protection or firewall software you might be running on your PC You might need to insert your Windows CD to complete the installation 1 Install the NETGEAR ProSafe VPN client on the r...

Page 84: ...he people using and administering the VPN Note In this example the connection name used on the client side of the VPN tunnel is togw_a and it does not have to match the RoadWarrior connection name used on the gateway side of the VPN tunnel because connection names are irrelevant to how the VPN tunnel functions d Enter the following settings Connection Security Select Secure ID Type Select IP Subne...

Page 85: ...nd the new connection by double clicking its name or clicking the symbol My Identity and Security Policy subheadings appear below the connection name b Click the Security Policy subheading to view the Security Policy settings Figure 52 Security Policy settings Client to Gateway A c In the Select Phase 1 Negotiation Mode section of the screen select the Main Mode radio button 4 Configure the VPN cl...

Page 86: ... you have a dial up Internet account select PPP Adapter in the Name list If you have a dedicated cable or DSL line select your Ethernet adapter If you will be switching between adapters or if you have only one adapter select Any e In the My Identity section of the screen click the Pre Shared Key button The Pre Shared Key screen displays f Click Enter Key Enter the N300 wireless modem router pre sh...

Page 87: ... Method drop down list select Pre Shared key d In the Encrypt Alg drop down list select the type of encryption that is configured for the encryption protocol in the N300 wireless modem router as listed in Table 1 on page 78 This example uses Triple DES e In the Hash Alg drop down list select SHA 1 f In the SA Life drop down list select Unspecified g In the Key Group drop down list select Diffie He...

Page 88: ...l h Leave the Authentication Protocol AH check box cleared 7 Save the VPN client settings In the Security Policy Editor window select File Save After you have configured and saved the VPN client information your PC automatically opens the VPN connection when you attempt to access any IP addresses in the range of the remote VPN router s LAN 8 Check the VPN connection To check the VPN connection you...

Page 89: ...d you can open a browser on the PC and enter the LAN IP address of the remote gateway After a short wait you should see the login screen of the N300 wireless modem router unless another PC is already logged in to the N300 wireless modem router You can view information about the progress and status of the VPN client connection by opening the NETGEAR ProSafe Log Viewer To launch this function click ...

Page 90: ... of 192 168 2 2 While the connection is being established the Connection Name field in this screen displays SA before the name of the connection When the connection is successful the SA changes to the yellow key symbol shown in the previous figure Note While your PC is connected to a remote LAN through a VPN you might not have normal Internet access If this is the case you must close the VPN conne...

Page 91: ...ddress range of 192 168 0 x Table 4 Gateway to Gateway VPN Tunnel Configuration Worksheet Parameter Value to Be Entered Field Selection Connection Name GtoGr N A Pre Shared Key 12345678 N A Secure Association N A Main Mode Manual Keys Perfect Forward Secrecy N A Enabled Disabled Encryption Protocol N A DES 3DES Authentication Protocol N A MD5 SHA 1 Diffie Hellman DH Group N A Group 1 Group 2 Key L...

Page 92: ...k Next and the Step 1 of 3 screen displays 2 Fill in the Connection Name and pre shared key fields Select the radio button for the type of target end point and click Next and the Step 2 of 3 screen displays 3 Fill in the IP address or FQDN for the target VPN endpoint WAN connection and click Next and the Step 3 of 3 screen displays 4 Fill in the IP Address and Subnet Mask fields for the target end...

Page 93: ...ed Note See Using Auto Policy to Configure VPN Tunnels on page 101 for information about how to enable the IKE keep alive capability on an existing VPN tunnel 6 Repeat these steps for the gateway on LAN B and pay special attention to the following network settings WAN IP of the remote VPN gateway for example 14 15 16 17 LAN IP settings of the remote VPN gateway IP address for example 192 168 0 1 S...

Page 94: ... for information about the other ways a On the N300 wireless modem router menu select VPN Status The VPN Status Log screen displays b Click the VPN Status button to display the Current VPN Tunnels SAs screen c Click Connect for the VPN tunnel you want to activate View the VPN Status Log screen to verify that the tunnel is connected VPN Tunnel Control Activating a VPN Tunnel There are three ways to...

Page 95: ...g Auto Policy to Configure VPN Tunnels on page 101 for information about how to enable the IKE keep alive capability on an existing VPN tunnel Using the VPN Status Screen to Activate a VPN Tunnel To use the VPN Status screen to activate a VPN tunnel 1 Log in to the N300 wireless modem router 2 On the main menu select VPN Status The VPN Status Log screen displays 3 Click VPN Status to display the C...

Page 96: ...mote PC to the N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 s network by using the Connect option in the NETGEAR ProSafe menu bar The NETGEAR ProSafe client reports the results of the attempt to connect Since the remote PC has a dynamically assigned WAN IP address it must initiate the request To perform a ping test using our example start from the remote PC a Establish an Internet connect...

Page 97: ... gateway configuration Test the VPN tunnel by pinging the remote network from a PC attached to Gateway A the N300 wireless modem router a Open a command prompt for example Start Run cmd b Type ping 192 168 3 1 Note The pings might fail the first time If they do then try the pings a second time Start Using a VPN Tunnel to Activate It To use a VPN tunnel use a Web browser to go to a URL whose IP add...

Page 98: ...ic in each direction For manual key exchange the SPI is specified in the policy definition For automatic key exchange the SPI is generated by the IKE protocol Policy Name The VPN policy associated with this SA Remote Endpoint The IP address on the remote VPN endpoint Action Either a Drop or a Connect button SLifeTime Secs The remaining soft lifetime for this SA in seconds When the soft lifetime be...

Page 99: ...n the main menu select VPN Policies to display the VPN Policies screen 3 In the Policy Table clear the Enable check box for the VPN tunnel that you want to deactivate and then click Apply To reactivate the tunnel select the Enable check box and then click Apply Using the VPN Status Screen to Deactivate a VPN Tunnel To use the VPN Status screen to deactivate a VPN tunnel 1 Log in to the N300 wirele...

Page 100: ... display the VPN Policies screen In the Policy Table select the radio button for the VPN tunnel to be deleted and then click Delete Setting Up VPN Tunnels in Special Circumstances When the VPN Wizard and its VPNC defaults see Table 2 on page 79 are not appropriate for your circumstances use one of these alternatives Auto Policy For a typical automated Internet Key Exchange IKE setup see Using Auto...

Page 101: ...nding VPN endpoint gateway or client workstation Using Auto Policy to Configure VPN Tunnels You need to configure matching VPN settings on both VPN endpoints The outbound VPN settings on one end must match to the inbound VPN settings on other end and vice versa For an example of using Auto Policy see Example of Using Auto Policy on page 106 Configuring VPN Network Connection Parameters All VPN tun...

Page 102: ...6 Virtual Private Networking N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 User Manual From the main menu select VPN Policies and then click the Add Auto Policy button to display the VPN Auto Policy screen ...

Page 103: ...ange should be made as narrow as possible to meet this objective Local LAN The remote VPN endpoint must have these IP addresses entered as its remote addresses Subnet Mask The network mask Single Start IP Address Enter the IP address for a single address or the starting address for an address range A single address setting is used when you want to make a single server on your LAN available to remo...

Page 104: ...ote VPN endpoint IP Address The Internet IP address of the remote VPN endpoint Fully Qualified Domain Name The domain name of the remote VPN endpoint Fully Qualified User Name The name email address or other ID of the remote VPN endpoint Remote Identity Data Enter the data for the remote identity type that you selected If IP Address is selected no input is required Parameters Encryption Algorithm ...

Page 105: ...N endpoint If the remote endpoint has a dynamic IP address select Dynamic IP address No address data input is required You can set up multiple remote dynamic IP policies but only one such policy can be enabled at a time Otherwise select an option IP address or domain name and enter the address of the remote VPN endpoint to which you want to connect IKE Keep Alive If you want to ensure that a conne...

Page 106: ...t Parameter Value to Be Entered Field Selection Connection Name GtoG N A Pre Shared Key 12345678 N A Secure Association N A Main Mode Manual Keys Perfect Forward secrecy N A Enabled Disabled Encryption Protocol N A DES 3DES Authentication Protocol N A MD5 SHA 1 Diffie Hellman DH Group N A Group 1 Group 2 Key Life in seconds 28800 8 hours N A IKE Life Time in seconds 3600 1 hour N A VPN Endpoint Lo...

Page 107: ...displays 2 Enter these policy settings Auto Policy Field Description General Policy Name GtoG Remote VPN Endpoint Address Type Fixed Remote VPN Endpoint Address Data 22 23 24 25 Local LAN Use the default settings Remote LAN IP Address Select Subnet address from the drop down list Start IP Address 192 168 3 1 Subnet Mask 255 255 255 0 ...

Page 108: ... 192 168 0 1 Subnet Mask for example 255 255 255 0 Pre shared Key for example 12345678 5 Use the VPN Status screen to activate the VPN tunnel Note The VPN Status screen is only one of three ways to active a VPN tunnel See Activating a VPN Tunnel on page 94 for information about the other ways IKE Direction Initiator and Responder Exchange Mode Main Mode Diffie Hellman DH Group Group 2 1024 Bit Loc...

Page 109: ...unnels SAs screen b Click Connect for the VPN tunnel that you want to activate Review the VPN Status Log screen Figure a on page 94 to verify that the tunnel is connected Using Manual Policy to Configure VPN Tunnels As an alternative to IKE you can use manual keying in which you must specify each phase of the connection A manual VPN policy requires all settings for the VPN tunnel to be manually in...

Page 110: ... VPN tunnel network connection fields Policy Name Enter a unique name to identify this policy This name is not supplied to the remote VPN endpoint It is used only to help you manage the policies Remote VPN Endpoint The remote VPN endpoint must have this VPN s gateway address entered as its remote VPN endpoint If the remote endpoint has a dynamic IP address select Dynamic IP Address No address data...

Page 111: ...e this setting to access a server For a range of addresses enter the starting IP address This must be an address range used on the remote LAN Any Any outgoing traffic from specified Local IP computers triggers an attempted VPN connection to the remote VPN endpoint Be sure you want this option before selecting it Finish IP Address Enter the finish IP address for a range of addresses This must be an...

Page 112: ...guration of LAN IP services such as Dynamic Host Configuration Protocol DHCP and Routing Information Protocol RIP The N300 wireless modem router is shipped preconfigured to use private IP addresses on the LAN side and to act as a DHCP server The N300 wireless modem router s default LAN IP configuration is LAN IP address 192 168 0 1 Subnet mask 255 255 255 0 These addresses are part of the designat...

Page 113: ...ireless modem router while connected through the browser you will be disconnected You must then open a new connection to the new IP address and log in again The LAN Setup fields are explained in the following table Settings Description Device Name A descriptive name for the N300 wireless modem router which will be shown in the Network on Windows Vista and the Network Explorer on all Windows system...

Page 114: ...P information that it receives None The N300 wireless modem router will not send any RIP packets and will ignore any RIP packets received RIP Version This controls the format and the broadcasting method of the RIP packets that the N300 wireless modem router sends It recognizes both formats when receiving By default this is RIP 1 RIP 1 is universally supported It is adequate for most networks unles...

Page 115: ... s LAN IP address Primary DNS Server if you entered a primary DNS address in the Basic Settings screen otherwise the N300 wireless modem router s LAN IP address Secondary DNS Server if you entered a secondary DNS address in the Basic Settings screen To use another device on your network as the DHCP server or to manually configure the network settings of all of your computers clear the Use Router a...

Page 116: ... address can change frequently In this case you can use a commercial Dynamic DNS service which allows you to register your domain to its IP address and forwards traffic directed at your domain to your frequently changing IP address Note If your ISP assigns a private WAN IP address such as 192 168 x x or 10 x x x the Dynamic DNS service will not work because private addresses are not routed on the ...

Page 117: ... that you use to log in to your account not your host name 7 Type the password or key for your Dynamic DNS account 8 If your Dynamic DNS provider allows the use of wildcards in resolving your URL you can select the Use Wildcards check box to activate this feature For example the wildcard feature causes yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org 9 Click Apply to...

Page 118: ...pecial circumstances Default DMZ Server This feature is sometimes helpful when you are using some online games and videoconferencing Be careful when using this feature because it makes the firewall security less effective See Configuring Static Routes on page 123 Respond to Ping on Internet WAN Port If you want the N300 wireless modem router to respond to a ping from the Internet select this check...

Page 119: ...discarding this traffic you can have it forwarded to one computer on your network This computer is called the default DMZ server The WAN Setup screen lets you configure a default DMZ server To assign a computer or server to be a default DMZ server 1 In the last Default DMZ Server field type the last digit of the IP address for that computer To remove the default DMZ server enter 0 zero 2 Select th...

Page 120: ...s check box and clicking Apply You can give prioritized Internet access to the following types of traffic For specific applications or online games see QoS for Applications and Online Gaming on page 120 For QoS on individual Ethernet LAN ports of the N300 wireless modem router see QoS for a Router LAN Port on page 122 For QoS from a specific device by MAC address see QoS for a MAC Address on page ...

Page 121: ...4 In the Priority Category list either use the default selection of Applications or select Online Gaming A drop down list of predefined applications or games is available Figure 60 5 You can select an existing item or you can scroll to the bottom of the list and select Add a New Application or Add a New Game a If you choose to add a new entry the screen expands as shown Figure 61 ...

Page 122: ...icy for a device connected to one of the router s LAN ports 1 From the main menu select Advanced QoS Setup The QoS Setup screen displays 2 Click Setup QoS Rule 3 In the Priority Category field select Ethernet LAN Port The screen changes Figure 62 4 In the LAN Ports list select the LAN port that will have a QoS policy 5 From the Priority drop down list select the priority that this port s traffic s...

Page 123: ...check box 8 Click Apply Editing or Deleting an Existing QoS Policy To edit or delete an existing QoS policy 1 From the main menu select Advanced QoS Setup The QoS Setup screen displays 2 Select the radio button for the QoS policy to be edited or deleted and do one of the following Click Delete to remove the QoS policy Click Edit to edit the QoS policy Follow the instructions in the preceding secti...

Page 124: ... forwards your request to the ISP The ISP forwards your request to the company where you are employed and the request is likely to be denied by the company s firewall In this case you must define a static route telling your N300 wireless modem router that 134 177 0 0 should be accessed through the ISDN router at 192 168 0 100 In this example The Destination IP Address and IP Subnet Mask fields spe...

Page 125: ...ateway IP address which must be a router on the same LAN segment as the N300 wireless modem router 8 Type a number between 1 and 15 as the metric value This represents the number of routers between your network and the destination Usually a setting of 2 or 3 works but if this is a direct connection set it to 1 9 Click Apply to have the static route entered into the table Wireless Repeating Also Ca...

Page 126: ...reless computers must be configured to operate in the same LAN network address range as the APs When the N300 wireless modem router is in dual band mode the Mode field on the Wireless Settings screen is set to Up to 300 Mbps at 5 GHz and 54 Mbps at 2 4 GHz the WDS function works only in 5 GHz 11N mode To use the 2 4 GHz 11g protocol with WDS set the Mode field in the Wireless Settings screen to Up...

Page 127: ...ly this check box is cleared so that the N300 wireless modem router is an access point for wireless computers If this check box is selected the N300 wireless modem router communicates wirelessly only with other APs whose MAC addresses are listed in this screen The N300 wireless modem router still communicates with wire connected LAN devices Setting Up the Base Station The wireless repeating functi...

Page 128: ...SL2 Modem Router DGND3300v2 base station with a non NETGEAR N300 wireless modem router as the repeater you might need to change additional configuration settings In particular you should disable the DHCP server function on the wireless repeater AP To configure a N300 wireless modem router as a repeater unit 1 If you are using the same model of N300 wireless modem router for both the base station a...

Page 129: ...ting Function screen select the Enable Wireless Repeater Mode radio button This IP address must be in the same subnet as the base station but different from the LAN IP of the base station 4 Fill in the Base Station MAC Address field 5 Click Apply to save your changes 6 Verify connectivity across the LANs A computer on any wireless or wired LAN segment of the N300 wireless modem router should be ab...

Page 130: ...when you connect to another site that also has an asymmetrical connection the data rate between your sites is limited by each side s upstream data rate A typical residential ADSL connection provides a downstream throughput of about 1 to 3 megabits per second Mbps Newer technologies such as ADSL2 and Fiber to the Home FTTH will increase the connection speed to tens of Mbps Wireless Your N300 wirele...

Page 131: ...o interference and eavesdropping would require a physical connection to your network Note Actual data throughput will vary Network conditions and environmental factors including volume of network traffic building materials and construction and network overhead can lower actual data throughput rate Assessing Your Speed Requirements Because your Internet connection is likely to operate at a much low...

Page 132: ...gh definition video from a server in another room A storage device that is used for backing up your computers Next consider the throughput of your network devices Where possible make the heaviest traffic connections using higher speed technologies with no lower speed bottlenecks in the path Figure 69 100 Mbps wired Ethernet 80 seconds 802 11n wireless 45 seconds 802 11g wireless 150 seconds 802 11...

Page 133: ...ility to wirelessly connect to the router For complete range and performance specifications click the link to the online document Wireless Networking Basics in Appendix E The following list describes how to optimize wireless router performance Identify critical wireless links If your network has several wireless devices decide which wireless devices need the highest data rate and locate the router...

Page 134: ...hen one network device communicates across the Internet with another the data packets travel through many devices along the way If any device in the data path has a lower MTU setting than the other devices the data packets must be split or fragmented to accommodate the one with the smallest MTU The best MTU setting for NETGEAR equipment is often just the default value and changing the value might ...

Page 135: ...es can automatically discover the services from other registered UPnP devices on the network Note If you use applications such as multiplayer gaming peer to peer connections real time communications such as instant messaging or remote assistance a feature in Windows XP you should enable UPnP To turn on Universal Plug and Play 1 From the main menu click Advanced UPnP The UPnP screen displays MTU Ap...

Page 136: ...t compromise the freshness of the device status but can significantly reduce network traffic Advertisement Time To Live The time to live for the advertisement is measured in hops steps for each UPnP packet sent The time to live hop count is the number of steps a broadcast packet is allowed to propagate for each UPnP advertisement before it disappears The number of hops can range from 1 to 255 The ...

Page 137: ... Modem Router Menu on page 140 Cannot Access the Internet on page 141 Troubleshooting a Network Using the Ping Utility on page 142 Problems with Date and Time on page 144 Wireless Connectivity on page 145 Viewing Available Networks on page 145 Quick Tips This section describes tips for troubleshooting some common problems Recommendation Instructions You can turn off the dome lights for the N300 wi...

Page 138: ...reless network name SSID and wireless security settings of the N300 wireless modem router and wireless computer must match exactly If you set up an access list in the Advanced Wireless Settings screen you must add each wireless computer s MAC address to the N300 wireless modem router s access list Make sure that the network settings of the computer are correct Wired and wirelessly connected comput...

Page 139: ... you might have a hardware problem and should contact Technical Support LEDs never turn off When the router is turned on the LEDs turn on for about 10 seconds and then turn off If all the LEDs stay on there is a fault within the router If all LEDs are still on 1 minute after power up Cycle the power to see if the router recovers Clear the router s configuration to factory defaults as explained in ...

Page 140: ... www routerlogin net This procedure is explained in Restoring the Factory Configuration Settings on page 147 Make sure your browser has Java JavaScript or ActiveX enabled If you are using Internet Explorer click Refresh to be sure the Java applet is loaded Try quitting the browser and launching it again Make sure that you are using the correct login information The login name is admin and the defa...

Page 141: ...ct Basic Settings to view the Basic Settings screen Select ADSL to view the Multiplexing method VPI and VCI settings You can select Setup Wizard and allow the N300 wireless modem router to automatically detect your Internet connection Checking the WAN IP Address Unless your ISP provides a fixed IP address your router must request an IP address from the ISP You can determine whether the request was...

Page 142: ... or two DNS servers for your use If you entered a DNS address during the router s configuration reboot your computer and verify the DNS address as described in the online document you can access from Preparing Your Network in Appendix E You can also configure your computer manually with DNS addresses as explained in your operating system documentation Your computer might not have the router config...

Page 143: ...red connection make sure the numbered Ethernet port LED is on for the port to which you are connected If the LED is off follow the instructions in Quick Tips on page 137 Check that the corresponding Link LEDs are on for your network interface card If your router and computer are connected to a separate Ethernet switch make sure the Link LEDs are on for the switch ports that are connected to your c...

Page 144: ...ne of your computers Many broadband ISPs restrict access by allowing traffic only from the MAC address of your broadband modem but some ISPs additionally restrict access to the MAC address of a single computer connected to that modem If this is the case you must configure your router to clone or spoof the MAC address from the authorized computer Problems with Date and Time Under Security in the ma...

Page 145: ...etup utility in Windows by following these steps 1 Open the Windows Control Panel and double click Network Connections 2 In the LAN section double click Wireless Network Connection 3 Follow the instructions Viewing Available Networks If your wireless computer is configured for the network but you cannot connect use the computer s wireless setup program to scan for available wireless networks Look ...

Page 146: ...gnal strength Is your N300 wireless modem router using the same channel as other nearby wireless networks If this is the case there might be interference from other wireless networks You can change the channel in the Wireless Settings screen See Manually Configuring Your Wireless Settings on page 18 Test another wireless device to see if the problem is limited to a specific computer You can also d...

Page 147: ...s the admin user name the password to password and the IP address to 192 168 0 1 or http www routerlogin net You can erase the current configuration and restore factory defaults in two ways Use the Erase function of the router see Erasing the Configuration on page 58 Use the Restore Factory Settings button on the rear panel of the router Use this method for cases when the administration password o...

Page 148: ...outerlogin com User name case sensitive admin Password case sensitive password USB access readyshare Internet connection WAN MAC address Use default address WAN MTU size 1458 for Annex A World except NA 1492 for Annex A NA and Annex B ADSL line rate automatically negotiated Local network LAN LAN IP 192 168 0 1 Subnet mask 255 255 255 0 RIP direction None RIP version Disabled RIP authentication Non...

Page 149: ...region 11N Channel Auto available in Up to 300 Mbps at 2 4 GHz but not available in Up to 300 Mbps at 5 GHz Maximum wireless signal rate derived from IEEE Standard 802 11 specifications Actual throughput will vary Network conditions and environmental factors including volume of network traffic building materials and construction and network overhead lower actual data throughput rate 11G Channel Au...

Page 150: ...ons output 12V 1 5A output Physical Dimensions 8 9 in x 6 8 in x 1 5 in 225 5 mm x 172 mm x 39 mm Weight 1 2 lbs 0 54 kg Environmental Operating temperature 0 to 40 C 32º to 104º F Operating humidity 10 to 90 relative humidity noncondensing Storage temperature 20 to 70 C 4º to 158º F Regulatory Compliance Meets requirements of FCC Part 15 Class B VCCI Class B EN 55 022 CISPR 22 Class B Interface S...

Page 151: ... you begin configuration Verify that the firmware is up to date and that you have all the addresses and parameters to be set on both sides Check that there are no firewall restrictions Figure 71 VPNC Example Network Interface Addressing Table 8 N300 Wireless Modem Router to Gateway B Profile Summary VPN Consortium Scenario Scenario 1 Identity Using Preshared Secrets Type of VPN LAN to LAN or gatew...

Page 152: ... Mask 255 255 255 0 d In the Summary screen click Done 2 Use the VPN Wizard to configure the Gateway B for a gateway to gateway tunnel see Setting Up a Gateway to Gateway VPN Configuration on page 90 being certain to use appropriate network addresses for the environment a For the connection name enter toGW_A b For the remote WAN s IP address enter 14 15 16 17 c Enter the following IP Address 10 5 ...

Page 153: ... second time N300 Wireless Modem Router with FQDN to Gateway B This section is a case study on how to configure a VPN tunnel from a NETGEAR N300 wireless modem router to a gateway using a fully qualified domain name FQDN to resolve the public address of one or both routers This case study follows the VPN Consortium interoperability profile guidelines found at http www vpnc org InteropProfiles Inte...

Page 154: ... Now a gateway can be configured to use a third party service instead of a permanent and unchanging IP address to establish bidirectional VPN connectivity To use DDNS you must register with a DDNS service provider Some DDNS service providers include DynDNS www dyndns org TZO com netgear tzo com ngDDNS ngddns iego net In this example Gateway A is configured using a sample FQDN provided by a DDNS se...

Page 155: ...by Step Configuration 1 Log in to Gateway A your N300 wireless modem router as described in Logging In to Your N300 Wireless Modem Router on page 8 This example assumes that you have set the local LAN address as 10 5 6 1 for Gateway A and have set your own password 2 On Gateway A configure the Dynamic DNS settings a Under Advanced select Dynamic DNS b Fill in the fields with account and host name ...

Page 156: ...th the account and host name settings In the Host and Domain Name field enter fvl328 dyndns org In the User Name field enter the account user name In the Password field enter the account password d Click Apply e Click Show Status The resulting screen should show Update OK good 4 Configure the N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 as in the gateway to gateway procedures using the VP...

Page 157: ...he connection name enter toDGND3300v2 b For the remote WAN s IP address enter dgnd3300v2 dyndns org c Enter the following IP Address 10 5 6 1 Subnet Mask 255 255 255 0 6 Test the VPN tunnel by pinging the remote network from a PC attached to the N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 a Open the command prompt select Start Run cmd b Type ping 172 23 9 1 If the pings fail the first ti...

Page 158: ...sections Step 1 Configure Gateway A VPN Router at Main Office on page 159 Step 2 Configure Gateway B VPN Router at Regional Office on page 160 describes configuring the NETGEAR ProSafe VPN client endpoint Table 10 Configuration Summary Telecommuter Example VPN Consortium Scenario Scenario 1 Type of VPN PC client to gateway with client behind NAT router Security scheme IKE with pre shared secret ke...

Page 159: ...the information 2 Click Apply when you are finished to display the VPN Policies screen To view or modify the tunnel settings select the radio button next to the tunnel entry and then click Edit toGW_A com in this example fromGW_A com in this example fromGW_A in the example 192 168 2 3 in this example IKE Keep Alive is optional must match Remote LAN IP Address when enabled remote PC must respond to...

Page 160: ...lation b If you do not have a modem or dial up adapter installed in your PC you might see the warning message stating The NETGEAR ProSafe VPN Component requires at least one dial up adapter be installed You can disregard this message c Install the IPSec component You might have the option to install either the VPN adapter or the IPSec component or both The VPN adapter is not necessary d The system...

Page 161: ...as the network address of the N300 wireless modem router g In the Mask field enter 255 255 255 0 as the LAN subnet mask of the N300 wireless modem router h In the Protocol drop down list select All to allow all traffic through the VPN tunnel i Select the Connect using Secure Gateway Tunnel check box j In the ID Type drop down list select Domain Name and enter fromGW_A com in this example k Select ...

Page 162: ... provide information about the remote VPN client PC You must provide the pre shared key that you configured in the N300 wireless modem router and either a fixed IP address or a fixed virtual IP address of the VPN client PC a In the Network Security Policy list on the left side of the Security Policy Editor window click My Identity b In the Select Certificate list select None c In the ID Type list ...

Page 163: ...n this step you provide the type of encryption DES or 3DES to be used for this connection This selection must match your selection in the VPN router configuration a In the Network Security Policy list on the left side of the Security Policy Editor window expand the Security Policy heading by double clicking its name or clicking the symbol b Expand the Authentication subheading by double clicking i...

Page 164: ...ssion drop down list select None d Select the Encapsulation Protocol ESP check box e In the Encrypt Alg drop down list select the type of encryption In this example use Triple DES f In the Hash Alg drop down list select SHA 1 g In the Encapsulation drop down list select Tunnel h Leave the Authentication Protocol AH check box cleared 7 Save the VPN client settings From the File menu at the top of t...

Page 165: ...ect Connect to open the My Connections list c Select toDGND3300v2 The N300 wireless modem router reports the results of the attempt to connect Once the connection is established you can access resources of the network connected to the VPN router To perform a ping test using this example start from the remote PC a Establish an Internet connection from the PC b On the Windows taskbar click the Start...

Page 166: ...router management interface open Note You can use the VPN router diagnostics to test the VPN connection from the VPN router to the client PC To do this select Diagnostics on the N300 wireless modem router main menu Monitoring the VPN Tunnel Telecommuter Example To view information about the progress and status of the VPN client connection open the Log Viewer In Windows click Start and select Progr...

Page 167: ...PC is connected to a remote LAN through a VPN you might not have normal Internet access If this is the case you need to close the VPN connection to have normal Internet access Viewing the VPN Router s VPN Status and Log Information To view information about the status of the VPN client connection open the VPN router s VPN Status screen 1 On the N300 wireless modem router main menu select Router St...

Page 168: ...aration of Conformity We NETGEAR Inc 350 East Plumeria Drive Santa Clara CA 95134 declare under our sole responsibility that the NETGEAR N300 Wireless Dual Band ADSL2 Modem Router DGND3300v2 complies with Part 15 Subpart B of FCC CFR47 Rules Operation is subject to the following two conditions This device may not cause harmful interference and This device must accept any interference received incl...

Page 169: ...irements of the R TTE Directive of the European Union 1999 5 EC This equipment meets the following conformance standards EN300 328 2 4Ghz EN301 489 17 EN301 893 5Ghz EN60950 1 This device is a 2 4 GHz wideband transmission system transceiver intended for use in all EU member states and EFTA countries except in France and Italy where restrictive use applies In Italy the end user should apply for a ...

Page 170: ... ΔΙΑΤΑΞΕΙΣ ΤΗΣ ΟΔΗΓΙΑΣ 1999 5 ΕΚ Français French Par la présente NETGEAR Inc déclare que l appareil Radiolan est conforme aux exigences essentielles et aux autres dispositions pertinentes de la directive 1999 5 CE Italiano Italian Con la presente NETGEAR Inc dichiara che questo Radiolan è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 1999 5 CE Lat...

Page 171: ... täten että Radiolan tyyppinen laite on direktiivin 1999 5 EY oleellisten vaatimusten ja sitä koskevien direktiivin muiden ehtojen mukainen Svenska Swedish Härmed intygar NETGEAR Inc att denna Radiolan står I överensstämmelse med de väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999 5 EG Íslenska Icelandic Hér með lýsir NETGEAR Inc yfir því að Radiolan er í sam...

Page 172: ...N300 Wireless Dual Band ADSL2 Modem Router Installation Guide Document Link TCP IP Networking Basics http documentation netgear com reference enu tcpip index htm Wireless Networking Basics http documentation netgear com reference enu wireless index htm Preparing Your Network http documentation netgear com reference enu wsdhcp index htm Virtual Private Networking Basics http documentation netgear c...

Page 173: ...s port 54 client to gateway VPN tunnels 77 compliance wireless 168 configuration file 57 58 configuring ADSL settings 14 DMZ server 117 119 Dynamic DNS 116 email alerts 47 firewall rules 38 firmware upgrades 50 ISP settings 10 LAN IP services 112 log notifications 47 logs of web access 46 MTU size 134 parental controls 32 port forwarding 41 port triggering 43 QoS 119 remote management 60 repeater ...

Page 174: ...e MAC addresses F factory default settings 58 147 148 file and printer sharing 74 file sharing 65 files sharing 66 filtering 32 firewall rules 38 firmware version 53 folders networks creating 71 editing 68 fragmentation threshold 30 fragmented data packets 134 fully qualified domain name FQDN configuring VPN tunnels using 153 G gateway to gateway VPN tunnels 77 90 Gigabit Ethernet 131 guest networ...

Page 175: ...0 MTU size 134 multicasting 114 multiple input multiple output MIMO 130 N NAT Network Address Translation 119 NETGEAR ProSafe VPN Client 83 network folders creating 71 editing 68 Network Time Protocol NTP 49 144 networks correct settings checking 138 restarting 138 non WPS clients adding 28 O obstructions connecting through 131 OpenDNS 32 optimizing bandwidth 132 performance 133 outgoing mail serv...

Page 176: ...audio 131 subnet mask 54 system up time 56 T TCP IP network troubleshooting 142 technical specifications 147 Technical Support 2 time of day troubleshooting 144 time to live advertisement 136 time setting 49 trademarks 2 traffic control 62 traffic counter 62 traffic meter 61 traffic status 63 troubleshooting 137 141 trusted user 38 U Universal Plug and Play UPnP 72 135 up time system 56 Up to 145 ...

Page 177: ...ard setting up 145 wireless clients adding 25 27 wireless connection type 130 Wireless Distribution System WDS 125 126 Wireless light troubleshooting and 140 wireless network name 55 Wireless port settings 54 wireless radio 29 55 wireless repeating 125 126 base station 127 repeater unit 128 wireless repeating function 125 126 wireless security 26 wireless settings checking for correct 138 wireless...

Reviews:

No comments

Related manuals for DGND3300v2 - RangeMax Dual Band Wireless-N Modem Router

Wavion WS410 Installation Manual preview
WS410
Brand: Wavion Pages: 66
H3C MSR900-E Routers Installation Manual preview
MSR900-E Routers
Brand: H3C Pages: 38
H3C MSR810 Safety Manual preview
MSR810
Brand: H3C Pages: 64
Hama 53133 Operating Instruction preview
53133
Brand: Hama Pages: 180
Harman JBL QUANTUM TWS Owner'S Manual preview
JBL QUANTUM TWS
Brand: Harman Pages: 25
Harman JBL Quantum 810 Wireless Owner'S Manual preview
JBL Quantum 810 Wireless
Brand: Harman Pages: 21
Harman JBL ENDURANCE PEAK Quick Start Manual preview
JBL ENDURANCE PEAK
Brand: Harman Pages: 14
Ublox NINA-W1 Series User Manual preview
NINA-W1 Series
Brand: Ublox Pages: 44
Positron GAM-4-MRX Quick Installation Manual preview
GAM-4-MRX
Brand: Positron Pages: 36
TERABEAM AP-Ext-N User Manual preview
AP-Ext-N
Brand: TERABEAM Pages: 10
Aruba AP-505H Installation Manual preview
AP-505H
Brand: Aruba Pages: 15
NetComm 3G10WVR User Manual preview
3G10WVR
Brand: NetComm Pages: 51
Linksys FGMM1000 User Manual preview
FGMM1000
Brand: Linksys Pages: 30
Linksys BEFW11S4-AT User Manual preview
BEFW11S4-AT
Brand: Linksys Pages: 31
Linksys E5600 User Manual preview
E5600
Brand: Linksys Pages: 135
HP Aruba AP-375 Product End-Of-Life Disassembly Instructions preview
Aruba AP-375
Brand: HP Pages: 5
HP Aruba AP-587 Disassembly Instructions preview
Aruba AP-587
Brand: HP Pages: 5
HP MSM310-R Installation Manual preview
MSM310-R
Brand: HP Pages: 24

Brands by name

Popular brands

Load more brands