NETGEAR CG3000DCR Скачать руководство пользователя страница 32

Страница: 32 / 44

VPN

CG3000DCR Advanced Cable Modem Gateway

Set Up a Client-to-Gateway VPN Configuration

Setting up a VPN between a remote computer running the VPN client and a network gateway
involves these two steps:

Configure the VPN tunnel between the remote computer and the network gateway.

Configure the VPN client endpoint.

Table 3. Sample client-to-gateway VPN tunnel

VPN Tunnel Configuration

Connection Name

RoadWarrior

Pre-Shared Key

12345678

Secure Association

Main

Perfect Forward
Secrecy

Disabled

Encryption Protocol

3DES

Authentication
Protocol

SHA-1

Diffie-Hellman (DH)
Group

Group 2

Key Life in seconds

28800 (8 hours)

IKE Life Time in
seconds

3600 (1 hour)

VPN Endpoint

Local IPSec ID

LAN IP Address

Subnet Mask

FQDN or



Gateway IP



(WAN IP Address)

Client

toCG3000D

—

Dynamic

CG3000DCR

toClient

192.168.3.1

255.255.255.0

22.23.24.25

Configure the VPN Client on the Remote Computer

This overview assumes that the computer running the client has a dynamically assigned IP
address. The computer must have a VPN client program installed that supports IPSec.



To configure the VPN client:

Add a connection.

Configure the security policy in the VPN client software.

Configure the VPN client identity.

Configure the VPN client authentication.

Содержание CG3000DCR

Страница 1: ...350 East Plumeria Drive San Jose CA 95134 USA January 2013 202 11231 01 v1 0 CG3000DCR Advanced Cable Modem Gateway User Manual...

Страница 2: ...stering your product through the NETGEAR website For product updates and web support visit http support netgear com Phone US Canada only 1 888 NETGEAR Phone Other Countries Check the list of phone num...

Страница 3: ...guration 17 Website Blocking 18 Set Up a DMZ Host 19 Disable NAT 20 Chapter 3 MSO Access MSO Welcome Screen 22 Initial Setup 23 Administration 24 WAN IP Setup 25 RIP Control 26 Chapter 4 VPN VPN Setti...

Страница 4: ...onnection 36 Troubleshoot a TCP IP Network Using a Ping Utility 37 Test the LAN Path to Your Gateway 37 Test the Path from Your Computer to a Remote Device 38 Appendix A Supplementary Information Fact...

Страница 5: ...t the topics covered in this manual visit the support website at http support netgear com Firmware updates with new features and bug fixes are made available from time to time on downloadcenter netgea...

Страница 6: ...f No power Downstream Solid green The gateway is synchronized and all channels are in use channel bonding Blinking The gateway is scanning for a downstream DOCSIS channel Off No downstream channels ar...

Страница 7: ...tory Defaults button To return the gateway to its factory settings press and hold this button for over 7 seconds See Factory Default Settings on page 40 Coaxial cable connector Attach coaxial cable to...

Страница 8: ...sword uses a zero not the letter O To access only the Feature Settings log in with the user name cusadmin and its default password of highspeed NETGEAR recommends that you change these to more secure...

Страница 9: ...e Gateway Summary screen to see if the gateway initialization is complete and to check its overall status To view the Gateway Summary screen From the Main menu click the Cable Modem tab The Gateway Su...

Страница 10: ...ttings when logged in with the cusadmin user name For information about the Gateway Summary screen see Viewing the Gateway Summary Screen on page 9 This chapter includes Administration LAN Setup Firew...

Страница 11: ...cusadmin user name default password is highspeed You should change this to a more secure password You can also specify the password idle time which is the number of minutes the gateway waits to log ou...

Страница 12: ...ateway LAN Setup You can use the LAN screen to configure IP setup static routing filtering and wwitch controls To display LAN IP setup From the Main menu select LAN You can use this screen to specify...

Страница 13: ...way Typically you do not need to add static routes You have to configure static routes only for unusual cases such as multiple gateways or multiple IP subnets on your network To create a static route...

Страница 14: ...ck specific computers based on their MAC address from access to the Internet on selected days and times To use filtering 1 From the Main menu select LAN and click the Filtering tab 2 On the Filtering...

Страница 15: ...Cusadmin Features 15 CG3000DCR Advanced Cable Modem Gateway Switch Port Controls To view the Switch Port Controls screen From the Main menu select LAN and click the Switch Controls tab...

Страница 16: ...ings By default the gateway firewall is enabled to provide security to the network You can configure firewall settings To change the firewall settings 1 From the Main menu select Firewall 2 Click the...

Страница 17: ...custom rules to specify exceptions to the default rule Because the gateway uses Network Address Translation NAT your network presents only one IP address to the Internet and outside users cannot direc...

Страница 18: ...is not blocked by rules that you have created is allowed True Static IP Port Management This feature allows certain inbound traffic to specific computers on the true static IP network Website Blockin...

Страница 19: ...will be available to anyone on the Internet for services that you have not defined There are security issues with doing this so set up the DMZ host only if you are willing to risk open access If you...

Страница 20: ...s Network Address Translation NAT your network presents only one IP address to the Internet and outside users cannot directly address any of your local computers To disable NAT 1 From the Main menu se...

Страница 21: ...escribes features that are available only when logged in with the MSO user name The following sections are included MSO Welcome Screen Initial Setup Administration WAN IP Setup RIP Control For informa...

Страница 22: ...le Modem Gateway MSO Welcome Screen Log in to the gateway with the MSO user name See Accessing the Gateway Menu on page 7 When you connect to the gateway the Welcome screen displays Initial Setup and...

Страница 23: ...as a Dynamic Host Configuration Protocol DHCP server which provides the TCP IP configuration for all the computers that are connected to the gateway Enable DMZ Host This allows you to set up a compute...

Страница 24: ...SO Access 24 CG3000DCR Advanced Cable Modem Gateway Administration When logged in as MSO the Administration screen includes more tabs for remote management logging and reporting and configuration tool...

Страница 25: ...able Modem Gateway WAN IP Setup To view or change the WAN IP setup 1 While logged in as MSO from the Main menu select WAN 2 You can click Additional Public Subnets to go to the following screen 3 When...

Страница 26: ...MSO Access 26 CG3000DCR Advanced Cable Modem Gateway RIP Control To set up RIP Control While logged in as MSO from the Main menu select WAN and click the RIP Control tab...

Страница 27: ...he gateway VPN communications paths are called tunnels VPN tunnels provide secure encrypted communications between your local network and a remote network or computer The following sections are includ...

Страница 28: ...ble Modem Gateway VPN Settings To access VPN settings 1 From the Main menu select VPN The VPN Termination tab is available only when logged in as MSO 2 Enter the VPN settings To configure IpSec click...

Страница 29: ...both of these types of VPN configurations The gateway supports up to five concurrent tunnels Client to Gateway VPN Tunnels Client to gateway VPN tunnels provide secure access from a remote computer s...

Страница 30: ...o or more NETGEAR VPN enabled routers is a good way to connect branch or home offices and business partners over the Internet VPN tunnels also enable access to network resources across the Internet In...

Страница 31: ...er Will either endpoint use fully qualified domain names FQDNs FQDNs supplied by Dynamic DNS providers can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel request Oth...

Страница 32: ...ol 3DES Authentication Protocol SHA 1 Diffie Hellman DH Group Group 2 Key Life in seconds 28800 8 hours IKE Life Time in seconds 3600 1 hour VPN Endpoint Local IPSec ID LAN IP Address Subnet Mask FQDN...

Страница 33: ...VPN client settings 7 Check the VPN connection To check the VPN connection you can initiate a request from the remote computer to the gateway s network The client reports the results of the attempt to...

Страница 34: ...y configuration with my browser Go to Access the Gateway Menu I have configured the gateway but I cannot access the Internet Go to Troubleshoot the ISP Connection I cannot remember the gateway s confi...

Страница 35: ...sts you have a hardware problem and should contact technical support All LEDs stay lit Clear the gateway s configuration to factory defaults which returns gateway s IP address to 10 10 1 See Factory D...

Страница 36: ...Settings on page 40 Make sure that your browser has Java JavaScript or ActiveX enabled If you are using Internet Explorer click Refresh to make sure that the Java applet is loaded Try quitting the bro...

Страница 37: ...e ping 192 168 0 1 3 Click OK You should see a message like this one Pinging IP address with 32 bytes of data If the path is working you see this message Reply from IP address bytes 32 time NN ms TTL...

Страница 38: ...replies as in the previous section are displayed If you do not receive replies Check that your computer has the IP address of your gateway listed as the default gateway If the IP configuration of you...

Страница 39: ...39 A A Supplementary Information This chapter includes Factory Default Settings Technical Specifications...

Страница 40: ...ollowing table Factory Default Settings Gateway Login User login URL http 10 1 10 1 User name and password case sensitive MSO D0nt4g3tme admin highspeed Local Network LAN LAN IP 10 1 10 1 Subnet mask...

Страница 41: ...PPTP Power adapter North America input 120V 60 Hz input All regions output 12 V DC 1 5A output 15W maximum Physical specifications Dimensions 6 9 by 4 5 by 1 2 in 175 by 114 by 30 mm Weight 0 68 lb 0...

Страница 42: ...and Switzerland This device may not be used for setting up outdoor radio links in France and in some areas the RF output power may be limited to 10 mW EIRP in the frequency range of 2454 2483 5 MHz Fo...

Страница 43: ...hannels is not possible This device and its antenna s must not be co located or operation in conjunction with any other antenna or transmitter TV Tuner on Selected Models Note to CATV System Installer...

Страница 44: ...ource de rayonnement et votre corps Interference Reduction Table The table below shows the recommended minimum distance between NETGEAR equipment and household appliances to reduce interference in fee...

Результаты поиска

Содержание CG3000DCR

Отзывы:

Похожие инструкции для CG3000DCR

Бренды по названию

Популярные бренды

NETGEAR CG3000DCR, Руководство пользователя

Результаты поиска

Содержание CG3000DCR

Отзывы:

Похожие инструкции для CG3000DCR

Бренды по названию

Популярные бренды