docHow to build IPSec LAN to LAN VPN between Vigor... other Vigor Router
download 
Report Transcription
How to build IPSec LAN to LAN VPN between Vigor... other Vigor Router
How to build IPSec LAN to LAN VPN between Vigor 2130 and other Vigor Router Place A uses VigorPro5300 and place B uses Vigor2130. Such application will guide you to build a LAN to LAN VPN tunnel between VigorPro5300 and Vigor2130. Settings in Vigor5300: Settings in Vigor2130: WAN IP:114.32.238.55 WAN IP:114.37.170.199 NETWORK IP:192.168.53.0 NETWORK IP:192.168.1.0 NETWORK MASK:255.255.255.0 NETWORK MASK:255.255.255.0 A. LAN to LAN VPN Dial-Out Configuration (the side of VigorPro5300) 1. Access into the Web Configuration Interface of VigorPro5300. Open VPN and Remote Access >> LAN to LAN. 1 2. LAN to LAN page will be shown as follows: 3. Type a name in the field of Profile Name and check the box of Enable this profile to enable such profile. 4. Choose Dial-Out as the Call Direction and check Always on. 5. Choose IPSec Tunnel for building the VPN connection and type the WAN IP address (114.37.170.199) of Vigor2130 on the box below. Next, type IKE Pre-Shared Key (it must be set as the one set in Vigor2130). 6. Choose High (ESP) as IPSec Security Method and choose 3DES with Authentication. (Note: The encryption of 3DES with Authentication is required because Vigor2130 supports 3DES only. ) 2 7. In the field of TCP/IP Network Settings, type the network IP (192.168.1.0) of Vigor2130 as Remote Network IP and type subnet (255.255.255.0) of Vigor2130 as Remote Network Mask. 8. Click OK to finish the configuration. B. LAN to LAN VPN Dial-in Configuration (the side of Vigor2130) 1. Access into the Web Configuration Interface of Vigor2130. Open VPN and Remote Access >> LAN to LAN. 3 2. LAN to LAN page will be shown as below. Click Add Tunnel to add a new VPN profile. 3. Detailed page of Add Tunnel will shown as follows: 4. Check Enable to activate such profile and check Always on. Type the name for the profile in the field of Name. 5. Type the WAN IP (114.32.238.55) of VigorPro5300; choose Main Mode as IKE phase 1 mode. 6. Type Pre-Shared Key and make a confirmation by retyping in the field of Confirm Pre-Shared Key (it must be set as the one set in VigorPro5300). 7. In Networks setting, type the local subnet (192.168.1.0/255.255.2550) of Vigor2130 in Local Network / Mask. 8. Type the local subnet (192.168.1.0/255.255.2550) of VigorPro5300 in Remote Network / Mask. 9. Click OK to finish the configuration. 4 C. Confirm the connection status of IPSec LAN to LAN VPN Connection Status for VigorPro5300 VPN Connection Status for Vigor2130 VPN 5
