D-Link Blog Home

Note: In this FAQ scenario the DFL-200/700/1100 is on 192.168.3.0/24 and the DFL-210/260/800/860/1600 is on 192.168.1.0/24.

Step 1: Open the web browser and type the IP address of the router in the address bar (default is 192.168.1.1) and press Enter.

Step 2: Click on the plus sign next to Objects and select Address Book.

Step 3: Click Add and select Address Folder from the drop-down menu.

Step 4: Enter a name as desired (IPSec_tunnels in this example) and click OK.

Step 5: Click Add and select IP Address from the dropdown menu.

Step 6: Configure the IP Address as followed:

• Name: Name as desired (remote_net in this example)
• IP Address: The network identifier of the DFL-200/700/1100 (192.168.3.0/24)

Click on OK.

Step 7: Configure the IP Address as followed:

• Name: Name as desired (remote_wan in this example)
• IP Address: The external WAN address of the DFL-200/700/1100

Click on OK.

Step 8: Click on the plus sign next to Authentication Objects and select Pre-Shared Keys.

Click on OK.

Step 9: Click on the plus sign next to Interfaces and select IPSec Tunnels.

Step 10: Click Add and select IPSec Tunnel from the dropdown menu.

Step 11: Configure the IPSec Tunnel as followed:
• Name: Name as desired (test in this example)
• Local Network: lannet
• Remote Network: remote_net (created in step 6)
• Remote Endpoint: remote_wan (created in step 7)
• Encapsulation Mode: Tunnel
• IKE Algorithms: High
• IKE Life Time: 28800 seconds
• IPSec Algorithms: High
• IPSec Life Time: 3600 seconds

Step 12: Click on the Authentication tab, select Pre-Shared Key and select the configured key (IPSec_PSK from step 8) from the drop-down menu.

Step 13: Click on the IKE Settings tab and configure as followed:
• IKE: Main
• IKE DH Group: 2
• PFS: PFS
• PFS DH Group: 2
• NAT Traversal: On if supported and NATed

Step 14: Click on the Keep-Alive Tab
• Keep-alive—Auto

Click on OK.

Step 15: Click on the plus sign next to Rules and then select IP Rules.

Step 16: Click on Add and then select IP Rule Folder from the dropdown menu.

Step 17: Enter a name as desired (IPSec_rules in this example) and then click on OK.

Step 18: Click on Add and select IP Rule from the dropdown menu.

Step 19: Create the IP Rule as followed:
• Name: Name as desired (fromIPSec in this example)
• Action: Allow
• Service: all_services
• Schedule: None
• Source interface: test (from step 11)
• Source network: remote_net (from step 6)
• Destination interface: lan
• Destination network: lannet

Be Sociable, Share!

• 
• 

Tags: DFL-210, VPN connection