Apr 02

How to Setup VPN IPsec Between D-Link DSR-Series FW.2.x

Step 1 – Setup WAN port setup DSR1

Network > WAN1 Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_1-1

Step 2 – Here you will need to select the ISP Connection Type

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_2

Wan1 Setup:

Connection Type: Static IP (In our example it was set as static)

IP Address: 1.1.1.1

IP Subnet Mask: 255.0.0.0

Domain Name System (DNS) Servers

Primary DNS Server: 8.8.8.8 (Google DNS)

Secondary DNS Server: 8.8.4.4 (Google DNS)

Click on “Save

Step 3 – Setup LAN Configuration DSR1

Network > LAN Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_3

Step 4 – Enter an IP address for the LAN interface and DHCP Server

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_4

In our example we have given the IP: 192.168.10.1

IP Address Setup:

IP Address: 192.168.10.1

Subnet Mask: 255.255.255.0

DHCP Setup:

DHCP Mode: DHCP Server

Starting IP Address: 192.168.10.2

Ending IP Address: 192.168.10.254

Default Gateway: 192.168.10.1

Click on “Save

Step 4 – Setup WAN port setup DSR2

Network > WAN1 Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_1

Step 5 – Here you will need to select the ISP Connection Type

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_2-1

Wan1 Setup:

Connection Type: Static IP (In our example it was set as static)

IP Address: 1.1.1.1

IP Subnet Mask: 255.0.0.0

Domain Name System (DNS) Servers

Primary DNS Server: 8.8.8.8 (Google DNS)

Secondary DNS Server: 8.8.4.4 (Google DNS)

Click on “Save

Step 6 – Setup LAN Configuration DSR2

Network > LAN Settings

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_5

Step 7 – Enter an IP address for the LAN interface and DHCP Server

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_6

In our example we have given the IP: 192.168.10.1

IP Address Setup:

IP Address: 192.168.20.1

Subnet Mask: 255.255.255.0

DHCP Setup:

DHCP Mode: DHCP Server

Starting IP Address: 192.168.20.2

Ending IP Address: 192.168.20.254

Default Gateway: 192.168.20.1

Click on “Save

VPN IPsec Setup – DSR1:

Step 8 – You will now need to setup an IPsec Policy

VPN > Policies

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_7

Step 9 – Click “Add New IPSec Policy” to configure a new IPsec Policy

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_8

IPSec Policy Configuration

General

Policy Name: VPN1

Policy Name: Auto Policy

IP Protocol Version: IPv4

IKE Version: IKEv1

L2TP Version: None

IPSec Model        Tunnel Model

Select Local Gateway: Dedicated WAN

Remote Endpoint: 2.2.2.2

Enable DHCP: Off

Local IP: Subnet

Local Start IP Address: 192.168.10.1 (LAN IP Address of DSR1)

Local Subnet Mask: 255.255.255.0

Remote IP: Subnet

Remote Start IP Address: 192.168.20.1

Remote Subnet Mask: 255.255.255.0

Enable Keepalive: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_9

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_10
Phase 1 (IKE SA Parameters)

Exchange Mode: Main

Direction Type: Both

Nat traversal: On

NAT Keep Alive Frequency: 20

Remote Identifier Type: Local Wan IP

Remote Identifier Type: Remote Wan IP

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_11

Encryption Algorithm

DES: On                                 3DES: On

AES-128: On                        AES-192: On

AES-256: On

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12

Authentication Algorithm

MD5: On                                SHA-1: On

SHA2-256: Off                     SHA2-384: Off

SHA2-512: Off

Authentication Method: Pre-Shared Key

Pre-Shared Key: sharedkey

Diffie-Hellman (DH) Group: Group: Group 2 (1024 bit)

SA-Lifetime: 28800

Enable Dead Peer Detection: Off

Extended Authentication: None

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_13

Phase2 – (Auto Policy Parameters)

SA Lifetime: 3600  Seconds

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_14

Encryption Algorithm

DES: On                                 None: Off

3DES: On                              AES-128: On

AES-192: On                        AES-256: On

TWOFISH (128): Off          TWOFISH (192): Off

TWOFISH (256): Off

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-1

Integrity Algorithm

MD5: On                                SHA1: On

SHA2-224: Off                     SHA2-256: Off

SHA2-384: Off                     SHA2-512: Off

PFS Key Group: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_15

Click “Save
VPN IPsec Setup – DSR2:

Step 10 – You will now need to setup an IPsec Policy for the second DSR

VPN > Policies

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_7-1
Step 11 – Click “Add New IPSec Policy” to configure a new IPsec Policy
DSR_Series_FW2_How_to_setup_VPN_IPsec_between_17

IPSec Policy Configuration

General

Policy Name: VPN2

Policy Name: Auto Policy

IP Protocol Version: IPv4

IKE Version: IKEv1

L2TP Version: None

IPSec Model        Tunnel Model

Select Local Gateway: Dedicated WAN

Remote Endpoint: 2.2.2.2

Enable DHCP: Off

Local IP: Subnet

Local Start IP Address: 192.168.10.1 (LAN IP Address of DSR1)

Local Subnet Mask: 255.255.255.0

Remote IP: Subnet

Remote Start IP Address: 192.168.20.1

Remote Subnet Mask: 255.255.255.0

Enable Keepalive: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_18

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_19

Phase 1 (IKE SA Parameters)

Exchange Mode: Main

Direction Type: Both

Nat traversal: On

NAT Keep Alive Frequency: 20

Remote Identifier Type: Local Wan IP

Remote Identifier Type: Remote Wan IP

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_11-1

Encryption Algorithm

DES: On                                 3DES: On

AES-128: On                        AES-192: On

AES-256: On

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-3

Authentication Algorithm

MD5: On                                SHA-1: On

SHA2-256: Off                     SHA2-384: Off

SHA2-512: Off

Authentication Method: Pre-Shared Key

Pre-Shared Key: sharedkey

Diffie-Hellman (DH) Group: Group: Group 2 (1024 bit)

SA-Lifetime: 28800

Enable Dead Peer Detection: Off

Extended Authentication: None

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-2

Phase2 – (Auto Policy Parameters)

SA Lifetime: 3600  Seconds

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_14-1

Encryption Algorithm

DES: On                                 None: Off

3DES: On                              AES-128: On

AES-192: On                        AES-256: On

TWOFISH (128): Off          TWOFISH (192): Off

TWOFISH (256): Off

BLOWFISH: Off

CAST128: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_12-4

Integrity Algorithm

MD5: On                                SHA1: On

SHA2-224: Off                     SHA2-256: Off

SHA2-384: Off                     SHA2-512: Off

PFS Key Group: Off

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_15-1

Click “Save

Step 12 – To view if the VPN connection has been established

STATUS > Active VPNs

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_20

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_21
Step 13 – If you see “IPsec SA Not Established”, Right-Click on a record then click “Connect

DSR_Series_FW2_How_to_setup_VPN_IPsec_between_22

Tags: ,

css.php