What's new

Free IPSEC VPN Solution Netgear FVS336G

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Dennis Wood

Senior Member
Free IPSEC VPN Solution for Netgear FVS336G - works with 64bit Vista, Windows 7

Netgear's forum requires registration, and some of the config docs being made available there are password protected. Google hopefully should index this post so folks can find it :)

The problem with this router and it's current firmware is that it does not support 64 bit SSL VPN sessions. This means if you're using Vista 64bit or Windows 7 64bit, you cannot use SSL VPN. I've been advised that an updated firmware is coming, but likely not for several months. So here's a way to get IPSEC vpn working using the open source SHREW client. If you have a static IP, obviously you'll use that address on your remote client as the "server" address. If not, set up a dynamic DNS account (free) at http://www.dyndns.org. Use the Dynamic DNS settings page on our router to input the domain name, user name and password you chose at the Dynamic DNS website. This will ensure that if you're using a dynamic IP, you'll be able to find the router for either SSL VPN or IPSEC VPN access. I'd advise setting up SSL VPN as per the netgear FAQ in order to make the process easier....the easiest way to work with the installation is to be remote to the router, with a 32 bit client connected using SSL VPN (a laptop perhaps). This way you can configure the router remotely using SSL VPN on the 32bit machine, as well as test IPSEC VPN from the 64 bit client.

1. On your client machine, download and install the SHREW client appropriate to your operating system: http://www.shrew.net/download/vpn

2. Log in to the FVS336G admin menu (do this from the 32 bit client with an SSL VPN session established...use the same IP as you normally would to access the admin interface internally).

3. Use these notes to configure both router and client: http://www.shrew.net/support/wiki/HowtoNetgear

4. The ip addresses used in the link above assume that the VPN routers local network has an address of 10.1.2.0 so if you were using 192.168.10.1 for your router's internal LAN address, and your workstation etc. were all 192.168.10.x you would change as follows (assuming the router's address is 192.168.10.1):


Client Pool (this is the mode config section of the setup notes)

•Record Name = vpnclient-cfg
•First Pool = 192.168.11.1 - 192.168.11.100
•WINS Server = 192.168.10.10 (you can point to an internal NAS unit that can serve as a WINS Server..in this case we'd assume the NAS unit was 192.168.10.10)
•DNS Server = 192.168.10.1 (assuming your router is the DNS server/relay)
Traffic Tunnel Security Level

•PFS Key Group = Unchecked
•SA Lifetime = 3600 Seconds
•Encryption Algorithm = 3DES
•Integrity Algorithm = SHA-1
•Local IP Address = 192.168.10.0
•Local Subnet Netmask = 255.255.255.0


4. Configure your SHREW client as indicated in the document. Note that if you were using the LAN subnet 192.168.10.0 on the VPN router's LAN, then the include record you are adding to the SHREW client would be 192.168.10.0, with a subnet mask of 255.255.255.0

5. Add an IPSEC VPN user (on the FVS336G) as indicated in the document.

Cheers,
Dennis Wood
www.cinevate.com
 
Last edited:

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top