Instruction/ maintenance manual of the product DG834 v3 NETGEAR
Go to page of 168
202-10153-01 October 200 6 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA Reference Manual for the ADSL Modem Router DG834 v3.
ii v1.1, October 2006 © 2006 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR is a trademark of Netge ar , Inc. Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation. Other brand and product names are registered tradem arks or trademarks of their respective holders.
v1.1, October 2006 iii European Union St atement of Compliance Hereby , NETGEAR, Inc. declares that thi s modem router is in compliance with the es sential requirements and other relevant provisions of Directive 1999/5/EC. Èesky [Czech] NETGEAR, Inc.
v1.1, Oct ober 2006 iv A printed copy of the EU Declaratio n of Conformity certificate for this prod uct is provided in the DG834 v 3 product package. Bestätigung des Hers tellers/Importeurs Es wird .
v1.1, October 2006 v V oluntar y Control Council for Int erference (VCCI) S tatement This equipment is in the second category (information equipment to be used in a residential area or an adjacent are.
v1.1, Oct ober 2006 vi.
vii v1.1, October 2006 Content s Reference Manual for the ADSL Modem Router DG834 v3 Chapter 1 About This Manual Audience, Scope, Conventions, and Formats . ... ............. ................ ............. ............. ..... 1-1 How to Print this Manual .
viii v1.1, Octo b er 2006 Firewall Rules ........ ................ ............. ............. ................ ............. ............. ................ .... .3 - 5 Inbound Rules (Port Forwarding) ....... ............. ............. ............. .
ix v1.1, October 2006 Respond to Ping on Internet W A N Port ............. ............. ................. ............ ............ 5-4 MTU Size ........... ................ ............. ............. ................ ............. ............. ...
x v1.1, Octo b er 2006 LAN or Internet Port LEDs Not On ......... ............ ............. ................. ............ ............ 7-2 T r oubleshooting the Web Configuration Interface ........... ................ ................ ..............
About This Manual 1-1 v1.1, October 2006 Chapter 1 About This Manual This chapter describes the intended audience, sc ope, conventions, and formats of this manual. Audience, Scope, Conventions, and Format s This reference manual assumes that the reader h as basic to interme diate computer and Internet skills.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 1-2 About This Manual v1.1, Octo b er 2006 How to Print this Manual T o print this manual you can choose one of the fo llowing several options, a ccording to your needs. • Printing a Page in the HTML V iew .
Introduction 2-1 v1.1, October 2006 Chapter 2 Introduction This chapter describes the features of the NETGEAR DG834 ADSL Modem Router. The DG834 ADSL Modem Router is a combina tion of a built-in ADSL .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 2-2 Introduction v1.1, Octo b er 2006 Key Features The DG834 ADSL Modem Router provides the following features: • A built-in ADSL modem •.
Reference Manual for the ADSL Mo dem Router DG834 v3 Introduction 2-3 v1.1, October 2006 Easy Inst allation and Management Y ou can install, configure, and operate the DG8 34 v3 within minutes after connecting it to the network.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 2-4 Introduction v1.1, Octo b er 2006 • Automatic Configuration of Attached PCs by DHCP The DG834 v3 dy namically assigns network co nfigur.
Reference Manual for the ADSL Mo dem Router DG834 v3 Introduction 2-5 v1.1, October 2006 V irtual Private Networking (VPN) The DG834 ADSL Modem Router provides a secu re encrypted connection between your local area network (LAN) and r emote networks or clie nts.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 2-6 Introduction v1.1, Octo b er 2006 — Detect and remove spyware — V iew attempts to access content restricted by Parental Controls — .
Reference Manual for the ADSL Mo dem Router DG834 v3 Introduction 2-7 v1.1, October 2006 The Modem Router’ s Front Panel The DG834 ADSL Mo dem Router front panel sho wn below contains stat us LEDs. Y ou can use the LEDs to verify various conditions.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 2-8 Introduction v1.1, Octo b er 2006 The Router’ s Rear Panel The rear panel of the DG83 4 ADSL Modem Router ( Figure 2-2 ) contains port connections. V iewed from left to right, the rear panel contains the following elements: 1.
Reference Manual for the ADSL Mo dem Router DG834 v3 Introduction 2-9 v1.1, October 2006 Connecting the Router to the Internet T o connect your DG834 ADSL Modem Rout er to the Internet, refer to the ADSL Modem Router Setup Manual on the ADSL Modem Router Resource CD or online as shown in the following table.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 2-10 Introduction v1.1, Octo b er 2006.
Protecting Your Network 3-1 v1.1, October 2006 Chapter 3 Protecting Y our Network This chapter describes how to u se the basic firewall features of the DG834 ADSL Modem Router to protect your net work. It also describes how to configure T rend Micro Home Network Secu rity .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-2 Protecting Yo ur Network v1.1, Octo b er 2006 2. From the Main Menu of the browser interface, under the Maintenanc e hea ding, select Set Password to bring up the menu shown in Figure 3-2 .
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3-3 v1.1, October 2006 Configuring Basic Firewall Services Basic firewall services you can configure includ e access blocking and scheduling of firewa ll security . These topics are presented below .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-4 Protecting Yo ur Network v1.1, Octo b er 2006 2. Select the Block Sites link of the Security menu. 3. T o enable ke yword blocking, sele ct one of the following: • Per Schedule—to turn on keyword blocking according to the settings on the S chedule page.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3-5 v1.1, October 2006 Y ou can specify one trusted user , which is a co mputer that will be exempt from blocking and logging. Since the trusted user will be identifie d by an IP address, you should configure that computer with a fixed IP address.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-6 Protecting Yo ur Network v1.1, Octo b er 2006 T o access the rules configuration of the DG834 v3, click the Firewall Rules link on the main menu, then click Add for either an Outbound or Inbound Service.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3-7 v1.1, October 2006 Remember that allowing inbound services opens holes in your fi rewall.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-8 Protecting Yo ur Network v1.1, Octo b er 2006 – Any — all IP addresses are covered by this rule. – Address range — if this optio n is selected, you must enter the Start and Finish fields.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3-9 v1.1, October 2006 Considerations for Inbound Rules • If your external IP address is assigned dynamically by your ISP , the IP address may change periodically as the DHCP lease expires.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-10 Protecting Yo ur Networ k v1.1, Octo b er 2006 Outbound Rule Example: Blocking Inst ant Messenger If you want to block Instant Messenger.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -11 v1.1, October 2006 – Single address — enter the required address in the Start field. • W AN Users These settings determine which packets are cove red by the rule, based on their destination W AN IP address.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-12 Protecting Yo ur Networ k v1.1, Octo b er 2006 For any traffic attempting to pass through the fire wall, the packet informa tion is subjected to the rules in the order shown in the Rules T able, beginning at the top and pro ceeding to the default rules at the bottom.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -13 v1.1, October 2006 • T o edit an existing Service, select its button on the left side of the table and click Edit Service. • T o delete an existing Service, select its button on the left side of the table and clic k Delete Service.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-14 Protecting Yo ur Networ k v1.1, Octo b er 2006 2. Select the Schedule link of the Secur ity menu to display menu shown below . 3. Select your T ime Zone. This setting will be u sed for the blocking sc hedule according to your local time zone and for time-stamping log entries.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -15 v1.1, October 2006 How to Schedule Firewall Services If you enabled services blocking in the Bl ock Servic es menu or Port forwar ding in the Ports menu, you can set up a schedule for when blocking occurs or when access is not restricted.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-16 Protecting Yo ur Networ k v1.1, Octo b er 2006 Security Service Settings Click Security Service under Co ntent Filtering on the Main men.
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -17 v1.1, October 2006 • Client V irus Protection S tatus . Provides information on all computers on you r network.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-18 Protecting Yo ur Networ k v1.1, Octo b er 2006 Parent al Controls Settings Click Parental Controls under Cont ent Filtering on the Main .
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -19 v1.1, October 2006 T o select Parenta l Controls Mode: • Click Use General Controls to select Genera l mode. In General mode, one access profile applies to all users.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-20 Protecting Yo ur Networ k v1.1, Octo b er 2006 b. T o create a custom profile, click Use Custom Settings and then sele ct the chec k boxes as desired. (For additional ch oices, click More Categories).
Reference Manual for the ADSL Mo dem Router DG834 v3 Protecting Your Network 3 -21 v1.1, October 2006 • Illegal/Questionable : Sites that advocate or advise on pe rforming illegal acts such as service theft, evad ing law enforcement, fraud, bur glary technique s, and plagiarism.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 3-22 Protecting Yo ur Networ k v1.1, Octo b er 2006.
Managing Your Network 4-1 v1.1, October 2006 Chapter 4 Managing Y our Network This chapter describes how to perform networ k management tasks with your DG834 ADSL Modem Router. Backing Up, Restoring, or Erasing Y our Settings The configuration settings of the DG834 ADSL Modem Router are stored in a configuration file in the modem rout er.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-2 Mana ging Your Ne twork v1.1, Octo b er 2006 How to Restore the Conf iguration from a File 1.
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-3 v1.1, October 2006 How to Upgrade the Modem Router Firmware 1. Download and unzip the new so ftware file from NETGEAR. The W eb browser used to upload new firmware into the modem router must support HTTP uploads.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-4 Mana ging Your Ne twork v1.1, Octo b er 2006 Network Management Information The DG834 v3 provides a variety of status and usag e information which is discuss ed below .
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-5 v1.1, October 2006 T a ble 4-1. M enu 3.2 - Modem R outer Status Fields Field Description Account Name The Host Name assigne d to the modem route r in the Basic Settings menu.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-6 Mana ging Your Ne twork v1.1, Octo b er 2006 Click the Show S tatistics button to display modem router usage statistics, as shown in Figure 4-3 below: This screen shows the following statistics:.
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-7 v1.1, October 2006 Click the Connection St atus button to display modem router connection statu s, as shown in Figure 4-5 below: Clicking the Renew button updates the status information.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-8 Mana ging Your Ne twork v1.1, Octo b er 2006 V iewing Att ached Devices The Attached Devices menu contains a table of all IP devices that the modem router has discovered on the local network.
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-9 v1.1, October 2006 An example of the log s file is shown below . Log entries are described in Ta b l e 4 - 1 below: Figur.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-10 Managing Your Netw ork v1.1, Octo b er 2006 Log action buttons are described in Ta b l e 4 - 2 be low: Selecting What Information to Log Besides the standard information listed above, you can choose to log additional info rmation.
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-11 v1.1, October 2006 Saving Log Files on a Server Y ou can choose to write the logs to a computer ru nning a syslog program. T o activate this feature, select to Broadcast on Lan or enter the IP address of the server where the Syslog file will be written.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-12 Managing Your Netw ork v1.1, Octo b er 2006 Enabling Security Event E-mail Notification In order to receive logs and alerts by e-mail, you must provid e you r e-ma il information in the E- mail subheading: • T urn e-mail notification on .
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-13 v1.1, October 2006 — Check My Mail Server requir es authe ntication if you need to login to your SMT P server to send E-mail. If you check this box, you must enter the user name and password for the mail server .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-14 Managing Your Netw ork v1.1, Octo b er 2006 • Reboot the modem router to enable new network configurations to take effect or to clear problems with the modem router’ s network connection.
Reference Manual for the ADSL Mo dem Router DG834 v3 Managing Your Network 4-15 v1.1, October 2006 Configuring Remote Management 1. Log in to the modem router at its default LAN address of http://192.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 4-16 Managing Your Netw ork v1.1, Octo b er 2006 W eb browser access normally uses the standard HTTP service port 80. For gre ater security , you can change the remote manag eme nt W eb in terface to a custom port by entering that number in the box provided .
Advanced Configuration 5-1 v1.1, October 2006 Chapter 5 Advanced Configuration This chapter describes how to configure the advanced features of your DG834 ADSL Mod em Router.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-2 Advanced Configuration v1.1, Octo b er 2006 Setting Up A Default DMZ Server The Default DMZ Server feature is helpful when usin g some online games and videoconferencing applications that are incompatible with NA T .
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-3 v1.1, October 2006 2. From the Main Menu, under Adva nced, click the W AN Setup link to view the page shown in Figure 5-1 : 3. Select the Default DM Z Server check box. 4.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-4 Advanced Configuration v1.1, Octo b er 2006 Respond to Ping on Internet W AN Port If you want the modem route r to respond to a 'ping' from the Internet, select the ‘Respond to Ping on Internet W AN Port’ check box.
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-5 v1.1, October 2006 These addresses are part of the Internet Engineering T a sk Force (IETF)-designated private address range for use in private networks, and should be suitable in most applications.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-6 Advanced Configuration v1.1, Octo b er 2006 • RIP V ersion This controls the format and the broadcasting method of the RIP packets that the modem router sends. It recognizes both formats when r eceiving.
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-7 v1.1, October 2006 The router will deliver the following parame ters to any LAN device that requests DHCP: • An IP Add.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-8 Advanced Configuration v1.1, Octo b er 2006 How to Configure LAN TCP/IP Settings 1. Log in to the router at its default LAN address of http://192.
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-9 v1.1, October 2006 The router contains a client that can connect to a dynamic DNS service provider . T o use this feature, you must select a service provider and obtain an account with them.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-10 Advanced C onfiguration v1.1, Octo b er 2006 9. If your dynamic DNS provider allows the use of wildcards in resolving your URL, you can select the Use wildcards check box to activate this feature.
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-11 v1.1, October 2006 In this exam ple: • The Destination IP Address and IP Subnet Mask fi elds specify that this static route applies to all 134.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-12 Advanced C onfiguration v1.1, Octo b er 2006 3. T o add or edit a Static Route: a. Click the Add to add a new route or the Edit button to edit an existing route. The S tatic Routes screen will be displayed, as shown in Figure 5-6 .
Reference Manual for the ADSL Mo dem Router DG834 v3 Advanced Configuration 5-13 v1.1, October 2006 Universal Plug and Play (UPnP) Universal Plug and Play (UPnP) helps devices, su ch as Internet appliances and computers, access the network and connect to oth er devices as need ed.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 5-14 Advanced C onfiguration v1.1, Octo b er 2006 • UPnP Portmap T able : The UPnP Portmap T able displays the IP address of each UPnP device that is currently accessing the Router and which ports (Internal and External) that device has opene d.
Virtual Private Networking (Advanced Feature) 6-1 v1.1, October 2006 Chapter 6 V i rtual Private Networking (Advanced Feature) This chapter describes how to u se the virtual private networking (VPN) features of the DG834 ADSL Modem Router. VPN communications paths are called tunnels.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-2 Virtual Private Networking (Advanced Feature) v1.1, Octo b er 2006 Client-to-Gateway VPN T unnels Client-to-Gateway VPN T unnels provide secure access from a remote PC, such as a telecommuter connecting to an office network (see Figure 6-1 ).
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking (Advanced Feature) 6-3 v1.1, October 2006 A VPN between two or more NETGEAR VPN-enabled routers is a good way to connect branch or home offices and business partners ove r the Inte rne t.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-4 Virtual Private Networking (Advanced Feature) v1.1, Octo b er 2006 This set of configuration information defines a security association (SA) between the two VPN endpoints.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking (Advanced Feature) 6-5 v1.1, October 2006 — MDS: 128 bits, faster but less secure.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-6 Virtual Private Networking (Advanced Feature) v1.1, Octo b er 2006 How to Set Up a Client-to -Gateway VPN Configuration Setting up a VPN .
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking (Advanced Feature) 6-7 v1.1, October 2006 Follow this procedure to configure a client-t o-gateway VPN tunnel using th e VPN W izard.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-8 Virtual Private Networking (Advanced Feature) v1.1, Octo b er 2006 1. Log in to the DG834 v3 at its LAN address of http://192.168.0.1 with it s default user name of admin and password of pas s w or d .
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking (Advanced Feature) 6-9 v1.1, October 2006 The Summary screen below displays.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-10 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 T o view the VPNC recommended authenticatio n and encryptio n se ttings used by the VPN W izard, click the “ here ” link (see Figure 6-6 ).
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 11 v1.1, October 2006 T o view or modify the tunnel settings, select th e radio button next t o the tunnel entry and click Edit.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-12 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 b. From the Edit menu of the Security Policy Ed itor , click Add, then Connection. A “New Connection” listing appears in the list of polici es.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 13 v1.1, October 2006 c. Select the Secure in the Connection Security check box. d. Select IP Subnet in the ID T ype menu. e. In this example, type 192.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-14 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 b. Click on the Security Policy subheading to show the Security Policy menu. c. Select the Main Mode in the Select Phase 1 Negotiation Mode check box.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 15 v1.1, October 2006 a. In the Network Security Policy list on the le ft side of the Security Policy Editor window , click on My Identity . b. Choose None in the Sele ct Certificate menu.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-16 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 5. Configure the VPN Client Authentication Proposal. In this step, you will provide the ty pe of encryption (DES o r 3DES) to be used for thi s connection.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 17 v1.1, October 2006 a. Expand the Key Exchang e subheading by d ouble clicking its name or clicking on the “+” symbol. Then select Propo sal 1 below Key Exchange.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-18 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 T o check the VPN Connection, you can initiate a request from the remote PC to the DG834 v3’ s network by using the “Co nnect” option in the NETGEAR ProSafe menu bar .
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 19 v1.1, October 2006 Information on the progress and status of the VPN client connection can be viewed by opening the NETGEAR ProSafe Log V iewer .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-20 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 In this example you can see the following: • The DG834 v3 has a p ub lic IP W AN address of 22.23.24.25 . • The DG834 v3 has a LAN IP ad dres s of 192.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 21 v1.1, October 2006 Set the LAN IPs on each DG834 v3 to differen t subnets and configure each properly for the Internet. The exampl es below assume th e followi ng settings: T able 6-1.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-22 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 Follow this procedure to configure a gateway- to-gateway VPN tunnel using the VPN W izard. 1. Log in to the DG834 v3 on LAN A at its default LAN address of http://192.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 23 v1.1, October 2006 3. Fill in the IP Address or F QDN for the ta rget VPN endpoint W AN co nnection and click Next . 4. Identify the IP addresses at the target endp oint which can use th is tunnel, and click Next .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-24 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 The Summary screen below displays.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 25 v1.1, October 2006 T o view the VPNC recommended authenticatio n and encryptio n se ttings used by the VPN W izard, click the “ here ” link (see Figure 6-25 ).
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-26 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 6. Repeat for the DG834 v3 on LA N B and pay sp ecial attention to use the following network settings as appropriate. • W AN IP of the remote VPN gateway (e.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 27 v1.1, October 2006 b. Click on VPN Status ( Figu re 6-30 ) to get the Current VPN T unnels (SAs) screen ( Figure 6-29 ). Click on Connect for the VPN tunnel you want to activate.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-28 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 Using the VPN St atus Page to Activate a VPN T unnel T o use the VPN Status screen to activate a VPN tunnel, perform the following steps: 1.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 29 v1.1, October 2006 Activate the VPN T unnel by Pinging the Remote End point T o activate the VPN tunnel by pinging the remote endpoint (e.g., 192.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-30 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 Once the connection is establish ed, yo u can op en the browser of the PC and enter the LAN IP address of the remote DG834 v3.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 31 v1.1, October 2006 Log—this log shows the details of recent VPN activity , includ ing the building of the VPN tunnel. If there is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the prob lem.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-32 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 • HLifeTime (Secs) —the remaining Hard Lifetime for this SA in seconds. When the Hard Lifetime becomes zero, the SA (Security Association) will be terminated.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 33 v1.1, October 2006 Using the Policy T able on the VPN Policies Page to Deactivate a VPN T unnel T o use the VPN Policies page to deactivate a VPN tunnel, perform the following steps: 1.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-34 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 2. Open the DG834 v3 management interface an d click on VPN S tatus to get the VPN Statu s/Log screen ( Figure 6-38 ). 3.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 35 v1.1, October 2006 1. Log in to the Modem Router. 2. Open the DG834 v3 management interface and click VPN Policies to display the VPN Policies screen ( Figure 6-40 ).
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-36 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 How to Set Up VPN T unnels in S pecial Circumstances When the VPN W .
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 37 v1.1, October 2006 Figure 6-41.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-38 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 The DG834 v3 VPN tunnel netw ork connection fields are de fin ed as follows: General. These settings identify this policy and determine i t s major characteristics.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 39 v1.1, October 2006 • Single PC - no Subnet — select this option if there is no L AN (only a single PC) at the remote endpoint. If this option is selected, no additional data is requ ired.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-40 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 • Fully Qualified User Name — the name, E-mail address, or other ID of the remote VPN endpoint. Remote Identity Data —enter the data for the selection above.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 41 v1.1, October 2006 Example of Using Auto Policy 1. Set the LAN IPs on each DG834 v3 to differen t subnets and configure each properly for the Internet.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-42 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 2. Open the DG834 v3 on LAN A management interface and click on VPN Policies. 3. Click Add Auto Policy . 4. Enter policy settings (see Figure 6-44 ).
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 43 v1.1, October 2006 — Pre-shared Key = 12345678 Figure 6-44.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-44 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 5. Click Apply . The Get VPN Policies web page is displayed. 6. Repeat for the DG834 v3 on LA N B and pay sp ecial attention to use the following network settings as appropriate.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 45 v1.1, October 2006 a. Open the DG834 v3 management interface an d click on VPN Status to display the VPN St atus/Log screen ( Figu re 6-46 ).
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-46 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 Using Manual Policy to Configure VPN T u nnels As an alternative to IKE, you may use Manual Ke ying, in which you mu st specify each ph ase of the connectio n.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 47 v1.1, October 2006 • Remote VPN Endpoint —s elect the desired option (IP addr ess or Fully Qualified Domain Name) and enter the address of the remote VP N endpoint to which you wish to connect.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-48 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006 Encryption —select the desired Encryption Algorithm, a nd enter the key in the field provided. For 3DES, the keys should be 24 ASCII characters and for DES, the keys sho uld be 8 ASCII characters.
Reference Manual for the ADSL Mo dem Router DG834 v3 Virtual Private Networking ( Advanced Feature) 6- 49 v1.1, October 2006.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 6-50 Virtual Private Networking (Adv anced Feature) v1.1, Octo b er 2006.
Troubleshooting 7-1 v1.1, October 2006 Chapter 7 T roubleshooting This chapter gives information about troubleshooting your DG834 ADSL Modem Rou ter. After each problem description, instructio ns are provided to help yo u diagnose and solve th e problem.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 7-2 Troubleshooting v1.1, Octo b er 2006 c. The W AN port LED is lit. If a port’ s LED is lit, a link has been establis hed to the connected device. If a LAN por t is connected to a 100 Mbps device, verify that the port’ s LED is green.
Reference Manual for the ADSL Mo dem Router DG834 v3 Troubleshooting 7-3 v1.1, October 2006 • Be sure you are using the correct cable: — When connecting th e router ’ s W AN ADSL p ort , use the cable that was supplied with the DG834 v3.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 7-4 Troubleshooting v1.1, Octo b er 2006 • Click the Refresh or Reload button in the W e b browser . The changes may have occurred, but the W eb browser may be caching the old configuration.
Reference Manual for the ADSL Mo dem Router DG834 v3 Troubleshooting 7-5 v1.1, October 2006 Internet LED Off If the Internet LED is of f, disconnect all telephones on the lin e. If this solves the problem, reconnect the telephones one at a time, being careful to use a micr ofilter on each telephone.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 7-6 Troubleshooting v1.1, Octo b er 2006 • Y our ISP ma y chec k for your computer's host name. Assign the computer Host Name of your ISP account to the modem router in the browser - based Setup W i zard.
Reference Manual for the ADSL Mo dem Router DG834 v3 Troubleshooting 7-7 v1.1, October 2006 T roubleshooting Internet Browsing If your modem router can obtain an IP address but your computer is unable to load any W eb pages from the Internet: • Y our computer may not recognize any DNS server addresses.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 7-8 Troubleshooting v1.1, Octo b er 2006 Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see thi.
Reference Manual for the ADSL Mo dem Router DG834 v3 Troubleshooting 7-9 v1.1, October 2006 — Y our ISP c ould be rejecting the Ethernet MAC addresses of all but one of your PCs.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 7-10 Troubleshooting v1.1, Octo b er 2006 Problems with Date and Time The E-mail menu in the Content Filtering section displa ys the current date and time of day .
Technical Specifications A-1 v1.1, October 2006 Appendix A T echnical S pecifications This appendix provides technical specifications for the DG834 ADSL Modem Router.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 A-2 T echnical Specifications v1.1, Octo b er 2006.
NETGEAR VPN Configuration B-1 v1.1, October 2006 Appendix B NETGEAR VPN Configuration DG834 v3 to FVL328 This appendix is a case study on how to configure a secure IPSec VPN tunnel from a NETGEAR DG834 v3 to a FVL328. This c ase study follows the VPN Consor tium interoperability profile guidelines (found at http://www .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-2 NETGEAR VPN Configuration v1.1, Octo b er 2006 S tep-By-S tep Configuration 1. Configure the DG834 v3 as in the Gateway-to -Gateway proce.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-3 v1.1, October 2006 Figure B-2 toFVL328 10.5.6.1 172.23. 9.1 toFVL328 22.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-4 NETGEAR VPN Configuration v1.1, Octo b er 2006 2. Configure the FVL328 as in the Gateway-to-Gatewa y procedures for the VPN W izard (se e “How to Set Up a Gateway-to-Gatew ay VPN Configuration” o n page 6-20 ), being certain to use appropriate network addresses for the environment.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-5 v1.1, October 2006 Figure B-3 toDG834 toDG834 toDG834 toDG834 toDG834 22.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-6 NETGEAR VPN Configuration v1.1, Octo b er 2006 3. T est the VPN tunnel by pinging the remote network from a PC attached to the DG834 v3. a. Open the command prompt (S tart -> Run -> cmd) b.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-7 v1.1, October 2006 T able B-1. Profile Summary VPN Consortium Scenario: Scenario 1 T ype of VPN LAN-to-LAN or Gateway.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-8 NETGEAR VPN Configuration v1.1, Octo b er 2006 The Use of a Fully Qualified Domain Name (FQDN) Many ISPs (Internet Service Pr oviders) provide connectivity to their customers using dynamic instead of static IP addressing.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-9 v1.1, October 2006 b. Configure this screen with appropriate ac count and hostname settings an d then click Apply . • Check the box Use a Dynamic DNS Service . • Host Name = dg834.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-10 NETGEAR VPN Configuration v1.1, Octo b er 2006 a. Browse to the Dynamic DNS Setup Screen (see Figure B-8 ) in the Advanced menu. b. Select the DynDNS.org radio button (see Figure B-8 ), configure with appropriate account and hostname settings (see Figure B-9 ), and then click Apply .
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-11 v1.1, October 2006 • Password = <user's account password> Figure B-9.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-12 NETGEAR VPN Configuration v1.1, Octo b er 2006 c. Click Show S tatus . The resulting screen should show Update OK: good (see Figure B-10 ).
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-13 v1.1, October 2006 a. In Step 1, enter toDG834 for the Connection Name. b. In Step 2, enter dg834.dyndns.org for the remote W AN's IP address. c. In Step 3, enter the following: • IP Address = 10.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-14 NETGEAR VPN Configuration v1.1, Octo b er 2006 Configuration Summary (T elecommuter Example) The configuration in this document follows the addressing and configuration mechanics defined by the VPN Consortium.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-15 v1.1, October 2006 Setting Up the Client-to-Gateway VPN Configuration (T elecommuter Example) Setting up a VPN betwe.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-16 NETGEAR VPN Configuration v1.1, Octo b er 2006 Figure B-13 Fully Qualified Domain Name toDG834G .com (in this example) Fully Qualified Domain Name from DG834G .com (in this example) fromDG834G (in the exa mple) Dynamic IP address Subnet addr ess Single addr ess 192.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-17 v1.1, October 2006 2. Click Apply when done to get the VPN Policies screen. T o view or modify the tunnel settings, select th e radio button next t o the tunnel entry and click Edit .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-18 NETGEAR VPN Configuration v1.1, Octo b er 2006 c. Install the IPSec Compon en t. Y ou may have the option to install eit her the VPN Adapter or the IPSec Component or both. The VPN Adapter is not necessary .
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-19 v1.1, October 2006 c. Select Secur e in the Connection Security check box. d. Select IP Subnet in the ID T ype menu. e. In this example, type 192.168. 0.1 in the Subnet field as the network address of the DG834 v3.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-20 NETGEAR VPN Configuration v1.1, Octo b er 2006 b. Click on the Security Policy subheading to show the Security Policy menu. c. Select the Main Mode in the Select Phase 1 Negotiation Mode check box.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-21 v1.1, October 2006 a. In the Network Security Policy list on the left side of the Security Policy Editor window , click My Identity . b. Choose None in the Select Certificate menu.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-22 NETGEAR VPN Configuration v1.1, Octo b er 2006 e. Click the Pre-Shar ed Key button. In the Pr e-Shared Key dialog box, click the Enter Key button. Enter the DG834 v3's Pr e-Shared Key and click OK .
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-23 v1.1, October 2006 b. Expand the Aut hentication subheading by d ouble clicking its name or clicking on the “+” symbol. Then select Propos al 1 below Authentication .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-24 NETGEAR VPN Configuration v1.1, Octo b er 2006 a. Expand the Key Exchange subheading by double clicking its name or c licking on the “+” symbol. Then select Propos al 1 below Key Ex chang e .
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-25 v1.1, October 2006 8. Check the VPN Connection . T o check the VPN Connection , you can initiate a request from the remote PC to the VPN router ’ s network by using the Connect option in the DG834 ADSL Modem Router menu bar (see Figure B-22 ).
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-26 NETGEAR VPN Configuration v1.1, Octo b er 2006 c. Ty p e ping -t 192.168.0.1 , and then click OK . This will cause a continuous ping to be sent to the VPN router . After between several seconds and two minutes, the pi ng response should change from timed out to rep l y .
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-27 v1.1, October 2006 Monitoring the VPN T unnel (T elecommuter Example) V iewing the PC Client’ s Conn ection Monitor and Log V iewer T o view information on the progress and stat us of the VPN client conn ection, open the DG834 ADSL Modem Router Log V iewer .
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-28 NETGEAR VPN Configuration v1.1, Octo b er 2006 V iewing the VPN Router ’ s VPN St atus and Log Information T o view information on the status of the VPN client co nnection, open the VPN router ’ s VPN Status screen by following the steps below: 1.
Reference Manual for the ADSL Mo dem Router DG834 v3 NETGEAR VPN Configuration B-29 v1.1, October 2006 2. T o view the VPN tunnels status, click the VPN S tatus link on the right side of the main menu.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 B-30 NETGEAR VPN Configuration v1.1, Octo b er 2006.
Related Documents C-1 v1.1, October 2006 Appendix C Related Document s This appendix provides links to reference documents you c an use to gain a more com ple te understanding of the technolog ies used in your NET GEAR product. Document Link Internet Networking and TCP/IP Addressing: http://docum entation.
Reference Ma n ual for th e ADSL Mod em Ro ut er DG83 4 v3 C-2 Related Documents v1.1, Octo b er 2006.
An important point after buying a device NETGEAR DG834 v3 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought NETGEAR DG834 v3 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data NETGEAR DG834 v3 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, NETGEAR DG834 v3 you will learn all the available features of the product, as well as information on its operation. The information that you get NETGEAR DG834 v3 will certainly help you make a decision on the purchase.
If you already are a holder of NETGEAR DG834 v3, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime NETGEAR DG834 v3.
However, one of the most important roles played by the user manual is to help in solving problems with NETGEAR DG834 v3. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device NETGEAR DG834 v3 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center