This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ASL 4.0 IPSec --> Netgear ProSafe VPN Firewall

Has anyone got Netgear's ProSafe VPN Firewall to connect up to an ASL via IPSec? If so, please let me know what settings were made in the IPSec Policy. The ProSafe really is a piece of junk but I am stuck with it. To make matters worse nobody at Netgear seems to be able to answer my questions.

Thanks,
-merc

This thread was automatically locked due to age.

0 merc over 22 years ago

UPDATE:

The 3DES_PFS policy works great. Just had to adjust the SA Lifetime settings for IKE.
Cancel
Vote Up 0 Vote Down

Cancel
0 merc over 22 years ago in reply to merc
I have had a few emails asking me to explain how I got this working, here it is... pretty cut and dry.

[list=1]
Create a new IPSec policy in ASL named Netgear Prosafe or soemthing with the following properties:
ISAKMP (IKE) Settings
IKE mode: Main Mode
Enc. alg: 3DES-CBC
Auth Alg: MD5 160bit
IKE DH Group: DH Group 5 (MODP1536)
SA lifetime (secs): 28800

IPSec Settings
IPSec mode: Tunnel
IPSec Protocol: ESP
Enc. alg: 3DES
Auth Alg: MD5 160bit
SA lifetime (secs): 3600
PFS: PFS Group 5 (MODP1536)
Compression: Off

Create a remote key on ASL using PSK (Pre-Shared Key)

Create a new IPSec Connection on the Netgear Prosafe with the following properties:
Connection Name: Whatever you want
Local IPSec Identifier: 0.0.0.0
Remote IPSec Identifier: 0.0.0.0
Security Association: Main Mode
Perfect Forward Security: Enabled
Encryption Protocol: 3DES
Preshared Key: Whatever you set the PSK to in ASL
Key Lfe: 3600 secs
IKE Life Time: 28800 Secs
[/list]
NOTE: It is important that you make sure that the Local and Remote IPSec Identifiers are both set to 0.0.0.0 on the Netgear Prosafe.

I hope this helps, if anyone has any questions please post them here rather than emailing me.

Thanks,
-merc
Cancel
Vote Up 0 Vote Down

Cancel