NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

vpnbeginner's avatar
vpnbeginner
Aspirant
Sep 01, 2015

IPSEC Site to Site FVS336 to FVS318

Hi Netgear Community,

I want to set up a Site to Site connection between FVS336 and FVS318 at our costumer s office. At there site the FVS318 is behind a firewall. They forward ESP, AH and Port 500 UDP to the device. Is there any possibility to check the ports (like telnet)? Both routers were configured by wizard. I just changed the mode to aggressive and the SA lifetime to 86400. The local subnets are 10.9.8.x and 192.168.4.x.

 

Thank you a lot for any suggestions.

 

 

 

 

firewall
fvs318
fvs336
Installation
ipsec
site2site
VPN

1 Reply

  • adit's avatar
    adit
    Mentor
    Sep 01, 2015

    You want the VPN router to get the public IP on it's WAN.  If it is DSL service, you need to place the ISP router/modem in Bridge Mode. 

    If that is not possible, your only other option is to place the VPN router in the DMZ.

     

    You should use Main Mode - Both Directions in almost all cases with a Site to Site VPN. 

     

    SA Lifetimes, 3600 if either WAN IP Address is Dynamic, 86400 if BOTH WAN IP Addresses are Static.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More