Step 3. Click on Advanced at the top. Click on VPN on the left side.

Step 4. Click on the IPsecoption button.

Step 5. Configure the following to create IPsecconnection to the DFL-700:

• Connection Name - type in the connection name
• Local Network - Select subnet
• IP address - type in the local IP network (192.168.1.0)
• Netmask - type in the local IP subnet (255.255.255.0)
• Remote Secure Gateway - type in the remote gateway(195.74.119.180)
• Remote Network - Select subnet
• IP address - type in the local IP network (192.168.2.0)
• Netmask - type in the local IP subnet (255.255.255.0)
• Proposal - select ESP
• Authentication Type - select the authentication type (MD5)
• Encryption - select the Encryption type (3DES)
• Perfect Forward Secrecy - select the PFS group (Group2)
• Pre-shared key - type the pre-shared key

Click on Apply when done.

Step 6. The profile will now be shown at thebottom of the screen. Click on the green check icon to enable theprofile.

Step 7. The profile will now show up asenabled.

 

Step 8. Click on Tools at thetop.

 

Step 9. Click on System on theleft side. Click on the Save button to permanentlysave the changes to device memory.

 

Configuring the DFL-700

Step 10. Open up a web browser and type in theIP address of the DFL-700 (i.e. <https://192.168.2.1>). PressEnter.

Step 11. Login to the DFL-700 with the usernameand password. At the Main page, click on Firewallat the top.

Step 12. Click on VPN on theleft side.

Step 13. Click on AddNew

Step 14. Configure the following to add theto_dsl-g804v profile.

• Name - type in the name for the IPsec tunnel
• Local Net - type in the local IP network with the subnet indecimal notation (i.e. 192.168.2.0/24)
• Authentication - set authentication to PSK - Pre-shared Key.Type in the Pre-shared key
• Tunnel Type - set tunnel type to LAN-to-LAN tunnel.
• Remote Net - set the remote net (i.e. 192.168.1.0/24)
• Remote Gateway - type in the remote gateway. You can put in theDSL-G804V WAN IP address (70.70.70.70). If the DSL-G804V is usingDynamic DNS, type in the hostname (i.e. dlink123.no-ip.org).

Leave the remaining fields as default.

Click on the Apply button to applychanges.

 

Step 15. The new 'to_dsl-g804v' profile willnow be added. Clcik on Edit next to the newprofile.

Step 16. Click on the Advancedbutton at the bottom of the screen.

Step 17. Enable the PFS - EnablePerfect Forward Secrecy. Set the PFS DHGroup to '2 - modp 1024 bits'

Step 18. Click on the Applybutton at the bottom of the screen to apply the changes.

Step 19. Click on the Activatebutton to activate the changes

Step 20. Click on ActivateChanges to activate the changes.

 

Testing the Configuration

Step 21. Open up the CommandPrompt on a machine in the DSL-G804V network.

Step 22. Start a ping to the a PC on theDFL-700 LAN network (192.168.2.22)

Step 23. Log in to the web interface of the DSL-G804V. Click on Status-->IPsecStatus on the left hand side. The screen will show theConnection status for the to_dfl-700 VPN tunnel.