Support

FAQ Categories

Firewall

How do I configure TheGreenBow VPN Client with DFL series firewall?

1. Introduction 

The objective of this document is to provide a guide describing how to configure the 
devices to achieve the same environment as show at the network topology. 
Users of this document are expected to already possess basic knowledge of D-Link 
devices and TheGreenBow VPN program, and are familiar with how to perform basic 
configurations. Only important configurations, such as those pertaining to interfacing and 
integrating, will be described in this document.

2. Product used

TheGreenBow_VPN_Client  4.61.003 and DFL-800 are used in the FAQ. The same applies to all other DFL products with Netdefend OS.

3. Network Diagram


User-added image

Note: Router is set to allow IPSec pass through.

4. Configurations 

In this document, we will only describe the main configurations for this Scenario. The 
configurations setting for all the D-Link products will not be described here and for more 
detail about the product you can download their user guide. 

 
4.1 TheGreenBow VPN client and DFL-800

User-added image
 

In this scenario the user can connect back to the headquarter database by using 
TheGreenBow VPN client tunneling to DFL-800. 
 
All configurations are based on DFL-800 and TheGreenBow 
VPN Client (F/W: 4.61.003) 
 
The steps in this configuration are: 
 
• Setup DFL-800 for VPN tunneling 
• Setup Pre-shared Key 
• Phase 1 and Phase 2 algorithms setup 
• Setting up IPSec-Tunnel 
• Setup IP Rules 
• Setup TheGreenBow VPN client 
• Setup Phase 1 
• Setup Phase 2

4.1.1)  Setup DFL-800 for VPN tunneling 
4.1.1.1) Setup Pre-Shared Key
   
1) Login to the DFL-800 and click “Authenticate Objects” and add a 
new “Pre-shared Key” and fill in the passphrase and name

User-added image

4.1.1.2)  Phase 1 and Phase 2 algorithms setup
 
1) At the “IKE Algorithms”, select the Encryption and Integrity 
algorithms for your phase 1 authenticate. 

User-added image

2) Next is the “IPSec Algorithms”, select the Encryption and 
Integrity algorithms for the phase 2.  

User-added image


4.1.1.3)  Setting up IPSec-Tunnel
       
1) After we finish setting up the algorithms, next we will need to 
create the “IPSec-Tunnel” as show below.

User-added image

2) Next, click on the “Authentication” tab and select the “PreShared Key” you have setup at the steps 1.

User-added image

3) After selecting the Pre-Shared Key, next is to enable the 
“Dynamically add route” at the routing tab. 

User-added image

4) Last step is to make sure the DH Group at the IKE setting is the 
same setting for the TheGreenBow Client. 

User-added image

4.1.1.4)  Setup IP Rules
 
Now is to setup the IP Rules so there the DFL-800 knows where 
to direct all the traffic to. 
 
1)  First add a new interface group name “IPSec-LAN” by grouping 
up “IPSec-Tunnel” and “LAN”.

User-added image

2) Next, click “IP Rules” and add a new IP rule as show below.  

User-added image

4.1.2)  Setup TheGreenBow VPN Client
4.1.2.1)  Setup Phase 1
       
1) Right click on the “Root” to add a new “Phase1”, next fill in the IP 
address for this VPN client and Remote gateway IP follow by 
Preshared Key and IKE setting.

User-added image

Note: the Preshared Key and IKE must be the same setting set in the DFL-800

4.1.2.2)  Setup Phase 2
       
1) Right click on the “Phase1” to add a new “Phase2”, next fill in the 
VPN Client address for this VPN client and Remote gateway IP 
follow by ESP setting.

User-added image

Note: the ESP Encryption and Authentication setting must be the same in the 
DFL-800 IPSec-Tunnel. 

5.1) Test Result
 
a. The VPN tunnel will be open at any negotiate mode set in Phase 1 
and Phase 2.

User-added image

b.  The DFL will show the tunnel is up at their VPN status.

User-added image

c. Client is able to Ping to the remote network.

User-added image
Back to FAQs

Did you find this useful?

Copyright © 2012 D-Link Corporation/D-Link Systems, Inc.

Select countryUS