Manuel d'utilisation / d'entretien du produit TL-R600VPN v2.0 du fabricant TP-Link
Aller à la page of 58
1 How to conf igure VP N fun ction on TP- LINK Router s 1. VPN Overview ... ... ... ... ... ... .. ... ... ... ... .. ... ... ... .. ... ... ... ... ... .. .. .... ... .. ... ... ... ... ... .. ... ... ... .. ... ... . 2 2. How to configure LAN-to-L AN IPsec VPN on TP-L INK Router .
2 1. VPN Ov erv iew VPN (Virtual Private Network) is a private networ k esta blished via the public net work, generally via th e Internet. However, t he private net work is a logical network witho ut any physical network lines, so it is called Virtual Pr ivate Networ k.
3 2. How t o conf igure LAN-to -LAN IPsec VPN o n T P-LINK Ro uter Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W, TL-R600VPN To set up an IPsec VPN tunn el on TP-L INK routers you need to perfo rm the followi ng steps: A. Connecting the devi ces together B.
4 Router B’s Status p age:.
5 C. Configuring IPsec VPN settings on TL- ER6120 (Router A) Step 1 : On the management webp age, click on VPN then IKE Proposal. Under IKE Proposal, enter Prop osal Name whatever yo u like, select Authen tication, Encrypt ion and DH Group, we use MD5,3 DES, DH2 in this example.
6 Step 3 : Cli ck on IKE Policy, ent er Policy Name whatever you like, select E xchange Mo de, in this example we use Main, select IP Address as ID Type . Step 4 : Under IKE Propo sal 1, we use test1 in t his example. Ent er Pre-shared Key and SA Lifetime you want, DPD is d isable d.
7 Step 7 : Cli ck on Add. Step 8 : Cli ck on IPsec Policy, enter Policy Name whatever you like, the M ode should be LAN- to-LAN. Ent er Local Subnet and Remote Subnet . Step 9 : Select WAN you u se and type in Remote Gateway . In this examp le, the Remote Gateway is Rout er B’s WAN IP address, 218 .
8 Step 1 3 : Look for PFS, we set NONE here, under SA Lifetime, enter “2 8800” or the period you want. Step 1 4 : Look for Status then select Activate Step 1 5 : Click on Add.
9 D. Configuring IPsec VP N settings on TL -R600VPN (Router B) Step 1 : Go to IPsec VPN -> IKE, click on Add New Step 2 : Enter Policy Name whatever you li ke, here we use test 2. Exchan ge Mode, select Main. Step 3 : Authenticat ion Algori thm and Encryption Algorithm are the same with Router A, we use MD5 and 3DE S in this example.
10 Step 4 : DH Group, select DH2, the same with Router A. Step 5 : Enter Pre-share Key and SA Lifetime, make sure t hat they are t he same with Ro uter A. Step 6 : Cli ck on Save. Step 7 : Cli ck on IPsec on left side, click on Add New. Step 8 : Enter Policy Name, we use ipsec2 in th is example.
11 Step 1 0 : Look for Exch ange mode, please select IKE, a nd Secu rity Protocol, we u se ESP here. Step 1 1 : Authent ica tion Algorithm and E ncryption Algorithm are the same with Rout er A, we use MD 5 and 3DE S in this example. Step 1 2 : IKE Sec urity Policy, we use test2 in this example.
12.
13 3. How t o conf igure Gree nBow IPse c VPN Client with a TP-LINK VPN Router Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W GreenBow IPsec VPN C lient is an IPsec VPN client software d eveloped by T heGreenBow company. It c an be d ownloaded from download page for TL -ER6120 ( http://www.
14 Step 2 : On t he management webpage, c lick on VPN then IKE P roposal. Under IKE Proposal, enter Proposal Name whatever you like, select Authenticat ion, E ncryption and DH Group, we use MD5 , 3DES, D H2 in this example.
15 NOTE: No matter on Main mode or Aggressive mode, once t he cli ent PC is behind a NAT device, we have t o select FQDN as ID Type an d the NAT device must su pport VPN passthrou gh, otherwise the VPN t unnel can’ t be establi shed. Step 4 : Under IKE Proposal 1 , we select 1 in this example.
16 Step 6 : Click on IPsec Policy, enter Policy Name whatever yo u like, the Mo de should be Client-to- LAN. Enter L ocal Subnet and select WAN por t. Step 7 : Look for Policy Mode and select IKE. Under IKE Policy, we select 12 3 which is used. Under IPsec Proposal, we use 123 in this example.
17 Step 8 : Look for PFS, we set NONE here, under SA Lifetime, enter “28800” or the period you want. Look for Status then select Activate. Step 9 : Enable IPsec and then c lick on Save. C. Configuring the GreenBow VPN Clie nt Step 1 : Right click on VPN Config uration and click on New Phrase 1.
18 Under Remote Gat eway, enter the rout er’s WAN IP address, the Pre-shared Key sh ould be the same with router’ s, it is “123456”.on IKE sec tion, the Encrypt ion, Authentication and Key Group are the same with router’s, we use 3DES, MD5and DH2 h ere.
19 Step 4 : Right click on Phase 1, add a new phrase 2 ..
20 Step 5 : Enter remote LAN address and Subnet mask, in the example, the IP address is 192.168 .0.0, Subnet mask is 255.255 .255.0. Encryption an d Authentication are th e same with rout ers; we use 3DE S and MD5 here.
21 Step 6 : Click Save and Apply and then right click on Phrase 2(Tunnel), click on Op en Tunnel..
22 Step 7 : If the c lie nt c onnect to t he VPN Server succ essfully, you can see IPsec SA on the list..
23 4. How t o conf igure Shrew S oft VPN IPsec Cl ient with TP-LIN K Router Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W Shrew Soft VPN IPsec Clie nt is an VPN Client software d eveloped by Shrew Soft Inc. It c an be downloaded from official website of Shrew So ft( htt ps://www.
24 Step 2 : On the management webpage, c lick on VPN then IKE Proposal. Under IKE Proposal, enter Propo sal Name whatever you like, select Authent ication, Encryption and DH Group , we use MD 5, 3ED S, DH2 in this example.
25 NOTE: No matter on Main mode or Aggressive mode, once the client PC is behind a NAT device, we have t o select FQDN as ID Type an d the NAT device must su pport VPN passthrou gh, otherwise the VPN t unnel can’ t be establi shed. Step 4 : Under IKE Proposal 1, we select test in this example .
26 Step 6 : Click on IPsec Po li cy, en ter Policy Name whatev er you like, th e Mode should be Client-to-LAN. E nter L ocal Subnet and select WAN port .
27 Step 7 : Look for Policy Mode and select IKE. Under IKE Poli cy, we select ike which is used. Under IPsec Proposal, we use test in this example. Step 8 : Look for PFS, we set NONE here, under SA Lifeti me, enter “2880 0” or the period you want.
28 Step 3 : Click on Auth entication on the t op menu, select Mutu al PSK as Authentication. Under Identification Type, select F ully Qualified Domain Na me and ent er “321” for FQDN S tring. Step 4 : Click on Remot e Identity, select Full y Qualified Domain Name as Identif ication Type and ent er “123” for FQDN St ring.
29 Step 5 : Click on Credentials, t he Pre Shared Key, should be the same as the Pre-shared Key on t he TL-ER6120, it’s “12 3456789”..
30 Step 6 : Click on Phase 1, under the Propo sal Parameters, the Exch ange Type, DH Exc hange, Cipher Algorithm, and Hash Algorithm are th e same with TL -ER6120’s, we use aggressive, group 2, 3des, md5 h ere.
31 Step 8 : Click on Policy, don’t tick Obtain Topo logy Autom atically or Tunnel All. Then click on Add. Step 9 : Select Include as Type, enter t he TL-ER6120’s LAN Subnet Address and Subn et Mask, it’s 19 2.168.1.0, 255.255.25 5.0. Then click on OK and Save.
32 Step 1 0: Cli ck on Connect. Step 1 1: Cli ck on Connect. Step 1 2: After Shr ew Soft VPN show t unnel enabled as the followings, you need ping TL- ER612 0 LAN IP.
33 Step 1 3: If client con nect to the VPN Server succ essfully, you can see IPsec SA on the li st..
34 5. How t o conf igure LAN-to -LAN L2T P/PPTP VP N on TP-LINK Router Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W LAN-to-LAN L2 TP/PPTP VPN connec tion is established between two VPN rou ters. To configure LAN-to-L AN L2TP/PPTP VPN on TL-LINK Rou ters, p lease foll ow the instruct ions below: A.
35 Router B’s Status Page:.
36 C. Configuring a PPTP Server on TP- LINK router Step 1 : Access Router A’s management page, click on VPN->L2TP/PPTP->IP Addre ss Poo l, enter Pool Name and IP Address Range, and then c lick on Add. NOTE: IP Address pool must be different range from LAN IP address range.
37 Step 4 : Under Tunn el, select LAN-to-LAN. Step 5 : Under IP Address Pool, select “VPN” we have ad ded before. Step 6 : Under Remote Su bnet, enter Router B’s local subnet, we enter “192 .168.1. 0/24” in this example. Step 7 : Look for Status, select Active.
38 Step 6 : Cli ck on Add and t hen click on Save. Step 7 : If the PPTP t unnel is established successfu ll y, you can check it on List of Tunnel. Also, PC within the local sub net of Router B, c an ping Router A’s L AN IP (192.
39 6. How t o conf igure a PPTP S erve r on TP-LINK Route r Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W PPTP (Point to Point T unneling Protoc ol) Server is used to create a VPN c onnection for remote clients. To configure PPTP Server on TP-L INK router, please follow the instruc tions below: A.
40 Step 2 : Click on VPN->L2TP/PPTP->IP Address Pool, enter Poo l Name and IP Address Ran ge, and then c lick on Add. NOTE: IP Address pool must be different range from LAN IP address range. Step 3 : Look for protocol, select PPTP; th e Mode should be Server.
41 Step 4 : Enter Accou nt Name and Password whatever you like, here we use “client” as account name, password is “1 23456”. Step 5 : Under Tunnel, select Client-to-LAN. Step 6 : The t unnel support s up to 10 connec tions, we enter 5 in this example.
42 Step 9 : Click on Add and then c lick on Save. C. Configuring PPTP client on remote PC (Windows 7) NOTE: For remote PC to connect to PPTP server, it can use Windows built-in PPTP software or Th ird-party PPTP soft ware. Step 1 : Click on Start->Cont rol Panel->Network and Internet ->Network and Sharing Center.
43 Choose Connect to a workplace, and then click on Next. Step 4 : Select Use my Internet conn ection (VPN).
44 Step 5 : Under Internet ad dress field, enter router’s WAN IP address, an d then click on Next. Step 6 : Enter User name and Password, and then c lick on Create.
45 Step 7 : The VPN c onnect ion is created and ready to u se , c li ck on Close..
46 Step 8 : Go to Network an d Sharing C enter and click on Change adapter set tings on the left menu. Step 9 : Right Click on VPN Connection and select Connect.
47 Step 1 1: If the PPTP t unnel is established succ essfully, you can check it on List of Tunnel..
48 7. How t o conf igure a L2T P Server on T P-LINK Router Suitable for: TL-E R 6120, TL-ER6020, TL-ER604 W L2TP (Layer 2 Tunneling Protoc ol) Server is used t o create a VPN c onnection for remote clients. To c onfigure L2T P Server on TP-LINK rout er, please follow the instruc tions below: A.
49 Step 2 : Click on VPN->L2TP/PPTP->IP Address Pool, enter Poo l Name and IP Address Ran ge, and then c lick on Add. NOTE: IP Address pool must be different range from LAN IP address range. Step 3 : Look for protocol, select L2TP; the Mod e should be Server.
50 Step 4 : Enter Account Name and Password whatever you like, here we use “ tplinktest” as account name, password is “123 4”. Step 5 : Under Tunnel, select Client-to-LAN. Step 6 : The t unnel support s up to 10 connec tions, we enter 10 in this example.
51 Step 9 : Look for Status, select Active. Step 1 0: Click on Add. Step 1 1: As we enabled Enc ryption, we need t o go to VPN->IP sec , enable IPsec an d then click on Save.
52 Step 3 : Choose Connect to a workplace, and then click on Next..
53 Step 4 : Select Use my Internet conn ection (VPN).
54 Step 5 : Under Internet ad dress field, enter router’s WAN IP address, and then click on Next. Step 6 : Enter User name and Password, and then c lick on Create.
55 Step 7 : The VPN c onnect ion is created and ready to u se , c li ck on Close..
56 Step 8 : Go to Network an d Sharing C enter and click on Change adapter set tings on the left menu. Step 9 : Right Click on VPN Connection and select Properties. On the Secu rity tab, Sele ct Layer 2 Tunneling Protoc ol with IPsec (L2T P/IPsec), under Data encryption, select Require encryption (disconnect if server declines).
57 Step 1 0: Click on Advanced settings, pick Use preshared key for authentication, and then enter t he key, here is “5 678” . Step 1 1: Double click o n VPN Connection, enter User name and Password and t hen c lick on Connect.
58.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté TP-Link TL-R600VPN v2.0 c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du TP-Link TL-R600VPN v2.0 - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation TP-Link TL-R600VPN v2.0, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le TP-Link TL-R600VPN v2.0 va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le TP-Link TL-R600VPN v2.0, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du TP-Link TL-R600VPN v2.0.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le TP-Link TL-R600VPN v2.0. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei TP-Link TL-R600VPN v2.0 ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.