HOW to Setup VPN IPsec Between DSR‑Series

Devices Used:

  • DSR-500N (DSR1)
  • DSR-1000N (DSR2)
  • DSR1: WAN 1.1.1.1 LAN: 192.168.10.1
  • DSR2: WAN 2.2.2.2 LAN: 192.168.20.1

WAN and LAN Setup:

Step 1 – Setup WAN port setup DSR1

SETUP > Internet Settings > WAN1 Settings > WAN1 Setup

DSR_Series_How_to_setup_VPN_IPsec_between_DSR1

Step 2 – Here you will need to select the ISP Connection Type

D-Link

In our example we have selected “Static

Once configured click “Save Settings

Step 3 – Setup LAN Configuration DSR1

SETUP > Network Setting > LAN Setup Configuration

D-Link

Step 4 – Enter an IP address for the LAN interface and DHCP Server

D-Link

In our example we have given the IP: 192.168.10.1

Once configured click “Save Settings

Step 5 – Setup WAN port setup DSR2

SETUP > Internet Settings > WAN1 Settings > WAN1 Setup

D-Link

Step 6 – Here you will need to select the ISP Connection Type

D-Link 

In our example we have selected “Static

Once configured click “Save Settings

Step 7 – Setup LAN Configuration DSR1

SETUP > Network Setting > LAN Setup Configuration

D-Link

Step 8 – Here you will need to select the ISP Connection Type

D-Link

In our example we have selected “Static

Once configured click “Save Settings

VPN IPsec Setup – DSR1:

Step 9 – You will now need to setup an IPsec Policy

D-Link

SETUP > VPN Settings > IPSec > IPsec Policies

Step 10 – Click on “Add” to configure an IPsec Policy

DSR_Series_How_to_setup_VPN_IPsec_between_DSR10 

D-Link

General:

Policy Name: VPN1

Policy Type: Auto Policy

L2TP Mode: None

Select Local Gateway: Dedicated WAN

Remote Endpoint: IP Address

                                : 2.2.2.2 (WAN IP DSR2)

 

Protocol: ESP

Details from DSR1

Local IP: Subnet

Local Start IP Address: 192.168.10.0

Local Subnet Mask: 255.255.255.0

Details from DSR2

Remote IP: Subnet

Remote Start IP Address: 192.168.20.0

Remote Subnet Mask: 255.255.255.0

D-Link

 

Phase1 (IKE SA Parameters):

Exchange Mode: Main

Direction Type: Auto Policy

NAT Traversal: Selected
NAT Keep Alive Frequency (in seconds): 20

Local Identifier Type: Local Wan IP
Local Identifier: 1.1.1.1

Remote Identifier Type: Remote Wan IP
Remote Identifier: 2.2.2.2

Encryption Algorithm:
DES:
Select
JDES: Select
AES-128: Select
AES-192: Select
AES-256: Select

Integrity Algorithm:
MDS:
Select
SHA-1: Select

Authentication Method: Pre-shared Key
Pre-shared key: shared key (example)
Diffie-Hellman(DH)Group: Group 2 (1024 bit)
SA-Lifetime (sec): 28800

Extended Authentication Type: None

D-Link 

 

Phase2 (Manual Policy Parameters):

SA Lifetime: 3600 seconds

Encryption Algorithm:
DES:
Select
JDES: Select
AES-128: Select
AES-192: Select
AES-256: Select

Integrity Algorithm:
MDS:
Select
SHA-1: Select

 

Click “Save Settings

D-Link 

VPN IPsec Setup – DSR2:

Step 11 – You will now need to setup an IPsec Policy

SETUP > VPN Settings > IPSec > IPsec Policies

D-Link

Step 12 – Click on “Add” to configure an IPsec Policy

D-Link

D-Link

General:

Policy Name: VPN2

Policy Type: Auto Policy

L2TP Mode: None

Select Local Gateway: Dedicated WAN

Remote Endpoint: IP Address

                                : 1.1.1.1 (WAN IP DSR1)

 

Protocol: ESP

Details from DSR2

Local IP: Subnet

Local Start IP Address: 192.168.20.0

Local Subnet Mask: 255.255.255.0

Details from DSR1

Remote IP: Subnet

Remote Start IP Address: 192.168.10.0

Remote Subnet Mask: 255.255.255.0

D-Link 

Phase1 (IKE SA Parameters):

Exchange Mode: Main

Direction Type: Auto Policy

NAT Traversal: Selected
NAT Keep Alive Frequency (in seconds): 20

Local Identifier Type: Local Wan IP
Local Identifier: 2.2.2.2

Remote Identifier Type: Remote Wan IP
Remote Identifier: 1.1.1.1

Encryption Algorithm:
DES:
Select
JDES: Select
AES-128: Select
AES-192: Select
AES-256: Select

Integrity Algorithm:
MDS:
Select
SHA-1: Select

Authentication Method: Pre-shared Key
Pre-shared key: shared key (example)
Diffie-Hellman(DH)Group: Group 2 (1024 bit)
SA-Lifetime (sec): 28800

Extended Authentication Type: None

D-Link 

Phase2 (Manual Policy Parameters):

SA Lifetime: 3600 seconds

Encryption Algorithm:
DES:
Select
JDES: Select
AES-128: Select
AES-192: Select
AES-256: Select

Integrity Algorithm:
MDS:
Select
SHA-1: Select 

Click “Save Settings

D-Link 

Step 13 – To make sure the VPN Connection is active and running

STATUS > Active VPNs

If you see “IPsec SA Not Established”, Click on “Connect

D-Link

D-Link

D-Link

D-Link

 

Rank: 1.5