This guide covers tips for connecting ClearOS 6.x to Netgear routers. Specifically it was tested against the SRX5308 / FVX538 / FVS336G running the latest firmwares as of Jan 12, 2013.
In preparation for running the tunnel, please install the ClearOS IPSec VPN module. You must also all the IPsec traffic as an incoming firewall rule. Use the standard services pulldown menu and add 'IPsec' as the firewall rule in the Incoming firewall module.
For this example we will use invalid IP addresses for the external addresses please replace the addresses with your own. For the ClearOS side of the tunnel the network is 192.168.1.0/24. For the Netgear side the network is 10.1.1.0/24. The public WAN IP of the ClearOS server is the invalid address of 222.214.171.124 and the invalid WAN IP address of the Netgear is 302.7.3.45 for our examples.
conn TUNNEL authby=secret auto=start left=302.7.3.45 leftsubnet=10.1.1.0/24 leftsourceip=10.1.1.1 leftid=302.7.3.45 right=2126.96.36.199 rightsubnet=192.168.1.0/24 rightsourceip=192.168.1.1 rightid=2188.8.131.52 keylife=1h ikelifetime=8h dpddelay=10 dpdtimeout=30 dpdaction=restart
2184.108.40.206 302.7.3.45 : PSK "supersecretpassword"
On the Netgear side of things you will need to do the following:
Next: Create a VPN policy