D-Link DSR series

  • Updated on Aug 22, 2025
  • Published on Feb 8, 2022
  • 2 minute(s) read
  • Perimeter Support
  • m
 Prev Next

Introduction

This guide will walk you through the process of establishing a Site-to-Site VPN tunnel between your Harmony SASE network and your D-Link environment.

Breakdown of topics

  1. Pre-requisites
  2. Configuration Steps
  3. Verifying the Setup
  4. Troubleshooting
  5. Support Contacts

Pre-requisites

To successfully follow this guide, ensure that:

  1. An active Harmony SASE account and an established network.
  2. The Harmony SASE application is installed on the necessary devices.
  3. An operational D-Link setup with the required administrative access.

Configuration Steps

Configuring the tunnel in the Management Platform

  1. Select the network tab from the menu on the left side of the screen. Choose the network that contains the gateway in your network to which you'd like to create the tunnel. Select the three-dotted icon besides the gateway's name and select Add Tunnel.
    360010932540ScreenShot2019-08-27at140615.png

  2. Select IPSec Site-2-Site Tunnel and select Continue.

  3. In the General Settings section, specify these: 

  • Name: Choose whatever name you find suitable for the tunnel.
  • Shared Secret: Enter a character string of your own or use Generate.
  • Public IP/Remote ID: Enter the public IP from which the D-Link device is connected to the internet.
  • Harmony SASE Gateway Proposal Subnets: Choose the specified subnet. By default, this should be set to 10.2XX.0.0/16.
  • Remote Gateway Proposal Subnets: Select Specified Subnets and specify according to your local LAN Subnets.

  1. In the Advanced Settings section, specify these:
  • IKE Version: V1
  • DPD detection: 30s
  • DPD timeout: 10s
  • Phase 1:
    • Encryption (Phase 1): AES256
    • Integrity (Phase 1): SHA512
    • Key Exchange Method: modp1536
  • Phase 2:
    • Encryption (Phase 2): AES256
    • Integrity (Phase 2): SHA512
    • Key Exchange Method: modp1536

Leave the rest of the fields with the default values (as shown in the attached image) and click on add a tunnel.

Configuring the tunnel in the D-Link Web Interface

  1. Open the D-link management interface and select the VPN tab.
  2. In the left panel, under 'IPSec VPN', select 'Policies.
  3. Click 'Add New IPSec Policy'
  4. Fill in the following information:

    Policy Name: Enter a name of your choice (ex: P81).
    Policy Type: Auto Policy
    IP Protocol Version: IPv4
    IKE Version: IKEv1
    L2TP Mode: None
    IPSec Mode: Tunnel Mode
    Select Local Gateway: Dedicated WAN
    Remote Endpoint: IP Address
    IP Address / FQDN: Enter your Harmony SASE gateway IP
    Enable Config Mode: Off

    Enable NetBIOS: Off
    Enable RollOver: Off
    Protocol: ESP
    Enable DHCP: Off
    Local IP: Subnet
    Local Start IP Address: Your Local Subnet as defined by D-Link
    Local Subnet Mask: Matching Subnet Mask from your D-Link
    Remote IP: Subnet
    Remote Start IP Address: 10.255.0.0
    Remote Subnet Mask: 255.255.0.0
    Enable Keepalive: Off
    For 'Phase1 (IKE SA Parameters)' enter the following:
    Exchange Mode: Main
    Direction / Type: Responder
    NAT Traversal: Off
    Local Identifier Type: Local WAN IP
    Remote Identifier Type: Remote WAN IP
    For 'Encryption Algorithm' select the following:
    AES-256: On
    For 'Authentication Algorithm' select the following:
    SHA2-512: On
    Authentication Method: Pre-Shared Key
    Pre-Shared Key: Enter the same key you entered in the Harmony SASE portal.
    Diffie-Hellman (DH) Group: Group 5
    SA-Lifetime: 28800
    Enable Dead Peer Detection: On
    Detection Period: 10
    Reconnect after failure: 3
    For 'Phase2-(Auto Policy Parameters)' enter the following:SA Lifetime: 3600 seconds
    And for 'Encryption Algorithm' select the following:
    AES-256: On
    For 'Integrity Algorithm' enter the following:
    SHA2-512: On
    PFS Key Group: On
    DH Group: Group 5
    Lastly, click 'Save'

Verifying the Setup

After following the above steps, your tunnel should be active.
To verify, go to your Harmony SASE dashboard, locate the tunnel you just created, and check the tunnel status.
It should indicate that the tunnel is "Up", signifying a successful connection.
Next, connect to your network using the Harmony SASE agent and attempt to access one of the resources in your environment.

Troubleshooting

If you encounter issues during or after the setup, try reviewing your settings to ensure everything matches the instructions. In particular, check the IP addresses and other details you entered during setup. If issues persist, please consult our dedicated support.

Support Contacts

If you have any difficulties or questions, don't hesitate to contact Harmony SASE's support team. We offer 24/7 chat support on our website at sase.checkpoint.com, or you can email us at sase-support@checkpoint.com. We're here to assist you and ensure your VPN tunnel setup is a success.