Figure 15 below from D-Link's Product Data Sheet depicts using two D-Link DFL routers to create a site-to-site VPN connecting two small office LANs. As you can see in this example network, there is a Mail Server in the Small Office LAN on the left, which is securely accessible to the PCs in the Satellite Office LAN on the right, via this VPN.
Figure 15: Diagram of a typical site-to-site VPN
Compared to the VPN Client, site-to-site VPN functionality was easy. I was able to set up a site-to-site VPN using a DFL-CPG310 at one location and a Linksys RV042 as the other.
With the Site-to-Site configuration wizard, I used AES-128 Encryption and SHA-1 Authentication for IPSec Phase 1 and Phase 2 negotiation. I selected Diffie-Hellman Group 1 on both Phase 1 and Phase 2, and enabled Keep Alive to keep the tunnel active.
Each side used the other's Dynamic DNS to locate and recognize the other side, and authentication was handled through a manually entered Shared Secret Key (PSK), which is a common text string you enter on both routers. Figure 16 is a status screen from the DFL-CPG310 showing the VPN has been successfully established, linking the 192.168.10.0 /24 LAN of the D-Link to the 192.168.3.0 /24 LAN of the Linksys.
Figure 16: VPN status screen showing connection
For more detail, please see the slide show of screen shots showing all the configuration options selected on both the D-Link and the Linksys.
I was impressed with the D-Link's site-to-site VPN stability and resiliency. I left this site-to-site VPN running continuously, and it remained up for the several weeks I tested this router. I configured a couple of the PCs on the D-Link LAN to run automatic backups to a storage device on the Linksys LAN over this VPN, and they all ran without error.
Let's take a look at the throughput measurements from our Router Performance Charts in Figure 17 and Figure 18 below. Comparing WAN to LAN and LAN to WAN throughput for routers with VPN capability, we can see the DFL-CPG310's performance is near the top with 39 Mbps WAN to LAN and 45 Mbps LAN to WAN throughput.