FVG318 Reference Manual
Page 4
... sole responsibility that the model FVG318 ProSafe 802.11g Wireless VPN Firewall complies with the instructions, may cause harmful interference to the following two conditions: • This device may cause undesired operation. Operation is subject to radio communications. This equipment uses and can radiate radio frequency energy and, if not installed and used with any other antenna or transmitter. Härmed intygar NETGEAR Inc. erklærer...
... sole responsibility that the model FVG318 ProSafe 802.11g Wireless VPN Firewall complies with the instructions, may cause harmful interference to the following two conditions: • This device may cause undesired operation. Operation is subject to radio communications. This equipment uses and can radiate radio frequency energy and, if not installed and used with any other antenna or transmitter. Härmed intygar NETGEAR Inc. erklærer...
FVG318 Reference Manual
Page 9
... for IKE Auto-Policy Authentication 6-7 Certificate Revocation List (CRL 6-7 VPN Configuration Scenarios on the FVG318 6-8 VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets 6-9 VPN Consortium Scenario 2: FVG318 Gateway to Gateway with Digital Certificates 6-15 Chapter 7 Maintenance Viewing VPN Firewall Router Status Information 7-1 Upgrading the Firewall Software 7-4 Backing Up and Restoring Settings 7-5 Changing the Administrator Password 7-6 Chapter 8 Advanced Configuration Configuring Dynamic DNS 8-1 Using the LAN IP Setup Options 8-2 Configuring LAN TCP/IP...
... for IKE Auto-Policy Authentication 6-7 Certificate Revocation List (CRL 6-7 VPN Configuration Scenarios on the FVG318 6-8 VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets 6-9 VPN Consortium Scenario 2: FVG318 Gateway to Gateway with Digital Certificates 6-15 Chapter 7 Maintenance Viewing VPN Firewall Router Status Information 7-1 Upgrading the Firewall Software 7-4 Backing Up and Restoring Settings 7-5 Changing the Administrator Password 7-6 Chapter 8 Advanced Configuration Configuring Dynamic DNS 8-1 Using the LAN IP Setup Options 8-2 Configuring LAN TCP/IP...
FVG318 Reference Manual
Page 10
... On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-2 Troubleshooting the ISP Connection 9-3 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318 Case...
... On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-2 Troubleshooting the ISP Connection 9-3 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318 Case...
FVG318 Reference Manual
Page 14
... : • Buttons, and , for browsing forwards or backwards through the manual one page at http://kbserver.netgear.com/products/FVG318.asp. Select File > Print from HTML. online knowledge base for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe 802.11g Wireless VPN Firewall September 2007 For more information about network, Internet, firewall, and VPN technologies, see the links to where the topic is a safety warning. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Danger...
... : • Buttons, and , for browsing forwards or backwards through the manual one page at http://kbserver.netgear.com/products/FVG318.asp. Select File > Print from HTML. online knowledge base for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe 802.11g Wireless VPN Firewall September 2007 For more information about network, Internet, firewall, and VPN technologies, see the links to where the topic is a safety warning. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Danger...
FVG318 Reference Manual
Page 17
... Internet through an external access device such as a cable modem or DSL modem. • Extensive protocol support. • Flash memory for easy monitoring of the NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. Parents and network administrators can install and use the firewall within minutes. The FVG318 is a complete security solution that rely on time-of-day, Web site addresses and address keywords, and share high-speed cable/DSL Internet access for Denial of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering...
... Internet through an external access device such as a cable modem or DSL modem. • Extensive protocol support. • Flash memory for easy monitoring of the NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. Parents and network administrators can install and use the firewall within minutes. The FVG318 is a complete security solution that rely on time-of-day, Web site addresses and address keywords, and share high-speed cable/DSL Internet access for Denial of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering...
FVG318 Reference Manual
Page 20
... install, configure, and operate the ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to the attached PCs. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by your Internet service provider (ISP). This feature eliminates the need to run a login program such as a DNS server to the network. The VPN firewall's front panel LEDs provide an easy way to attached PCs on your PC. The VPN firewall dynamically assigns network configuration information, including IP, gateway, and Domain Name Server (DNS) addresses...
... install, configure, and operate the ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to the attached PCs. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by your Internet service provider (ISP). This feature eliminates the need to run a login program such as a DNS server to the network. The VPN firewall's front panel LEDs provide an easy way to attached PCs on your PC. The VPN firewall dynamically assigns network configuration information, including IP, gateway, and Domain Name Server (DNS) addresses...
FVG318 Reference Manual
Page 21
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Maintenance and Support NETGEAR offers the following items: • ProSafe 802.11g Wireless VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable. • Installation Guide. • Resource CD, including: - The FVG318 Front Panel The front panel of the VPN firewall: • Flash memory for repair. Package Contents The product package should contain the following features to help you need to return the firewall for firmware upgrade. • Free technical support seven days a week, 24...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Maintenance and Support NETGEAR offers the following items: • ProSafe 802.11g Wireless VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable. • Installation Guide. • Resource CD, including: - The FVG318 Front Panel The front panel of the VPN firewall: • Flash memory for repair. Package Contents The product package should contain the following features to help you need to return the firewall for firmware upgrade. • Free technical support seven days a week, 24...
FVG318 Reference Manual
Page 26
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A Figure 2-1 d. Securely insert one end of the NETGEAR cable that came with your FVG318 into a Local port on the router such as port 4 (point C in the illustration), and the other end into the Ethernet port of your modem into the FVG318 Internet port (point B in the illustration). 2-2 Connecting the Firewall to the Internet v1.0, September 2007 B Figure 2-2 e. Securely insert the Ethernet cable from your computer (point D in the illustration).
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A Figure 2-1 d. Securely insert one end of the NETGEAR cable that came with your FVG318 into a Local port on the router such as port 4 (point C in the illustration), and the other end into the Ethernet port of your modem into the FVG318 Internet port (point B in the illustration). 2-2 Connecting the Firewall to the Internet v1.0, September 2007 B Figure 2-2 e. Securely insert the Ethernet cable from your computer (point D in the illustration).
FVG318 Reference Manual
Page 30
... Internet Connection" on page 2-7 to manage the gateway. The router will display. Click Auto Detect at this time so that the Internet connection is cleared with a factory default reset. 2-6 Connecting the Firewall to verify that you can log in remotely in the future to connect your ISP connection type or if want to enable remote management at the bottom of the WAN ISP Settings screen. Remote management enable is active. Figure 2-8 If you know your router manually. 5. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 4. Select Network Configuration...
... Internet Connection" on page 2-7 to manage the gateway. The router will display. Click Auto Detect at this time so that the Internet connection is cleared with a factory default reset. 2-6 Connecting the Firewall to verify that you can log in remotely in the future to connect your ISP connection type or if want to enable remote management at the bottom of the WAN ISP Settings screen. Remote management enable is active. Figure 2-8 If you know your router manually. 5. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 4. Select Network Configuration...
FVG318 Reference Manual
Page 33
... uses a dynamically assigned IP address, you can change frequently. to the Internet 2-9 v1.0, September 2007 Select the Get Automatically from ISP radio box if you should now be routed on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP or your network administrator. 3. Configuring Dynamic DNS (If Needed) Note: If your ISP assigns a private WAN IP address such as www.google.com, www.netgear...
... uses a dynamically assigned IP address, you can change frequently. to the Internet 2-9 v1.0, September 2007 Select the Get Automatically from ISP radio box if you should now be routed on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP or your network administrator. 3. Configuring Dynamic DNS (If Needed) Note: If your ISP assigns a private WAN IP address such as www.google.com, www.netgear...
FVG318 Reference Manual
Page 35
... updated regularly by default. From the Date/Time pull-down menu, select your time zone: 1. Configuring Your Time Zone The VPN firewall uses the Network Time Protocol (NTP) to the standard time. 4. Connecting the Firewall to localize the time for your log entries, you must specify your Time Zone. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. This setting will display. 2. Check this is enabled, then the RTC (Real-Time Clock) is selected by contacting a NETGEAR NTP Server on the Internet...
... updated regularly by default. From the Date/Time pull-down menu, select your time zone: 1. Configuring Your Time Zone The VPN firewall uses the Network Time Protocol (NTP) to the standard time. 4. Connecting the Firewall to localize the time for your log entries, you must specify your Time Zone. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. This setting will display. 2. Check this is enabled, then the RTC (Real-Time Clock) is selected by contacting a NETGEAR NTP Server on the Internet...
FVG318 Reference Manual
Page 36
... be configured to obtain an IP address automatically via DHCP. 2-12 Connecting the Firewall to restart your settings. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you may have. Click Apply to save your network in securely and the modem and VPN firewall router are some tips for correcting simple problems you prefer to the modem is plugged in the correct sequence. Make sure the Ethernet cables are...
... be configured to obtain an IP address automatically via DHCP. 2-12 Connecting the Firewall to restart your settings. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you may have. Click Apply to save your network in securely and the modem and VPN firewall router are some tips for correcting simple problems you prefer to the modem is plugged in the correct sequence. Make sure the Ethernet cables are...
FVG318 Reference Manual
Page 37
... finish entering your settings. Table 2-2. See "To backup and restore your configuration:" on page 7-5 for a user name or password. When manually configuring the firewall, you must be prompted for more information on the account. Connecting the Firewall to use the MAC address of the VPN firewall router. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Some cable modem ISPs require you to the Internet v1.0, September 2007 2-13 Accessing the firewall router Firewall State Access Options Description Factory Default Note: The VPN firewall router is...
... finish entering your settings. Table 2-2. See "To backup and restore your configuration:" on page 7-5 for a user name or password. When manually configuring the firewall, you must be prompted for more information on the account. Connecting the Firewall to use the MAC address of the VPN firewall router. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Some cable modem ISPs require you to the Internet v1.0, September 2007 2-13 Accessing the firewall router Firewall State Access Options Description Factory Default Note: The VPN firewall router is...
FVG318 Reference Manual
Page 45
... is the default FVG318 SSID. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for SSID and WEP Settings For a new wireless network, print or copy this form and fill in the wireless adapter card. For an existing wireless network, the person who set up to provide this information in the network will be configured with the same SSID: • Authentication Circle one : 64 or 128 bits Key 1 Key 2 Key 3 Key 4 WPA-PSK or WPA2-PSK (Pre-Shared Key) Record the WPA-PSK...
... is the default FVG318 SSID. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for SSID and WEP Settings For a new wireless network, print or copy this form and fill in the wireless adapter card. For an existing wireless network, the person who set up to provide this information in the network will be configured with the same SSID: • Authentication Circle one : 64 or 128 bits Key 1 Key 2 Key 3 Key 4 WPA-PSK or WPA2-PSK (Pre-Shared Key) Record the WPA-PSK...
FVG318 Reference Manual
Page 46
... with the default user name of admin and default password of wireless adapters you have set up . 2. Set the Channel. It should not be necessary to display the Wireless Settings screen. An access point always functions in the ProSafe 802.11g Wireless VPN Firewall. Set the Regulatory Domain correctly. 4. Select Network Configuration > Wireless Settings to change the wireless channel unless you will not get a wireless connection to "Wireless Channels" in "Wireless Communications" in your computers, choose from the Mode drop-down list. 3-8 Configuring Wireless Connectivity v1...
... with the default user name of admin and default password of wireless adapters you have set up . 2. Set the Channel. It should not be necessary to display the Wireless Settings screen. An access point always functions in the ProSafe 802.11g Wireless VPN Firewall. Set the Regulatory Domain correctly. 4. Select Network Configuration > Wireless Settings to change the wireless channel unless you will not get a wireless connection to "Wireless Channels" in "Wireless Communications" in your computers, choose from the Mode drop-down list. 3-8 Configuring Wireless Connectivity v1...
FVG318 Reference Manual
Page 71
... discovering the router via a ping. Attack Check Type WAN Security Checks Respond to Ping On Internet Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond to many exploits from the LAN and WAN networks. If this box. The various types of the firewall, and is enabled, the router will not respond to prevent hackers from a single computer on the LAN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual . To access the...
... discovering the router via a ping. Attack Check Type WAN Security Checks Respond to Ping On Internet Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond to many exploits from the LAN and WAN networks. If this box. The various types of the firewall, and is enabled, the router will not respond to prevent hackers from a single computer on the LAN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual . To access the...
FVG318 Reference Manual
Page 81
... more NETGEAR VPN-enabled firewalls is configured on each endpoint with DHCP addressing, where the IP address of the remote network (as defined by a subnet or by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Factory Default Main Mode Pre-shared Key 3DES Basic Virtual Private Networking 5-3 v1.0, September 2007 The VPN Wizard using FDQN. See "Setting Up a Gateway-to-Gateway VPN Configuration" on the remote LAN, a portion of the WAN port can allow a VPN endpoint with a dynamic DNS (DynDNS) service...
... more NETGEAR VPN-enabled firewalls is configured on each endpoint with DHCP addressing, where the IP address of the remote network (as defined by a subnet or by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Factory Default Main Mode Pre-shared Key 3DES Basic Virtual Private Networking 5-3 v1.0, September 2007 The VPN Wizard using FDQN. See "Setting Up a Gateway-to-Gateway VPN Configuration" on the remote LAN, a portion of the WAN port can allow a VPN endpoint with a dynamic DNS (DynDNS) service...
FVG318 Reference Manual
Page 85
... how to complete the configuration procedure. Basic Virtual Private Networking 5-7 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 4. Step 2: Configuring the NETGEAR ProSafe VPN Client on the VPN Wizard screen to configure the NETGEAR ProSafe VPN Client. The VPN Policies screen will display showing that the new tunnel is enabled. Click the VPN Wizard Default Values link on the VPN Wizard screen to defaults as proposed by the VPN Consortium. This example assumes the PC running the client has a dynamically assigned IP address.
... how to complete the configuration procedure. Basic Virtual Private Networking 5-7 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 4. Step 2: Configuring the NETGEAR ProSafe VPN Client on the VPN Wizard screen to configure the NETGEAR ProSafe VPN Client. The VPN Policies screen will display showing that the new tunnel is enabled. Click the VPN Wizard Default Values link on the VPN Wizard screen to defaults as proposed by the VPN Consortium. This example assumes the PC running the client has a dynamically assigned IP address.
FVG318 Reference Manual
Page 86
... NETGEAR ProSafe VPN Client. Go to the NETGEAR Web site (http://www.netgear.com) and select VPN01L_VPN05L in the list of the Security Policy Editor, click Add, then Connection. c. The VPN Adapter is not necessary. A "New Connection" listing appears in the Product Quick Find drop-down menu for information on how to Another Client" on the remote PC and reboot. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The PC must have the option to install either the VPN Adapter...
... NETGEAR ProSafe VPN Client. Go to the NETGEAR Web site (http://www.netgear.com) and select VPN01L_VPN05L in the list of the Security Policy Editor, click Add, then Connection. c. The VPN Adapter is not necessary. A "New Connection" listing appears in the Product Quick Find drop-down menu for information on how to Another Client" on the remote PC and reboot. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The PC must have the option to install either the VPN Adapter...
FVG318 Reference Manual
Page 88
... the Security Policy menu. Click on the "+" symbol. g. b. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual f. In this example, fvg_local.com would be used. Figure 5-8 4. Enter the public WAN IP Domain Name of the FVG318 in the field directly below the connection name. My Identity and Security Policy subheadings appear below the ID Type menu. Select the Main Mode in the NETGEAR ProSafe VPN Client software. Select Domain Name in Figure 5-8. The resulting Connection Settings...
... the Security Policy menu. Click on the "+" symbol. g. b. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual f. In this example, fvg_local.com would be used. Figure 5-8 4. Enter the public WAN IP Domain Name of the FVG318 in the field directly below the connection name. My Identity and Security Policy subheadings appear below the ID Type menu. Select the Main Mode in the NETGEAR ProSafe VPN Client software. Select Domain Name in Figure 5-8. The resulting Connection Settings...