FVG318 Reference Manual
Page 13
About This Manual The NETGEAR® ProSafe™ 802.11g Wireless VPN Firewall FVG318 Reference Manual describes how to highlight a procedure that will save time or resources. This manual uses the following ...used to install, configure and troubleshoot the ProSafe 802.11g Wireless VPN Firewall. The information in the following paragraphs: • Typographical Conventions. This manual uses the following typographical conventions: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text...
About This Manual The NETGEAR® ProSafe™ 802.11g Wireless VPN Firewall FVG318 Reference Manual describes how to highlight a procedure that will save time or resources. This manual uses the following ...used to install, configure and troubleshoot the ProSafe 802.11g Wireless VPN Firewall. The information in the following paragraphs: • Typographical Conventions. This manual uses the following typographical conventions: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text...
FVG318 Reference Manual
Page 20
... Host Configuration Protocol (DHCP). The VPN firewall's front panel LEDs provide an easy way to the attached PCs. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by simulating a dial-up connection. The VPN firewall allows several networked PCs to run ...by DHCP. Browser-based configuration allows you can install, configure, and operate the ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to a specified remote IP address or range of Attached PCs by your PC. The following features simplify installation and...
... Host Configuration Protocol (DHCP). The VPN firewall's front panel LEDs provide an easy way to the attached PCs. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by simulating a dial-up connection. The VPN firewall allows several networked PCs to run ...by DHCP. Browser-based configuration allows you can install, configure, and operate the ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to a specified remote IP address or range of Attached PCs by your PC. The following features simplify installation and...
FVG318 Reference Manual
Page 28
... the Ethernet cable is still on . However, if you begin, be lit. http://192.168.0.1 Figure 2-5 2-4 Connecting the Firewall to obtain an IP address automatically via DHCP, which is first turned on , see "Internet Networking and TCP/IP Processing" at Appendix B, "Related Documents. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be lit.
... the Ethernet cable is still on . However, if you begin, be lit. http://192.168.0.1 Figure 2-5 2-4 Connecting the Firewall to obtain an IP address automatically via DHCP, which is first turned on , see "Internet Networking and TCP/IP Processing" at Appendix B, "Related Documents. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be lit.
FVG318 Reference Manual
Page 31
... enter: - Internet Service Connections Connection Method PPPoE PPPoA DHCP (Dynamic IP) Static (Fixed) IP IPoA Data Required Login (Username, Password). ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: When you enable remote management, we strongly advise that you must provide a Login sequence in your e-mail address (for example, if your ISP; No data is described in Table...
... enter: - Internet Service Connections Connection Method PPPoE PPPoA DHCP (Dynamic IP) Static (Fixed) IP IPoA Data Required Login (Username, Password). ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: When you enable remote management, we strongly advise that you must provide a Login sequence in your e-mail address (for example, if your ISP; No data is described in Table...
FVG318 Reference Manual
Page 32
...automatically assign an IP address to Keep the Connection Always On. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Enter the password you have logged in. • My IP Address: IP address assigned by the... ISP to wait before disconnecting in the Timeout field. 2. This is idle for the PPPoE connection • Domain Name: Name of minutes to make a connection with the ISP server. • Server IP Address: IP address...
...automatically assign an IP address to Keep the Connection Always On. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Enter the password you have logged in. • My IP Address: IP address assigned by the... ISP to wait before disconnecting in the Timeout field. 2. This is idle for the PPPoE connection • Domain Name: Name of minutes to make a connection with the ISP server. • Server IP Address: IP address...
FVG318 Reference Manual
Page 33
... dynamic DNS service will not work because private addresses will not be routed on the Internet. Configuring Dynamic DNS (If Needed) Note: If your ISP assigns a private WAN IP address such as www.google.com, www.netgear.com, etc. to the Internet 2-9 v1.0,...network has a permanently assigned (static or fixed) IP address, you have not been assigned a static DNS IP address. - Note: At this case, you can register a domain name and have a fixed or dynamic IP address. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP...
... dynamic DNS service will not work because private addresses will not be routed on the Internet. Configuring Dynamic DNS (If Needed) Note: If your ISP assigns a private WAN IP address such as www.google.com, www.netgear.com, etc. to the Internet 2-9 v1.0,...network has a permanently assigned (static or fixed) IP address, you have not been assigned a static DNS IP address. - Note: At this case, you can register a domain name and have a fixed or dynamic IP address. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP...
FVG318 Reference Manual
Page 34
... gateway, whenever your ISP-assigned IP address changes, your gateway will display with them. The Dynamic DNS screen will automatically contact your dynamic DNS service provider, log in resolving your URL, you want to use this feature. Access the Web site of your dynamic DNS account. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The gateway contains...
... gateway, whenever your ISP-assigned IP address changes, your gateway will display with them. The Dynamic DNS screen will automatically contact your dynamic DNS service provider, log in resolving your URL, you want to use this feature. Access the Web site of your dynamic DNS account. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The gateway contains...
FVG318 Reference Manual
Page 36
... 2 Name/IP Address field. Always follow this option and leave either the Server 1 or Server 2 fields empty, then they will be lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you prefer to the Internet v1.0, September 2007 Be sure to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com...
... 2 Name/IP Address field. Always follow this option and leave either the Server 1 or Server 2 fields empty, then they will be lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you prefer to the Internet v1.0, September 2007 Be sure to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com...
FVG318 Reference Manual
Page 38
... VPN firewall router. Accessing the firewall router (continued) Firewall State Access Options Description Configuration Enter the standard Settings Have Been URL to access the Applied VPN firewall router Enter the IP address of the VPN firewall router Connect to the VPN firewall router by typing the IP address of the VPN firewall router in the address field of your browser, then press Enter. 192.168.0.1 is password. ProSafe 802.11g Wireless VPN Firewall...
... VPN firewall router. Accessing the firewall router (continued) Firewall State Access Options Description Configuration Enter the standard Settings Have Been URL to access the Applied VPN firewall router Enter the IP address of the VPN firewall router Connect to the VPN firewall router by typing the IP address of the VPN firewall router in the address field of your browser, then press Enter. 192.168.0.1 is password. ProSafe 802.11g Wireless VPN Firewall...
FVG318 Reference Manual
Page 45
... WPA or WPA2, record the following RADIUS settings: Server Name/IP Address: Primary Secondary Port Shared Key Use the procedures described in the following sections to configure the FVG318. Configuring Wireless Connectivity 3-7 v1.0, September 2007 Circle one : Open System or Shared Key. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for SSID and WEP Settings...
... WPA or WPA2, record the following RADIUS settings: Server Name/IP Address: Primary Secondary Port Shared Key Use the procedures described in the following sections to configure the FVG318. Configuring Wireless Connectivity 3-7 v1.0, September 2007 Circle one : Open System or Shared Key. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for SSID and WEP Settings...
FVG318 Reference Manual
Page 47
... able to obtain an IP address by MAC Address To restrict access based on Apply. Restricting Wireless Access by DHCP from a wireless computer and you change the wireless settings of password. 2. Program the wireless adapter of your PCs have a wireless link and are configuring the FVG318 from the VPN firewall router. Figure 3-4 Configuring Wireless Connectivity 3-9 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
... able to obtain an IP address by MAC Address To restrict access based on Apply. Restricting Wireless Access by DHCP from a wireless computer and you change the wireless settings of password. 2. Program the wireless adapter of your PCs have a wireless link and are configuring the FVG318 from the VPN firewall router. Figure 3-4 Configuring Wireless Connectivity 3-9 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
FVG318 Reference Manual
Page 51
The RADIUS settings fields in the Wireless Security Type section. Select the WPA radio box and then select RADIUS from the WPA with RADIUS, TKIP is required. Note: The Encryption choice ...on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used for connecting to save your LAN. • Radius Port: Enter the port number used . 4. Configuring Wireless Connectivity v1.0, September 2007 3-13 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-6 3. This must match the value used on your settings....
The RADIUS settings fields in the Wireless Security Type section. Select the WPA radio box and then select RADIUS from the WPA with RADIUS, TKIP is required. Note: The Encryption choice ...on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used for connecting to save your LAN. • Radius Port: Enter the port number used . 4. Configuring Wireless Connectivity v1.0, September 2007 3-13 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-6 3. This must match the value used on your settings....
FVG318 Reference Manual
Page 53
... WPA2. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is required on the Radius server. 5. Select Network Adminisration > Wireless Settings. Configuring Wireless Connectivity v1.0, September 2007 3-15 For WPA2 with RADIUS: 1. The Wireless Settings Screen will be AES by default. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. Consult...
... WPA2. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is required on the Radius server. 5. Select Network Adminisration > Wireless Settings. Configuring Wireless Connectivity v1.0, September 2007 3-15 For WPA2 with RADIUS: 1. The Wireless Settings Screen will be AES by default. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. Consult...
FVG318 Reference Manual
Page 54
...by default. Enter the name or IP address of the primary Radius Server on the Radius server. 5. Select the WPA and WPA2 radio box and then select RADIUS from the WPA with RADIUS, TKIP+AES is required. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3.... Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring...
...by default. Enter the name or IP address of the primary Radius Server on the Radius server. 5. Select the WPA and WPA2 radio box and then select RADIUS from the WPA with RADIUS, TKIP+AES is required. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3.... Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring...
FVG318 Reference Manual
Page 62
...a proxy that is not blocked by the rule, rendering the restriction ineffective. For example, if connections to a specific IP address are installed on Windows computers running Internet Explorer. Cookies are small programs embedded in order for the site to be blocked...; Enabling this feature blocks proxy servers. • Java. Figure 4-1 To enable Content Filtering: 1. Similar to not function properly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Certain commonly used by malicious websites to infect computers that access them . Some of the page. For example: ...
...a proxy that is not blocked by the rule, rendering the restriction ineffective. For example, if connections to a specific IP address are installed on Windows computers running Internet Explorer. Cookies are small programs embedded in order for the site to be blocked...; Enabling this feature blocks proxy servers. • Java. Figure 4-1 To enable Content Filtering: 1. Similar to not function properly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Certain commonly used by malicious websites to infect computers that access them . Some of the page. For example: ...
FVG318 Reference Manual
Page 63
... Keywords list and www.yahoo.com is added to the Trusted Domain list, then www.yahoo.com will not allowed. Figure 4-2 To add a Trusted IP Address or Trusted Domain: Firewall Protection and Content Filtering 4-3 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. Once Content Filtering has been enabled you want to be blocked. 3. Trusted Internet...
... Keywords list and www.yahoo.com is added to the Trusted Domain list, then www.yahoo.com will not allowed. Figure 4-2 To add a Trusted IP Address or Trusted Domain: Firewall Protection and Content Filtering 4-3 v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. Once Content Filtering has been enabled you want to be blocked. 3. Trusted Internet...
FVG318 Reference Manual
Page 64
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 1. The IP Address or Domain Name will appear in the appropriate table. 3. The change will appear in the appropriate table. When you have access to access specific resources. ... what outside users to . 4-4 Firewall Protection and Content Filtering v1.0, September 2007 Click Add adjacent to the keyword you want to delete only that entry, and then click Delete. Inbound rules (WAN to LAN) restrict access by outsiders to delete, and then click Delete. To delete Trusted IP Addresses or Trusted Domain Names...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 1. The IP Address or Domain Name will appear in the appropriate table. 3. The change will appear in the appropriate table. When you have access to access specific resources. ... what outside users to . 4-4 Firewall Protection and Content Filtering v1.0, September 2007 Click Add adjacent to the keyword you want to delete only that entry, and then click Delete. Inbound rules (WAN to LAN) restrict access by outsiders to delete, and then click Delete. To delete Trusted IP Addresses or Trusted Domain Names...
FVG318 Reference Manual
Page 65
You can block or allow access based on the service or application, source or destination IP addresses, and time of day. After you have completed your modifications, click Apply. To delete or disable/enable rules: • Click select all to ... rules of a rule in Figure 4-3: Figure 4-3 You may define additional rules that matches or does not match the rule you have defined. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A firewall has two default rules, one for inbound traffic and one for a given service. • Check the box adjacent to the rules you want...
You can block or allow access based on the service or application, source or destination IP addresses, and time of day. After you have completed your modifications, click Apply. To delete or disable/enable rules: • Click select all to ... rules of a rule in Figure 4-3: Figure 4-3 You may define additional rules that matches or does not match the rule you have defined. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A firewall has two default rules, one for inbound traffic and one for a given service. • Check the box adjacent to the rules you want...
FVG318 Reference Manual
Page 66
... the opposite (LAN or WAN) of the Source Address. You can select whether the traffic will be logged. However, by source IP address. Only enable those ports that matches the parameters and action will be logged. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for ...service. - Never - Your ISP may suspend your VPN firewall. The choices are : • Service. If you can block or allow you must enter a Single LAN address in Figure 4-3. Following are not limited to add any of addresses, enter the range in your account if it ...
... the opposite (LAN or WAN) of the Source Address. You can select whether the traffic will be logged. However, by source IP address. Only enable those ports that matches the parameters and action will be logged. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for ...service. - Never - Your ISP may suspend your VPN firewall. The choices are : • Service. If you can block or allow you must enter a Single LAN address in Figure 4-3. Following are not limited to add any of addresses, enter the range in your account if it ...
FVG318 Reference Manual
Page 67
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Inbound Rule Example: A Local Public Web Server If you host a public Web server on your Web server at any time of day. Figure 4-5 Firewall Protection and Content Filtering 4-7 v1.0, September 2007 In this case, we have also specified logging of external IP addresses. In the example shown in Figure 4-4: Figure 4-4 Inbound...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Inbound Rule Example: A Local Public Web Server If you host a public Web server on your Web server at any time of day. Figure 4-5 Firewall Protection and Content Filtering 4-7 v1.0, September 2007 In this case, we have also specified logging of external IP addresses. In the example shown in Figure 4-4: Figure 4-4 Inbound...