FVM318 Reference Manual
Page 8
... Router Concepts B-1 Internet Security and Firewalls B-10 Wireless Networking ...B-12 Wireless Network Configuration B-12 Ad Hoc Mode (Peer-to-Peer Workgroup B-12 Infrastructure Mode B-12 Extended Service Set Identification (ESSID B-13 Authentication and WEP Encryption B-13 802.11b Authentication B-13 Open System Authentication B-14 Shared Key Authentication B-15 Overview of VPN B-23 Accessing Network Resources from a VPN Client...
... Router Concepts B-1 Internet Security and Firewalls B-10 Wireless Networking ...B-12 Wireless Network Configuration B-12 Ad Hoc Mode (Peer-to-Peer Workgroup B-12 Infrastructure Mode B-12 Extended Service Set Identification (ESSID B-13 Authentication and WEP Encryption B-13 802.11b Authentication B-13 Open System Authentication B-14 Shared Key Authentication B-15 Overview of VPN B-23 Accessing Network Resources from a VPN Client...
FVM318 Reference Manual
Page 11
... the SoftRemoteLT Full Client 3-18 Procedure 4-1: Changing the Administrator Password 4-1 Procedure 4-2: Changing the Administrator Login Timeout 4-3 Procedure 4-3: Blocking Functions, Keywords, and Sites 4-4 Procedure 4-4: Configuring Services Blocking 4-6 Procedure 4-5: Setting Your Time Zone 4-8 Procedure 4-6: Scheduling Firewall Services 4-9 Procedure 5-1: Configuring a Network to Network VPN Tunnel 5-4 Procedure 5-2: Configuring a Remote PC to Network VPN 5-8 Procedure 5-3: Deleting a Security Association 5-19 Procedure...
... the SoftRemoteLT Full Client 3-18 Procedure 4-1: Changing the Administrator Password 4-1 Procedure 4-2: Changing the Administrator Login Timeout 4-3 Procedure 4-3: Blocking Functions, Keywords, and Sites 4-4 Procedure 4-4: Configuring Services Blocking 4-6 Procedure 4-5: Setting Your Time Zone 4-8 Procedure 4-6: Scheduling Firewall Services 4-9 Procedure 5-1: Configuring a Network to Network VPN Tunnel 5-4 Procedure 5-2: Configuring a Remote PC to Network VPN 5-8 Procedure 5-3: Deleting a Security Association 5-19 Procedure...
FVM318 Reference Manual
Page 15
... of the NETGEAR® FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall. Virtual Private Networking (VPN) The FVM318 firewall provides a secure encrypted connection between your local wireless network. Applying the full strength of Internet Protocol Security (IPSec) encryption across your local area network (LAN) and remote networks or clients. It includes the following VPN features: • Supports 70 external VPN connections and 32 local wireless VPN connections. •...
... of the NETGEAR® FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall. Virtual Private Networking (VPN) The FVM318 firewall provides a secure encrypted connection between your local wireless network. Applying the full strength of Internet Protocol Security (IPSec) encryption across your local area network (LAN) and remote networks or clients. It includes the following VPN features: • Supports 70 external VPN connections and 32 local wireless VPN connections. •...
FVM318 Reference Manual
Page 16
... for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Enhanced Wireless Security Through IPSec The FVM318 firewall allows you to easily create an IPSec-encrypted VPN tunnel from reaching your wireless PC to the firewall. • Easy to Internet content by screening for keywords within Web addresses. The FVM318 will log security events such as off-limits. • Logs security incidents. The firewall allows you...
... for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Enhanced Wireless Security Through IPSec The FVM318 firewall allows you to easily create an IPSec-encrypted VPN tunnel from reaching your wireless PC to the firewall. • Easy to Internet content by screening for keywords within Web addresses. The FVM318 will log security events such as off-limits. • Logs security incidents. The firewall allows you...
FVM318 Reference Manual
Page 18
...of addresses, and you can choose a nonstandard port number. • Diagnostic functions. The firewall allows you to login to register your dynamic IP address. The firewall contains a client that can connect to a Dynamic DNS service to the Web Management Interface from a remote ...into the browser-based Web Configuration Manager. • Smart Wizard. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Dynamic DNS services allow you to easily configure your firewall from almost any type of personal computer, such as Ping, DNS lookup, and remote reboot...
...of addresses, and you can choose a nonstandard port number. • Diagnostic functions. The firewall allows you to login to register your dynamic IP address. The firewall contains a client that can connect to a Dynamic DNS service to the Web Management Interface from a remote ...into the browser-based Web Configuration Manager. • Smart Wizard. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Dynamic DNS services allow you to easily configure your firewall from almost any type of personal computer, such as Ping, DNS lookup, and remote reboot...
FVM318 Reference Manual
Page 19
... items: • FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall. • AC power adapter. • Category 5 (CAT5) Ethernet cable. • FVM318 Resource CD, including: - Application Notes, Tools, and other helpful information. - Reference Manual for repair. The Firewall's Front Panel The front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Cable/DSL ProSafeWirelessVPN Security Firewall PWR TEST...
... items: • FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall. • AC power adapter. • Category 5 (CAT5) Ethernet cable. • FVM318 Resource CD, including: - Application Notes, Tools, and other helpful information. - Reference Manual for repair. The Firewall's Front Panel The front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Cable/DSL ProSafeWirelessVPN Security Firewall PWR TEST...
FVM318 Reference Manual
Page 41
...FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall If your wireless data fully exposed. This setting is useful for troubleshooting your wireless connection, but leaves your wireless adapter requires you use the SafeNet SoftRemote Basic VPN Client for a full explanation of each of these options, as defined by the IEEE 802.11b wireless...13 for Windows which is the default. Wireless Configuration 3-5 Disable No encryption will be applied. IPSec Selecting IPSec displays the IPSec connection list. Click Add to the connection on the FVM318 Resource CD. • Select the ...
...FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall If your wireless data fully exposed. This setting is useful for troubleshooting your wireless connection, but leaves your wireless adapter requires you use the SafeNet SoftRemote Basic VPN Client for a full explanation of each of these options, as defined by the IEEE 802.11b wireless...13 for Windows which is the default. Wireless Configuration 3-5 Disable No encryption will be applied. IPSec Selecting IPSec displays the IPSec connection list. Click Add to the connection on the FVM318 Resource CD. • Select the ...
FVM318 Reference Manual
Page 42
... or 128 bit WEP When 64 Bit WEP or 128 Bit WEP is selected, WEP encryption will be applied. The SafeNet SoftRemote Basic VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Figure 3-6: IPSec encryption protocol DES is the least strong and AES - 256 is 64 bits wide, encrypting these values using DES with...
... or 128 bit WEP When 64 Bit WEP or 128 Bit WEP is selected, WEP encryption will be applied. The SafeNet SoftRemote Basic VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Figure 3-6: IPSec encryption protocol DES is the least strong and AES - 256 is 64 bits wide, encrypting these values using DES with...
FVM318 Reference Manual
Page 48
... using the highly secure VPN communications protocols over your wireless connection. The SafeNet SoftRemote Basic VPN client software included on the FVM318 Resource CD provides a simple and very easy way to set up wireless VPN connections to the FVM318 or remotely over the Internet. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Configuring IPSec Wireless Connections Unique to the FVM318, you must...
... using the highly secure VPN communications protocols over your wireless connection. The SafeNet SoftRemote Basic VPN client software included on the FVM318 Resource CD provides a simple and very easy way to set up wireless VPN connections to the FVM318 or remotely over the Internet. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Configuring IPSec Wireless Connections Unique to the FVM318, you must...
FVM318 Reference Manual
Page 49
... password, or using the SafeNet SoftRemote Basic VPN client: • The SoftRemote Basic client requires Windows 95 or later. • The SoftRemote Basic client may not be used for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-4: Configure Basic IPSec Wireless Connections The SafeNet SoftRemote Basic VPN client installer program is on the FVM318 Resource CD. Figure 3-13. Observe the following...
... password, or using the SafeNet SoftRemote Basic VPN client: • The SoftRemote Basic client requires Windows 95 or later. • The SoftRemote Basic client may not be used for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-4: Configure Basic IPSec Wireless Connections The SafeNet SoftRemote Basic VPN client installer program is on the FVM318 Resource CD. Figure 3-13. Observe the following...
FVM318 Reference Manual
Page 50
.... This name is for this connection. Enter a Pre-Shared Key value for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall d. Note: Before installing the SafeNet SoftRemote Basic VPN Client software, be sure to remember user name. If the CD does not autostart, double click on the INDEX.HTM file on your CD drive. After ...
.... This name is for this connection. Enter a Pre-Shared Key value for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall d. Note: Before installing the SafeNet SoftRemote Basic VPN Client software, be sure to remember user name. If the CD does not autostart, double click on the INDEX.HTM file on your CD drive. After ...
FVM318 Reference Manual
Page 51
... The VPN client Security Policy menu will appear as shown below . SafeNet Basic Client Configuration FVM318 IPSec Settings Figure 3-17. Configure the SoftRemote Basic VPN Client. In the taskbar tray, right-click on the SafeNet icon and select Edit Security Policy in the VPN client task menu, as shown below . Figure 3-16. a. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall At...
... The VPN client Security Policy menu will appear as shown below . SafeNet Basic Client Configuration FVM318 IPSec Settings Figure 3-17. Configure the SoftRemote Basic VPN Client. In the taskbar tray, right-click on the SafeNet icon and select Edit Security Policy in the VPN client task menu, as shown below . Figure 3-16. a. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall At...
FVM318 Reference Manual
Page 52
... the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. c. Test the SoftRemote Basic VPN Connection. SafeNet system tray icon showing enabled condition 4. The simplest method is to ping from the PC to indicate either the IP Address or the network name of the firewall. Figure 3-...firewall, as shown below . Type ping -t 192.168.0.1 , and then click OK. Reference Manual for this PC in the task menu. If you can leave the IPSec Gateway as shown below : a. In the taskbar tray, right-click on the SafeNet icon and select Activate Security Policy in the firewall's IPSec Client...
... the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. c. Test the SoftRemote Basic VPN Connection. SafeNet system tray icon showing enabled condition 4. The simplest method is to ping from the PC to indicate either the IP Address or the network name of the firewall. Figure 3-...firewall, as shown below . Type ping -t 192.168.0.1 , and then click OK. Reference Manual for this PC in the task menu. If you can leave the IPSec Gateway as shown below : a. In the taskbar tray, right-click on the SafeNet icon and select Activate Security Policy in the firewall's IPSec Client...
FVM318 Reference Manual
Page 53
... ON condition c. Reference Manual for establishing a local wireless IPSec connection with the firewall is only suitable for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall This will cause a continuous ping to be sent to the firewall. SafeNet's SoftRemoteLT VPN Client (or another version of the PC and browse. ... should change to read on Wireless VPN Log. The VPN client's log is written to the text file isakmp.log, which the client is also available by right-clicking on your firewall over the Internet from timed out to the Router Status menu and click on as...
... ON condition c. Reference Manual for establishing a local wireless IPSec connection with the firewall is only suitable for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall This will cause a continuous ping to be sent to the firewall. SafeNet's SoftRemoteLT VPN Client (or another version of the PC and browse. ... should change to read on Wireless VPN Log. The VPN client's log is written to the text file isakmp.log, which the client is also available by right-clicking on your firewall over the Internet from timed out to the Router Status menu and click on as...
FVM318 Reference Manual
Page 54
... follow procedure below for configuring the full VPN client. 1. Figure 3-22. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-5: Configuring the SoftRemoteLT Full Client To configure a policy for a secure local wireless connection to the FVM318 firewall using the SoftRemoteLT client, use the FVM318 configuration from the Internet. 2. Install the SafeNet SoftRemoteLT Full VPN Client Note: If you have installed the SoftRemote...
... follow procedure below for configuring the full VPN client. 1. Figure 3-22. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-5: Configuring the SoftRemoteLT Full Client To configure a policy for a secure local wireless connection to the FVM318 firewall using the SoftRemoteLT client, use the FVM318 configuration from the Internet. 2. Install the SafeNet SoftRemoteLT Full VPN Client Note: If you have installed the SoftRemote...
FVM318 Reference Manual
Page 56
... your client PC. Click on the Security Policy subheading to provide: • The User Name that you configured in the Select Phase 1 Negotiation Mode box. Figure 3-24. e. SafeNet Security Policy Editor edit security policy menu c. Check the Enable Perfect Forward Secrecy (PFS) checkbox. Select Diffie-Helman Group 2 for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 4. Configure the Security...
... your client PC. Click on the Security Policy subheading to provide: • The User Name that you configured in the Select Phase 1 Negotiation Mode box. Figure 3-24. e. SafeNet Security Policy Editor edit security policy menu c. Check the Enable Perfect Forward Secrecy (PFS) checkbox. Select Diffie-Helman Group 2 for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 4. Configure the Security...
FVM318 Reference Manual
Page 57
.... Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall a. Choose None in the ID Type menu. In the Internet Interface box, select your network configuration information. h. c. d. Click the Pre-Shared Key button. a. Note that you configured in the FVM318 firewall. Select Domain Name in the Select Certificate menu. Configure VPN Client Authentication Proposal Note: These settings...
.... Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall a. Choose None in the ID Type menu. In the Internet Interface box, select your network configuration information. h. c. d. Click the Pre-Shared Key button. a. Note that you configured in the FVM318 firewall. Select Domain Name in the Select Certificate menu. Configure VPN Client Authentication Proposal Note: These settings...
FVM318 Reference Manual
Page 58
... the Authentication Protocol (AH) checkbox unchecked. 8. Save the VPN Client Settings. c. f. Select Proposal 1 below Authentication. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. d. Configure VPN Client Key Exchange Proposal. From the File menu at the top of the Security Policy Editor window, select Save Changes. c. e. If your VPN client does not offer this selection, select Triple DES. After...
... the Authentication Protocol (AH) checkbox unchecked. 8. Save the VPN Client Settings. c. f. Select Proposal 1 below Authentication. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. d. Configure VPN Client Key Exchange Proposal. From the File menu at the top of the Security Policy Editor window, select Save Changes. c. e. If your VPN client does not offer this selection, select Triple DES. After...
FVM318 Reference Manual
Page 69
... of the FVM318 firewall. Trustworthy Wireless and Conventional VPN Telecommuter with VPN client software Wireless workstation with VPN client software FVM318 Cable/DSL ProSafe WirelessVPN Security Firewall PWR TEST IN TER N ET LNK W LA N LO CA L MODEL FVM318 100 ACT Enable LNK/ACT 1 2 3 4 5 6 7 8 VPN Server or VPN Router Figure 5-1: Secure access through VPN tunnels The FVM318 supports these configurations: • Secure access between a remote computer and a network. VPN tunnels provide secure, encrypted communications...
... of the FVM318 firewall. Trustworthy Wireless and Conventional VPN Telecommuter with VPN client software Wireless workstation with VPN client software FVM318 Cable/DSL ProSafe WirelessVPN Security Firewall PWR TEST IN TER N ET LNK W LA N LO CA L MODEL FVM318 100 ACT Enable LNK/ACT 1 2 3 4 5 6 7 8 VPN Server or VPN Router Figure 5-1: Secure access through VPN tunnels The FVM318 supports these configurations: • Secure access between a remote computer and a network. VPN tunnels provide secure, encrypted communications...
FVM318 Reference Manual
Page 70
... other tunnel endpoint. Wireless VPN client access allows a local wireless workstation to securely connect to 70 WAN plus 32 wireless LAN (WLAN) concurrent tunnels. These scenarios are visible to an office network. The FVM318 firewall router on your network. In this case, the remote workstation is enabled and remote computers have been assigned private IP addresses. NETGEAR provides support for...
... other tunnel endpoint. Wireless VPN client access allows a local wireless workstation to securely connect to 70 WAN plus 32 wireless LAN (WLAN) concurrent tunnels. These scenarios are visible to an office network. The FVM318 firewall router on your network. In this case, the remote workstation is enabled and remote computers have been assigned private IP addresses. NETGEAR provides support for...