FVM318 Reference Manual
Page 8
... Router Concepts B-1 Internet Security and Firewalls B-10 Wireless Networking ...B-12 Wireless Network Configuration B-12 Ad Hoc Mode (Peer-to-Peer Workgroup B-12 Infrastructure Mode B-12 Extended Service Set Identification (ESSID B-13 Authentication and WEP Encryption B-13 802.11b Authentication B-13 Open System Authentication B-14 Shared Key Authentication B-15 Overview of VPN B-23 Accessing Network Resources from a VPN Client...
... Router Concepts B-1 Internet Security and Firewalls B-10 Wireless Networking ...B-12 Wireless Network Configuration B-12 Ad Hoc Mode (Peer-to-Peer Workgroup B-12 Infrastructure Mode B-12 Extended Service Set Identification (ESSID B-13 Authentication and WEP Encryption B-13 802.11b Authentication B-13 Open System Authentication B-14 Shared Key Authentication B-15 Overview of VPN B-23 Accessing Network Resources from a VPN Client...
FVM318 Reference Manual
Page 16
...FVM318 will log security events such as off-limits. • Logs security incidents. The LAN interfaces are autosensing and capable of protection than WEP. Autosensing Ethernet Connections with Content Filtering Unlike simple Internet sharing NAT routers, the FVM318 is a true firewall... included SafeNet SoftRemote Basic VPN client requires only three parameters to configure a secure connection to Internet content by screening for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Enhanced Wireless Security Through IPSec The FVM318 firewall allows you specify as blocked...
...FVM318 will log security events such as off-limits. • Logs security incidents. The LAN interfaces are autosensing and capable of protection than WEP. Autosensing Ethernet Connections with Content Filtering Unlike simple Internet sharing NAT routers, the FVM318 is a true firewall... included SafeNet SoftRemote Basic VPN client requires only three parameters to configure a secure connection to Internet content by screening for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Enhanced Wireless Security Through IPSec The FVM318 firewall allows you specify as blocked...
FVM318 Reference Manual
Page 19
..., or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in the Box? Application Notes, Tools, and other helpful information. - SafeNet SoftRemote Basic VPN client software. • Warranty and registration card. • Support information card. This manual. - Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall What's in case you need...
..., or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in the Box? Application Notes, Tools, and other helpful information. - SafeNet SoftRemote Basic VPN client software. • Warranty and registration card. • Support information card. This manual. - Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall What's in case you need...
FVM318 Reference Manual
Page 41
...connection on the list, then click Edit. Aggressive Mode is required when you to "Authentication and WEP Encryption" on the FVM318 Resource CD. • Select the Encryption Protocol. The IPSec settings screens are shown below. Aggressive Mode is included on ...setting is useful for troubleshooting your wireless connection, but leaves your wireless adapter requires you use the SafeNet SoftRemote Basic VPN Client for Windows which is the default. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall If your wireless data fully exposed. Please refer to...
...connection on the list, then click Edit. Aggressive Mode is required when you to "Authentication and WEP Encryption" on the FVM318 Resource CD. • Select the Encryption Protocol. The IPSec settings screens are shown below. Aggressive Mode is included on ...setting is useful for troubleshooting your wireless connection, but leaves your wireless adapter requires you use the SafeNet SoftRemote Basic VPN Client for Windows which is the default. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall If your wireless data fully exposed. Please refer to...
FVM318 Reference Manual
Page 42
Most secure. The block length and the key length can be applied. Figure 3-7: Encryption Strength 3-6 Wireless Configuration Once you have filled in October 2000, replacing the DES encryption it used. AES - 256 is selected, WEP encryption will be .... 64 or 128 bit WEP When 64 Bit WEP or 128 Bit WEP is the default. The SafeNet SoftRemote Basic VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Figure 3-6: IPSec encryption protocol DES is the least strong and AES - 256 is an iterated block cipher with three different, unrelated keys. - ...
Most secure. The block length and the key length can be applied. Figure 3-7: Encryption Strength 3-6 Wireless Configuration Once you have filled in October 2000, replacing the DES encryption it used. AES - 256 is selected, WEP encryption will be .... 64 or 128 bit WEP When 64 Bit WEP or 128 Bit WEP is the default. The SafeNet SoftRemote Basic VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Figure 3-6: IPSec encryption protocol DES is the least strong and AES - 256 is an iterated block cipher with three different, unrelated keys. - ...
FVM318 Reference Manual
Page 48
... ProSafe Wireless VPN Security Firewall Configuring IPSec Wireless Connections Unique to the FVM318, you have VPN client software installed on your PC. The SafeNet SoftRemote Basic VPN client software included on the FVM318 Resource CD provides a simple and very easy way to set up wireless VPN connections to an FVM318" on page 5-9. 3-12 Wireless Configuration Instructions for configuring the SoftRemote SoftRemoteLT for both your wireless connection. Wireless VPN Tunnel VPN client...
... ProSafe Wireless VPN Security Firewall Configuring IPSec Wireless Connections Unique to the FVM318, you have VPN client software installed on your PC. The SafeNet SoftRemote Basic VPN client software included on the FVM318 Resource CD provides a simple and very easy way to set up wireless VPN connections to an FVM318" on page 5-9. 3-12 Wireless Configuration Instructions for configuring the SoftRemote SoftRemoteLT for both your wireless connection. Wireless VPN Tunnel VPN client...
FVM318 Reference Manual
Page 49
... not be used for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-4: Configure Basic IPSec Wireless Connections The SafeNet SoftRemote Basic VPN client installer program is on the FVM318 Resource CD. Reference Manual for remote VPN connections, you must uninstall the other VPN clients. Log in Figure 3-13: Wireless Configuration 3-13 Click the Wireless link in the main menu Setup section to...
... not be used for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-4: Configure Basic IPSec Wireless Connections The SafeNet SoftRemote Basic VPN client installer program is on the FVM318 Resource CD. Reference Manual for remote VPN connections, you must uninstall the other VPN clients. Log in Figure 3-13: Wireless Configuration 3-13 Click the Wireless link in the main menu Setup section to...
FVM318 Reference Manual
Page 50
... FVM318 Resource CD in your CD drive. Figure 3-14. Reference Manual for your convenience only, and is not used in the VPN negotiation. Click Add to remember user name. Install the SafeNet SoftRemote Basic VPN client software. a. h. Use the default Aggressive Mode and AES - 256 settings. 2. This name is for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall...
... FVM318 Resource CD in your CD drive. Figure 3-14. Reference Manual for your convenience only, and is not used in the VPN negotiation. Click Add to remember user name. Install the SafeNet SoftRemote Basic VPN client software. a. h. Use the default Aggressive Mode and AES - 256 settings. 2. This name is for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall...
FVM318 Reference Manual
Page 51
... for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall At this point, the SafeNet icon has a diagonal red bar through it, indicating that the VPN client is currently disabled. 3. SafeNet system tray icon menu The VPN client Security Policy menu will appear as shown below . a. SafeNet Basic Client Configuration FVM318 IPSec Settings Figure 3-17. Configure the SoftRemote Basic VPN Client. In the taskbar...
... for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall At this point, the SafeNet icon has a diagonal red bar through it, indicating that the VPN client is currently disabled. 3. SafeNet system tray icon menu The VPN client Security Policy menu will appear as shown below . a. SafeNet Basic Client Configuration FVM318 IPSec Settings Figure 3-17. Configure the SoftRemote Basic VPN Client. In the taskbar...
FVM318 Reference Manual
Page 53
...client is only suitable for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall This will cause a continuous ping to be running on your PC. In that is included with the FVM318 firewall. Using SoftRemoteLT Instead of SafeNet's full client) will need a full VPN Client. Note: Before installing the SafeNet SoftRemote Basic VPN Client...condition c. SafeNet's SoftRemoteLT VPN Client (or another version of SoftRemote Basic The SafeNet SoftRemote Basic VPN Client that case you may be sent to the firewall. The VPN client's log is written to the Router Status menu and click...
...client is only suitable for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall This will cause a continuous ping to be running on your PC. In that is included with the FVM318 firewall. Using SoftRemoteLT Instead of SafeNet's full client) will need a full VPN Client. Note: Before installing the SafeNet SoftRemote Basic VPN Client...condition c. SafeNet's SoftRemoteLT VPN Client (or another version of SoftRemote Basic The SafeNet SoftRemote Basic VPN Client that case you may be sent to the firewall. The VPN client's log is written to the Router Status menu and click...
FVM318 Reference Manual
Page 54
... Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-5: Configuring the SoftRemoteLT Full Client To configure a policy for a secure local wireless connection to the FVM318 firewall using the SoftRemoteLT client, use the FVM318 configuration from the Internet. 2. Open the Security Policy Editor. The Security Policy Editor window will appear. In SoftRemoteLT, you can configure multiple Security Policies, such as a policy for secure local wireless connection to the FVM318 firewall...
... Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Procedure 3-5: Configuring the SoftRemoteLT Full Client To configure a policy for a secure local wireless connection to the FVM318 firewall using the SoftRemoteLT client, use the FVM318 configuration from the Internet. 2. Open the Security Policy Editor. The Security Policy Editor window will appear. In SoftRemoteLT, you can configure multiple Security Policies, such as a policy for secure local wireless connection to the FVM318 firewall...
FVM318 Reference Manual
Page 56
.... Select Aggressive Mode in the FVM318 firewall. 3-20 Wireless Configuration d. Select Diffie-Helman Group 2 for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 4. You will provide information about your network configuration information. My Identity and Security Policy subheadings should appear below the connection name. b. Check the Enable Perfect Forward Secrecy (PFS) checkbox. e. Configure the VPN Client Identity In this step...
.... Select Aggressive Mode in the FVM318 firewall. 3-20 Wireless Configuration d. Select Diffie-Helman Group 2 for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 4. You will provide information about your network configuration information. My Identity and Security Policy subheadings should appear below the connection name. b. Check the Enable Perfect Forward Secrecy (PFS) checkbox. e. Configure the VPN Client Identity In this step...
FVM318 Reference Manual
Page 57
... Wireless Configuration 3-21 Figure 3-25. g. Click the Pre-Shared Key button. Configure VPN Client Authentication Proposal Note: These settings do not depend on the "+" symbol. In the Network Security Policy list on the left side of the Security Policy Editor window, expand the Security ... Network Security Policy list on My Identity in the Virtual Adapter box. Click on the left side of the Security Policy Editor window. Note that you configured in the Pre-Shared Key dialog box. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall a....
... Wireless Configuration 3-21 Figure 3-25. g. Click the Pre-Shared Key button. Configure VPN Client Authentication Proposal Note: These settings do not depend on the "+" symbol. In the Network Security Policy list on the left side of the Security Policy Editor window, expand the Security ... Network Security Policy list on My Identity in the Virtual Adapter box. Click on the left side of the Security Policy Editor window. Note that you configured in the Pre-Shared Key dialog box. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall a....
FVM318 Reference Manual
Page 58
... Authentication subheading by double clicking its name or clicking on the "+" symbol. d. b. Save the VPN Client Settings. From the File menu at the top of the Security Policy Editor window, select Save Changes. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. Then select Proposal 1 below Key Exchange. c. Select AES-256 in the Hash Alg...
... Authentication subheading by double clicking its name or clicking on the "+" symbol. d. b. Save the VPN Client Settings. From the File menu at the top of the Security Policy Editor window, select Save Changes. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall b. Then select Proposal 1 below Key Exchange. c. Select AES-256 in the Hash Alg...
FVM318 Reference Manual
Page 69
... and a main office. Trustworthy Wireless and Conventional VPN Telecommuter with VPN client software Wireless workstation with VPN client software FVM318 Cable/DSL ProSafe WirelessVPN Security Firewall PWR TEST IN TER N ET LNK W LA N LO CA L MODEL FVM318 100 ACT Enable LNK/ACT 1 2 3 4 5 6 7 8 VPN Server or VPN Router Figure 5-1: Secure access through VPN tunnels The FVM318 supports these configurations: • Secure access between your local wireless and Ethernet network, and remote...
... and a main office. Trustworthy Wireless and Conventional VPN Telecommuter with VPN client software Wireless workstation with VPN client software FVM318 Cable/DSL ProSafe WirelessVPN Security Firewall PWR TEST IN TER N ET LNK W LA N LO CA L MODEL FVM318 100 ACT Enable LNK/ACT 1 2 3 4 5 6 7 8 VPN Server or VPN Router Figure 5-1: Secure access through VPN tunnels The FVM318 supports these configurations: • Secure access between your local wireless and Ethernet network, and remote...
FVM318 Reference Manual
Page 70
... wireless workstation to securely connect to 70 WAN plus 32 wireless LAN (WLAN) concurrent tunnels. The FVM318 firewall router on your network from a remote workstation, such as a telecommuter connecting to an office network. Although the FVM318 can interoperate with many VPN products do not interoperate. VPN client access allows a remote workstation to connect to your network is not possible for NETGEAR...
... wireless workstation to securely connect to 70 WAN plus 32 wireless LAN (WLAN) concurrent tunnels. The FVM318 firewall router on your network from a remote workstation, such as a telecommuter connecting to an office network. Although the FVM318 can interoperate with many VPN products do not interoperate. VPN client access allows a remote workstation to connect to your network is not possible for NETGEAR...
FVM318 Reference Manual
Page 76
... is established. The PC can be purchased from "timed out" to Network VPN This procedure describes linking a remote PC and a LAN. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 3. If one network to the other. b. Procedure 5-2: Configuring a Remote PC to "reply." Figure 5-6: Ping test results...
... is established. The PC can be purchased from "timed out" to Network VPN This procedure describes linking a remote PC and a LAN. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 3. If one network to the other. b. Procedure 5-2: Configuring a Remote PC to "reply." Figure 5-6: Ping test results...
FVM318 Reference Manual
Page 77
... procedure below is different, for example, if you wish to use different VPN client software, please see http://www.netgear.com/docs for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Note: If your situation is filled in with the parameters used in seconds: FVM318 and PC IP Settings Local IPSec Identifier LAN IP Address Subnet Mask Network...
... procedure below is different, for example, if you wish to use different VPN client software, please see http://www.netgear.com/docs for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Note: If your situation is filled in with the parameters used in seconds: FVM318 and PC IP Settings Local IPSec Identifier LAN IP Address Subnet Mask Network...
FVM318 Reference Manual
Page 78
... will choose an arbitrary "fixed virtual" IP address to configure a new VPN tunnel. See "Configure the VPN Client Identity" on LAN A. From the Setup Menu, click the VPN Settings link, then click Add to define this VPN network. • Remote IPSec Identifier: PCIPSEC • Remote LAN IP..., we will be used in this connection. Fill in the Connection Name VPN settings as shown below: Figure 5-8: VPN Edit menu for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 1. Configure the VPN Tunnel on the FVM318 on page 5-14. • Remote Subnet Mask: 255.255.255.255...
... will choose an arbitrary "fixed virtual" IP address to configure a new VPN tunnel. See "Configure the VPN Client Identity" on LAN A. From the Setup Menu, click the VPN Settings link, then click Add to define this VPN network. • Remote IPSec Identifier: PCIPSEC • Remote LAN IP..., we will be used in this connection. Fill in the Connection Name VPN settings as shown below: Figure 5-8: VPN Edit menu for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall 1. Configure the VPN Tunnel on the FVM318 on page 5-14. • Remote Subnet Mask: 255.255.255.255...
FVM318 Reference Manual
Page 79
...NETBIOS Enable check box to save the Security Association tunnel settings into the table. 2. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Note: Only one dial-up adapter ...installed in the settings below. • Enable Perfect Forward Secrecy. • For Encryption Protocol, select: DES • Enter the case sensitive PreShared Key: r>T(h4&3@#kB This combination of the VPN Adapter or the IPSec Component. Install land Configure the SafeNet VPN Client...
...NETBIOS Enable check box to save the Security Association tunnel settings into the table. 2. Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall Note: Only one dial-up adapter ...installed in the settings below. • Enable Perfect Forward Secrecy. • For Encryption Protocol, select: DES • Enter the case sensitive PreShared Key: r>T(h4&3@#kB This combination of the VPN Adapter or the IPSec Component. Install land Configure the SafeNet VPN Client...