FVS114 Reference Manual
Page 1
Reference Manual for the ProSafe VPN Firewall FVS114 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10098-01 April 2005 202-10098-01, April 2005
Reference Manual for the ProSafe VPN Firewall FVS114 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10098-01 April 2005 202-10098-01, April 2005
FVS114 Reference Manual
Page 2
... interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this equipment on a circuit different from that the FVS114 ProSafe VPN Firewall has been suppressed in a particular installation. These limits are designed... to radio communications. However, there is a trademark of Netgear, Inc. ii 202-10098-01, April 2005 Other brand...
... interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this equipment on a circuit different from that the FVS114 ProSafe VPN Firewall has been suppressed in a particular installation. These limits are designed... to radio communications. However, there is a trademark of Netgear, Inc. ii 202-10098-01, April 2005 Other brand...
FVS114 Reference Manual
Page 5
... and Support 2-4 Package Contents ...2-5 The FVS114 Front Panel 2-5 The FVS114 Rear Panel 2-6 NETGEAR-Related Products 2-7 NETGEAR Product Registration, Support, and Documentation 2-7 Chapter 3 Connecting the Firewall to the Internet Prepare to Install Your FVS114 ProSafe VPN Firewall 3-1 First, Connect the FVS114 3-1 Now, Configure the FVS114 for Internet Access 3-4 Troubleshooting Tips ...3-6 Overview of How to Access the FVS114 VPN Firewall 3-7 How to Log On to the...
... and Support 2-4 Package Contents ...2-5 The FVS114 Front Panel 2-5 The FVS114 Rear Panel 2-6 NETGEAR-Related Products 2-7 NETGEAR Product Registration, Support, and Documentation 2-7 Chapter 3 Connecting the Firewall to the Internet Prepare to Install Your FVS114 ProSafe VPN Firewall 3-1 First, Connect the FVS114 3-1 Now, Configure the FVS114 for Internet Access 3-4 Troubleshooting Tips ...3-6 Overview of How to Access the FVS114 VPN Firewall 3-7 How to Log On to the...
FVS114 Reference Manual
Page 6
... the Smart Setup Wizard 3-10 How to Manually Configure Your Internet Connection 3-11 Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-2 Using Rules to Block or Allow Specific ... Overview of VPN Configuration 5-2 Client-to-Gateway VPN Tunnels 5-2 Gateway-to-Gateway VPN Tunnels 5-2 Planning a VPN ...5-3 VPN Tunnel Configuration 5-5 How to Set Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS114 5-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the...
... the Smart Setup Wizard 3-10 How to Manually Configure Your Internet Connection 3-11 Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-2 Using Rules to Block or Allow Specific ... Overview of VPN Configuration 5-2 Client-to-Gateway VPN Tunnels 5-2 Gateway-to-Gateway VPN Tunnels 5-2 Planning a VPN ...5-3 VPN Tunnel Configuration 5-5 How to Set Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS114 5-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the...
FVS114 Reference Manual
Page 7
... of Configuration Scenarios on the FVS114 6-14 VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets 6-15 FVS114 Scenario 1: FVS114 to Gateway B IKE and VPN Policies 6-16 How to Check VPN Connections 6-21 Testing the Gateway A FVS114 LAN and the Gateway B LAN 6-21 FVS114 Scenario 2: FVS114 to FVS114 with RSA Certificates 6-22 Chapter 7 Maintenance Viewing VPN Firewall Status Information 7-1 Viewing a List of...
... of Configuration Scenarios on the FVS114 6-14 VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets 6-15 FVS114 Scenario 1: FVS114 to Gateway B IKE and VPN Policies 6-16 How to Check VPN Connections 6-21 Testing the Gateway A FVS114 LAN and the Gateway B LAN 6-21 FVS114 Scenario 2: FVS114 to FVS114 with RSA Certificates 6-22 Chapter 7 Maintenance Viewing VPN Firewall Status Information 7-1 Viewing a List of...
FVS114 Reference Manual
Page 8
... 8-3 How to Configure Dynamic DNS 8-3 Using the LAN IP Setup Options 8-5 Configuring LAN TCP/IP Setup Parameters 8-5 Using the Firewall as a DHCP server 8-7 Using Address Reservation 8-7 Configuring Static Routes 8-8 Static Route Example 8-10 Enabling Remote Management Access 8-10 ... Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time ...
... 8-3 How to Configure Dynamic DNS 8-3 Using the LAN IP Setup Options 8-5 Configuring LAN TCP/IP Setup Parameters 8-5 Using the Firewall as a DHCP server 8-7 Using Address Reservation 8-7 Configuring Static Routes 8-8 Static Route Example 8-10 Enabling Remote Management Access 8-10 ... Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time ...
FVS114 Reference Manual
Page 9
... C Virtual Private Networking What is a VPN? ...C-1 What Is IPSec and How Does It Work C-2 IPSec Security Features C-2 IPSec Components C-2 Encapsulating Security Payload (ESP C-3 Authentication Header (AH C-4 IKE Security Association C-4 Mode ...C-5 Key Management ...C-6 Understand the Process Before You Begin C-6 VPN Process Overview C-7 Network Interfaces and Addresses C-7 Interface Addressing C-7 Firewalls ...C-8 Contents ix 202-10098-01...
... C Virtual Private Networking What is a VPN? ...C-1 What Is IPSec and How Does It Work C-2 IPSec Security Features C-2 IPSec Components C-2 Encapsulating Security Payload (ESP C-3 Authentication Header (AH C-4 IKE Security Association C-4 Mode ...C-5 Key Management ...C-6 Understand the Process Before You Begin C-6 VPN Process Overview C-7 Network Interfaces and Addresses C-7 Interface Addressing C-7 Firewalls ...C-8 Contents ix 202-10098-01...
FVS114 Reference Manual
Page 13
... Internet skills. This manual is provided in the Appendices and on the NETGEAR, Inc. Manual Scope Product Version Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. Web site at http://kbserver.netgear.com/products/FVS114.asp. About This Manual 1-1 202-10098-01, April 2005 Chapter 1 About This...
... Internet skills. This manual is provided in the Appendices and on the NETGEAR, Inc. Manual Scope Product Version Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. Web site at http://kbserver.netgear.com/products/FVS114.asp. About This Manual 1-1 202-10098-01, April 2005 Chapter 1 About This...
FVS114 Reference Manual
Page 14
Reference Manual for the ProSafe VPN Firewall FVS114 How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for the product model. • Links to PDF ... backwards through the manual one page at a time •A button that displays the table of contents or index to navigate directly to access the full NETGEAR, Inc. Double-click on a link in the manual. •A button to where the topic is described in the table of contents and an button...
Reference Manual for the ProSafe VPN Firewall FVS114 How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for the product model. • Links to PDF ... backwards through the manual one page at a time •A button that displays the table of contents or index to navigate directly to access the full NETGEAR, Inc. Double-click on a link in the manual. •A button to where the topic is described in the table of contents and an button...
FVS114 Reference Manual
Page 15
.... • Printing a Page in the upper left of the complete manual opens in the manual. The PDF version of any page. - Reference Manual for the ProSafe VPN Firewall FVS114 How to Print this Manual To print this feature. About This Manual 1-3 202-10098-01, April 2005 Click the Complete PDF Manual link at the...
.... • Printing a Page in the upper left of the complete manual opens in the manual. The PDF version of any page. - Reference Manual for the ProSafe VPN Firewall FVS114 How to Print this Manual To print this feature. About This Manual 1-3 202-10098-01, April 2005 Click the Complete PDF Manual link at the...
FVS114 Reference Manual
Page 16
Reference Manual for the ProSafe VPN Firewall FVS114 1-4 About This Manual 202-10098-01, April 2005
Reference Manual for the ProSafe VPN Firewall FVS114 1-4 About This Manual 202-10098-01, April 2005
FVS114 Reference Manual
Page 17
Key Features of the VPN Firewall The FVS114 ProSafe VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Parents and network administrators can install and use the firewall within minutes. Chapter 2 Introduction This chapter describes the features of Service attack (DoS) protection and intrusion .../DSL Internet access for up to a WAN device, such as a cable modem or DSL modem. The FVS114 VPN Firewall provides the following features: • Easy, Web-based setup for Denial of the NETGEAR FVS114 ProSafe VPN Firewall.
Key Features of the VPN Firewall The FVS114 ProSafe VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Parents and network administrators can install and use the firewall within minutes. Chapter 2 Introduction This chapter describes the features of Service attack (DoS) protection and intrusion .../DSL Internet access for up to a WAN device, such as a cable modem or DSL modem. The FVS114 VPN Firewall provides the following features: • Easy, Web-based setup for Denial of the NETGEAR FVS114 ProSafe VPN Firewall.
FVS114 Reference Manual
Page 18
...can specify forwarding of single ports or ranges of ports. 2-2 Introduction 202-10098-01, April 2005 Security The FVS114 VPN Firewall is a true firewall, using stateful packet inspection to defend against hacker attacks. Requests originating from outside the LAN are discarded, preventing...port scans, attacks, and administrator logins. Reference Manual for the ProSafe VPN Firewall FVS114 A Powerful, True Firewall with NAT Although NAT prevents Internet locations from directly accessing the PCs on the LAN, the firewall allows you to direct incoming traffic to specific PCs based on ...
...can specify forwarding of single ports or ranges of ports. 2-2 Introduction 202-10098-01, April 2005 Security The FVS114 VPN Firewall is a true firewall, using stateful packet inspection to defend against hacker attacks. Requests originating from outside the LAN are discarded, preventing...port scans, attacks, and administrator logins. Reference Manual for the ProSafe VPN Firewall FVS114 A Powerful, True Firewall with NAT Although NAT prevents Internet locations from directly accessing the PCs on the LAN, the firewall allows you to direct incoming traffic to specific PCs based on ...
FVS114 Reference Manual
Page 19
...DHCP). This feature eliminates the need to worry about TCP/IP, refer to Appendix B, "Network, Routing, and Firewall Basics." • IP Address Sharing by NAT The FVS114 VPN Firewall allows several networked PCs to share an Internet account using only a single IP address, which may be statically or ...Domain Name Server (DNS) addresses, to attached PCs on your local network. • DNS Proxy When DHCP is a protocol for the ProSafe VPN Firewall FVS114 Autosensing Ethernet Connections with Auto Uplink With its own address as a DNS server to the attached PCs. Extensive Protocol Support The...
...DHCP). This feature eliminates the need to worry about TCP/IP, refer to Appendix B, "Network, Routing, and Firewall Basics." • IP Address Sharing by NAT The FVS114 VPN Firewall allows several networked PCs to share an Internet account using only a single IP address, which may be statically or ...Domain Name Server (DNS) addresses, to attached PCs on your local network. • DNS Proxy When DHCP is a protocol for the ProSafe VPN Firewall FVS114 Autosensing Ethernet Connections with Auto Uplink With its own address as a DNS server to the attached PCs. Extensive Protocol Support The...
FVS114 Reference Manual
Page 20
.... 2-4 Introduction 202-10098-01, April 2005 Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-based management Browser-based configuration allows you to easily configure your firewall from a remote location on the Internet. Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can choose a nonstandard port...
.... 2-4 Introduction 202-10098-01, April 2005 Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-based management Browser-based configuration allows you to easily configure your firewall from a remote location on the Internet. Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can choose a nonstandard port...
FVS114 Reference Manual
Page 21
... 2005 These LEDs are incorrect, missing, or damaged, contact your NETGEAR dealer. This guide. - The FVS114 Front Panel The front panel of the parts are green when lit. Package Contents Reference Manual for the ProSafe VPN Firewall FVS114 The product package should contain the following items: • FVS114 ProSafe VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable...
... 2005 These LEDs are incorrect, missing, or damaged, contact your NETGEAR dealer. This guide. - The FVS114 Front Panel The front panel of the parts are green when lit. Package Contents Reference Manual for the ProSafe VPN Firewall FVS114 The product package should contain the following items: • FVS114 ProSafe VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable...
FVS114 Reference Manual
Page 22
... the following features: • Factory default reset push button • Eight Ethernet LAN ports • Internet Ethernet WAN port for the ProSafe VPN Firewall FVS114 Table 2-1. The Local port is supplied to the firewall. LED Descriptions LED Label PWR TEST INTERNET 100 (100 Mbps) LINK/ACT (Link/Activity) LOCAL 100 (100 Mbps) LINK/ACT (Link...
... the following features: • Factory default reset push button • Eight Ethernet LAN ports • Internet Ethernet WAN port for the ProSafe VPN Firewall FVS114 Table 2-1. The Local port is supplied to the firewall. LED Descriptions LED Label PWR TEST INTERNET 100 (100 Mbps) LINK/ACT (Link/Activity) LOCAL 100 (100 Mbps) LINK/ACT (Link...
FVS114 Reference Manual
Page 23
... listed in the following table: Table 2-2. Introduction 2-7 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 • DC power input • ON/OFF switch NETGEAR-Related Products NETGEAR products related to the FVS114 are always available by going to: http://kbserver.netgear.com. Registration is required before you can use our telephone support service.
... listed in the following table: Table 2-2. Introduction 2-7 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 • DC power input • ON/OFF switch NETGEAR-Related Products NETGEAR products related to the FVS114 are always available by going to: http://kbserver.netgear.com. Registration is required before you can use our telephone support service.
FVS114 Reference Manual
Page 24
Reference Manual for the VPN firewall router. 2-8 Introduction 202-10098-01, April 2005 When the VPN firewall router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Documentation is available on the Resource CD and at http://kbserver.netgear.com.
Reference Manual for the VPN firewall router. 2-8 Introduction 202-10098-01, April 2005 When the VPN firewall router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Documentation is available on the Resource CD and at http://kbserver.netgear.com.
FVS114 Reference Manual
Page 25
... the Internet 3-1 202-10098-01, April 2005 Prepare to Install Your FVS114 ProSafe VPN Firewall • For Cable Modem Service: When you perform the VPN firewall router setup steps be sure to use the computer you first registered with the contents of your FVS114 ProSafe VPN Firewall using the Setup Wizard, or how to manually configure your cable ISP. • For...
... the Internet 3-1 202-10098-01, April 2005 Prepare to Install Your FVS114 ProSafe VPN Firewall • For Cable Modem Service: When you perform the VPN firewall router setup steps be sure to use the computer you first registered with the contents of your FVS114 ProSafe VPN Firewall using the Setup Wizard, or how to manually configure your cable ISP. • For...