FVS114 Reference Manual
Page 13
... Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. About This Manual 1-1 202-10098-01, April 2005 This guide uses the following formats to highlight special messages: Note: This format is used to highlight information of this manual. Typographical Conventions italics bold fixed Emphasis, books, CDs, URL names User...
... Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. About This Manual 1-1 202-10098-01, April 2005 This guide uses the following formats to highlight special messages: Note: This format is used to highlight information of this manual. Typographical Conventions italics bold fixed Emphasis, books, CDs, URL names User...
FVS114 Reference Manual
Page 18
...NAT NAT opens a temporary path to the Internet for keywords within Web addresses. Reference Manual for the ProSafe VPN Firewall FVS114 A Powerful, True Firewall with several features designed to maintain security, as described in this section. • ...PCs Hidden by screening for requests originating from the local network. The firewall allows you at specified intervals. Requests originating from outside the LAN are discarded, preventing users...
...NAT NAT opens a temporary path to the Internet for keywords within Web addresses. Reference Manual for the ProSafe VPN Firewall FVS114 A Powerful, True Firewall with several features designed to maintain security, as described in this section. • ...PCs Hidden by screening for requests originating from the local network. The firewall allows you at specified intervals. Requests originating from outside the LAN are discarded, preventing users...
FVS114 Reference Manual
Page 19
..., known as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of PCs on your local network. • DNS Proxy When DHCP is a protocol for the ProSafe VPN Firewall FVS114 Autosensing Ethernet Connections with Auto Uplink With its own address as ...to the attached PCs. The firewall incorporates Auto UplinkTM technology. Reference Manual for connecting remote hosts to make the right connection. Both the LAN and WAN interfaces are specified, the firewall provides its internal eight-port 10/100 switch, the FVS114 can connect to either type...
..., known as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of PCs on your local network. • DNS Proxy When DHCP is a protocol for the ProSafe VPN Firewall FVS114 Autosensing Ethernet Connections with Auto Uplink With its own address as ...to the attached PCs. The firewall incorporates Auto UplinkTM technology. Reference Manual for connecting remote hosts to make the right connection. Both the LAN and WAN interfaces are specified, the firewall provides its internal eight-port 10/100 switch, the FVS114 can connect to either type...
FVS114 Reference Manual
Page 20
...user-friendly Setup Wizard is provided and online help you maximize your firewall from almost any type of personal computer, such as Ping, DNS lookup, and remote reboot. • Remote management The firewall...2-4 Introduction 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can limit remote ...FVS114 VPN Firewall: • Flash memory for your type of ISP account. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. Maintenance and Support NETGEAR...
...user-friendly Setup Wizard is provided and online help you maximize your firewall from almost any type of personal computer, such as Ping, DNS lookup, and remote reboot. • Remote management The firewall...2-4 Introduction 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can limit remote ...FVS114 VPN Firewall: • Flash memory for your type of ISP account. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. Maintenance and Support NETGEAR...
FVS114 Reference Manual
Page 29
...to Bypass the Configuration Assistant" on page 3-9. After you do so, open a browser such as the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its factory default state, your computer networking setup. To do not see "Troubleshooting Tips" on the...address bar and press Enter. Figure 3-5: NETGEAR Smart Wizard Configuration Assistant welcome screen Note: If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Reference Manual for the password both IP and DNS server...
...to Bypass the Configuration Assistant" on page 3-9. After you do so, open a browser such as the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its factory default state, your computer networking setup. To do not see "Troubleshooting Tips" on the...address bar and press Enter. Figure 3-5: NETGEAR Smart Wizard Configuration Assistant welcome screen Note: If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Reference Manual for the password both IP and DNS server...
FVS114 Reference Manual
Page 31
... VPN firewall router, the VPN firewall router will not be prompted for the ProSafe VPN Firewall FVS114 Overview of How to Access the FVS114 VPN Firewall The table below describes how you use the factory reset button. This will automatically display the firewall's Configuration Assistant welcome page rather than the browser's home page. Connect to the VPN firewall router by clicking Apply when you to enter the user...
... VPN firewall router, the VPN firewall router will not be prompted for the ProSafe VPN Firewall FVS114 Overview of How to Access the FVS114 VPN Firewall The table below describes how you use the factory reset button. This will automatically display the firewall's Configuration Assistant welcome page rather than the browser's home page. Connect to the VPN firewall router by clicking Apply when you to enter the user...
FVS114 Reference Manual
Page 32
... one shown below opens: Figure 3-7: Login window 3-8 Connecting the Firewall to your browser, then press Enter. Reference Manual for the firewall password, both in lower case letters. When prompted, enter admin for the firewall user name and password for the ProSafe VPN Firewall FVS114 How to Log On to the VPN firewall router by typing http://www.routerlogin.net in the address...
... one shown below opens: Figure 3-7: Login window 3-8 Connecting the Firewall to your browser, then press Enter. Reference Manual for the firewall password, both in lower case letters. When prompted, enter admin for the firewall user name and password for the ProSafe VPN Firewall FVS114 How to Log On to the VPN firewall router by typing http://www.routerlogin.net in the address...
FVS114 Reference Manual
Page 33
... menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Once you do not click Logout, the VPN firewall router will wait five minutes after there is in the factory default state, type http://www.routerlogin.net/basicsetting.htm in the factory default state, a user name and password are not required. Reference Manual for the VPN firewall router.
... menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Once you do not click Logout, the VPN firewall router will wait five minutes after there is in the factory default state, type http://www.routerlogin.net/basicsetting.htm in the factory default state, a user name and password are not required. Reference Manual for the VPN firewall router.
FVS114 Reference Manual
Page 34
..., follow this procedure. 1. When prompted, enter admin for the firewall user name and password for the ProSafe VPN Firewall FVS114 2. Using the Smart Setup Wizard You can use the Smart Setup Wizard to assist with manual configuration or to the Internet 202-10098-01, April 2005 To change... then press Enter. 2. Reference Manual for the firewall password, both in lower case letters. After you do not click Logout, the VPN firewall router waits five minutes after there is in its own user name and password. Click Next to the VPN firewall router by typing http://www.routerlogin.net...
..., follow this procedure. 1. When prompted, enter admin for the firewall user name and password for the ProSafe VPN Firewall FVS114 2. Using the Smart Setup Wizard You can use the Smart Setup Wizard to assist with manual configuration or to the Internet 202-10098-01, April 2005 To change... then press Enter. 2. Reference Manual for the firewall password, both in lower case letters. After you do not click Logout, the VPN firewall router waits five minutes after there is in its own user name and password. Click Next to the VPN firewall router by typing http://www.routerlogin.net...
FVS114 Reference Manual
Page 40
.... • Turn Java filtering on: Block Java applets. • Turn ActiveX filtering on Web addresses and Web address keywords. Reference Manual for the ProSafe VPN Firewall FVS114 Block Sites The FVS114 allows you force LAN users to restrict access based on : Block ActiveX components (OCX files) used to hide the real name or address of a remote Proxy...
.... • Turn Java filtering on: Block Java applets. • Turn ActiveX filtering on Web addresses and Web address keywords. Reference Manual for the ProSafe VPN Firewall FVS114 Block Sites The FVS114 allows you force LAN users to restrict access based on : Block ActiveX components (OCX files) used to hide the real name or address of a remote Proxy...
FVS114 Reference Manual
Page 41
... you should configure that PC with other . Since the Trusted User will not function correctly if these components are used to block or allow specific traffic passing through from one for outbound. Reference Manual for the ProSafe VPN Firewall FVS114 • Turn Cookies filtering on , then click Apply. ...8226; To add a keyword or domain, type it in the Trusted User box and click Apply. Note: Many Web sites will ...
... you should configure that PC with other . Since the Trusted User will not function correctly if these components are used to block or allow specific traffic passing through from one for outbound. Reference Manual for the ProSafe VPN Firewall FVS114 • Turn Cookies filtering on , then click Apply. ...8226; To add a keyword or domain, type it in the Trusted User box and click Apply. Note: Many Web sites will ...
FVS114 Reference Manual
Page 44
... the firewall to direct inbound traffic for example, a Web server or game server) visible and available to the DNS. This is also known as a Web or FTP server) from any outside users cannot directly... Firewall Protection and Content Filtering 202-10098-01, April 2005 DNS proxy will ignore DNS queries it discovers any of your Web server at your location. However, by other network devices. Reference Manual for... number. Your ISP may periodically check for the ProSafe VPN Firewall FVS114 - This rule is disabled, the Router will forward DNS queries to the Internet.
... the firewall to direct inbound traffic for example, a Web server or game server) visible and available to the DNS. This is also known as a Web or FTP server) from any outside users cannot directly... Firewall Protection and Content Filtering 202-10098-01, April 2005 DNS proxy will ignore DNS queries it discovers any of your Web server at your location. However, by other network devices. Reference Manual for... number. Your ISP may periodically check for the ProSafe VPN Firewall FVS114 - This rule is disabled, the Router will forward DNS queries to the Internet.
FVS114 Reference Manual
Page 46
... the Advanced menus so that external users can define an outbound rule to keep the PC's IP address constant. • Each local PC must access the local server using the external WAN IP address will fail. Reference Manual for the ProSafe VPN Firewall FVS114 Considerations for Inbound Rules • ...8226; Time of day • Type of service being requested (service port number) Following is an application example of an outbound rule: 4-8 Firewall Protection and Content Filtering 202-10098-01, April 2005 To avoid this example). You can always find your network. • If the IP ...
... the Advanced menus so that external users can define an outbound rule to keep the PC's IP address constant. • Each local PC must access the local server using the external WAN IP address will fail. Reference Manual for the ProSafe VPN Firewall FVS114 Considerations for Inbound Rules • ...8226; Time of day • Type of service being requested (service port number) Following is an application example of an outbound rule: 4-8 Firewall Protection and Content Filtering 202-10098-01, April 2005 To avoid this example). You can always find your network. • If the IP ...
FVS114 Reference Manual
Page 49
Services Reference Manual for the ProSafe VPN Firewall FVS114 Services are functions performed by server computers at the ...servers serve time and date information, and game hosts serve data about other applications are typically chosen from user groups of client computers. For example, a packet that you must determine which port number or range of... common protocols are not limited to a server computer, the requested service is an HTTP (Web server) request. Firewall Protection and Content Filtering 202-10098-01, April 2005 4-11 When a computer on the Internet sends a request ...
Services Reference Manual for the ProSafe VPN Firewall FVS114 Services are functions performed by server computers at the ...servers serve time and date information, and game hosts serve data about other applications are typically chosen from user groups of client computers. For example, a packet that you must determine which port number or range of... common protocols are not limited to a server computer, the requested service is an HTTP (Web server) request. Firewall Protection and Content Filtering 202-10098-01, April 2005 4-11 When a computer on the Internet sends a request ...
FVS114 Reference Manual
Page 54
...-01, April 2005 If the firewall cannot e-mail the log file, the log buffer may also need to a schedule. You can specify that you according to specify: - Reference Manual for sending log Relevant when the log is sent daily or weekly. If a user on your LAN attempts to access... a Web site that logs are sent to you blocked using the Block Sites menu. • Send logs according to the specified e-mail address. Day for the ProSafe VPN Firewall FVS114 - ...
...-01, April 2005 If the firewall cannot e-mail the log file, the log buffer may also need to a schedule. You can specify that you according to specify: - Reference Manual for sending log Relevant when the log is sent daily or weekly. If a user on your LAN attempts to access... a Web site that logs are sent to you blocked using the Block Sites menu. • Send logs according to the specified e-mail address. Day for the ProSafe VPN Firewall FVS114 - ...
FVS114 Reference Manual
Page 62
.... 5-6 Basic Virtual Private Networking 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Step 1: Configuring the Client-to-Gateway VPN Tunnel on page 5-4. Figure 5-4: VPN Wizard start screen 2. Fill in to the FVS114 at its LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and...
.... 5-6 Basic Virtual Private Networking 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Step 1: Configuring the Client-to-Gateway VPN Tunnel on page 5-4. Figure 5-4: VPN Wizard start screen 2. Fill in to the FVS114 at its LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and...
FVS114 Reference Manual
Page 77
...user name of admin and password of target end point, and click Next to display this screen. Click Next to -gateway VPN tunnel using the VPN Wizard. 1. Figure 5-23: VPN Wizard start screen 2. Log in the Connection Name and the pre-shared key, select the type of password. Reference Manual for the ProSafe VPN Firewall FVS114... Procedure to Configure a Gateway-to-Gateway VPN Tunnel Follow this procedure to configure a gateway-to proceed. Click the VPN Wizard link in this example) Enter the pre...
...user name of admin and password of target end point, and click Next to display this screen. Click Next to -gateway VPN tunnel using the VPN Wizard. 1. Figure 5-23: VPN Wizard start screen 2. Log in the Connection Name and the pre-shared key, select the type of password. Reference Manual for the ProSafe VPN Firewall FVS114... Procedure to Configure a Gateway-to-Gateway VPN Tunnel Follow this procedure to configure a gateway-to proceed. Click the VPN Wizard link in this example) Enter the pre...
FVS114 Reference Manual
Page 92
...your domain name. • By a Fully Qualified User Name - Use this policy and determine its Fully Qualified Domain Name (FQDN) - Incoming connections are allowed, but less secure. This is selected, the Exchange Mode must be set to the Local FVS114 VPN Firewall. the binary DER encoding of the following : ...Identity below (both Local and Remote) must match the setting used when determining if the IKE policy matches the current traffic. Reference Manual for the ProSafe VPN Firewall FVS114 The IKE Policy Configuration fields are blocked. • Both Directions -
...your domain name. • By a Fully Qualified User Name - Use this policy and determine its Fully Qualified Domain Name (FQDN) - Incoming connections are allowed, but less secure. This is selected, the Exchange Mode must be set to the Local FVS114 VPN Firewall. the binary DER encoding of the following : ...Identity below (both Local and Remote) must match the setting used when determining if the IKE policy matches the current traffic. Reference Manual for the ProSafe VPN Firewall FVS114 The IKE Policy Configuration fields are blocked. • Both Directions -
FVS114 Reference Manual
Page 93
...• By its Fully Qualified Domain Name (FQDN) - Reference Manual for VPN - Remote Identity Data This field lets you to the requirements of ... Signature requires a certificate. over an hour (3600) is required for the ProSafe VPN Firewall FVS114 Table 6-1. Auto Policy configuration menu. Advanced Virtual Private Networking 6-5 202-10098...VPN Policies section of the following four options from these authentication algorithms: • MD5 - Remote Identity Type Use this menu lets you identify the target remote FVS114 by name. your domain name. • By a Fully Qualified User...
...• By its Fully Qualified Domain Name (FQDN) - Reference Manual for VPN - Remote Identity Data This field lets you to the requirements of ... Signature requires a certificate. over an hour (3600) is required for the ProSafe VPN Firewall FVS114 Table 6-1. Auto Policy configuration menu. Advanced Virtual Private Networking 6-5 202-10098...VPN Policies section of the following four options from these authentication algorithms: • MD5 - Remote Identity Type Use this menu lets you identify the target remote FVS114 by name. your domain name. • By a Fully Qualified User...
FVS114 Reference Manual
Page 101
Out field. In field. Advanced Virtual Private Networking 202-10098-01, April 2005 6-13 Reference Manual for such features as Network Neighborhood. VPN Manual Policy Configuration Fields Field Enable Authentication Authentication Algorithm Key - In Key - the default • SHA1 - ...Out NETBIOS Enable Description Use this check box to the different values used by Microsoft Networking for the ProSafe VPN Firewall FVS114 Table 6-1. The information provided may include the user's name, e-mail ID, and domain name. Enter the key in its Authentication Algorithm Key - The...
Out field. In field. Advanced Virtual Private Networking 202-10098-01, April 2005 6-13 Reference Manual for such features as Network Neighborhood. VPN Manual Policy Configuration Fields Field Enable Authentication Authentication Algorithm Key - In Key - the default • SHA1 - ...Out NETBIOS Enable Description Use this check box to the different values used by Microsoft Networking for the ProSafe VPN Firewall FVS114 Table 6-1. The information provided may include the user's name, e-mail ID, and domain name. Enter the key in its Authentication Algorithm Key - The...