FVS114 Reference Manual
Page 8
... the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix A Technical Specifications Appendix B Network, Routing, and Firewall Basics Related Publications ...B-1 Basic Router Concepts B-1 viii Contents 202-10098...
... the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix A Technical Specifications Appendix B Network, Routing, and Firewall Basics Related Publications ...B-1 Basic Router Concepts B-1 viii Contents 202-10098...
FVS114 Reference Manual
Page 29
... the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its settings. If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Reference Manual for the password both IP and DNS server addresses automatically, which is in its factory default state. It should be set to the...
... the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its settings. If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Reference Manual for the password both IP and DNS server addresses automatically, which is in its factory default state. It should be set to the...
FVS114 Reference Manual
Page 31
.... You can bypass the Smart Wizard Configuration Assistant feature by typing the IP address of the VPN firewall router in the factory default state. The default password is no need to enter the user name of admin and the password. Reference Manual for the ProSafe VPN Firewall FVS114 Overview of How to the Internet 3-7 202-10098-01, April 2005 There...
.... You can bypass the Smart Wizard Configuration Assistant feature by typing the IP address of the VPN firewall router in the factory default state. The default password is no need to enter the user name of admin and the password. Reference Manual for the ProSafe VPN Firewall FVS114 Overview of How to the Internet 3-7 202-10098-01, April 2005 There...
FVS114 Reference Manual
Page 41
... the URL is blocked, as .edu or .gov) can have access to block or allow specific traffic passing through from one for the ProSafe VPN Firewall FVS114 • Turn Cookies filtering on , then click Apply. • To add a keyword or domain, type it in the Trusted User ... Rules to access specific resources. Reference Manual for outbound. The default rules of Traffic Firewall rules are blocked. You may specify one Trusted User, which is specified, only Web sites with a fixed or reserved IP address. Firewall Protection and Content Filtering 4-3 202-10098-01, April 2005 Keyword...
... the URL is blocked, as .edu or .gov) can have access to block or allow specific traffic passing through from one for the ProSafe VPN Firewall FVS114 • Turn Cookies filtering on , then click Apply. • To add a keyword or domain, type it in the Trusted User ... Rules to access specific resources. Reference Manual for outbound. The default rules of Traffic Firewall rules are blocked. You may specify one Trusted User, which is specified, only Web sites with a fixed or reserved IP address. Firewall Protection and Content Filtering 4-3 202-10098-01, April 2005 Keyword...
FVS114 Reference Manual
Page 42
...button on the service or application, source or destination IP addresses, and time of day. At the script prompt, enter the number of the table and click Delete. By adding custom rules, you have defined. Reference Manual for the ProSafe VPN Firewall FVS114 These default rules are shown in the Rules table of the Rules...You may define additional rules that matches or does not match the rule you can also choose to log traffic that specify exceptions to the default rules. You can block or allow access based on the left side of the table and click Move. To edit an existing rule, ...
...button on the service or application, source or destination IP addresses, and time of day. At the script prompt, enter the number of the table and click Delete. By adding custom rules, you have defined. Reference Manual for the ProSafe VPN Firewall FVS114 These default rules are shown in the Rules table of the Rules...You may define additional rules that matches or does not match the rule you can also choose to log traffic that specify exceptions to the default rules. You can block or allow access based on the left side of the table and click Move. To edit an existing rule, ...
FVS114 Reference Manual
Page 60
...NETGEAR publishes additional interoperability scenarios with three different, unrelated keys. - The VPN Wizard using DES with various gateway and client software products. 5-4 Basic Virtual Private Networking 202-10098-01, April 2005 AES - The Data Encryption Standard (DES) processes input data that is the optimal choice for the ProSafe VPN Firewall FVS114... FQDNs supplied by Dynamic DNS providers can allow a VPN endpoint with a dynamic IP address to initiate or respond to configure your VPN tunnels? - DES - Reference ...
...NETGEAR publishes additional interoperability scenarios with three different, unrelated keys. - The VPN Wizard using DES with various gateway and client software products. 5-4 Basic Virtual Private Networking 202-10098-01, April 2005 AES - The Data Encryption Standard (DES) processes input data that is the optimal choice for the ProSafe VPN Firewall FVS114... FQDNs supplied by Dynamic DNS providers can allow a VPN endpoint with a dynamic IP address to initiate or respond to configure your VPN tunnels? - DES - Reference ...
FVS114 Reference Manual
Page 76
... a Gateway-to-Gateway VPN Configuration Note: This section uses the VPN Wizard to set up the VPN tunnel. A FVS114 VPN Firewall VPN Tunnel B FVS114 VPN Firewall PCs PCs Figure 5-22: Gateway-to-Gateway VPN Tunnel Follow the procedure below to set the LAN IPs on page 5-4. The LAN IP address ranges of each FVS114 to set up the VPN tunnel using the NETGEAR default address range of...
... a Gateway-to-Gateway VPN Configuration Note: This section uses the VPN Wizard to set up the VPN tunnel. A FVS114 VPN Firewall VPN Tunnel B FVS114 VPN Firewall PCs PCs Figure 5-22: Gateway-to-Gateway VPN Tunnel Follow the procedure below to set the LAN IPs on page 5-4. The LAN IP address ranges of each FVS114 to set up the VPN tunnel using the NETGEAR default address range of...
FVS114 Reference Manual
Page 77
...: (12345678 in to the FVS114 on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and click Next to -gateway VPN tunnel using the VPN Wizard. 1. Reference Manual for the ProSafe VPN Firewall FVS114 Procedure to Configure a Gateway-to-Gateway VPN Tunnel Follow this procedure to...
...: (12345678 in to the FVS114 on LAN A at its default LAN address of http://192.168.0.1 with its default user name of admin and password of target end point, and click Next to -gateway VPN tunnel using the VPN Wizard. 1. Reference Manual for the ProSafe VPN Firewall FVS114 Procedure to Configure a Gateway-to-Gateway VPN Tunnel Follow this procedure to...
FVS114 Reference Manual
Page 93
...bytes. Auto Policy configuration. Reference Manual for this IKE policy: • DES is the default • 3DES is more secure Authentication Method You may select Pre-Shared Key or RSA ...VPN gateway or client. Auto Policy configuration menu. Encryption Algorithm Choose the encryption algorithm for the ProSafe VPN Firewall FVS114 Table 6-1. Pre-Shared Key Specify the key according to the VPN - VPN...) port IP address. • By its Fully Qualified Domain Name (FQDN) - From the VPN Policies section of the main menu, you identify the target remote FVS114 by name.
...bytes. Auto Policy configuration. Reference Manual for this IKE policy: • DES is the default • 3DES is more secure Authentication Method You may select Pre-Shared Key or RSA ...VPN gateway or client. Auto Policy configuration menu. Encryption Algorithm Choose the encryption algorithm for the ProSafe VPN Firewall FVS114 Table 6-1. Pre-Shared Key Specify the key according to the VPN - VPN...) port IP address. • By its Fully Qualified Domain Name (FQDN) - From the VPN Policies section of the main menu, you identify the target remote FVS114 by name.
FVS114 Reference Manual
Page 96
... if and when a VPN tunnel will be established. The choices are : • ANY for the payload (data) sent through the VPN tunnel. The choices are : • ANY for all valid IP addresses in the Internet address space • Single IP Address • Range of the outbound network traffic for the ProSafe VPN Firewall FVS114 Table 6-1. the default • SHA1 -
... if and when a VPN tunnel will be established. The choices are : • ANY for the payload (data) sent through the VPN tunnel. The choices are : • ANY for all valid IP addresses in the Internet address space • Single IP Address • Range of the outbound network traffic for the ProSafe VPN Firewall FVS114 Table 6-1. the default • SHA1 -
FVS114 Reference Manual
Page 104
... of 3600 seconds (one hour) with the default user name of admin and default password of the FVS114. a. Reference Manual for the ProSafe VPN Firewall FVS114 The IKE Phase 2 parameters used in Scenario 1 are open on the FVS114. Configure the WAN (Internet) and LAN IP addresses of password, or using IPv4 subnets FVS114 Scenario 1: FVS114 to build your configuration. 1. Log in...
... of 3600 seconds (one hour) with the default user name of admin and default password of the FVS114. a. Reference Manual for the ProSafe VPN Firewall FVS114 The IKE Phase 2 parameters used in Scenario 1 are open on the FVS114. Configure the WAN (Internet) and LAN IP addresses of password, or using IPv4 subnets FVS114 Scenario 1: FVS114 to build your configuration. 1. Log in...
FVS114 Reference Manual
Page 118
... used by the LAN port of the firewall. These parameters apply to the firewall. The MAC address used by the Internet (WAN) port of the firewall. The default is active for the ProSafe VPN Firewall FVS114 This screen shows the following parameters: Table 7-1. This field can show DHCP Client, Fixed IP, PPPoE, BPA or PPTP. The MAC address used...
... used by the LAN port of the firewall. These parameters apply to the firewall. The MAC address used by the Internet (WAN) port of the firewall. The default is active for the ProSafe VPN Firewall FVS114 This screen shows the following parameters: Table 7-1. This field can show DHCP Client, Fixed IP, PPPoE, BPA or PPTP. The MAC address used...
FVS114 Reference Manual
Page 119
...the WAN connection status. Reference Manual for the ProSafe VPN Firewall FVS114 Click Show WAN Status to your Internet service provider. Default Gateway The WAN (Internet) default gateway the firewall communicates with. Connection Method The method used to the firewall. IP Address The WAN (Internet) IP address assigned to obtain an IP address from your Internet service provider's network. ... described in Table 7-2 Table 7-2. Maintenance 7-3 202-10098-01, April 2005 Button Renew Connection Status action buttons Description Click the Renew button to the firewall.
...the WAN connection status. Reference Manual for the ProSafe VPN Firewall FVS114 Click Show WAN Status to your Internet service provider. Default Gateway The WAN (Internet) default gateway the firewall communicates with. Connection Method The method used to the firewall. IP Address The WAN (Internet) IP address assigned to obtain an IP address from your Internet service provider's network. ... described in Table 7-2 Table 7-2. Maintenance 7-3 202-10098-01, April 2005 Button Renew Connection Status action buttons Description Click the Renew button to the firewall.
FVS114 Reference Manual
Page 124
NETGEAR recommends that you must use the Diagnostics page to a more secure password. Figure 7-7: Set Password menu To change this password to perform various diagnostics. From ... page 9-7. For normal operation, these are not required. Reference Manual for the firewall's Web Configuration Manager is password. Changing the Administrator Password The default password for the ProSafe VPN Firewall FVS114 To restore the factory default configuration settings without knowing the login password or IP address, you change the password, first enter the old password, and then enter...
NETGEAR recommends that you must use the Diagnostics page to a more secure password. Figure 7-7: Set Password menu To change this password to perform various diagnostics. From ... page 9-7. For normal operation, these are not required. Reference Manual for the firewall's Web Configuration Manager is password. Changing the Administrator Password The default password for the ProSafe VPN Firewall FVS114 To restore the factory default configuration settings without knowing the login password or IP address, you change the password, first enter the old password, and then enter...
FVS114 Reference Manual
Page 128
... need to manually select the port speed. In some cases, one local PC can run the application properly if that PC's IP address is programmed to recognize some of your broadband modem supports 100BaseT, select 100M; For some online games and videoconferencing applications that... box. If you 're willing to risk open access. This computer is available to anyone on your router can be a DMZ server: a. Reference Manual for the ProSafe VPN Firewall FVS114 • Default DMZ Server: Specifying a Default DMZ Server allows you to set up a computer or server that is called the...
... need to manually select the port speed. In some cases, one local PC can run the application properly if that PC's IP address is programmed to recognize some of your broadband modem supports 100BaseT, select 100M; For some online games and videoconferencing applications that... box. If you 're willing to risk open access. This computer is available to anyone on your router can be a DMZ server: a. Reference Manual for the ProSafe VPN Firewall FVS114 • Default DMZ Server: Specifying a Default DMZ Server allows you to set up a computer or server that is called the...
FVS114 Reference Manual
Page 129
... 8-3 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Note: For security, NETGEAR strongly recommends that require greater access from the outside, and will therefore be provided with your IP address by the firewall. Click Apply. A better term for that name linked with...Dynamic DNS If your frequently-changing IP address. How to your network has a permanently assigned IP address, you avoid using the Default DMZ Server feature. Click Default DMZ Server. 2. In this box unless you to register your firewall to their IP address, and will allow you have...
... 8-3 202-10098-01, April 2005 Reference Manual for the ProSafe VPN Firewall FVS114 Note: For security, NETGEAR strongly recommends that require greater access from the outside, and will therefore be provided with your IP address by the firewall. Click Apply. A better term for that name linked with...Dynamic DNS If your frequently-changing IP address. How to your network has a permanently assigned IP address, you avoid using the Default DMZ Server feature. Click Default DMZ Server. 2. In this box unless you to register your firewall to their IP address, and will allow you have...
FVS114 Reference Manual
Page 130
... yourhost.dyndns.org 9. For example, for the ProSafe VPN Firewall FVS114 The firewall contains a client that your dynamic DNS provider gave you have configured your account information in the firewall, whenever your ISP-assigned IP address changes, your URL, you must select a service provider and obtain an account with its default LAN address of your configuration. 8-4 Advanced Configuration...
... yourhost.dyndns.org 9. For example, for the ProSafe VPN Firewall FVS114 The firewall contains a client that your dynamic DNS provider gave you have configured your account information in the firewall, whenever your ISP-assigned IP address changes, your URL, you must select a service provider and obtain an account with its default LAN address of your configuration. 8-4 Advanced Configuration...
FVS114 Reference Manual
Page 131
... menu of LAN IP services such as a DHCP server. The firewall's default LAN IP configuration is shipped preconfigured to use private IP addresses on the LAN side, and to view the menu shown below. Reference Manual for the ProSafe VPN Firewall FVS114 Note: If your ISP assigns a private WAN IP address such as ...192.168.x.x or 10.x.x.x, the dynamic DNS service will not work because private addresses will not be routed on LAN IP Setup to act as DHCP and RIP....
... menu of LAN IP services such as a DHCP server. The firewall's default LAN IP configuration is shipped preconfigured to use private IP addresses on the LAN side, and to view the menu shown below. Reference Manual for the ProSafe VPN Firewall FVS114 Note: If your ISP assigns a private WAN IP address such as ...192.168.x.x or 10.x.x.x, the dynamic DNS service will not work because private addresses will not be routed on LAN IP Setup to act as DHCP and RIP....
FVS114 Reference Manual
Page 132
... for the ProSafe VPN Firewall FVS114 These addresses are part of the firewall. Combined with the IP address, the IP Subnet Mask allows a device to know which must then open a new connection to Both or Out Only, the firewall broadcasts its routing table periodically. - RIP-2B uses subnet broadcasting. The RIP Direction selection controls how the firewall sends and...
... for the ProSafe VPN Firewall FVS114 These addresses are part of the firewall. Combined with the IP address, the IP Subnet Mask allows a device to know which must then open a new connection to Both or Out Only, the firewall broadcasts its routing table periodically. - RIP-2B uses subnet broadcasting. The RIP Direction selection controls how the firewall sends and...
FVS114 Reference Manual
Page 133
...ProSafe VPN Firewall FVS114 Using the Firewall as a DHCP server By default, the firewall functions as DHCP server check box. For most applications, the default DHCP and TCP/IP settings of the range for your network. Otherwise, leave it is assigned to avoid duplicate addresses on the LAN, that PC will always receive the same IP... IP address for an explanation of the firewall. See "IP Configuration by DHCP" on your computers, clear the Use router as a DHCP (Dynamic Host Configuration Protocol) server, allowing it accesses the firewall's DHCP server. The assigned default ...
...ProSafe VPN Firewall FVS114 Using the Firewall as a DHCP server By default, the firewall functions as DHCP server check box. For most applications, the default DHCP and TCP/IP settings of the range for your network. Otherwise, leave it is assigned to avoid duplicate addresses on the LAN, that PC will always receive the same IP... IP address for an explanation of the firewall. See "IP Configuration by DHCP" on your computers, clear the Use router as a DHCP (Dynamic Host Configuration Protocol) server, allowing it accesses the firewall's DHCP server. The assigned default ...