FVS318G Installation Guide
Page 1
...communication speed. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to set up your computer. You can select "Never dial a connection." Unplug and turn it on . • LAN. Disconnect the cable at http://kbserver.netgear.com. Securely insert the Ethernet...the Ethernet cable from your computer. Now, Configure the FVS318G for 100 Mbps, and off the broadband modem. c. Check the FVS318G status lights to the FVS318G Internet port and the modem. Now, plug in point B of the FVS318G as Internet Explorer or Netscape® Navigator...
...communication speed. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to set up your computer. You can select "Never dial a connection." Unplug and turn it on . • LAN. Disconnect the cable at http://kbserver.netgear.com. Securely insert the Ethernet...the Ethernet cable from your computer. Now, Configure the FVS318G for 100 Mbps, and off the broadband modem. c. Check the FVS318G status lights to the FVS318G Internet port and the modem. Now, plug in point B of the FVS318G as Internet Explorer or Netscape® Navigator...
FVS318G User Manual
Page 5
... Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode 2-11 Network Address Translation 2-11 Contents v 1.1November, 2009
... Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode 2-11 Network Address Translation 2-11 Contents v 1.1November, 2009
FVS318G User Manual
Page 7
... NETGEAR VPN Client Status and Log Information 5-11 FVS318G VPN Connection Status and Logs 5-13 Managing VPN Policies 5-14 Managing IKE Policies 5-14 Managing VPN Policies 5-16 Configuring Extended Authentication (XAUTH 5-17 Configuring XAUTH for VPN Clients 5-18 User Database Configuration 5-19 RADIUS Client Configuration 5-19 Assigning IP Addresses to Remote Users (ModeConfig 5-21 Mode Config Operation 5-22 Configuring the VPN Firewall Router 5-22 Configuring the ProSafe VPN...
... NETGEAR VPN Client Status and Log Information 5-11 FVS318G VPN Connection Status and Logs 5-13 Managing VPN Policies 5-14 Managing IKE Policies 5-14 Managing VPN Policies 5-16 Configuring Extended Authentication (XAUTH 5-17 Configuring XAUTH for VPN Clients 5-18 User Database Configuration 5-19 RADIUS Client Configuration 5-19 Assigning IP Addresses to Remote Users (ModeConfig 5-21 Mode Config Operation 5-22 Configuring the VPN Firewall Router 5-22 Configuring the ProSafe VPN...
FVS318G User Manual
Page 8
...7-8 Enabling Remote Management Access 7-10 Using the Command Line Interface 7-13 Using an SNMP Manager 7-13 Configuration File Management 7-15 Upgrading the Firmware 7-17 Configuring Date and Time Service 7-18 Chapter 8 Troubleshooting Basic Functions ...8-1 Power LED Not On 8-2 LEDs Never...Off 8-2 LAN or WAN Port LEDs Not On 8-2 Troubleshooting the Web Configuration Interface 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 ...
...7-8 Enabling Remote Management Access 7-10 Using the Command Line Interface 7-13 Using an SNMP Manager 7-13 Configuration File Management 7-15 Upgrading the Firmware 7-17 Configuring Date and Time Service 7-18 Chapter 8 Troubleshooting Basic Functions ...8-1 Power LED Not On 8-2 LEDs Never...Off 8-2 LAN or WAN Port LEDs Not On 8-2 Troubleshooting the Web Configuration Interface 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 ...
FVS318G User Manual
Page 11
... install, configure and troubleshoot the ProSafe VPN Firewall. xi 1.1 November, 2009 This manual uses the following typographical conventions:: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text, code URL links • Formats. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference...
... install, configure and troubleshoot the ProSafe VPN Firewall. xi 1.1 November, 2009 This manual uses the following typographical conventions:: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text, code URL links • Formats. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference...
FVS318G User Manual
Page 12
... the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe VPN Firewall November, 2009 For more information about network, Internet, firewall, and VPN technologies, see the links to LAN and Firewall configuration xii About This Manual 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is available on the Adobe Web site at http://kbserver.netgear.com/products/FVS318G.asp...
... the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe VPN Firewall November, 2009 For more information about network, Internet, firewall, and VPN technologies, see the links to LAN and Firewall configuration xii About This Manual 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is available on the Adobe Web site at http://kbserver.netgear.com/products/FVS318G.asp...
FVS318G User Manual
Page 16
... NAT routers, the FVS318G is a true firewall, using stateful packet inspection (SPI) to access objectionable Internet sites. • Permits scheduling of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. Its firewall features ...configure the firewall to log and report attempts to defend against hacker attacks. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. Advanced VPN...
... NAT routers, the FVS318G is a true firewall, using stateful packet inspection (SPI) to access objectionable Internet sites. • Permits scheduling of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. Its firewall features ...configure the firewall to log and report attempts to defend against hacker attacks. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. Advanced VPN...
FVS318G User Manual
Page 17
...) support for connecting remote hosts to the Internet over Ethernet (PPPoE). Introduction 1-3 1.1 November, 2009 You can configure the firewall to email the log to attached PCs on page C-3. • IP Address Sharing by NAT. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as NAT, allows the use of an inexpensive single-user...
...) support for connecting remote hosts to the Internet over Ethernet (PPPoE). Introduction 1-3 1.1 November, 2009 You can configure the firewall to email the log to attached PCs on page C-3. • IP Address Sharing by NAT. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as NAT, allows the use of an inexpensive single-user...
FVS318G User Manual
Page 18
..., asking you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. The firewall allows you to easily configure your firewall from a remote location on the Internet. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and ... IPsec VPN tunnels are interoperable with your type of ISP. Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels ...
..., asking you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. The firewall allows you to easily configure your firewall from a remote location on the Internet. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and ... IPsec VPN tunnels are interoperable with your type of ISP. Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels ...
FVS318G User Manual
Page 21
Introduction 1-7 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Rear Panel Features The rear panel of the ProSafe VPN Firewall includes a cable lock receptacle, and reset factory defaults switch, and a DC power connection. All configuration settings will be lost and the default password will be restored. • DC power receptacle: 12V @ 1.5A. Figure 1-2 Viewed from left...Defaults button: Using a sharp object, press and hold this button for about ten seconds until the front panel TEST light flashes to reset the VPN firewall to factory default settings.
Introduction 1-7 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Rear Panel Features The rear panel of the ProSafe VPN Firewall includes a cable lock receptacle, and reset factory defaults switch, and a DC power connection. All configuration settings will be lost and the default password will be restored. • DC power receptacle: 12V @ 1.5A. Figure 1-2 Viewed from left...Defaults button: Using a sharp object, press and hold this button for about ten seconds until the front panel TEST light flashes to reset the VPN firewall to factory default settings.
FVS318G User Manual
Page 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
FVS318G User Manual
Page 23
... into the VPN Firewall Router Router" on page 2-11. 5. A PDF of the Installation Guide is described in to complete the basic Internet connection of the ProSafe VPN Firewall is on page 2-13. 2-1 1.1 November, 2009 Log in this phase, you are required to the VPN Firewall Router. See "Logging into the VPN Firewall Router Router" on page 2-2 • "Navigating the Menus" on page 2-3 • "Configuring the...
... into the VPN Firewall Router Router" on page 2-11. 5. A PDF of the Installation Guide is described in to complete the basic Internet connection of the ProSafe VPN Firewall is on page 2-13. 2-1 1.1 November, 2009 Log in this phase, you are required to the VPN Firewall Router. See "Logging into the VPN Firewall Router Router" on page 2-2 • "Navigating the Menus" on page 2-3 • "Configuring the...
FVS318G User Manual
Page 24
...address automatically from the VPN firewall by DHCP. See "Configuring the Advanced WAN Options (Optional)" on page 1-8. 2. Each of firewall and VPN features is described in this chapter. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP...chapters. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Start any of the qualified browsers, as detailed in Appendix B, "Related Documents. However, these steps: 1. For instructions on how to configure your computer needs to be configured to the VPN firewall follow ...
...address automatically from the VPN firewall by DHCP. See "Configuring the Advanced WAN Options (Optional)" on page 1-8. 2. Each of firewall and VPN features is described in this chapter. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP...chapters. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Start any of the qualified browsers, as detailed in Appendix B, "Related Documents. However, these steps: 1. For instructions on how to configure your computer needs to be configured to the VPN firewall follow ...
FVS318G User Manual
Page 25
Click Login. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5. The Web Configuration Manager appears, displaying the Router Status menu: Figure 2-2 Navigating the Menus The Web Configuration Manager menus are organized in a layered structure of main categories and submenus: Connecting the FVS318G to the Internet 2-3 1.1 November, 2009
Click Login. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5. The Web Configuration Manager appears, displaying the Router Status menu: Figure 2-2 Navigating the Menus The Web Configuration Manager menus are organized in a layered structure of main categories and submenus: Connecting the FVS318G to the Internet 2-3 1.1 November, 2009
FVS318G User Manual
Page 26
... category (in the center. Immediately below the main menu is detailed in the submenu). In this guide, we may refer to the first configuration task, configuring the VPN firewall's Internet connections. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. The horizontal orange bar near the top of the menu active window, are one or more blue...
... category (in the center. Immediately below the main menu is detailed in the submenu). In this guide, we may refer to the first configuration task, configuring the VPN firewall's Internet connections. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. The horizontal orange bar near the top of the menu active window, are one or more blue...
FVS318G User Manual
Page 27
Select Network Configuration > WAN Settings from the menu. The Broadband ISP Settings tab appears. Connecting the FVS318G to the Internet: Figure 2-3 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Automatically Detecting and Connecting To automatically configure the WAN port for connection to the Internet 2-5 1.1 November, 2009
Select Network Configuration > WAN Settings from the menu. The Broadband ISP Settings tab appears. Connecting the FVS318G to the Internet: Figure 2-3 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Automatically Detecting and Connecting To automatically configure the WAN port for connection to the Internet 2-5 1.1 November, 2009
FVS318G User Manual
Page 28
... Name, Domain Name (sometimes required). c. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Account Name (sometimes required). Static IP address, Subnet, and Gateway IP; Auto Detect will probe the WAN port for a range of the menu. b. If Auto Detect senses a connection method that your VPN firewall's MAC address (For more information, see "Configuring the WAN Mode" on page...
... Name, Domain Name (sometimes required). c. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Account Name (sometimes required). Static IP address, Subnet, and Gateway IP; Auto Detect will probe the WAN port for a range of the menu. b. If Auto Detect senses a connection method that your VPN firewall's MAC address (For more information, see "Configuring the WAN Mode" on page...
FVS318G User Manual
Page 29
...in order to the Internet through the WAN port. If the configuration was successful, you will need to "Configuring the WAN Mode" on page 8-4. Connecting the FVS318G to "Manually Configuring the Internet Connection following section, or see "Troubleshooting the ISP ... screen. Note: If the configuration process was not successful, skip ahead to the Internet 2-7 1.1 November, 2009 The necessary parameters for various connection types are connected to manually establish an Internet connection. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. To verify ...
...in order to the Internet through the WAN port. If the configuration was successful, you will need to "Configuring the WAN Mode" on page 8-4. Connecting the FVS318G to "Manually Configuring the Internet Connection following section, or see "Troubleshooting the ISP ... screen. Note: If the configuration process was not successful, skip ahead to the Internet 2-7 1.1 November, 2009 The necessary parameters for various connection types are connected to manually establish an Internet connection. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. To verify ...
FVS318G User Manual
Page 113
...the main menu. 2. To configure the keepalive on the other end of the tunnel must also support Dead Peer Detection. Virtual Private Networking Using IPsec 1.1 November, 2009 5-27 Click on the VPN firewall LAN. If you require your VPN tunnel to remain connected, you ... and to have a VPN tunnel drop when traffic is displayed and the VPN client icon in the toolbar will read "On". 3. Configuring Keepalive The keepalive feature maintains the IPSec SA by sending periodic ping requests to the desired VPN policy. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. From the...
...the main menu. 2. To configure the keepalive on the other end of the tunnel must also support Dead Peer Detection. Virtual Private Networking Using IPsec 1.1 November, 2009 5-27 Click on the VPN firewall LAN. If you require your VPN tunnel to remain connected, you ... and to have a VPN tunnel drop when traffic is displayed and the VPN client icon in the toolbar will read "On". 3. Configuring Keepalive The keepalive feature maintains the IPSec SA by sending periodic ping requests to the desired VPN policy. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. From the...
FVS318G User Manual
Page 115
... to Enable Dead Peer Detection. 5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. Click the Yes radio button to the desired VPN policy. In Reconnect after failure count, set the interval between consecutive DPD R-U-THERE messages. Click Apply at the bottom of the connection. 7. To solve this problem, you can configure the FVS318G to set the number of...
... to Enable Dead Peer Detection. 5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. Click the Yes radio button to the desired VPN policy. In Reconnect after failure count, set the interval between consecutive DPD R-U-THERE messages. Click Apply at the bottom of the connection. 7. To solve this problem, you can configure the FVS318G to set the number of...