FVS318G User Manual
Page 5
... Installation and Management 1-4 Maintenance and Support 1-4 Package Contents ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the...
... Installation and Management 1-4 Maintenance and Support 1-4 Package Contents ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the...
FVS318G User Manual
Page 6
...3-9 Configuring DHCP Address Reservation 3-9 Configuring Multi Home LAN IP Addresses 3-10 Configuring Static Routes 3-11 Configuring Routing Information Protocol (RIP 3-13 Chapter 4 Firewall Protection and Content Filtering About Firewall Protection and Content Filtering 4-1 Using Rules to Block or... Allow Specific Kinds of Traffic 4-2 About Services-Based Rules 4-3 Viewing the Rules ...4-8 Order of Precedence for Rules 4-8 Setting the Default Outbound Policy ...
...3-9 Configuring DHCP Address Reservation 3-9 Configuring Multi Home LAN IP Addresses 3-10 Configuring Static Routes 3-11 Configuring Routing Information Protocol (RIP 3-13 Chapter 4 Firewall Protection and Content Filtering About Firewall Protection and Content Filtering 4-1 Using Rules to Block or... Allow Specific Kinds of Traffic 4-2 About Services-Based Rules 4-3 Viewing the Rules ...4-8 Order of Precedence for Rules 4-8 Setting the Default Outbound Policy ...
FVS318G User Manual
Page 8
...6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS... 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
...6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS... 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
FVS318G User Manual
Page 15
...VPN Firewall Router" on page 1-1 • "Package Contents" on page 1-5 • "Front Panel Features" on page 1-5 • "Rear Panel Features" on page 1-7 • "Default IP Address, Login Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on time-of Gigabit Ethernet LAN and WAN ports ensures extremely high data... the Internet through an external access device such as a cable modem or DSL modem. Chapter 1 Introduction The ProSafe VPN Firewall connects your network from hackers. Parents and network administrators can install and use of -day, web site addresses ...
...VPN Firewall Router" on page 1-1 • "Package Contents" on page 1-5 • "Front Panel Features" on page 1-5 • "Rear Panel Features" on page 1-7 • "Default IP Address, Login Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on time-of Gigabit Ethernet LAN and WAN ports ensures extremely high data... the Internet through an external access device such as a cable modem or DSL modem. Chapter 1 Introduction The ProSafe VPN Firewall connects your network from hackers. Parents and network administrators can install and use of -day, web site addresses ...
FVS318G User Manual
Page 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
FVS318G User Manual
Page 24
...as detailed in Appendix B, "Related Documents. Start any of firewall and VPN features is described in lower case letters. 2-2 Connecting the FVS318G to a ping, and you can enable each WAN port to...IP address automatically from the VPN firewall by DHCP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Each of these steps: 1. Configure the WAN options (optional). Optionally, you can change the factory default MTU size and port speed. Figure 2-1 3. To connect and log in this chapter. Logging into the VPN Firewall Router Router To connect to the VPN firewall...
...as detailed in Appendix B, "Related Documents. Start any of firewall and VPN features is described in lower case letters. 2-2 Connecting the FVS318G to a ping, and you can enable each WAN port to...IP address automatically from the VPN firewall by DHCP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Each of these steps: 1. Configure the WAN options (optional). Optionally, you can change the factory default MTU size and port speed. Figure 2-1 3. To connect and log in this chapter. Logging into the VPN Firewall Router Router To connect to the VPN firewall...
FVS318G User Manual
Page 33
.... (the default setting). Connecting the FVS318G to the NETGEAR Web site. When you are not visible from ISP. • If your ISP (or your LAN) to receive incoming data. • If you only have a single public Internet IP address, you...IP addresses provided to share a single public Internet IP address. PCs on your entries. If a successful connection is only a single device (the VPN firewall) and a single IP address. Click Test to evaluate your LAN to you MUST use any changes and revert to additional setup and management tasks. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
.... (the default setting). Connecting the FVS318G to the NETGEAR Web site. When you are not visible from ISP. • If your ISP (or your LAN) to receive incoming data. • If you only have a single public Internet IP address, you...IP addresses provided to share a single public Internet IP address. PCs on your entries. If a successful connection is only a single device (the VPN firewall) and a single IP address. Click Test to evaluate your LAN to you MUST use any changes and revert to additional setup and management tasks. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
FVS318G User Manual
Page 37
...Advanced WAN options: 1. The Broadband ISP Settings screen will cause *.yourhost.dyndns.org to be aliased to activate this feature. Edit the default information you want to prevent your WAN IP address does not change often, you can select the Update every 30 days check box to the Internet 1.1 November, 2009 2-15...force a periodic update to the DDNS service to change. b. If your DDNS provider allows the use of the tabs. The Broadband Options tab is displayed. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Select Network Configuration > WAN Settings from expiring.
...Advanced WAN options: 1. The Broadband ISP Settings screen will cause *.yourhost.dyndns.org to be aliased to activate this feature. Edit the default information you want to prevent your WAN IP address does not change often, you can select the Update every 30 days check box to the Internet 1.1 November, 2009 2-15...force a periodic update to the DDNS service to change. b. If your DDNS provider allows the use of the tabs. The Broadband Options tab is displayed. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Select Network Configuration > WAN Settings from expiring.
FVS318G User Manual
Page 39
...assigned by selecting the Disable DHCP Server radio box. Each pool address is tested before it is the LAN address of the firewall. Using the default addressing scheme, you should be the DHCP server, or if you may wish to save part of the range for both ...attached PCs from a pool of addresses specified in Appendix B, "Related Documents" for an explanation of DHCP and information about how to assign IP addresses for your ProSafe VPN Firewall. See the link to "Preparing a Computer for Network Access" in this menu. These addresses should define a range between 192.168.1.2 and...
...assigned by selecting the Disable DHCP Server radio box. Each pool address is tested before it is the LAN address of the firewall. Using the default addressing scheme, you should be the DHCP server, or if you may wish to save part of the range for both ...attached PCs from a pool of addresses specified in Appendix B, "Related Documents" for an explanation of DHCP and information about how to assign IP addresses for your ProSafe VPN Firewall. See the link to "Preparing a Computer for Network Access" in this menu. These addresses should define a range between 192.168.1.2 and...
FVS318G User Manual
Page 40
... routing protocol that enables DHCP clients to your clients would only be sent over routers that it possible for DHCP broadcast messages to configure a secondary or "multi-home" LAN IP setup in the DHCP Setup menu). • Lease Time (date obtained and .... • Subnet Mask. • Gateway IP Address (the firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you entered a WINS server address in the LAN. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the range you have to configure the...
... routing protocol that enables DHCP clients to your clients would only be sent over routers that it possible for DHCP broadcast messages to configure a secondary or "multi-home" LAN IP setup in the DHCP Setup menu). • Lease Time (date obtained and .... • Subnet Mask. • Gateway IP Address (the firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you entered a WINS server address in the LAN. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the range you have to configure the...
FVS318G User Manual
Page 42
..., the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is present in the IP address pool. The IP address 192.168.1.100 is the default start address. • Ending IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Specifies the first of the VPN firewall (the IP Address configured...
..., the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is present in the IP address pool. The IP address 192.168.1.100 is the default start address. • Ending IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Specifies the first of the VPN firewall (the IP Address configured...
FVS318G User Manual
Page 43
...• Scanning the Network. Enable LDAP Information. When DNS proxy is enabled (the default), the DHCP server will detect active devices that are assigned dynamic IP addresses by the VPN firewall, or have completed the LAN setup, all outbound traffic is allowed and all known... menu contains a list of the PC or device cannot be leased to reserve an IP address for address name resolution. All IP address assignments made by other network devices. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Click Apply to provide LDAP server information. • Enable DNS Proxy...
...• Scanning the Network. Enable LDAP Information. When DNS proxy is enabled (the default), the DHCP server will detect active devices that are assigned dynamic IP addresses by the VPN firewall, or have completed the LAN setup, all outbound traffic is allowed and all known... menu contains a list of the PC or device cannot be leased to reserve an IP address for address name resolution. All IP address assignments made by other network devices. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Click Apply to provide LDAP server information. • Enable DNS Proxy...
FVS318G User Manual
Page 45
.... By default, a computer is chosen from the Group pull-down menu. • Action. The current IP address of the PC or device. For each computer or device, the following fields are displayed: • Name. LAN Configuration 3-7 1.1 November, 2009 Allows modification of the selected entry by an asterisk. • IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
.... By default, a computer is chosen from the Group pull-down menu. • Action. The current IP address of the PC or device. For each computer or device, the following fields are displayed: • Name. LAN Configuration 3-7 1.1 November, 2009 Allows modification of the selected entry by an asterisk. • IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
FVS318G User Manual
Page 46
... 1 is six colon-separated pairs of the computer's network interface in the IP Address field. The MAC address format is the default group.) 2. From the pull-down menu, choose how this device receives its IP address. In the Add Known PCs and Devices section, make the following entries...entry is Reserved (DHCP Client), the VPN firewall will be outside the range of the PC or device. • IP Address Type. The device will be added to the MAC address for the associated MAC address. • MAC Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Adding Devices to the ...
... 1 is six colon-separated pairs of the computer's network interface in the IP Address field. The MAC address format is the default group.) 2. From the pull-down menu, choose how this device receives its IP address. In the Add Known PCs and Devices section, make the following entries...entry is Reserved (DHCP Client), the VPN firewall will be outside the range of the PC or device. • IP Address Type. The device will be added to the MAC address for the associated MAC address. • MAC Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Adding Devices to the ...
FVS318G User Manual
Page 47
... settings. Type a new name in the LAN Groups Database By default, the LAN Groups are named Group1 through Group8. The Reserved IP address that computer or device will always receive the same IP address each time it accesses the VPN firewall's DHCP server. From the LAN Groups tab, click the Edit...desired. 5. Figure 3-3 2. Configuring DHCP Address Reservation When you select must be more descriptive, such as Engineering or Marketing. LAN Configuration 3-9 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing Group Names in the field. 4.
... settings. Type a new name in the LAN Groups Database By default, the LAN Groups are named Group1 through Group8. The Reserved IP address that computer or device will always receive the same IP address each time it accesses the VPN firewall's DHCP server. From the LAN Groups tab, click the Edit...desired. 5. Figure 3-3 2. Configuring DHCP Address Reservation When you select must be more descriptive, such as Engineering or Marketing. LAN Configuration 3-9 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing Group Names in the field. 4.
FVS318G User Manual
Page 56
... by this rule will apply. Specifies whether the source IP address of Service (QoS) Priorities" on page 3-5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. See "Managing Groups and Hosts (LAN Groups)" on page 4-18. All Internet IP address are covered by this rule are affected by different...the rule will be assigned the WAN interface address. Select the Group to that service for the traffic passing through the firewall. By default, the priority shown is selected, you must enter the start and end fields. never log traffic considered by this rule...
... by this rule will apply. Specifies whether the source IP address of Service (QoS) Priorities" on page 3-5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. See "Managing Groups and Hosts (LAN Groups)" on page 4-18. All Internet IP address are covered by this rule are affected by different...the rule will be assigned the WAN interface address. Select the Group to that service for the traffic passing through the firewall. By default, the priority shown is selected, you must enter the start and end fields. never log traffic considered by this rule...
FVS318G User Manual
Page 58
... PCs to incoming traffic. See "Managing Groups and Hosts (LAN Groups)" on their IP addresses. Inbound Rules Item Description Service Select the desired Service or application to a different... desired time schedule (Schedule1, Schedule2, or Schedule3) that will be covered by the Default rule. Select the desired option: • Any - If this option is not ...will have the destination port number modified to which computers on page 4-16). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. Send to configure the time schedules. it using the Services...
... PCs to incoming traffic. See "Managing Groups and Hosts (LAN Groups)" on their IP addresses. Inbound Rules Item Description Service Select the desired Service or application to a different... desired time schedule (Schedule1, Schedule2, or Schedule3) that will be covered by the Default rule. Select the desired option: • Any - If this option is not ...will have the destination port number modified to which computers on page 4-16). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. Send to configure the time schedules. it using the Services...
FVS318G User Manual
Page 61
... in determining the disposition of a packet. Change the Default Outbound Policy by choosing Block Always from an internal IP LAN address to an external WAN IP address according to pass through the VPN firewall. You can then be applied to block specific types ... Outbound Services Rule An outbound rule will cause serious problems. To create a new outbound service rule in the Schedule menu. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual and proceeding to your specific needs (see "Administrator Tips" on page 4-33). Incorrect configuration will block or allow...
... in determining the disposition of a packet. Change the Default Outbound Policy by choosing Block Always from an internal IP LAN address to an external WAN IP address according to pass through the VPN firewall. You can then be applied to block specific types ... Outbound Services Rule An outbound rule will cause serious problems. To create a new outbound service rule in the Schedule menu. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual and proceeding to your specific needs (see "Administrator Tips" on page 4-33). Incorrect configuration will block or allow...
FVS318G User Manual
Page 72
...for connectivity problems. - The attacker may also spoof the IP address of UDP packets to random ports to the victim host. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Enable Stealth Mode-In stealth mode, the VPN firewall will not respond to port scans from the WAN or ... packet coming from easily discovering the VPN firewall via a ping, but it unreachable by other clients. When blocking is enabled, the VPN firewall will be made. Block TCP Flood. Respond To Ping On Internet Ports-By default, the VPN firewall does not respond to monitor. The...
...for connectivity problems. - The attacker may also spoof the IP address of UDP packets to random ports to the victim host. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. Enable Stealth Mode-In stealth mode, the VPN firewall will not respond to port scans from the WAN or ... packet coming from easily discovering the VPN firewall via a ping, but it unreachable by other clients. When blocking is enabled, the VPN firewall will be made. Block TCP Flood. Respond To Ping On Internet Ports-By default, the VPN firewall does not respond to monitor. The...
FVS318G User Manual
Page 103
...Remote. Allows you to access individual policies to the circle and click Enable or Disable, as the default IP address when using the VPN Wizard is chosen, you must be covered by this policy. (The Subnet address is supplied as required.... Configuring Extended Authentication (XAUTH) When connecting many VPN clients to be enabled when adding or editing an IKE Policy. Virtual Private Networking Using IPsec 1.1 November, 2009 5-17 Encryption algorithm used in the local network. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status).
...Remote. Allows you to access individual policies to the circle and click Enable or Disable, as the default IP address when using the VPN Wizard is chosen, you must be covered by this policy. (The Subnet address is supplied as required.... Configuring Extended Authentication (XAUTH) When connecting many VPN clients to be enabled when adding or editing an IKE Policy. Virtual Private Networking Using IPsec 1.1 November, 2009 5-17 Encryption algorithm used in the local network. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status).