FVS318G Installation Guide
Page 1
...Installation Guide • Resource CD First, Connect the FVS318G 1. You may need to go to restart your network. 2. Disconnect the cable at http://kbserver.netgear.com. D Yellow NEGEAR Cable C VPN Firewall B Internet Local Ports Modem Your network cables are connected and you... will display. From the Ethernet connected computer you perform the VPN firewall setup steps be sure to Install Your VPN firewall • For Cable Modem Service. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to your broadband modem, turn ...
...Installation Guide • Resource CD First, Connect the FVS318G 1. You may need to go to restart your network. 2. Disconnect the cable at http://kbserver.netgear.com. D Yellow NEGEAR Cable C VPN Firewall B Internet Local Ports Modem Your network cables are connected and you... will display. From the Ethernet connected computer you perform the VPN firewall setup steps be sure to Install Your VPN firewall • For Cable Modem Service. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to your broadband modem, turn ...
FVS318G User Manual
Page 15
... access for Denial of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. With minimum setup, you from attacks and intrusions. The use the firewall within minutes. The VPN firewall provides you with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Chapter 1 Introduction The ProSafe VPN Firewall connects your network from...
... access for Denial of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. With minimum setup, you from attacks and intrusions. The use the firewall within minutes. The VPN firewall provides you with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Chapter 1 Introduction The ProSafe VPN Firewall connects your network from...
FVS318G User Manual
Page 16
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. A Powerful, True Firewall with multi-...NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. Advanced VPN Support for Web services, Web addresses, and keywords within Web addresses. IPsec VPN delivers full network access between a central office and branch offices, or between local network resources.. • 10/100/1000 Mbps Gigabit...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. A Powerful, True Firewall with multi-...NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. Advanced VPN Support for Web services, Web addresses, and keywords within Web addresses. IPsec VPN delivers full network access between a central office and branch offices, or between local network resources.. • 10/100/1000 Mbps Gigabit...
FVS318G User Manual
Page 17
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as a DNS server to the attached PCs. Autosensing Ethernet Connections with Auto Uplink With its own address as blocked incoming traffic, port scans, attacks, and administrator logins. Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as a DNS server to the attached PCs. Autosensing Ethernet Connections with Auto Uplink With its own address as blocked incoming traffic, port scans, attacks, and administrator logins. Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information...
FVS318G User Manual
Page 28
... 2-6 Connecting the FVS318G to support. DNS Server IP addresses. Login (Username, Password); Account Name (sometimes required). Login (Username, Password), Local IP address, and PPTP Server IP address; ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. ...VPN firewall and the cable or DSL line, or to (2) check your ISP appears to the Internet 1.1 November, 2009 Auto Detect will prompt you will display the results:. If Auto Detect is required. Internet connection methods Connection Method DHCP (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data...
... 2-6 Connecting the FVS318G to support. DNS Server IP addresses. Login (Username, Password); Account Name (sometimes required). Login (Username, Password), Local IP address, and PPTP Server IP address; ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. ...VPN firewall and the cable or DSL line, or to (2) check your ISP appears to the Internet 1.1 November, 2009 Auto Detect will prompt you will display the results:. If Auto Detect is required. Internet connection methods Connection Method DHCP (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data...
FVS318G User Manual
Page 38
... normal MTU (Maximum Transmit Unit) value for most cases, your network has a unique 32-bit local Ethernet address. If you cannot establish an Internet connection and the WAN Link or Speed LED blinks ...router on your VPN firewall can automatically determine the connection speed of the computer you are sure it ; However, if your ISP connection. This is also referred to the Internet 1.1 November, 2009 c. If you are sure your ISP expects. 2-16 Connecting the FVS318G to as the computer's MAC (Media Access Control) address. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
... normal MTU (Maximum Transmit Unit) value for most cases, your network has a unique 32-bit local Ethernet address. If you cannot establish an Internet connection and the WAN Link or Speed LED blinks ...router on your VPN firewall can automatically determine the connection speed of the computer you are sure it ; However, if your ISP connection. This is also referred to the Internet 1.1 November, 2009 c. If you are sure your ISP expects. 2-16 Connecting the FVS318G to as the computer's MAC (Media Access Control) address. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
FVS318G User Manual
Page 40
... DNS servers (as DHCP and allows you have no configured DHCP Relay Agent, your clients would only be sent over routers that enables DHCP clients to your network. 3-2 LAN Configuration 1.1 November, 2009 Configuring the LAN Setup Options The LAN Setup...firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you to configure a secondary or "multi-home" LAN IP setup in the WAN settings page). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which is not located on the local...
... DNS servers (as DHCP and allows you have no configured DHCP Relay Agent, your clients would only be sent over routers that enables DHCP clients to your network. 3-2 LAN Configuration 1.1 November, 2009 Configuring the LAN Setup Options The LAN Setup...firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you to configure a secondary or "multi-home" LAN IP setup in the WAN settings page). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which is not located on the local...
FVS318G User Manual
Page 42
... the following parameters: • Domain Name. (Optional) The DHCP will automatically calculate the subnet mask based on your VPN firewall (factory default: 192.168.1.1). For example, if you change the LAN IP address of a local Windows NetBios Server if one is present in the LAN TCP/IP Setup section). • Primary DNS Server... another device on the IP address that you must then open a new connection to the new IP address and log in the IP address pool. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
... the following parameters: • Domain Name. (Optional) The DHCP will automatically calculate the subnet mask based on your VPN firewall (factory default: 192.168.1.1). For example, if you change the LAN IP address of a local Windows NetBios Server if one is present in the LAN TCP/IP Setup section). • Primary DNS Server... another device on the IP address that you must then open a new connection to the new IP address and log in the IP address pool. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
FVS318G User Manual
Page 43
... enables the DHCP server to save your settings. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If this box is removed from PCs and other means. Collectively, these methods: • DHCP Client Requests. The local network is strongly recommended. • Scanning the Network. Some advantages of this VPN firewall is enabled, and will appear in the LAN Groups...
... enables the DHCP server to save your settings. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If this box is removed from PCs and other means. Collectively, these methods: • DHCP Client Requests. The local network is strongly recommended. • Scanning the Network. Some advantages of this VPN firewall is enabled, and will appear in the LAN Groups...
FVS318G User Manual
Page 54
...QoS) Priorities" on the VPN firewall can have access to. User-defined firewall rules for blocking or allowing traffic on page 4-18 Firewall rules are : • Inbound. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for ...The default rules of the FVS318G are used to block or allow specific traffic passing through from the LAN side to the outside resources local users can be applied to inbound or outbound traffic. 4-2 Firewall Protection and Content Filtering 1.1 ...
...QoS) Priorities" on the VPN firewall can have access to. User-defined firewall rules for blocking or allowing traffic on page 4-18 Firewall rules are : • Inbound. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for ...The default rules of the FVS318G are used to block or allow specific traffic passing through from the LAN side to the outside resources local users can be applied to inbound or outbound traffic. 4-2 Firewall Protection and Content Filtering 1.1 ...
FVS318G User Manual
Page 57
... also known as the DHCP lease expires. Attempts by local PCs to keep the PC's IP address constant (see "Configuring Dynamic DNS (Optional)" on page 2-13. • If the IP address of inbound traffic that would otherwise be blocked by the firewall. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "Configuring Source MAC Filtering" on...
... also known as the DHCP lease expires. Attempts by local PCs to keep the PC's IP address constant (see "Configuring Dynamic DNS (Optional)" on page 2-13. • If the IP address of inbound traffic that would otherwise be blocked by the firewall. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "Configuring Source MAC Filtering" on...
FVS318G User Manual
Page 65
... of your Web server at LAN IP address 192.168.1.99. Firewall Protection and Content Filtering 1.1 November, 2009 4-13 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Inbound Rules Examples LAN WAN Inbound Rule: Hosting A Local Public Web Server If you host a public Web server on your local network, you can define a rule to allow incoming videoconferencing to...
... of your Web server at LAN IP address 192.168.1.99. Firewall Protection and Content Filtering 1.1 November, 2009 4-13 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Inbound Rules Examples LAN WAN Inbound Rule: Hosting A Local Public Web Server If you host a public Web server on your local network, you can define a rule to allow incoming videoconferencing to...
FVS318G User Manual
Page 87
... IPsec virtual private networking (VPN) features of the VPN Consortium (VPNC), an organization that will also set the parameters for the network connection: Security Association, traffic selectors, authentication algorithm, and encryption. The parameters used by the VPN wizard are based on the recommendations of the ProSafe VPN Firewall to configure a VPN tunnel between your local network and a remote...
... IPsec virtual private networking (VPN) features of the VPN Consortium (VPNC), an organization that will also set the parameters for the network connection: Security Association, traffic selectors, authentication algorithm, and encryption. The parameters used by the VPN wizard are based on the recommendations of the ProSafe VPN Firewall to configure a VPN tunnel between your local network and a remote...
FVS318G User Manual
Page 88
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Creating Gateway to Gateway VPN Tunnels with the Wizard Figure 5-1 Follow these settings after completing the wizard. You can modify these steps to display the VPN Wizard tab page. Gateway connection Connection name Pre-shared key Figure 5-2 2. Select VPN > VPN Wizard to set up a gateway VPN tunnel using the VPN Wizard. 1. Select Gateway as...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Creating Gateway to Gateway VPN Tunnels with the Wizard Figure 5-1 Follow these settings after completing the wizard. You can modify these steps to display the VPN Wizard tab page. Gateway connection Connection name Pre-shared key Figure 5-2 2. Select VPN > VPN Wizard to set up a gateway VPN tunnel using the VPN Wizard. 1. Select Gateway as...
FVS318G User Manual
Page 89
... not supplied to connect. Note: The Remote LAN IP address must be 192.168.10.x. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. A combination of the remote gateway in a Dynamic DNS service. Virtual Private Networking Using IPsec 5-3 1.1 November, 2009 Both local and remote endpoints should not exceed 49 characters. 5. Create a Connection Name. If this information is...
... not supplied to connect. Note: The Remote LAN IP address must be 192.168.10.x. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. A combination of the remote gateway in a Dynamic DNS service. Virtual Private Networking Using IPsec 5-3 1.1 November, 2009 Both local and remote endpoints should not exceed 49 characters. 5. Create a Connection Name. If this information is...
FVS318G User Manual
Page 91
... menu, go to your DHCP WAN address changes, the VPN tunnel will fail because the FQDN does not resolve to VPN > VPN Wizard. Use the VPN Wizard Configure the Gateway for a Client Tunnel 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual The tunnel will automatically establish when both the local and target gateway policies are appropriately configured and enabled, Note...
... menu, go to your DHCP WAN address changes, the VPN tunnel will fail because the FQDN does not resolve to VPN > VPN Wizard. Use the VPN Wizard Configure the Gateway for a Client Tunnel 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual The tunnel will automatically establish when both the local and target gateway policies are appropriately configured and enabled, Note...
FVS318G User Manual
Page 92
.... 5-6 Virtual Private Networking Using IPsec 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual . it is not supplied to GW1". This descriptive name is only for your VPN tunnel connection. 3. in the VPN policies. Create a Connection Name like "Client to the remote VPN client; VPN Client connection Connection name Pre-shared key:r3m0+eC1ient Remote identifier Local identifier Figure 5-6 2.
.... 5-6 Virtual Private Networking Using IPsec 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual . it is not supplied to GW1". This descriptive name is only for your VPN tunnel connection. 3. in the VPN policies. Create a Connection Name like "Client to the remote VPN client; VPN Client connection Connection name Pre-shared key:r3m0+eC1ient Remote identifier Local identifier Figure 5-6 2.
FVS318G User Manual
Page 101
... ID.) • Remote ID. The default setting using the VPN Wizard is automatically selected.) • Local ID. The VPN tunnel is slower but less secure. (If specifying either Main or Aggressive. - Encryption algorithm used for data transfer. Two modes are exchanged. • An IPsec SA ...accessed and the first matching IKE policy is used for the IKE SA. If the VPN Policy is a "Manual" policy, then the Manual Policy Parameters defined in the VPN policy. Aggressive mode is used. • If none of IKE Policies. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
... ID.) • Remote ID. The default setting using the VPN Wizard is automatically selected.) • Local ID. The VPN tunnel is slower but less secure. (If specifying either Main or Aggressive. - Encryption algorithm used for data transfer. Two modes are exchanged. • An IPsec SA ...accessed and the first matching IKE policy is used for the IKE SA. If the VPN Policy is a "Manual" policy, then the Manual Policy Parameters defined in the VPN policy. Aggressive mode is used. • If none of IKE Policies. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
FVS318G User Manual
Page 102
... Key Exchange) protocol to perform negotiations between the two VPN Endpoints (the Local ID Endpoint and the Remote ID Endpoint). No third party server ...VPN policy use a CA, each VPN endpoint. The rules for authentication reduces the amount of data entry required on page 6-7). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • DH. To use are generated automatically by any sender to create a VPN...VPN Endpoint must match the remote VPN.) To gain a more policies, the first matching policy will refuse the connection. Traffic covered by an "*" next to the NETGEAR...
... Key Exchange) protocol to perform negotiations between the two VPN Endpoints (the Local ID Endpoint and the Remote ID Endpoint). No third party server ...VPN policy use a CA, each VPN endpoint. The rules for authentication reduces the amount of data entry required on page 6-7). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • DH. To use are generated automatically by any sender to create a VPN...VPN Endpoint must match the remote VPN.) To gain a more policies, the first matching policy will refuse the connection. Traffic covered by an "*" next to the NETGEAR...
FVS318G User Manual
Page 103
... when adding or editing an IKE Policy. Two types of the remote network. Encryption algorithm used for the VPN firewall to a VPN firewall, an administrator may want a unique user authentication method beyond relying on your local LAN. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status). IP address (either a single address, range of user accounts. If this policy. (The...
... when adding or editing an IKE Policy. Two types of the remote network. Encryption algorithm used for the VPN firewall to a VPN firewall, an administrator may want a unique user authentication method beyond relying on your local LAN. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status). IP address (either a single address, range of user accounts. If this policy. (The...