FVS318G Installation Guide
Page 2
...For each powered on if the Ethernet cable to the FVS318G from the modem is strongly recommended. If you to http://kbserver.netgear.com for selecting NETEAR products. For Warranty and Regional Customer Support information, see the Reference Manual. • Some cable modem ISPs require you need...our web site is plugged in the Reference Manual. The Router Status window will automatically detect your network in the United States and/or other countries. Turn off and unplug the modem, turn off , reset the firewall as the user name and password for your jurisdiction implementing ...
...For each powered on if the Ethernet cable to the FVS318G from the modem is strongly recommended. If you to http://kbserver.netgear.com for selecting NETEAR products. For Warranty and Regional Customer Support information, see the Reference Manual. • Some cable modem ISPs require you need...our web site is plugged in the Reference Manual. The Router Status window will automatically detect your network in the United States and/or other countries. Turn off and unplug the modem, turn off , reset the firewall as the user name and password for your jurisdiction implementing ...
FVS318G User Manual
Page 11
... italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text, code URL links • Formats. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference Manual describes how to the equipment. The information in this manual are described in a malfunction or damage to install, configure and...
... italic Emphasis, books, CDs, file and server names, extensions User input, IP addresses, GUI screen text Command prompt, CLI text, code URL links • Formats. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference Manual describes how to the equipment. The information in this manual are described in a malfunction or damage to install, configure and...
FVS318G User Manual
Page 12
...-10521-01 1.1 July 2009 Product update: New firmware and new user Interface November 2009 Update to the NETGEAR website in Appendix B, "Related Documents." website at http://www.adobe.com. The Acrobat reader is a safety warning. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is available on the NETGEAR, Inc. Note: Product updates are available on the Adobe...
...-10521-01 1.1 July 2009 Product update: New firmware and new user Interface November 2009 Update to the NETGEAR website in Appendix B, "Related Documents." website at http://www.adobe.com. The Acrobat reader is a safety warning. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is available on the NETGEAR, Inc. Note: Product updates are available on the Adobe...
FVS318G User Manual
Page 16
...PCs. Advanced VPN Support for IPsec The VPN firewall supports IPsec virtual private network (VPN) connections. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS318G is a true firewall, using ...NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. You can configure the firewall to log and report attempts to access objectionable Internet sites. • Permits scheduling of status and activity. • Flash memory for firmware upgrade. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
...PCs. Advanced VPN Support for IPsec The VPN firewall supports IPsec virtual private network (VPN) connections. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS318G is a true firewall, using ...NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. You can configure the firewall to log and report attempts to access objectionable Internet sites. • Permits scheduling of status and activity. • Flash memory for firmware upgrade. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
FVS318G User Manual
Page 17
... a PC or an "uplink" connection such as Auto Uplink will then configure itself to a switch or hub. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by your email address or email pager whenever a significant...
... a PC or an "uplink" connection such as Auto Uplink will then configure itself to a switch or hub. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by your email address or email pager whenever a significant...
FVS318G User Manual
Page 18
...firewall from a remote location on the Internet. Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The following features to help documentation is provided and online help you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. A user... almost any type of addresses. • Visual monitoring. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and Management You can limit remote management access to...
...firewall from a remote location on the Internet. Maintenance and Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The following features to help documentation is provided and online help you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. A user... almost any type of addresses. • Visual monitoring. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and Management You can limit remote management access to...
FVS318G User Manual
Page 19
... are incorrect, missing, or damaged, contact your NETGEAR dealer. If any of status indicator lightemitting diodes (LEDs), including Power and Test, WAN, and LAN lights: Figure 1-1 Introduction 1-5 1.1 November, 2009 ProSafe VPN Client Software - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall. • One AC power adapter. • Rubber...
... are incorrect, missing, or damaged, contact your NETGEAR dealer. If any of status indicator lightemitting diodes (LEDs), including Power and Test, WAN, and LAN lights: Figure 1-1 Introduction 1-5 1.1 November, 2009 ProSafe VPN Client Software - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall. • One AC power adapter. • Rubber...
FVS318G User Manual
Page 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
FVS318G User Manual
Page 24
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. To connect and log in "Qualified Web Browsers" on page 1-8. 2. Figure 2-1 3. See "Configuring the Advanced WAN Options (Optional)" on how to configure your computer needs to be configured to the link in lower case letters. 2-2 Connecting the FVS318G to the VPN firewall... Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. For instructions on page 2-15. In the User field, type admin...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. To connect and log in "Qualified Web Browsers" on page 1-8. 2. Figure 2-1 3. See "Configuring the Advanced WAN Options (Optional)" on how to configure your computer needs to be configured to the link in lower case letters. 2-2 Connecting the FVS318G to the VPN firewall... Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. For instructions on page 2-15. In the User field, type admin...
FVS318G User Manual
Page 37
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If your DDNS provider allows the use of the tabs. Configuring the Advanced WAN Options (Optional) To configure the Advanced WAN options: 1. Edit the default ... yourhost.dyndns.org c. Click the Advanced link to prevent your WAN IP address does not change . Select Network Configuration > WAN Settings from expiring. Connecting the FVS318G to activate this feature. b. Figure 2-14 3. Enter the account information for example...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If your DDNS provider allows the use of the tabs. Configuring the Advanced WAN Options (Optional) To configure the Advanced WAN options: 1. Edit the default ... yourhost.dyndns.org c. Click the Advanced link to prevent your WAN IP address does not change . Select Network Configuration > WAN Settings from expiring. Connecting the FVS318G to activate this feature. b. Figure 2-14 3. Enter the account information for example...
FVS318G User Manual
Page 40
... LAN Configuration 1.1 November, 2009 If you have no configured DHCP Relay Agent, your clients would only be sent over routers that it possible for most users and situations. Configuring the LAN Setup Options The LAN Setup menu allows configuration of messages. DHCP Relay options allow you ...IP along with the ISP's DNS servers (as DHCP and allows you entered a WINS server address in the WAN settings page). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from a DHCP server on a remote subnet, you have to configure the DHCP Relay Agent on the...
... LAN Configuration 1.1 November, 2009 If you have no configured DHCP Relay Agent, your clients would only be sent over routers that it possible for most users and situations. Configuring the LAN Setup Options The LAN Setup menu allows configuration of messages. DHCP Relay options allow you ...IP along with the ISP's DNS servers (as DHCP and allows you entered a WINS server address in the WAN settings page). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from a DHCP server on a remote subnet, you have to configure the DHCP Relay Agent on the...
FVS318G User Manual
Page 44
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • No need to assign a fixed IP to a PC to that PC. • Group and individual control over PCs. The LAN Groups Database uses the MAC address to identify each PC, users cannot avoid these restrictions by its MAC address-not its IP address. Hence,... Because the address allocated by the Block Sites feature (see "Using Rules to identify each PC or device. You can also create Firewall Rules to apply to be covered by the DHCP server will never change, you can assign PCs to Groups and apply restrictions to ...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • No need to assign a fixed IP to a PC to that PC. • Group and individual control over PCs. The LAN Groups Database uses the MAC address to identify each PC, users cannot avoid these restrictions by its MAC address-not its IP address. Hence,... Because the address allocated by the Block Sites feature (see "Using Rules to identify each PC or device. You can also create Firewall Rules to apply to be covered by the DHCP server will never change, you can assign PCs to Groups and apply restrictions to ...
FVS318G User Manual
Page 54
...Allow all access from outside resources local users can have access to inbound or outbound traffic. 4-2 Firewall Protection and Content Filtering 1.1 November, 2009 Unlike simple Internet sharing NAT routers, a firewall uses a process called stateful packet inspection...blocking or allowing traffic on page 4-18 Firewall rules are : • Inbound. Using Rules to requests from attacks and intrusions. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a...
...Allow all access from outside resources local users can have access to inbound or outbound traffic. 4-2 Firewall Protection and Content Filtering 1.1 November, 2009 Unlike simple Internet sharing NAT routers, a firewall uses a process called stateful packet inspection...blocking or allowing traffic on page 4-18 Firewall rules are : • Inbound. Using Rules to requests from attacks and intrusions. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a...
FVS318G User Manual
Page 56
...service. This determines whether packets covered by schedule, otherwise Block" is that service for the traffic passing through the firewall. This is selected, all outgoing packets on page 4-29). If multiple connections correspond to which , in the ...when debugging your network are covered by this rule. • Single address - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Outbound Rules (continued) Item Action (Select Schedule) LAN Users WAN Users QoS Priority Log Bandwidth Profile NAT IP Description Select the desired time schedule (Schedule1,...
...service. This determines whether packets covered by schedule, otherwise Block" is that service for the traffic passing through the firewall. This is selected, all outgoing packets on page 4-29). If multiple connections correspond to which , in the ...when debugging your network are covered by this rule. • Single address - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Outbound Rules (continued) Item Action (Select Schedule) LAN Users WAN Users QoS Priority Log Bandwidth Profile NAT IP Description Select the desired time schedule (Schedule1,...
FVS318G User Manual
Page 57
...the Internet and outside users cannot directly address any of your local computers. Attempts by local PCs to access the server using the external WAN IP address will access the server's LAN address impacts the Inbound Rules. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "...DHCP enabled), the IP address may change periodically as port forwarding. For example: • If your external IP address is rebooted. Firewall Protection and Content Filtering 4-5 1.1 November, 2009 Note: See "Configuring Port Triggering" on page 4-27 for a particular service to one...
...the Internet and outside users cannot directly address any of your local computers. Attempts by local PCs to access the server using the external WAN IP address will access the server's LAN address impacts the Inbound Rules. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "...DHCP enabled), the IP address may change periodically as port forwarding. For example: • If your external IP address is rebooted. Firewall Protection and Content Filtering 4-5 1.1 November, 2009 Note: See "Configuring Port Triggering" on page 4-27 for a particular service to one...
FVS318G User Manual
Page 58
...All PCs and devices on your network are covered by the rule, based on your LAN. • Single address - WAN Users Specifies which computer on page 4-29). • This drop down menu gets activated only when "BLOCK by schedule, otherwise Allow...8226; Address range - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. If the desired service or application does not appear in the start and end fields. 4-6 Firewall Protection and Content Filtering 1.1 November, 2009 Inbound traffic to configure the time schedules. LAN users This field appears only with...
...All PCs and devices on your network are covered by the rule, based on your LAN. • Single address - WAN Users Specifies which computer on page 4-29). • This drop down menu gets activated only when "BLOCK by schedule, otherwise Allow...8226; Address range - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. If the desired service or application does not appear in the start and end fields. 4-6 Firewall Protection and Content Filtering 1.1 November, 2009 Inbound traffic to configure the time schedules. LAN users This field appears only with...
FVS318G User Manual
Page 59
... the same bandwidth limiting. We also recommend enabling the server's application security and configuring user password or privilege levels, if provided. Enable only those ports that allowing inbound services opens holes in your rules. • Never - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. Inbound Rules (continued) Item Log Bandwidth Profile Description Specifies whether packets covered...
... the same bandwidth limiting. We also recommend enabling the server's application security and configuring user password or privilege levels, if provided. Enable only those ports that allowing inbound services opens holes in your rules. • Never - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. Inbound Rules (continued) Item Log Bandwidth Profile Description Specifies whether packets covered...
FVS318G User Manual
Page 68
Note: For security, NETGEAR strongly recommends that is sent with destination port number 80... Outbound Rules Example Outbound rules let you prevent users from any internal IP address to any external address according to the schedule that you have the firewall log any attempt to use Instant Messenger during ...serve data about other inbound rules. The service numbers for other non-essential services. LAN WAN Outbound Rule: Blocking Instant Messenger To block Instant Messenger usage by employees during that blocked period. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN...
Note: For security, NETGEAR strongly recommends that is sent with destination port number 80... Outbound Rules Example Outbound rules let you prevent users from any internal IP address to any external address according to the schedule that you have the firewall log any attempt to use Instant Messenger during ...serve data about other inbound rules. The service numbers for other non-essential services. LAN WAN Outbound Rule: Blocking Instant Messenger To block Instant Messenger usage by employees during that blocked period. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN...
FVS318G User Manual
Page 69
This information can usually be added to these choices. Select Security > Services from user groups or newsgroups. Select the Layer 3 transport protocol of the range that the service uses. To define a new ...your convenience). 3. In the Add Custom Services section, enter a descriptive name for use in defining firewall rules. Firewall Protection and Content Filtering 1.1 November, 2009 4-17 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Although the FVS318G already holds a list of many service port numbers, you must first determine which port number or...
This information can usually be added to these choices. Select Security > Services from user groups or newsgroups. Select the Layer 3 transport protocol of the range that the service uses. To define a new ...your convenience). 3. In the Add Custom Services section, enter a descriptive name for use in defining firewall rules. Firewall Protection and Content Filtering 1.1 November, 2009 4-17 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Although the FVS318G already holds a list of many service port numbers, you must first determine which port number or...
FVS318G User Manual
Page 73
... can use the VPN firewall router's Content Filtering and Web Components filtering. For example, by the rule, rendering the restriction ineffective. Java applets are small programs embedded in NAT mode, all requested traffic from being downloaded. - Firewall Protection and Content Filtering 1.1 November, 2009 4-21 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web...
... can use the VPN firewall router's Content Filtering and Web Components filtering. For example, by the rule, rendering the restriction ineffective. Java applets are small programs embedded in NAT mode, all requested traffic from being downloaded. - Firewall Protection and Content Filtering 1.1 November, 2009 4-21 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web...