FVS318G User Manual
Page 2
...or reliability, NETGEAR reserves the right to make changes to the products described in this equipment on the market and has been granted the right to test the series for Interference (VCCI) Statement This equipment is hereby certified that the ProSafe VPN Firewall has been .... Microsoft, Windows, Windows NT and Vista are registered trademarks of Microsoft Corporation.Other brand and product names are trademarks or registered trademarks of radio interference. © 2009 by Data Processing Equipment and Electronic Office Machines aimed at http://www.netgear.com/register, we...
...or reliability, NETGEAR reserves the right to make changes to the products described in this equipment on the market and has been granted the right to test the series for Interference (VCCI) Statement This equipment is hereby certified that the ProSafe VPN Firewall has been .... Microsoft, Windows, Windows NT and Vista are registered trademarks of Microsoft Corporation.Other brand and product names are trademarks or registered trademarks of radio interference. © 2009 by Data Processing Equipment and Electronic Office Machines aimed at http://www.netgear.com/register, we...
FVS318G User Manual
Page 18
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and Management You can limit remote management access to a specified remote IP address or range of ISP account. • VPN Wizard. The following features to the terms identified in diagnostic functions such as Windows, Macintosh, or Linux. The VPN firewall automatically senses the type of Internet connection, asking you only...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Easy Installation and Management You can limit remote management access to a specified remote IP address or range of ISP account. • VPN Wizard. The following features to the terms identified in diagnostic functions such as Windows, Macintosh, or Linux. The VPN firewall automatically senses the type of Internet connection, asking you only...
FVS318G User Manual
Page 26
...of the network connection. • Manual configuration of the submenu bar. • Submenu. Each option is detailed in the submenu). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. Tip: In the instructions in the center. Immediately below the main menu is the submenu, containing ... near the top of the currently selected primary category. • Tab. Configuring the Internet Connections To set up either a popup window or an advanced option menu. The horizontal grey bar immediately below the submenu bar, at the top of the tabs on a primary...
...of the network connection. • Manual configuration of the submenu bar. • Submenu. Each option is detailed in the submenu). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. Tip: In the instructions in the center. Immediately below the main menu is the submenu, containing ... near the top of the currently selected primary category. • Tab. Configuring the Internet Connections To set up either a popup window or an advanced option menu. The horizontal grey bar immediately below the submenu bar, at the top of the tabs on a primary...
FVS318G User Manual
Page 29
... ISP configuration failed, you are listed in the following this section, or see "Troubleshooting the ISP Connection" on page 8-4. Connecting the FVS318G to "Configuring the WAN Mode" on page 8-4. Manually Configuring the Internet Connection Unless your ISP automatically assigns your ISP in order to manually... Internet through the WAN port. If the configuration was successful, you can skip ahead to the Internet 2-7 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. A popup window appears, displaying the connection status of the screen.
... ISP configuration failed, you are listed in the following this section, or see "Troubleshooting the ISP Connection" on page 8-4. Connecting the FVS318G to "Configuring the WAN Mode" on page 8-4. Manually Configuring the Internet Connection Unless your ISP automatically assigns your ISP in order to manually... Internet through the WAN port. If the configuration was successful, you can skip ahead to the Internet 2-7 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. A popup window appears, displaying the connection status of the screen.
FVS318G User Manual
Page 42
.... 3. Specifies the first of a local Windows NetBios Server if one is specified, the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is present in your VPN firewall (factory default: 192.168.1.1). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. The IP address 192...
.... 3. Specifies the first of a local Windows NetBios Server if one is specified, the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is present in your VPN firewall (factory default: 192.168.1.1). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. The IP address 192...
FVS318G User Manual
Page 73
... types of these features are blocked by NETGEAR" message. You can use the VPN firewall router's Content Filtering and Web Components filtering. Proxy. By ... a "Blocked by a firewall rule, the requests can pass through the FVS318G. ActiveX. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is allowed. A malicious ...VPN tunnels that access them . all packets going to access a blocked site, they will pass through the proxy, thus circumventing certain firewall rules. For example, if connections to certain sites on a Windows...
... types of these features are blocked by NETGEAR" message. You can use the VPN firewall router's Content Filtering and Web Components filtering. Proxy. By ... a "Blocked by a firewall rule, the requests can pass through the FVS318G. ActiveX. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is allowed. A malicious ...VPN tunnels that access them . all packets going to access a blocked site, they will pass through the proxy, thus circumventing certain firewall rules. For example, if connections to certain sites on a Windows...
FVS318G User Manual
Page 93
... Create a Secure Connection From a PC with the NETGEAR Prosafe VPN Client installed, configure a VPN client policy to connect to configure your settings: the VPN Policies page shows the policy is enabled. Follow these steps to the FVS318G. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Right-click on the VPN client icon in your Windows toolbar, choose Security Policy Editor, and verify that...
... Create a Secure Connection From a PC with the NETGEAR Prosafe VPN Client installed, configure a VPN client policy to connect to configure your settings: the VPN Policies page shows the policy is enabled. Follow these steps to the FVS318G. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Right-click on the VPN client icon in your Windows toolbar, choose Security Policy Editor, and verify that...
FVS318G User Manual
Page 94
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. in this example, we are using gw1. Enter the FQDN address which the FVS318G VPN Wizard provided; Give the New Connection a name; In the upper left ) to the instructions below. • Under Connection Security, verify that the Secure... menu, choose IP Subnet. • Enter the LAN IP Subnet Address and Subnet Mask of the Policy Editor window, click the New Document icon (the first on the left of the FVS318G LAN; Figure 5-9 Fill in this example, we are using gw1_local.com. • From the second ID Type...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. in this example, we are using gw1. Enter the FQDN address which the FVS318G VPN Wizard provided; Give the New Connection a name; In the upper left ) to the instructions below. • Under Connection Security, verify that the Secure... menu, choose IP Subnet. • Enter the LAN IP Subnet Address and Subnet Mask of the Policy Editor window, click the New Document icon (the first on the left of the FVS318G LAN; Figure 5-9 Fill in this example, we are using gw1_local.com. • From the second ID Type...
FVS318G User Manual
Page 96
... needed . 5. In the upper left of the window, click the disk icon to match the policy on the router. • On the left, expand Authentication (Phase 1) and click Proposal 1: no changes are needed . • On the left, expand Key Exchange (Phase 2) and click Proposal 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4. Verify the Security Policy settings.
... needed . 5. In the upper left of the window, click the disk icon to match the policy on the router. • On the left, expand Authentication (Phase 1) and click Proposal 1: no changes are needed . • On the left, expand Key Exchange (Phase 2) and click Proposal 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4. Verify the Security Policy settings.
FVS318G User Manual
Page 97
...: Virtual Private Networking Using IPsec 1.1 November, 2009 5-11 Figure 5-13 The VPN client icon in your Windows toolbar and choose Connect..., then My Connections\gw1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Testing the Connections and Viewing Status Information Both the NETGEAR VPN Client and the FVS318G provide VPN connection and status information. To test the client connection, from your...
...: Virtual Private Networking Using IPsec 1.1 November, 2009 5-11 Figure 5-13 The VPN client icon in your Windows toolbar and choose Connect..., then My Connections\gw1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Testing the Connections and Viewing Status Information Both the NETGEAR VPN Client and the FVS318G provide VPN connection and status information. To test the client connection, from your...
FVS318G User Manual
Page 111
... to be configured in the Windows toolbar. Note: If RADIUS-PAP is not present, the VPN firewall will also be used internally). Enter the IP Subnet and Mask of the VPN firewall (this gateway (by default. Virtual Private Networking Using IPsec 1.1 November, 2009 5-25 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7. Enter a ... will need to specify the user name and password to see "Configuring XAUTH for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1.
... to be configured in the Windows toolbar. Note: If RADIUS-PAP is not present, the VPN firewall will also be used internally). Enter the IP Subnet and Mask of the VPN firewall (this gateway (by default. Virtual Private Networking Using IPsec 1.1 November, 2009 5-25 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7. Enter a ... will need to specify the user name and password to see "Configuring XAUTH for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1.
FVS318G User Manual
Page 112
...in the Windows toolbar and click Connect. Check the Enable Perfect Forward Secrecy (PFS) box, and choose the Diffie-Hellman Group 2 from the PFS Key Group pull-down menu, choose None. Enter the values to save the Security Policy and close the VPN ProSafe VPN client. The... of the menu and choose Proposal 1. f. c. On the left -side of the VPN firewall; From the ID Type pull-down menu and enter the WAN IP address of the menu and choose Proposal 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual e. b. Note: If no box is "local_id.com". e. Enable Replay ...
...in the Windows toolbar and click Connect. Check the Enable Perfect Forward Secrecy (PFS) box, and choose the Diffie-Hellman Group 2 from the PFS Key Group pull-down menu, choose None. Enter the values to save the Security Policy and close the VPN ProSafe VPN client. The... of the menu and choose Proposal 1. f. c. On the left -side of the VPN firewall; From the ID Type pull-down menu and enter the WAN IP address of the menu and choose Proposal 1. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual e. b. Note: If no box is "local_id.com". e. Enable Replay ...
FVS318G User Manual
Page 115
...VPN tunnel. Enter the Detection Period to the desired VPN policy. Configuring NetBIOS Bridging with VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for hosts on a configured VPN...FVS318G to Enable Dead Peer Detection. 5. To enable NetBIOS bridging on opposite ends of a VPN connection. The default is 3 failures. Because VPN routers do not normally pass NetBIOS traffic, these steps: 1. Click the VPN.... 6. Select VPN > Policies from the main menu. 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. When the FVS318G senses an IKE...
...VPN tunnel. Enter the Detection Period to the desired VPN policy. Configuring NetBIOS Bridging with VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for hosts on a configured VPN...FVS318G to Enable Dead Peer Detection. 5. To enable NetBIOS bridging on opposite ends of a VPN connection. The default is 3 failures. Because VPN routers do not normally pass NetBIOS traffic, these steps: 1. Click the VPN.... 6. Select VPN > Policies from the main menu. 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. When the FVS318G senses an IKE...
FVS318G User Manual
Page 117
... user requires a User Name and a Password. The guest can login and reconfigure the VPN firewall. The login window presented to the default domain (geardomain). 6-1 1.1 November, 2009 Users connecting to the VPN firewall must be authenticated before being allowed to access the VPN firewall or the VPN-protected network. Chapter 6 Managing Users, Authentication, and Certificates This chapter contains the...
... user requires a User Name and a Password. The guest can login and reconfigure the VPN firewall. The login window presented to the default domain (geardomain). 6-1 1.1 November, 2009 Users connecting to the VPN firewall must be authenticated before being allowed to access the VPN firewall or the VPN-protected network. Chapter 6 Managing Users, Authentication, and Certificates This chapter contains the...
FVS318G User Manual
Page 118
Select Edit Admin Settings in the User Selection window. Figure 6-1 3. Click Apply. 6-2 Managing Users, Authentication, and Certificates 1.1 November, 2009 If you are changing the administrator name, enter the new name and the old administrator password (default is password). 4. If you want to change the administrator name or password: 1. Select Users. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Administrator Login To change the password, enter and reenter the new pasword. 5. The Users screen will display. 2.
Select Edit Admin Settings in the User Selection window. Figure 6-1 3. Click Apply. 6-2 Managing Users, Authentication, and Certificates 1.1 November, 2009 If you are changing the administrator name, enter the new name and the old administrator password (default is password). 4. If you want to change the administrator name or password: 1. Select Users. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Administrator Login To change the password, enter and reenter the new pasword. 5. The Users screen will display. 2.
FVS318G User Manual
Page 119
... Guest Settings in the User Selection window. If you are changing the guest name, enter the new name and the old password (default is the period at which an idle user will display. 2. Click Apply. Idle Timeout. Managing Users, Authentication, and Certificates 6-3 1.1 November, 2009 Figure 6-2 3. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Guest...
... Guest Settings in the User Selection window. If you are changing the guest name, enter the new name and the old password (default is the period at which an idle user will display. 2. Click Apply. Idle Timeout. Managing Users, Authentication, and Certificates 6-3 1.1 November, 2009 Figure 6-2 3. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Guest...
FVS318G User Manual
Page 120
... window. The default passwords for the administrator. To modify User or Admin settings: 6-4 Managing Users, Authentication, and Certificates 1.1 November, 2009 Select Users. Administrator access is read/ write and guest access is password. ProSafe Gigabit 8 Port VPN Firewall FVS318G ...Reference Manual Setting administrator timeout and domain display name You can set the timeout for the firewall's Web Configuration Manager is read-only. Figure 6-3 3. To ...
... window. The default passwords for the administrator. To modify User or Admin settings: 6-4 Managing Users, Authentication, and Certificates 1.1 November, 2009 Select Users. Administrator access is read/ write and guest access is password. ProSafe Gigabit 8 Port VPN Firewall FVS318G ...Reference Manual Setting administrator timeout and domain display name You can set the timeout for the firewall's Web Configuration Manager is read-only. Figure 6-3 3. To ...
FVS318G User Manual
Page 123
...Factor Authentication" for secure web management. Managing Certificates The FVS318G uses Digital Certificates (also known as X509 Certificates) during the Internet Key Exchange (IKE) authentication phase to authenticate connecting VPN gateways or clients, or to be authenticated by an ...certificate acceptance criteria in the following table: Table 6-1. WiKID is a simple protocol in -house Windows server, or by remote entities. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual When specifying RADIUS domain authentication, you are extended for secure web access connections over ...
...Factor Authentication" for secure web management. Managing Certificates The FVS318G uses Digital Certificates (also known as X509 Certificates) during the Internet Key Exchange (IKE) authentication phase to authenticate connecting VPN gateways or clients, or to be authenticated by an ...certificate acceptance criteria in the following table: Table 6-1. WiKID is a simple protocol in -house Windows server, or by remote entities. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual When specifying RADIUS domain authentication, you are extended for secure web access connections over ...
FVS318G User Manual
Page 142
..., such as the default user policy, are using a dynamic DNS service such as practical. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual c. Note: If you are using a Windows computer with a browser via SSL, you are unable to remotely connect to use strong passwords....FVS318G will be enabled. To allow access from the Internet, the Secure Sockets Layer (SSL) will enter https:// (not http://) and type your firewall's WAN IP address into your browser: https://172.16.0.123 The VPN firewall's remote login URL is displayed. 7-12 1.1 November, 2009 Router...
..., such as the default user policy, are using a dynamic DNS service such as practical. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual c. Note: If you are using a Windows computer with a browser via SSL, you are unable to remotely connect to use strong passwords....FVS318G will be enabled. To allow access from the Internet, the Secure Sockets Layer (SSL) will enter https:// (not http://) and type your firewall's WAN IP address into your browser: https://172.16.0.123 The VPN firewall's remote login URL is displayed. 7-12 1.1 November, 2009 Router...
FVS318G User Manual
Page 153
... "Restoring the Default Configuration and Password" on the same subnet as 169.254.x.x: Windows and MacOS will set the VPN firewall's IP address to capture packets sent during the reboot. If your IP address is shown as the VPN firewall. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting the Web Configuration Interface If you are unable to access the...
... "Restoring the Default Configuration and Password" on the same subnet as 169.254.x.x: Windows and MacOS will set the VPN firewall's IP address to capture packets sent during the reboot. If your IP address is shown as the VPN firewall. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting the Web Configuration Interface If you are unable to access the...