FVS318G User Manual
Page 5
... Installation and Management 1-4 Maintenance and Support 1-4 Package Contents ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the...
... Installation and Management 1-4 Maintenance and Support 1-4 Package Contents ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the...
FVS318G User Manual
Page 6
...3-9 Configuring DHCP Address Reservation 3-9 Configuring Multi Home LAN IP Addresses 3-10 Configuring Static Routes 3-11 Configuring Routing Information Protocol (RIP 3-13 Chapter 4 Firewall Protection and Content Filtering About Firewall Protection and Content Filtering 4-1 Using Rules to Block or... Allow Specific Kinds of Traffic 4-2 About Services-Based Rules 4-3 Viewing the Rules ...4-8 Order of Precedence for Rules 4-8 Setting the Default Outbound Policy ...
...3-9 Configuring DHCP Address Reservation 3-9 Configuring Multi Home LAN IP Addresses 3-10 Configuring Static Routes 3-11 Configuring Routing Information Protocol (RIP 3-13 Chapter 4 Firewall Protection and Content Filtering About Firewall Protection and Content Filtering 4-1 Using Rules to Block or... Allow Specific Kinds of Traffic 4-2 About Services-Based Rules 4-3 Viewing the Rules ...4-8 Order of Precedence for Rules 4-8 Setting the Default Outbound Policy ...
FVS318G User Manual
Page 8
...6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS... 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
...6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS... 8-3 Troubleshooting the ISP Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
FVS318G User Manual
Page 15
... Features of the VPN Firewall Router" on page 1-1 • "Package Contents" on page 1-5 • "Front Panel Features" on page 1-5 • "Rear Panel Features" on page 1-7 • "Default IP Address, Login Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on page 1-8 Key Features of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds...
... Features of the VPN Firewall Router" on page 1-1 • "Package Contents" on page 1-5 • "Front Panel Features" on page 1-5 • "Rear Panel Features" on page 1-7 • "Default IP Address, Login Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on page 1-8 Key Features of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds...
FVS318G User Manual
Page 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
FVS318G User Manual
Page 24
.... Optionally, you can change the factory default MTU size and port speed. For instructions on how to configure your computer needs to be configured to a ping, and you can enable each WAN port to respond to obtain an IP address automatically from the VPN firewall by DHCP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. However, these are in...
.... Optionally, you can change the factory default MTU size and port speed. For instructions on how to configure your computer needs to be configured to a ping, and you can enable each WAN port to respond to obtain an IP address automatically from the VPN firewall by DHCP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. However, these are in...
FVS318G User Manual
Page 33
...) to you in the following sections. The VPN firewall will attempt to connect to additional setup and management tasks. When you MUST use NAT. (the default setting). From the Internet, there is made, NETGEAR's Web site appears. Click Apply to save ...IP addresses are finished, click Logout or proceed to the NETGEAR Web site. Review the Domain Name Server (DNS) Servers options. Configuring the WAN Mode You must choose either NAT or classical routing, as explained in the fields. 11. Connecting the FVS318G to the previous settings.) 12. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
...) to you in the following sections. The VPN firewall will attempt to connect to additional setup and management tasks. When you MUST use NAT. (the default setting). From the Internet, there is made, NETGEAR's Web site appears. Click Apply to save ...IP addresses are finished, click Logout or proceed to the NETGEAR Web site. Review the Domain Name Server (DNS) Servers options. Configuring the WAN Mode You must choose either NAT or classical routing, as explained in the fields. 11. Connecting the FVS318G to the previous settings.) 12. ProSafe Gigabit 8 Port VPN Firewall FVS318G...
FVS318G User Manual
Page 37
For example, the wildcard feature will display. 2. If your WAN IP address does not change . Click Apply to the same IP address as yourhost.dyndns.org c. The Broadband ISP Settings screen will cause *.yourhost.dyndns.org to be aliased to save ... Broadband Options tab is displayed. Edit the default information you have chosen (for the service you want to the Internet 1.1 November, 2009 2-15 Enter the account information for example, user name, password, key, or domain). b. Figure 2-14 3. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If your DDNS provider allows...
For example, the wildcard feature will display. 2. If your WAN IP address does not change . Click Apply to the same IP address as yourhost.dyndns.org c. The Broadband ISP Settings screen will cause *.yourhost.dyndns.org to be aliased to save ... Broadband Options tab is displayed. Edit the default information you have chosen (for the service you want to the Internet 1.1 November, 2009 2-15 Enter the account information for example, user name, password, key, or domain). b. Figure 2-14 3. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. If your DDNS provider allows...
FVS318G User Manual
Page 39
...: 3-1 1.1 November, 2009 For most applications, the default DHCP and TCP/IP settings of your computers, clear the Enable DHCP server radio box by setting the Starting IP Address and Ending IP Address. Otherwise, leave it to assign IP, DNS server, WINS Server, and default gateway addresses to all of the VPN firewall are available for both the LAN...
...: 3-1 1.1 November, 2009 For most applications, the default DHCP and TCP/IP settings of your computers, clear the Enable DHCP server radio box by setting the Starting IP Address and Ending IP Address. Otherwise, leave it to assign IP, DNS server, WINS Server, and default gateway addresses to all of the VPN firewall are available for both the LAN...
FVS318G User Manual
Page 40
...The default values are suitable for all DHCP clients will act as DHCP and allows you entered a WINS server address in the LAN. When disabled, all DNS requests and communicate with the IP where the DNS Proxy is running, i.e. To enable clients to make the firewall a... dhcp relay agent. When the DNS Proxy option is enabled, the router will receive the DNS IP addresses of LAN IP services such as a proxy for most users and situations. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which...
...The default values are suitable for all DHCP clients will act as DHCP and allows you entered a WINS server address in the LAN. When disabled, all DNS requests and communicate with the IP where the DNS Proxy is running, i.e. To enable clients to make the firewall a... dhcp relay agent. When the DNS Proxy option is enabled, the router will receive the DNS IP addresses of LAN IP services such as a proxy for most users and situations. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which...
FVS318G User Manual
Page 42
... address is specified, the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is specified, the VPN firewall will be disconnected. Unless you assign. The IP address 192.168.1.100 is the default start address. • Ending IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. The subnet...
... address is specified, the VPN firewall will provide its own LAN IP address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is specified, the VPN firewall will be disconnected. Unless you assign. The IP address 192.168.1.100 is the default start address. • Ending IP Address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. The subnet...
FVS318G User Manual
Page 43
... the PC or device is enabled (the default), the DHCP server will provide the VPN firewall's LAN IP address as the DNS server for which IP addresses will be accurately determined, and will provide the ISP's DNS server IP addresses. Note: Once you do not need... by other network devices. All IP address assignments made by you can manually enter information about a network device. These requests also generate an entry in this box is discarded. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Lease Time. b. If this VPN firewall is scanned using ARP requests. ...
... the PC or device is enabled (the default), the DHCP server will provide the VPN firewall's LAN IP address as the DNS server for which IP addresses will be accurately determined, and will provide the ISP's DNS server IP addresses. Note: Once you do not need... by other network devices. All IP address assignments made by you can manually enter information about a network device. These requests also generate an entry in this box is discarded. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Lease Time. b. If this VPN firewall is scanned using ARP requests. ...
FVS318G User Manual
Page 45
..., you will be listed as "Unknown" (you can be assigned to update this IP address will be appended by clicking Edit. By default, a computer is chosen from the Group pull-down menu. • Action. For computers that do not support the NetBIOS protocol,.... • Group. For DHCP clients of the computer. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual The Known PCs and Devices table lists the entries in the LAN Groups Database. The current IP address of the VPN firewall, this entry manually if the IP address on the computer has been changed. • MAC Address...
..., you will be listed as "Unknown" (you can be assigned to update this IP address will be appended by clicking Edit. By default, a computer is chosen from the Group pull-down menu. • Action. For computers that do not support the NetBIOS protocol,.... • Group. For DHCP clients of the computer. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual The Known PCs and Devices table lists the entries in the LAN Groups Database. The current IP address of the VPN firewall, this entry manually if the IP address on the computer has been changed. • MAC Address...
FVS318G User Manual
Page 46
.... • Group. Reserved (DHCP Client). The device will be assigned. (Group 1 is Reserved (DHCP Client), the VPN firewall will reserve the IP address for DHCP assignment. 3-8 LAN Configuration 1.1 November, 2009 Enter the MAC address of addresses allocated to the MAC address ... follow these steps: 1. From the pull-down menu, choose how this device receives its IP address. If the IP Address Type is the default group.) 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Adding Devices to the LAN Groups Database To add devices manually to this client during...
.... • Group. Reserved (DHCP Client). The device will be assigned. (Group 1 is Reserved (DHCP Client), the VPN firewall will reserve the IP address for DHCP assignment. 3-8 LAN Configuration 1.1 November, 2009 Enter the MAC address of addresses allocated to the MAC address ... follow these steps: 1. From the pull-down menu, choose how this device receives its IP address. If the IP Address Type is the default group.) 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Adding Devices to the LAN Groups Database To add devices manually to this client during...
FVS318G User Manual
Page 47
...Groups Database By default, the LAN Groups are named Group1 through Group8. The Reserved IP address that computer or device will always receive the same IP address each time it accesses the VPN firewall's DHCP server. Click Apply to make that require permanent IP address settings. ... the MAC address of the device), that you specify a reserved IP address for editing. 3. Select and edit other group names if desired. 5. The Network Database Group Names tab appears. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing Group Names in the field. 4. You can rename...
...Groups Database By default, the LAN Groups are named Group1 through Group8. The Reserved IP address that computer or device will always receive the same IP address each time it accesses the VPN firewall's DHCP server. Click Apply to make that require permanent IP address settings. ... the MAC address of the device), that you specify a reserved IP address for editing. 3. Select and edit other group names if desired. 5. The Network Database Group Names tab appears. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing Group Names in the field. 4. You can rename...
FVS318G User Manual
Page 56
...by this rule are covered by this rule will be limited. Specifies whether the source IP address of Service (QoS) Priorities" on page 3-5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Specifies which this rule. Use the LAN Groups screen (under ...default, the priority shown is selected as Normal-Service), then the native priority of a bandwidth limiting profile. Select the desired action: • Always - Using a bandwidth profile, bandwidth consumed by schedule, otherwise Block" is that service for the traffic passing through the firewall...
...by this rule are covered by this rule will be limited. Specifies whether the source IP address of Service (QoS) Priorities" on page 3-5. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Specifies which this rule. Use the LAN Groups screen (under ...default, the priority shown is selected as Normal-Service), then the native priority of a bandwidth limiting profile. Select the desired action: • Always - Using a bandwidth profile, bandwidth consumed by schedule, otherwise Block" is that service for the traffic passing through the firewall...
FVS318G User Manual
Page 58
...Select the desired options: • Any - Enter the required address and the rule will be covered by the Default rule. Use the LAN Groups screen (under Network Configuration) to assign PCs to incoming traffic. See "Managing ...Firewall Protection and Content Filtering 1.1 November, 2009 LAN users This field appears only with NAT Routing (not Classical). Inbound traffic to LAN Server This field appears only with Classical Routing (not NAT). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. WAN Destination IP Specifies the destination IP...
...Select the desired options: • Any - Enter the required address and the rule will be covered by the Default rule. Use the LAN Groups screen (under Network Configuration) to assign PCs to incoming traffic. See "Managing ...Firewall Protection and Content Filtering 1.1 November, 2009 LAN users This field appears only with NAT Routing (not Classical). Inbound traffic to LAN Server This field appears only with Classical Routing (not NAT). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. WAN Destination IP Specifies the destination IP...
FVS318G User Manual
Page 61
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual and proceeding to the schedule created in the LAN WAN Rules tab: Firewall Protection and Content Filtering 4-9 1.1 November, 2009 In some cases, the order of precedence of two or more rules may be important in ... serious problems. To create a new outbound service rule in the Schedule menu. The default policy of Allow Always can also tailor these steps: 1. Change the Default Outbound Policy by choosing Block Always from an internal IP LAN address to an external WAN IP address according to the bottom, before applying the...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual and proceeding to the schedule created in the LAN WAN Rules tab: Firewall Protection and Content Filtering 4-9 1.1 November, 2009 In some cases, the order of precedence of two or more rules may be important in ... serious problems. To create a new outbound service rule in the Schedule menu. The default policy of Allow Always can also tailor these steps: 1. Change the Default Outbound Policy by choosing Block Always from an internal IP LAN address to an external WAN IP address according to the bottom, before applying the...
FVS318G User Manual
Page 72
Check the boxes for the Attack Checks you leave this checkbox. 4-20 Firewall Protection and Content Filtering 1.1 November, 2009 Respond To Ping On Internet Ports-By default, the VPN firewall does not respond to an ICMP Echo (ping) packet coming from the LAN, click this... attacker may also spoof the IP address of attack checks are : • WAN Security Checks - As a result, the victim host will not accept more than 20 simultaneous, active UDP connections from a SYN flood attack. • LAN Security Checks - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. A SYN ...
Check the boxes for the Attack Checks you leave this checkbox. 4-20 Firewall Protection and Content Filtering 1.1 November, 2009 Respond To Ping On Internet Ports-By default, the VPN firewall does not respond to an ICMP Echo (ping) packet coming from the LAN, click this... attacker may also spoof the IP address of attack checks are : • WAN Security Checks - As a result, the victim host will not accept more than 20 simultaneous, active UDP connections from a SYN flood attack. • LAN Security Checks - ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. A SYN ...
FVS318G User Manual
Page 103
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status). Each policy is used as a VPN concentrator where one or more convenient for the VPN tunnel. IP address or address range of user accounts. Authentication Algorithm used for the VPN firewall to authenticate users from the user, and a local ...Enable or Disable, as the default IP address when using the VPN Wizard is chosen, you to access individual policies to be covered by this is selected, the VPN firewall is given a unique name (the Connection Name when using the VPN Wizard). • Type. Traffic...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • ! (Status). Each policy is used as a VPN concentrator where one or more convenient for the VPN tunnel. IP address or address range of user accounts. Authentication Algorithm used for the VPN firewall to authenticate users from the user, and a local ...Enable or Disable, as the default IP address when using the VPN Wizard is chosen, you to access individual policies to be covered by this is selected, the VPN firewall is given a unique name (the Connection Name when using the VPN Wizard). • Type. Traffic...