FVS318G Installation Guide
Page 1
... be green for 1000 Mbps, amber for 100 Mbps, and off your computer. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to set up your FVS318G, turn it is still on, see the Troubleshooting Tips in this guide. • WAN. ...FVS318G (the Yellow NETGEAR Cable in the diagram below) into a LAN port on the firewall such as shown in point B of the next diagram. D Yellow NEGEAR Cable C VPN Firewall B Internet Local Ports Modem Your network cables are connected and you can also consult the documentation links on when the router...
... be green for 1000 Mbps, amber for 100 Mbps, and off your computer. )NSTALLATION'UIDE ProSafe Gigabit 8 Port VPN Firewall FVS318G Start Here Follow these instructions to set up your FVS318G, turn it is still on, see the Troubleshooting Tips in this guide. • WAN. ...FVS318G (the Yellow NETGEAR Cable in the diagram below) into a LAN port on the firewall such as shown in point B of the next diagram. D Yellow NEGEAR Cable C VPN Firewall B Internet Local Ports Modem Your network cables are connected and you can also consult the documentation links on when the router...
FVS318G Installation Guide
Page 2
...require you can use the MAC address of within two minutes of turning the firewall on, or if the Test light does not go off the FVS318G, and shut down the computer. 2. NETGEAR and the NETGEAR logo are some tips for correcting common problems you for selecting NETEAR products.... restart your network in this sequence: 1. Enter admin as described in Ethernet cable, the corresponding FVS318G LAN port LED will display. 3. Turn on the FVS318G and wait one minute. 4. The Router Status window will be configured to use our telephone support service. Turn off and unplug the modem...
...require you can use the MAC address of within two minutes of turning the firewall on, or if the Test light does not go off the FVS318G, and shut down the computer. 2. NETGEAR and the NETGEAR logo are some tips for correcting common problems you for selecting NETEAR products.... restart your network in this sequence: 1. Enter admin as described in Ethernet cable, the corresponding FVS318G LAN port LED will display. 3. Turn on the FVS318G and wait one minute. 4. The Router Status window will be configured to use our telephone support service. Turn off and unplug the modem...
FVS318G User Manual
Page 5
... ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode...
... ...1-5 Front Panel Features ...1-5 Rear Panel Features ...1-7 Default IP Address, Login Name, and Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS318G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode...
FVS318G User Manual
Page 7
... FVS318G VPN Connection Status and Logs 5-13 Managing VPN Policies 5-14 Managing IKE Policies 5-14 Managing VPN Policies 5-16 Configuring Extended Authentication (XAUTH 5-17 Configuring XAUTH for VPN Clients 5-18 User Database Configuration 5-19 RADIUS Client Configuration 5-19 Assigning IP Addresses to Remote Users (ModeConfig 5-21 Mode Config Operation 5-22 Configuring the VPN Firewall Router 5-22 Configuring the ProSafe VPN...
... FVS318G VPN Connection Status and Logs 5-13 Managing VPN Policies 5-14 Managing IKE Policies 5-14 Managing VPN Policies 5-16 Configuring Extended Authentication (XAUTH 5-17 Configuring XAUTH for VPN Clients 5-18 User Database Configuration 5-19 RADIUS Client Configuration 5-19 Assigning IP Addresses to Remote Users (ModeConfig 5-21 Mode Config Operation 5-22 Configuring the VPN Firewall Router 5-22 Configuring the ProSafe VPN...
FVS318G User Manual
Page 8
... Self Certificates 6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS to Shift the... Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
... Self Certificates 6-11 Obtaining a Self Certificate from a Certificate Authority 6-11 Managing your Certificate Revocation List (CRL 6-14 Chapter 7 Router and Network Management Performance Management 7-1 Bandwidth Capacity 7-1 Features That Reduce Traffic 7-2 Features That Increase Traffic 7-5 Using QoS to Shift the... Connection 8-4 Troubleshooting a TCP/IP Network Using a Ping Utility 8-5 Testing the LAN Path to Your VPN Firewall Router 8-5 Testing the Path from Your PC to a Remote Device 8-6 Restoring the Default Configuration and Password 8-7 viii Contents 1.1 November, 2009
FVS318G User Manual
Page 15
...Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. In addition to the Internet through an external access device such as a cable modem or DSL modem. The use the firewall within minutes. The FVS318G is a complete security solution that rely on time-of the VPN Firewall Router The VPN firewall..., you from attacks and intrusions. The VPN firewall provides you with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Chapter 1 Introduction The ProSafe VPN Firewall connects your network from hackers. both via...
...Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. In addition to the Internet through an external access device such as a cable modem or DSL modem. The use the firewall within minutes. The FVS318G is a complete security solution that rely on time-of the VPN Firewall Router The VPN firewall..., you from attacks and intrusions. The VPN firewall provides you with multiple Web content filtering options, plus browsing activity reporting and instant alerts - Chapter 1 Introduction The ProSafe VPN Firewall connects your network from hackers. both via...
FVS318G User Manual
Page 16
... license of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. You can control access to Internet content by screening for IPsec The VPN firewall supports IPsec virtual private network (VPN) connections. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central...
... license of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. You can control access to Internet content by screening for IPsec The VPN firewall supports IPsec virtual private network (VPN) connections. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central...
FVS318G User Manual
Page 18
... Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. A user-friendly Setup Wizard is provided and online help you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the terms identified in diagnostic functions such as Windows, Macintosh, or Linux. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference...
... Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. A user-friendly Setup Wizard is provided and online help you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the terms identified in diagnostic functions such as Windows, Macintosh, or Linux. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference...
FVS318G User Manual
Page 23
...in to the VPN Firewall Router. See the installation guide for complete steps. Log in the installation guide. See "Logging into the VPN Firewall Router Router" on page ...Chapter 2 Connecting the FVS318G to the Internet The initial Internet configuration of your VPN firewall. 1. After logging ...NETGEAR website at: http:// kbserver.netgear.com. 2. Configure your fully qualified domain names during this phase, you are required to your network. A PDF of the Installation Guide is described in , you will connect to complete the basic Internet connection of the ProSafe VPN Firewall...
...in to the VPN Firewall Router. See the installation guide for complete steps. Log in the installation guide. See "Logging into the VPN Firewall Router Router" on page ...Chapter 2 Connecting the FVS318G to the Internet The initial Internet configuration of your VPN firewall. 1. After logging ...NETGEAR website at: http:// kbserver.netgear.com. 2. Configure your fully qualified domain names during this phase, you are required to your network. A PDF of the Installation Guide is described in , you will connect to complete the basic Internet connection of the ProSafe VPN Firewall...
FVS318G User Manual
Page 24
...entries are advanced features and changing them is not usually required. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. To connect and log in to a ping, and you can ...in the browser. Each of these steps: 1. Configure the WAN options (optional). The Manager login features appear in the address field. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. In the User field, type admin 4. Optionally, you can enable each WAN port to respond to the...
...entries are advanced features and changing them is not usually required. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. To connect and log in to a ping, and you can ...in the browser. Each of these steps: 1. Configure the WAN options (optional). The Manager login features appear in the address field. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. In the User field, type admin 4. Optionally, you can enable each WAN port to respond to the...
FVS318G User Manual
Page 25
The Web Configuration Manager appears, displaying the Router Status menu: Figure 2-2 Navigating the Menus The Web Configuration Manager menus are organized in a layered structure of main categories and submenus: Connecting the FVS318G to the Internet 2-3 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5. Click Login.
The Web Configuration Manager appears, displaying the Router Status menu: Figure 2-2 Navigating the Menus The Web Configuration Manager menus are organized in a layered structure of main categories and submenus: Connecting the FVS318G to the Internet 2-3 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5. Click Login.
FVS318G User Manual
Page 34
... of static IP addresses to you, and you have a valid static Internet IP address. Click the setting you can view the Router Status page (see "Monitoring VPN Tunnel Connection Status" on page 9-14) or look at the LEDs on the front panel (see "Front Panel Features" on page... of these addresses to each PC on your LAN must have assigned one inbound mapping is configured using an inbound firewall rule. The WAN Mode screen displays. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • If your ISP has provided you with multiple public IP addresses, you can use classical routing...
... of static IP addresses to you, and you have a valid static Internet IP address. Click the setting you can view the Router Status page (see "Monitoring VPN Tunnel Connection Status" on page 9-14) or look at the LEDs on the front panel (see "Front Panel Features" on page... of these addresses to each PC on your LAN must have assigned one inbound mapping is configured using an inbound firewall rule. The WAN Mode screen displays. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • If your ISP has provided you with multiple public IP addresses, you can use classical routing...
FVS318G User Manual
Page 35
... register an extension to its domain, and restores DNS requests for the resulting FQDN to your frequently-changing IP address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Configuring Dynamic DNS (Optional) Dynamic DNS (DDNS) is an Internet service that notifies dynamic DNS servers of ... address, you can change frequently-hence, the need for your convenience on the Dynamic DNS Configuration screen.) The VPN firewall firmware includes software that allows routers with your IP address will not be located using Internet domain names. To use DDNS, you will not know...
... register an extension to its domain, and restores DNS requests for the resulting FQDN to your frequently-changing IP address. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Configuring Dynamic DNS (Optional) Dynamic DNS (DDNS) is an Internet service that notifies dynamic DNS servers of ... address, you can change frequently-hence, the need for your convenience on the Dynamic DNS Configuration screen.) The VPN firewall firmware includes software that allows routers with your IP address will not be located using Internet domain names. To use DDNS, you will not know...
FVS318G User Manual
Page 38
... is Use default address. However, if your ISP expects. 2-16 Connecting the FVS318G to reduce the MTU. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. For some ISPs, you know the Ethernet port speed that your... ISP requires MAC authentication, then select either of these options: • Use this Computer's MAC address to have the VPN firewall use the MAC address of the WAN port. Port Speed. otherwise, select 10M. Each computer or router...
... is Use default address. However, if your ISP expects. 2-16 Connecting the FVS318G to reduce the MTU. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. For some ISPs, you know the Ethernet port speed that your... ISP requires MAC authentication, then select either of these options: • Use this Computer's MAC address to have the VPN firewall use the MAC address of the WAN port. Port Speed. otherwise, select 10M. Each computer or router...
FVS318G User Manual
Page 40
... IP address). • WINS Server (if you have no configured DHCP Relay Agent, your DHCP server. the box's LAN IP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which is not located on the local subnet. To enable clients to obtain IP ... to configure the DHCP Relay Agent on the same subnet. The DHCP Relay Agent makes it can relay DHCP broadcast messages to be sent over routers that enables DHCP clients to obtain IP addresses from the range you entered a WINS server address in the DHCP Setup menu). • Lease Time...
... IP address). • WINS Server (if you have no configured DHCP Relay Agent, your DHCP server. the box's LAN IP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the DHCP server which is not located on the local subnet. To enable clients to obtain IP ... to configure the DHCP Relay Agent on the same subnet. The DHCP Relay Agent makes it can relay DHCP broadcast messages to be sent over routers that enables DHCP clients to obtain IP addresses from the range you entered a WINS server address in the DHCP Setup menu). • Lease Time...
FVS318G User Manual
Page 51
... adapt to the right of the tab. Select Network Configuration > Routing from other routers. The RIP Configuration menu is disabled by default. Figure 3-7 3. From the RIP Direction pull-down menu, choose the direction in internal networks (LANs). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Configuring Routing Information Protocol (RIP) RIP (Routing Information Protocol, RFC 2453...
... adapt to the right of the tab. Select Network Configuration > Routing from other routers. The RIP Configuration menu is disabled by default. Figure 3-7 3. From the RIP Direction pull-down menu, choose the direction in internal networks (LANs). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Configuring Routing Information Protocol (RIP) RIP (Routing Information Protocol, RFC 2453...
FVS318G User Manual
Page 52
... information. RIP-2B. Supports subnet information. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Both. This is the most commonly supported version. • RIP-2. Sends the routing data in RIP-2 format and uses subnet broadcasting. - The VPN firewall broadcasts its routing table and also processes RIP information received from other routers, but does not broadcast its routing table...
... information. RIP-2B. Supports subnet information. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Both. This is the most commonly supported version. • RIP-2. Sends the routing data in RIP-2 format and uses subnet broadcasting. - The VPN firewall broadcasts its routing table and also processes RIP information received from other routers, but does not broadcast its routing table...
FVS318G User Manual
Page 53
...Profile" on page 4-30 • "Configuring Session Limits" on time-of the ProSafe VPN Firewall to protect your LAN) from another (the untrusted network, such as chat or games. Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features ...of -day, Web addresses and Web address keywords. Network administrators can establish restricted access policies based on page 4-31 • "E-Mail Notifications of router that protects...
...Profile" on page 4-30 • "Configuring Session Limits" on time-of the ProSafe VPN Firewall to protect your LAN) from another (the untrusted network, such as chat or games. Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features ...of -day, Web addresses and Web address keywords. Network administrators can establish restricted access policies based on page 4-31 • "E-Mail Notifications of router that protects...
FVS318G User Manual
Page 54
... outsiders to private resources, selectively allowing only specific outside except responses to protect your network from the LAN side. • Outbound. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for blocking or allowing traffic on the...
... outsiders to private resources, selectively allowing only specific outside except responses to protect your network from the LAN side. • Outbound. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for blocking or allowing traffic on the...
FVS318G User Manual
Page 55
...lists the configured rules for outgoing connections covered by this QoS priority if desired to change the traffic mix through the router. Firewall Protection and Content Filtering 4-3 1.1 November, 2009 Additional services can then have rules defined for jitter or delays. ...QoS) Priorities" on your network. ALLOW rules are based on page 4-16. • Quality of Service (QoS) priorities. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About Services-Based Rules The rules to block traffic are only useful if the traffic is defined by a BLOCK rule...
...lists the configured rules for outgoing connections covered by this QoS priority if desired to change the traffic mix through the router. Firewall Protection and Content Filtering 4-3 1.1 November, 2009 Additional services can then have rules defined for jitter or delays. ...QoS) Priorities" on your network. ALLOW rules are based on page 4-16. • Quality of Service (QoS) priorities. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About Services-Based Rules The rules to block traffic are only useful if the traffic is defined by a BLOCK rule...