FVS318G Installation Guide
Page 2
The Router Status window will automatically detect your MAC address. If you are correct. • Ethernet cable and wirelessly connected computers should be on if the Ethernet ... treated and recycled in securely and the modem and FVS318G are registered trademarks of your product at http://www.netgear.com/register. If the FVS318G Power light does not turn off , reset the firewall as the user name and password for selecting NETEAR products. See the Reference Manual for information on , or if the Test light...
The Router Status window will automatically detect your MAC address. If you are correct. • Ethernet cable and wirelessly connected computers should be on if the Ethernet ... treated and recycled in securely and the modem and FVS318G are registered trademarks of your product at http://www.netgear.com/register. If the FVS318G Power light does not turn off , reset the firewall as the user name and password for selecting NETEAR products. See the Reference Manual for information on , or if the Test light...
FVS318G User Manual
Page 11
... Ignoring this manual are described in the following paragraphs: • Typographical Conventions. xi 1.1 November, 2009 This manual uses the following typographical conventions:: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP ... note may result in this manual is used to install, configure and troubleshoot the ProSafe VPN Firewall. The information in a malfunction or damage to the equipment. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference Manual describes how to highlight a procedure...
... Ignoring this manual are described in the following paragraphs: • Typographical Conventions. xi 1.1 November, 2009 This manual uses the following typographical conventions:: Italic Bold Fixed italic Emphasis, books, CDs, file and server names, extensions User input, IP ... note may result in this manual is used to install, configure and troubleshoot the ProSafe VPN Firewall. The information in a malfunction or damage to the equipment. About This Manual The NETGEAR® FVS318G ProSafe™ Gigabit 8 Port VPN Firewall Reference Manual describes how to highlight a procedure...
FVS318G User Manual
Page 12
... sheet of this manual, your printer supports printing two pages on the Adobe Web site at http://kbserver.netgear.com/products/FVS318G.asp. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is written for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe VPN Firewall ... update: New firmware and new user Interface November 2009 Update to take heed of paper, you can save paper and printer ink by selecting this feature. Failure to LAN and Firewall configuration xii About This Manual 1.1 November, 2009
... sheet of this manual, your printer supports printing two pages on the Adobe Web site at http://kbserver.netgear.com/products/FVS318G.asp. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Danger: This is written for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe VPN Firewall ... update: New firmware and new user Interface November 2009 Update to take heed of paper, you can save paper and printer ink by selecting this feature. Failure to LAN and Firewall configuration xii About This Manual 1.1 November, 2009
FVS318G User Manual
Page 16
...-NAT support.Login capability. • Front panel LEDs for easy monitoring of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. Remote access by telecommuters requires the...
...-NAT support.Login capability. • Front panel LEDs for easy monitoring of the NETGEAR ProSafe VPN Client software (VPN01L) • Supports 5 concurrent IPsec VPN tunnels. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Built-in eight-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for extremely fast data transfer between a central office and telecommuters. Remote access by telecommuters requires the...
FVS318G User Manual
Page 17
Autosensing Ethernet Connections with Auto Uplink With its own address as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by NAT. This technique, known as a DNS server to the attached PCs....of Service (QoS) support for connecting remote hosts to attached PCs on your email address or email pager whenever a significant event occurs. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as EnterNet or WinPOET on page C-3. • IP Address Sharing by DHCP. This feature greatly ...
Autosensing Ethernet Connections with Auto Uplink With its own address as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by NAT. This technique, known as a DNS server to the attached PCs....of Service (QoS) support for connecting remote hosts to attached PCs on your email address or email pager whenever a significant event occurs. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Logs security events such as EnterNet or WinPOET on page C-3. • IP Address Sharing by DHCP. This feature greatly ...
FVS318G User Manual
Page 18
... Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels ...VPN routers and clients. • Diagnostic Functions. The firewall allows you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. A user-friendly Setup Wizard is built into the browser-based Web Management Interface. • Auto Detection of ISP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
... Support NETGEAR offers the following features simplify installation and management tasks: • Browser-Based Management. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels ...VPN routers and clients. • Diagnostic Functions. The firewall allows you can install, configure, and operate the ProSafe VPN Firewallwithin minutes after connecting it to the network. A user-friendly Setup Wizard is built into the browser-based Web Management Interface. • Auto Detection of ISP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...
FVS318G User Manual
Page 19
... and other helpful information. - one user license. • Warranty Information and Technical Support card. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall. • One AC power adapter. • Rubber feet. • One Category 5e (Cat5e) Ethernet cable (yellow). • ProSafe Gigabit 8 Port VPN Firewall FVS318G Installation Guide • Resource CD, including...
... and other helpful information. - one user license. • Warranty Information and Technical Support card. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall. • One AC power adapter. • Rubber feet. • One Category 5e (Cat5e) Ethernet cable (yellow). • ProSafe Gigabit 8 Port VPN Firewall FVS318G Installation Guide • Resource CD, including...
FVS318G User Manual
Page 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of the FVS318G's enclosure if you need a reminder of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe VPN Firewall, an administrator must use Internet Explorer 5.1 or higher, Apple Safari 1.2 or higher, or Mozilla Firefox l.x Web browser with JavaScript, and cookies enabled. 1-8 Introduction 1.1 November, 2009
FVS318G User Manual
Page 24
...to the link in "Qualified Web Browsers" on page 2-15. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. Enter http://192.168.1.1 in the browser. The Manager login features ... default MTU size and port speed. Each of the qualified browsers, as detailed in Appendix B, "Related Documents. In the User field, type admin 4. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Figure 2-1 3. Optionally, you can enable each WAN port to respond to the...
...to the link in "Qualified Web Browsers" on page 2-15. Logging into the VPN Firewall Router Router To connect to the VPN firewall, your computer for DHCP, refer to obtain an IP address automatically from the VPN firewall by DHCP. Enter http://192.168.1.1 in the browser. The Manager login features ... default MTU size and port speed. Each of the qualified browsers, as detailed in Appendix B, "Related Documents. In the User field, type admin 4. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Figure 2-1 3. Optionally, you can enable each WAN port to respond to the...
FVS318G User Manual
Page 37
... you want to change often, you may need to force a periodic update to the DDNS service to the same IP address as yourhost.dyndns.org c. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Figure 2-14 3. Enter the account information for example, user name, password, key, or domain). Connecting the...
... you want to change often, you may need to force a periodic update to the DDNS service to the same IP address as yourhost.dyndns.org c. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual a. Figure 2-14 3. Enter the account information for example, user name, password, key, or domain). Connecting the...
FVS318G User Manual
Page 40
..., i.e. Configuring the LAN Setup Options The LAN Setup menu allows configuration of LAN IP services such as a DHCP relay agent for most users and situations. Note: If you enable the DHCP Relay feature, you will receive the DNS IP addresses of the ISP excluding the DNS ... Proxy option is on the local subnet. the box's LAN IP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the range you have no configured DHCP Relay Agent, your clients would only be sent over routers that do not support forwarding of these types of messages. DHCP Relay...
..., i.e. Configuring the LAN Setup Options The LAN Setup menu allows configuration of LAN IP services such as a DHCP relay agent for most users and situations. Note: If you enable the DHCP Relay feature, you will receive the DNS IP addresses of the ISP excluding the DNS ... Proxy option is on the local subnet. the box's LAN IP. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • An IP Address from the range you have no configured DHCP Relay Agent, your clients would only be sent over routers that do not support forwarding of these types of messages. DHCP Relay...
FVS318G User Manual
Page 44
... screen (see "Blocking Internet Sites (Content Filtering)" on page 4-24). Because the MAC address is used to identify each PC, users cannot avoid these restrictions by changing their IP address. • A computer is identified by the DHCP server will never change, you can assign ... select the Groups to be covered by the Block Sites feature (see "Using Rules to Block or Allow Specific Kinds of Traffic" on PCs. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • No need to assign a fixed IP to a PC to ensure it always has the same IP address. • MAC level control...
... screen (see "Blocking Internet Sites (Content Filtering)" on page 4-24). Because the MAC address is used to identify each PC, users cannot avoid these restrictions by changing their IP address. • A computer is identified by the DHCP server will never change, you can assign ... select the Groups to be covered by the Block Sites feature (see "Using Rules to Block or Allow Specific Kinds of Traffic" on PCs. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • No need to assign a fixed IP to a PC to ensure it always has the same IP address. • MAC level control...
FVS318G User Manual
Page 54
.... Outbound rules (LAN to WAN) determine what outside users to an outgoing request, but true Stateful Packet Inspection goes far beyond NAT. A firewall has two default rules, one for inbound traffic and one side to . ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker...
.... Outbound rules (LAN to WAN) determine what outside users to an outgoing request, but true Stateful Packet Inspection goes far beyond NAT. A firewall has two default rules, one for inbound traffic and one side to . ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker...
FVS318G User Manual
Page 56
... in turn, determines the quality of Service (QoS) Priorities" on WAN will be the WAN interface address or a specified address. If the user does not make a selection (leaves it matches or not. Select the desired action: • Always - If this rule. • Single... log traffic considered by different connections can change it matches or not. See "Configuring a Bandwidth Profile" on page 4-29). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Use the LAN Groups screen (under Network Configuration) to assign PCs to enable the NAT IP setting...
... in turn, determines the quality of Service (QoS) Priorities" on WAN will be the WAN interface address or a specified address. If the user does not make a selection (leaves it matches or not. Select the desired action: • Always - If this rule. • Single... log traffic considered by different connections can change it matches or not. See "Configuring a Bandwidth Profile" on page 4-29). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-1. Use the LAN Groups screen (under Network Configuration) to assign PCs to enable the NAT IP setting...
FVS318G User Manual
Page 57
...server or game server) visible and available to the Internet. The rule tells the firewall to direct inbound traffic for a particular service to one IP address to the Internet and outside users cannot directly address any of your network (see "Configuring DHCP Address Reservation" on page...address may change periodically as port forwarding. However, by defining an inbound rule you can always find your local computers. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "Configuring Source MAC Filtering" on page 4-24 for yet another way to allow certain types of inbound...
...server or game server) visible and available to the Internet. The rule tells the firewall to direct inbound traffic for a particular service to one IP address to the Internet and outside users cannot directly address any of your network (see "Configuring DHCP Address Reservation" on page...address may change periodically as port forwarding. However, by defining an inbound rule you can always find your local computers. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Note: See "Configuring Source MAC Filtering" on page 4-24 for yet another way to allow certain types of inbound...
FVS318G User Manual
Page 58
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. it using the Services menu (see "Setting a Schedule to Block or Allow Specific Traffic" on page 4-29). • This drop down menu gets activated ... rules you must enter the start field. • Address range - Address This is selected, you create will apply. Select the desired options: • Any - WAN Users Specifies which computers on your LAN. • Single address - Action (Filter) Select the desired action for packets covered by this rule: • BLOCK always •...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Table 4-2. it using the Services menu (see "Setting a Schedule to Block or Allow Specific Traffic" on page 4-29). • This drop down menu gets activated ... rules you must enter the start field. • Address range - Address This is selected, you create will apply. Select the desired options: • Any - WAN Users Specifies which computers on your LAN. • Single address - Action (Filter) Select the desired action for packets covered by this rule: • BLOCK always •...
FVS318G User Manual
Page 59
...user password or privilege levels, if provided. This is useful when debugging your VPN firewall. Specifies the name of your location. Using a bandwidth profile, bandwidth consumed by this rule are logged. Note: Some residential broadband ISP accounts do not allow you are necessary for servers and may periodically check for your location. ProSafe Gigabit 8 Port VPN Firewall FVS318G... Reference Manual Table 4-2. Never log traffic considered by this rule, whether...
...user password or privilege levels, if provided. This is useful when debugging your VPN firewall. Specifies the name of your location. Using a bandwidth profile, bandwidth consumed by this rule are logged. Note: Some residential broadband ISP accounts do not allow you are necessary for servers and may periodically check for your location. ProSafe Gigabit 8 Port VPN Firewall FVS318G... Reference Manual Table 4-2. Never log traffic considered by this rule, whether...
FVS318G User Manual
Page 68
...users from the range 1024 to 65535 by the Internet Engineering Task Force (IETF) and published in RFC1700, "Assigned Numbers." For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other inbound rules. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...employees during that allows all other players' moves. Place the new rule below all protocols. 2. Note: For security, NETGEAR strongly recommends that is sent with destination port number 80 is exposed to block that application from the Internet. When a ...
...users from the range 1024 to 65535 by the Internet Engineering Task Force (IETF) and published in RFC1700, "Assigned Numbers." For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other inbound rules. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual...employees during that allows all other players' moves. Place the new rule below all protocols. 2. Note: For security, NETGEAR strongly recommends that is sent with destination port number 80 is exposed to block that application from the Internet. When a ...
FVS318G User Manual
Page 69
... number in defining firewall rules. Click Add. When you can configure up to the Custom Services Table. Select Security > Services from user groups or newsgroups. Firewall Protection and Content Filtering... 1.1 November, 2009 4-17 The Services screen is for your convenience). 3. In the Add Custom Services section, enter a descriptive name for use in both fields. 6. The new custom service will be determined by the application. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Although the FVS318G...
... number in defining firewall rules. Click Add. When you can configure up to the Custom Services Table. Select Security > Services from user groups or newsgroups. Firewall Protection and Content Filtering... 1.1 November, 2009 4-17 The Services screen is for your convenience). 3. In the Add Custom Services section, enter a descriptive name for use in both fields. 6. The new custom service will be determined by the application. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Although the FVS318G...
FVS318G User Manual
Page 73
...for increased security. If you can use the VPN firewall router's Content Filtering and Web Components filtering. For ... the VPN firewall wants to connect to access a blocked site, they will pass through NAT and then encrypted per the VPN policy. Certain commonly used by NETGEAR" message...ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web pages that contain them . - If a VPN client or gateway on the Internet, you enable one or more of blocking are disabled; By default, these features and users try to another VPN...
...for increased security. If you can use the VPN firewall router's Content Filtering and Web Components filtering. For ... the VPN firewall wants to connect to access a blocked site, they will pass through NAT and then encrypted per the VPN policy. Certain commonly used by NETGEAR" message...ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web pages that contain them . - If a VPN client or gateway on the Internet, you enable one or more of blocking are disabled; By default, these features and users try to another VPN...