FVX538 Reference Manual
Page 7
... 1-4 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 Router Front and Rear Panels 1-6 Rack Mounting Hardware 1-8 The Router's IP Address, Login Name, and Password 1-9 Chapter 2 Connecting the FVX538 to the Internet Logging into the VPN Firewall 2-1 Configuring the Internet Connections to Your ISPs 2-2 Setting the Router's MAC Address 2-4 Manually Configuring Your Internet Connection 2-4 Programming the Traffic...
... 1-4 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 Router Front and Rear Panels 1-6 Rack Mounting Hardware 1-8 The Router's IP Address, Login Name, and Password 1-9 Chapter 2 Connecting the FVX538 to the Internet Logging into the VPN Firewall 2-1 Configuring the Internet Connections to Your ISPs 2-2 Setting the Router's MAC Address 2-4 Manually Configuring Your Internet Connection 2-4 Programming the Traffic...
FVX538 Reference Manual
Page 10
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That...
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That...
FVX538 Reference Manual
Page 12
...-Gateway: Dual Gateway WAN Ports for Improved Reliability ........ B-17 VPN Telecommuter (Client-to-Gateway Through a NAT Router B-17 VPN Telecommuter: Single Gateway WAN Port (Reference Case B-18 VPN Telecommuter: Dual Gateway WAN Ports for Load Balancing ... B-18 VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability ......... ProSafe VPN Firewall 200 FVX538 Reference Manual Inbound Traffic ...B-8 Inbound Traffic to Single WAN...
...-Gateway: Dual Gateway WAN Ports for Improved Reliability ........ B-17 VPN Telecommuter (Client-to-Gateway Through a NAT Router B-17 VPN Telecommuter: Single Gateway WAN Port (Reference Case B-18 VPN Telecommuter: Dual Gateway WAN Ports for Load Balancing ... B-18 VPN Telecommuter: Dual Gateway WAN Ports for Improved Reliability ......... ProSafe VPN Firewall 200 FVX538 Reference Manual Inbound Traffic ...B-8 Inbound Traffic to Single WAN...
FVX538 Reference Manual
Page 17
... minutes. The FVX538 is a plug-and-play device that protects your local area network (LAN) to 400 internal LAN users (and 50K connections). • Bundled with the 5-user license of the NETGEAR ProSafe VPN Client software (VPN05L) • Quality of Service (DoS) attack protection and multi-NAT support. Chapter 1 Introduction The ProSafe VPN Firewall 200 with eight 10...
... minutes. The FVX538 is a plug-and-play device that protects your local area network (LAN) to 400 internal LAN users (and 50K connections). • Bundled with the 5-user license of the NETGEAR ProSafe VPN Client software (VPN05L) • Quality of Service (DoS) attack protection and multi-NAT support. Chapter 1 Introduction The ProSafe VPN Firewall 200 with eight 10...
FVX538 Reference Manual
Page 18
...Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is a true firewall, using stateful packet inspection to : • Provide backup and rollover if...mountable. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability....
...Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is a true firewall, using stateful packet inspection to : • Provide backup and rollover if...mountable. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability....
FVX538 Reference Manual
Page 19
... autosensing and capable of cable to Internet content by NAT. ProSafe VPN Firewall 200 FVX538 Reference Manual • Logs security incidents. You can configure the firewall to log and report attempts to a PC or an 'uplink' connection such as blocked incoming traffic, port scans, attacks, and administrator logins. Each Ethernet port will then configure itself to the...
... autosensing and capable of cable to Internet content by NAT. ProSafe VPN Firewall 200 FVX538 Reference Manual • Logs security incidents. You can configure the firewall to log and report attempts to a PC or an 'uplink' connection such as blocked incoming traffic, port scans, attacks, and administrator logins. Each Ethernet port will then configure itself to the...
FVX538 Reference Manual
Page 20
... You can install, configure, and operate the ProSafe VPN Firewall 200 within minutes after connecting it to ensure the VPN tunnels are specified, the firewall provides its own address as EnterNet or WinPOET on your firewall from an SNMP-compliant system manager. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual...
... You can install, configure, and operate the ProSafe VPN Firewall 200 within minutes after connecting it to ensure the VPN tunnels are specified, the firewall provides its own address as EnterNet or WinPOET on your firewall from an SNMP-compliant system manager. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual...
FVX538 Reference Manual
Page 21
... NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 ...firewall for repair. Package Contents The product package should contain the following features to help you maximize your use of addresses, and you to login to monitor its status and activity. For security, you need to the terms identified in the Warranty and Support information card provided with your NETGEAR dealer. ProSafe VPN...
... NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 ...firewall for repair. Package Contents The product package should contain the following features to help you maximize your use of addresses, and you to login to monitor its status and activity. For security, you need to the terms identified in the Warranty and Support information card provided with your NETGEAR dealer. ProSafe VPN...
FVX538 Reference Manual
Page 25
... displays, enter admin for the User Name and the password for Password. Introduction 1-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual The Router's IP Address, Login Name, and Password Check the label on the bottom of the FVX538's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the... Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-4 To log in to the FVX538 once it is connected, go to http://192.168.1.1.
... displays, enter admin for the User Name and the password for Password. Introduction 1-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual The Router's IP Address, Login Name, and Password Check the label on the bottom of the FVX538's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the... Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-4 To log in to the FVX538 once it is connected, go to http://192.168.1.1.
FVX538 Reference Manual
Page 27
...2-17 Setting up VPN tunnels are not the same as any user name or password you can log in remotely in to your Internet connection.) 3. Click Login. Connecting the FVX538 to Your ISPs" on page 2-2 • "Configuring the WAN Mode (Required for the firewall password, both in ...on page 6-8). Chapter 2 Connecting the FVX538 to the Internet This chapter includes these topics: • "Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to obtain an IP address automatically via DHCP. Logging into the VPN Firewall" on page 2-1 • "Configuring...
...2-17 Setting up VPN tunnels are not the same as any user name or password you can log in remotely in to your Internet connection.) 3. Click Login. Connecting the FVX538 to Your ISPs" on page 2-2 • "Configuring the WAN Mode (Required for the firewall password, both in ...on page 6-8). Chapter 2 Connecting the FVX538 to the Internet This chapter includes these topics: • "Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to obtain an IP address automatically via DHCP. Logging into the VPN Firewall" on page 2-1 • "Configuring...
FVX538 Reference Manual
Page 29
... the physical connection between your firewall and the cable or DSL line or to check your ISP. Table 2-1. ProSafe VPN Firewall 200 FVX538 Reference Manual When Auto Detect successfully detects an active Internet service, it reports which connection type it discovered. and related data supplied by your Router's MAC address (see "Setting the Router's MAC Address" on page...
... the physical connection between your firewall and the cable or DSL line or to check your ISP. Table 2-1. ProSafe VPN Firewall 200 FVX538 Reference Manual When Auto Detect successfully detects an active Internet service, it reports which connection type it discovered. and related data supplied by your Router's MAC address (see "Setting the Router's MAC Address" on page...
FVX538 Reference Manual
Page 30
... 2-6. Note: To enable a WAN port to respond to Use Default Address. Otherwise, select No. 2-4 Connecting the FVX538 to the Internet through WAN port 1. Repeat the above steps to set to a Ping from your ISP (see "...login? To manually configure your router manually. Next click Auto Detect on page 2-17). Setting the router's MAC address is also referred to as IP Addresses, account information, type of the configuration process, you must continue with your network has a unique 48-bit local Ethernet address. Ensure that address. ProSafe VPN Firewall 200 FVX538...
... 2-6. Note: To enable a WAN port to respond to Use Default Address. Otherwise, select No. 2-4 Connecting the FVX538 to the Internet through WAN port 1. Repeat the above steps to set to a Ping from your ISP (see "...login? To manually configure your router manually. Next click Auto Detect on page 2-17). Setting the router's MAC address is also referred to as IP Addresses, account information, type of the configuration process, you must continue with your network has a unique 48-bit local Ethernet address. Ensure that address. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 31
...may leave this . ProSafe VPN Firewall 200 FVX538 Reference Manual 2. IP Address: Static IP address assigned to keep the connection always on . Subnet Mask: This is PPPoE, PPTP or BigPond Cable, then you . Check the Yes radio box. Idle Timeout: Select Keep Connected, to you must login. b. If your ...Name or System Name): Enter the valid account name for login, select this field blank. - What type of minutes to your ISPs domain name. The text box fields that require data entry will identify the router to wait before disconnecting in the following fields: a. ...
...may leave this . ProSafe VPN Firewall 200 FVX538 Reference Manual 2. IP Address: Static IP address assigned to keep the connection always on . Subnet Mask: This is PPPoE, PPTP or BigPond Cable, then you . Check the Yes radio box. Idle Timeout: Select Keep Connected, to you must login. b. If your ...Name or System Name): Enter the valid account name for login, select this field blank. - What type of minutes to your ISPs domain name. The text box fields that require data entry will identify the router to wait before disconnecting in the following fields: a. ...
FVX538 Reference Manual
Page 99
ProSafe VPN Firewall 200 FVX538 Reference Manual • Name: Displays the user-defined name for this bandwidth profile. • Bandwidth Range: Displays the range for the bandwidth profile. • Type: ... to log and then e-mail denial of Load Balancing mode for the Load Balancing mode. Direction: Specify the direction for the profile. hacker probes and Login attempts; In addition, if you input on page 4-29), a log will log security-related events such as: accepted and dropped packets on your network tries...
ProSafe VPN Firewall 200 FVX538 Reference Manual • Name: Displays the user-defined name for this bandwidth profile. • Bandwidth Range: Displays the range for the bandwidth profile. • Type: ... to log and then e-mail denial of Load Balancing mode for the Load Balancing mode. Direction: Specify the direction for the profile. hacker probes and Login attempts; In addition, if you input on page 4-29), a log will log security-related events such as: accepted and dropped packets on your network tries...
FVX538 Reference Manual
Page 101
ProSafe VPN Firewall 200 FVX538 Reference Manual 3. From the Unit pull-down menu. In ... system events to the previous settings. The Ident Protocol is checked by selecting the authentication type-either Login Plain or CRAM-MD5-based on your SysLog Server IP address b. E-mail Server address - Enter .... Select the appropriate syslog severity from SMTP Server radio box. Enter the e-mail address of your ISP (for authentication. 8. Firewall Protection and Content Filtering v1.0, March 2009 4-41 Enter a Schedule for example, [email protected]). 7. Then enter: a....
ProSafe VPN Firewall 200 FVX538 Reference Manual 3. From the Unit pull-down menu. In ... system events to the previous settings. The Ident Protocol is checked by selecting the authentication type-either Login Plain or CRAM-MD5-based on your SysLog Server IP address b. E-mail Server address - Enter .... Select the appropriate syslog severity from SMTP Server radio box. Enter the e-mail address of your ISP (for authentication. 8. Firewall Protection and Content Filtering v1.0, March 2009 4-41 Enter a Schedule for example, [email protected]). 7. Then enter: a....
FVX538 Reference Manual
Page 151
...Apply to save this setting. Select the Settings you did not click Logout on the Main Menu bar to log back into the router if your previous settings. 5. The default is 5 minutes. Change the Idle Logout Time field to the number of minutes you ...before you require. Note: If you make the administrator login time-out value too large, you will have to edit by first entering the old password, and then entering the new password twice. 4. Router and Network Management 6-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual 1. Figure 6-1 2. Change the password ...
...Apply to save this setting. Select the Settings you did not click Logout on the Main Menu bar to log back into the router if your previous settings. 5. The default is 5 minutes. Change the Idle Logout Time field to the number of minutes you ...before you require. Note: If you make the administrator login time-out value too large, you will have to edit by first entering the old password, and then entering the new password twice. 4. Router and Network Management 6-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual 1. Figure 6-1 2. Change the password ...
FVX538 Reference Manual
Page 155
...your browser: https://134.177.0.123:8080 The router's remote login URL is a common alternate for Telnet Management: 1. For example, enter tracert your FVX538.mynetgear.net, and the IP address that number in your changes take effect. Router and Network Management v1.0, March 2009 6-13 ... you may get a message regarding the SSL certificate. Tip: If you are using a dynamic DNS service such as practical. ProSafe VPN Firewall 200 FVX538 Reference Manual Web browser access normally uses the standard HTTP service port 80. The default is 8080, which is https://IP_address:port_number...
...your browser: https://134.177.0.123:8080 The router's remote login URL is a common alternate for Telnet Management: 1. For example, enter tracert your FVX538.mynetgear.net, and the IP address that number in your changes take effect. Router and Network Management v1.0, March 2009 6-13 ... you may get a message regarding the SSL certificate. Tip: If you are using a dynamic DNS service such as practical. ProSafe VPN Firewall 200 FVX538 Reference Manual Web browser access normally uses the standard HTTP service port 80. The default is 8080, which is https://IP_address:port_number...
FVX538 Reference Manual
Page 162
Figure 6-6 Monitoring the Router You can be set to important events such as WAN port rollover, WAN traffic limits reached, and login failures and attacks. The Wan1 Traffic Meter screen will be alerted to the Default Netgear NTP servers. 4. You can also enter the address ...Router and Network Management Enabling the Traffic Meter To monitor traffic limits on each of an NTP Server in the Server 2 Name/IP Address field. If required, you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. ProSafe VPN Firewall 200 FVX538...
Figure 6-6 Monitoring the Router You can be set to important events such as WAN port rollover, WAN traffic limits reached, and login failures and attacks. The Wan1 Traffic Meter screen will be alerted to the Default Netgear NTP servers. 4. You can also enter the address ...Router and Network Management Enabling the Traffic Meter To monitor traffic limits on each of an NTP Server in the Server 2 Name/IP Address field. If required, you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 164
You can send a System log of firewall activities to an email address or a log of the firewall activities can view the logs by selecting Monitoring from the main menu and selecting Firewall Logs & E-mail from the submenu. You can be viewed, saved to a Syslog server, and then sent to an e-mail address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-8 Setting Login Failures and Attacks Notification Figure 6-9 shows the Firewall Logs & E-mail screen that is invoked by clicking View Logs. 6-22 v1.0, March 2009 Router and Network Management
You can send a System log of firewall activities to an email address or a log of the firewall activities can view the logs by selecting Monitoring from the main menu and selecting Firewall Logs & E-mail from the submenu. You can be viewed, saved to a Syslog server, and then sent to an e-mail address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-8 Setting Login Failures and Attacks Notification Figure 6-9 shows the Firewall Logs & E-mail screen that is invoked by clicking View Logs. 6-22 v1.0, March 2009 Router and Network Management
FVX538 Reference Manual
Page 177
...launching it again. • Make sure you are using the correct login information. The changes may be in the range of 192.168.0.2 to another menu or tab, or your changes are in this information. ProSafe VPN Firewall 200 FVX538 Reference Manual • Make sure your PC's IP address is on...know the current IP address, clear the firewall's configuration to locate the router's LAN interface address. • Make sure your firewall's IP address has been changed and you can reboot the router and use sniffer to 192.168.1.1. The factory default login name is admin and the password is off...
...launching it again. • Make sure you are using the correct login information. The changes may be in the range of 192.168.0.2 to another menu or tab, or your changes are in this information. ProSafe VPN Firewall 200 FVX538 Reference Manual • Make sure your PC's IP address is on...know the current IP address, clear the firewall's configuration to locate the router's LAN interface address. • Make sure your firewall's IP address has been changed and you can reboot the router and use sniffer to 192.168.1.1. The factory default login name is admin and the password is off...