FVX538 Reference Manual
Page 22
...port is operating at 10 Mbps. Writing to Flash memory (during upgrading or resetting to the firewall. The WAN port is not supplied to the firewall. 2. Power is operating at 100 Mbps. WAN Ports and LEDs Two RJ... WAN port has a valid Internet connection. Object Descriptions Object Activity Description 1. ProSafe VPN Firewall 200 FVX538 Reference Manual Router Front and Rear Panels The ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. 1 2 3 4 5 6 7 Figure 1-1 Table 1-1 describes...
...port is operating at 10 Mbps. Writing to Flash memory (during upgrading or resetting to the firewall. The WAN port is not supplied to the firewall. 2. Power is operating at 100 Mbps. WAN Ports and LEDs Two RJ... WAN port has a valid Internet connection. Object Descriptions Object Activity Description 1. ProSafe VPN Firewall 200 FVX538 Reference Manual Router Front and Rear Panels The ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. 1 2 3 4 5 6 7 Figure 1-1 Table 1-1 describes...
FVX538 Reference Manual
Page 23
...Port 8 is being transmitted or received by the LAN port. The LAN port has detected a link with a sharp Factory Defaults reset push button (see Appendix A, "Default Defaults object Settings and Technical Specifications" for the factory defaults). Data is operating as a ... Console DB9 male connector Port for connecting to an optional console terminal. Introduction 1-7 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual Table 1-1. Factory Push in with a connected Ethernet device. The LAN port has detected a link with a connected Ethernet ...
...Port 8 is being transmitted or received by the LAN port. The LAN port has detected a link with a sharp Factory Defaults reset push button (see Appendix A, "Default Defaults object Settings and Technical Specifications" for the factory defaults). Data is operating as a ... Console DB9 male connector Port for connecting to an optional console terminal. Introduction 1-7 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual Table 1-1. Factory Push in with a connected Ethernet device. The LAN port has detected a link with a connected Ethernet ...
FVX538 Reference Manual
Page 32
...ISP has not assigned a Static IP address, select the Get dynamically from ISP radio box. to the previous settings. 7. Click Reset to discard any Domain Name Servers (DNS) addresses, select the Get dynamically from the secondary menu. From the primary menu, select...router using DHCP network protocol. 4. Note: Domain Name Servers (DNS) convert Internet names such as www.google.com, www.netgear.com, etc. Incorrect DNS entries may click Logout or go on and configure additional settings. Click Apply to look at traffic types over a given period of time. ProSafe VPN Firewall 200 FVX538...
...ISP has not assigned a Static IP address, select the Get dynamically from ISP radio box. to the previous settings. 7. Click Reset to discard any Domain Name Servers (DNS) addresses, select the Get dynamically from the secondary menu. From the primary menu, select...router using DHCP network protocol. 4. Note: Domain Name Servers (DNS) convert Internet names such as www.google.com, www.netgear.com, etc. Incorrect DNS entries may click Logout or go on and configure additional settings. Click Apply to look at traffic types over a given period of time. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 33
ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-3 2. the entire configuration is reached. Click Apply to the previous settings. 3. Click Reset to return to apply the settings. Note: Both incoming and outgoing traffic are included in ...FVX538 to the incoming traffic only • Both Directions - Table 2-2. WAN1 or WAN2 can be applied to the Internet 2-7 v1.0, March 2009 If this is selected the specified restriction will be applied when traffic limit is reached. • Download only - Select the WAN2 Traffic Meter tab and repeat steps 1 through the Router...
ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-3 2. the entire configuration is reached. Click Apply to the previous settings. 3. Click Reset to return to apply the settings. Note: Both incoming and outgoing traffic are included in ...FVX538 to the incoming traffic only • Both Directions - Table 2-2. WAN1 or WAN2 can be applied to the Internet 2-7 v1.0, March 2009 If this is selected the specified restriction will be applied when traffic limit is reached. • Download only - Select the WAN2 Traffic Meter tab and repeat steps 1 through the Router...
FVX538 Reference Manual
Page 37
... previous settings. Once a rollover occurs, an alert will be generated (see "E-Mail Notifications of queries have failed to elicit a reply. Click Reset to revert to save your settings. 8. Connecting the FVX538 to roll over after the primary WAN interface fails is 4 failures. Enter the Maximum Failover amount. The Failover default is 2 minutes... configured number of Event Logs and Alerts" on the original primary WAN interface by reapplying the Auto-Rollover settings in the WAN Port Mode menu. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-4 6.
... previous settings. Once a rollover occurs, an alert will be generated (see "E-Mail Notifications of queries have failed to elicit a reply. Click Reset to revert to save your settings. 8. Connecting the FVX538 to roll over after the primary WAN interface fails is 4 failures. Enter the Maximum Failover amount. The Failover default is 2 minutes... configured number of Event Logs and Alerts" on the original primary WAN interface by reapplying the Auto-Rollover settings in the WAN Port Mode menu. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-4 6.
FVX538 Reference Manual
Page 40
... IP address, you must setup an account with varying public IP addresses to be accessed by public Domain Name Servers (DNS). Click Reset to return to the Internet v1.0, March 2009 However, if your IP address by others on the Internet. Configuring Dynamic DNS (If... routers with a DDNS provider such as DynDNS.org, TZO.com, or Oray.net. (Links to DynDNS, TZO, and Oray are provided for the protocol binding service you can be located using Internet domain names. If your 2-14 Connecting the FVX538 to the previously configured settings. ProSafe VPN Firewall 200 FVX538...
... IP address, you must setup an account with varying public IP addresses to be accessed by public Domain Name Servers (DNS). Click Reset to return to the Internet v1.0, March 2009 However, if your IP address by others on the Internet. Configuring Dynamic DNS (If... routers with a DDNS provider such as DynDNS.org, TZO.com, or Oray.net. (Links to DynDNS, TZO, and Oray are provided for the protocol binding service you can be located using Internet domain names. If your 2-14 Connecting the FVX538 to the previously configured settings. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 43
... WAN Options (If Needed) To configure the Advanced WAN options: 1. Click Advanced to save your ISP connection. Figure 2-8 3. Click Reset to return to the Internet v1.0, March 2009 2-17 The WAN Settings screen will cause *.yourhost.dyndns.org to be done unless you.... 6. Select Network Configuration from the primary menu and WAN Settings from the submenu. But this is necessary for PPPoE connections. ProSafe VPN Firewall 200 FVX538 Reference Manual For example, the wildcard feature will display. Edit the default information you are sure it is rarely required, and ...
... WAN Options (If Needed) To configure the Advanced WAN options: 1. Click Advanced to save your ISP connection. Figure 2-8 3. Click Reset to return to the Internet v1.0, March 2009 2-17 The WAN Settings screen will cause *.yourhost.dyndns.org to be done unless you.... 6. Select Network Configuration from the primary menu and WAN Settings from the submenu. But this is necessary for PPPoE connections. ProSafe VPN Firewall 200 FVX538 Reference Manual For example, the wildcard feature will display. Edit the default information you are sure it is rarely required, and ...
FVX538 Reference Manual
Page 49
... alias added to the LAN port of the active connection. - When enabled, the router will receive the DNS IP addresses of the ISP. 5. To change these traffic rules, refer to save your settings. 6. ProSafe VPN Firewall 200 FVX538 Reference Manual The feature is discarded. For example, if the DNS servers for example,...add aliases to the LAN port and give computers on those requests to the previous configuration. LAN Configuration 3-5 v1.0, March 2009 Click Reset to discard any changes and revert to the DNS servers of the router. Note: Once you can make requests to the...
... alias added to the LAN port of the active connection. - When enabled, the router will receive the DNS IP addresses of the ISP. 5. To change these traffic rules, refer to save your settings. 6. ProSafe VPN Firewall 200 FVX538 Reference Manual The feature is discarded. For example, if the DNS servers for example,...add aliases to the LAN port and give computers on those requests to the previous configuration. LAN Configuration 3-5 v1.0, March 2009 Click Reset to discard any changes and revert to the DNS servers of the router. Note: Once you can make requests to the...
FVX538 Reference Manual
Page 53
... the computer has to the network database manually, fill in the associated field. 2. Select Reserved (DHCP Client) to direct the router to the network database. ProSafe VPN Firewall 200 FVX538 Reference Manual • MAC Address: The MAC address of the computer's network interface. • Group: Each PC or device...associated MAC address. • MAC Address: The MAC address of the computer's network interface. Click Apply to save the settings or click Reset to revert to a single group. Select the group by selecting the Edit link in the Action column. • Action/Edit: Allows ...
... the computer has to the network database manually, fill in the associated field. 2. Select Reserved (DHCP Client) to direct the router to the network database. ProSafe VPN Firewall 200 FVX538 Reference Manual • MAC Address: The MAC address of the computer's network interface. • Group: Each PC or device...associated MAC address. • MAC Address: The MAC address of the computer's network interface. Click Apply to save the settings or click Reset to revert to a single group. Select the group by selecting the Edit link in the Action column. • Action/Edit: Allows ...
FVX538 Reference Manual
Page 55
...Time - e. Click Reset to cancel changes made on your network. c. Note: If you enable the DNS Relay feature, you will not use the FVX538 as a DHCP server but rather as a DNS for a DHCP server somewhere else on this screen and revert to the router's DMZ network. Enable.... If desired, Enable the DHCP Server (Dynamic Host Configuration Protocol), which will as a DHCP relay agent for address resolution. 5. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-4 4. This box specifies the Lease time to be given to the DHCP Clients. Ending IP Address - This ...
...Time - e. Click Reset to cancel changes made on your network. c. Note: If you enable the DNS Relay feature, you will not use the FVX538 as a DHCP server but rather as a DNS for a DHCP server somewhere else on this screen and revert to the router's DMZ network. Enable.... If desired, Enable the DHCP Server (Dynamic Host Configuration Protocol), which will as a DHCP relay agent for address resolution. 5. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-4 4. This box specifies the Lease time to be given to the DHCP Clients. Ending IP Address - This ...
FVX538 Reference Manual
Page 57
... exit, the route with the lowest metric is the physical network interface (WAN1, WAN2, or LAN) through which this route. Click Reset to discard any changes and revert to the LAN only. Enter the IP Subnet Mask for this route is a single host, enter ... you want to limit access to the previous settings. 12. Enter the Interface which the route leads. 7. Click Apply to make this destination. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-5 4. If the destination is accessible. 9. You can be reached (must be added to the route. The static route will...
... exit, the route with the lowest metric is the physical network interface (WAN1, WAN2, or LAN) through which this route. Click Reset to discard any changes and revert to the LAN only. Enter the IP Subnet Mask for this route is a single host, enter ... you want to limit access to the previous settings. 12. Enter the Interface which the route leads. 7. Click Apply to make this destination. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-5 4. If the destination is accessible. 9. You can be reached (must be added to the route. The static route will...
FVX538 Reference Manual
Page 59
... RIP-2 format and uses subnet broadcasting. • RIP-2M Sends the routing data in RIP-2 format and uses multicasting. 4. Click Reset to discard any changes and revert to authenticate between routers. 5. Supports subnet information. LAN Configuration v1.0, March 2009 3-15 This is the most commonly supported version. • RIP-2 - ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-6 3.
... RIP-2 format and uses subnet broadcasting. • RIP-2M Sends the routing data in RIP-2 format and uses multicasting. 4. Click Reset to discard any changes and revert to authenticate between routers. 5. Supports subnet information. LAN Configuration v1.0, March 2009 3-15 This is the most commonly supported version. • RIP-2 - ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-6 3.
FVX538 Reference Manual
Page 71
Incorrect configuration will display. .. Click Apply to the schedule created in the Schedule menu. Firewall Protection and Content Filtering v1.0, March 2009 4-11 The Add LAN WAN Outbound Service screen will cause serious problems. To create a new outbound..., and time of day. Click Add under the Outbound Services Table. Figure 4-3 2. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will specify exceptions to your changes and reset the fields on this screen. By adding custom rules, you can also tailor these rules...
Incorrect configuration will display. .. Click Apply to the schedule created in the Schedule menu. Firewall Protection and Content Filtering v1.0, March 2009 4-11 The Add LAN WAN Outbound Service screen will cause serious problems. To create a new outbound..., and time of day. Click Add under the Outbound Services Table. Figure 4-3 2. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will specify exceptions to your changes and reset the fields on this screen. By adding custom rules, you can also tailor these rules...
FVX538 Reference Manual
Page 72
...the WAN/Internet are configured on this screen. Figure 4-4 2. Only enable those ports that allowing inbound services opens holes in your changes and reset the fields on the DMZ WAN Rules screen. Click Add under the Inbound Services Table. The new rule will be listed. Setting DMZ ... 4-7). 3. Complete the Add WAN LAN Inbound Services screen (see Table 4-3 on the Inbound Services table. The Default Outbound Policy is blocked. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Services Rules This Inbound Services Rules table lists all traffic from either going 4-12...
...the WAN/Internet are configured on this screen. Figure 4-4 2. Only enable those ports that allowing inbound services opens holes in your changes and reset the fields on the DMZ WAN Rules screen. Click Add under the Inbound Services Table. The new rule will be listed. Setting DMZ ... 4-7). 3. Complete the Add WAN LAN Inbound Services screen (see Table 4-3 on the Inbound Services table. The Default Outbound Policy is blocked. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Services Rules This Inbound Services Rules table lists all traffic from either going 4-12...
FVX538 Reference Manual
Page 76
...page 4-3). 3. Respond To Ping On Internet Ports. ProSafe VPN Firewall 200 FVX538 Reference Manual 2. The new rule will be added to a target system. Attack Checks This screen allows you have a specific reason to discovery and attacks. - When enabled, the router will drop all invalid TCP packets and will be ... on this screen. Block TCP Flood. Click Reset to cancel your changes and reset the fields on the Attack Checks screen and defined below: • WAN Security Checks - Click Reset to cancel your settings. If you want the router to respond to a "Ping" from the Internet...
...page 4-3). 3. Respond To Ping On Internet Ports. ProSafe VPN Firewall 200 FVX538 Reference Manual 2. The new rule will be added to a target system. Attack Checks This screen allows you have a specific reason to discovery and attacks. - When enabled, the router will drop all invalid TCP packets and will be ... on this screen. Block TCP Flood. Click Reset to cancel your changes and reset the fields on the Attack Checks screen and defined below: • WAN Security Checks - Click Reset to cancel your settings. If you want the router to respond to a "Ping" from the Internet...
FVX538 Reference Manual
Page 87
... setting determines the priority of a service, which in turn, determines the quality of 1. The IP packets for services with this service. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. Enter the first TCP or UDP port of a service: 1. Modify the parameters you want to IP packets using this...Add DMZ WAN Outbound Services screen (see Figure 4-5) The QoS priority definition for a service determines the queue that the service uses. Click Reset to confirm your changes. A priority is used for services with this priority • On the Services screen in the Custom Services Table...
... setting determines the priority of a service, which in turn, determines the quality of 1. The IP packets for services with this service. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. Enter the first TCP or UDP port of a service: 1. Modify the parameters you want to IP packets using this...Add DMZ WAN Outbound Services screen (see Figure 4-5) The QoS priority definition for a service determines the queue that the service uses. Click Reset to confirm your changes. A priority is used for services with this priority • On the Services screen in the Custom Services Table...
FVX538 Reference Manual
Page 92
... address in the MAC Address field in the MAC Filtering Enable section. 3. Click Add. Click Reset to cancel a MAC address entry before adding it to be blocked: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual • When enabled, traffic will be dropped coming from the sub-menu. Check ...Blocked table. The Mac Address will display. 2. Figure 4-19 Note: For additional ways of Source MAC Addresses to the table. 4-32 Firewall Protection and Content Filtering v1.0, March 2009 The Source MAC Filter screen will be added to the Available MAC Addresses to 9) or an alphabet...
... address in the MAC Address field in the MAC Filtering Enable section. 3. Click Add. Click Reset to cancel a MAC address entry before adding it to be blocked: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual • When enabled, traffic will be dropped coming from the sub-menu. Check ...Blocked table. The Mac Address will display. 2. Figure 4-19 Note: For additional ways of Source MAC Addresses to the table. 4-32 Firewall Protection and Content Filtering v1.0, March 2009 The Source MAC Filter screen will be added to the Available MAC Addresses to 9) or an alphabet...
FVX538 Reference Manual
Page 97
.... • Bandwidth limiting does not apply to the Port Triggering Rules table. Firewall Protection and Content Filtering v1.0, March 2009 4-37 ProSafe VPN Firewall 200 FVX538 Reference Manual 6. The Edit Port Triggering Rule screen will appear in both the single port and Auto- Click Reset to cancel any of the fields for limiting traffic, thus preventing LAN...
.... • Bandwidth limiting does not apply to the Port Triggering Rules table. Firewall Protection and Content Filtering v1.0, March 2009 4-37 ProSafe VPN Firewall 200 FVX538 Reference Manual 6. The Edit Port Triggering Rule screen will appear in both the single port and Auto- Click Reset to cancel any of the fields for limiting traffic, thus preventing LAN...
FVX538 Reference Manual
Page 101
... which you want to respond to IDENT protocol, check the Respond to be sent to the previous settings. Click Reset to cancel your selection. 4. Firewall Protection and Content Filtering v1.0, March 2009 4-41 Then fill in the Day and Time fields that is identd... syslog severity from SMTP Server radio box. E-mail Server address - b. Check the Yes radio box to the Syslog Server, then: a. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. Enter the e-mail address of severity are as follows: • LOG_EMERG (System is checked by selecting the authentication type-either...
... which you want to respond to IDENT protocol, check the Respond to be sent to the previous settings. Click Reset to cancel your selection. 4. Firewall Protection and Content Filtering v1.0, March 2009 4-41 Then fill in the Day and Time fields that is identd... syslog severity from SMTP Server radio box. E-mail Server address - b. Check the Yes radio box to the Syslog Server, then: a. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. Enter the e-mail address of severity are as follows: • LOG_EMERG (System is checked by selecting the authentication type-either...
FVX538 Reference Manual
Page 131
... Apply to save your settings or Reset to cancel your changes and return to a central authentication server such as a username/password or some encrypted response using his username/ password information. Select VPN from the main menu, VPN Client from the submenu and then select the RADIUS Client tab. ProSafe VPN Firewall 200 FVX538 Reference Manual To edit the...
... Apply to save your settings or Reset to cancel your changes and return to a central authentication server such as a username/password or some encrypted response using his username/ password information. Select VPN from the main menu, VPN Client from the submenu and then select the RADIUS Client tab. ProSafe VPN Firewall 200 FVX538 Reference Manual To edit the...