FVX538 Reference Manual
Page 7
... 1-4 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 Router Front and Rear Panels 1-6 Rack Mounting Hardware 1-8 The Router's IP Address, Login Name, and Password 1-9 Chapter 2 Connecting the FVX538 to the Internet Logging into the VPN Firewall 2-1 Configuring the Internet Connections to Your ISPs 2-2 Setting the Router's MAC Address 2-4 Manually Configuring Your Internet Connection 2-4 Programming the Traffic...
... 1-4 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 Router Front and Rear Panels 1-6 Rack Mounting Hardware 1-8 The Router's IP Address, Login Name, and Password 1-9 Chapter 2 Connecting the FVX538 to the Internet Logging into the VPN Firewall 2-1 Configuring the Internet Connections to Your ISPs 2-2 Setting the Router's MAC Address 2-4 Manually Configuring Your Internet Connection 2-4 Programming the Traffic...
FVX538 Reference Manual
Page 10
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That...
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That...
FVX538 Reference Manual
Page 12
...-to-Gateway: Dual Gateway WAN Ports for Improved Reliability B-15 VPN Gateway-to -Gateway B-11 VPN Road Warrior: Single Gateway WAN Port (Reference Case B-12 VPN Road Warrior: Dual Gateway WAN Ports for Improved Reliability ......... B-18 VPN Telecommuter: Dual Gateway WAN Ports for Load Balancing ... ProSafe VPN Firewall 200 FVX538 Reference Manual Inbound Traffic ...B-8 Inbound Traffic to Single WAN...
...-to-Gateway: Dual Gateway WAN Ports for Improved Reliability B-15 VPN Gateway-to -Gateway B-11 VPN Road Warrior: Single Gateway WAN Port (Reference Case B-12 VPN Road Warrior: Dual Gateway WAN Ports for Improved Reliability ......... B-18 VPN Telecommuter: Dual Gateway WAN Ports for Load Balancing ... ProSafe VPN Firewall 200 FVX538 Reference Manual Inbound Traffic ...B-8 Inbound Traffic to Single WAN...
FVX538 Reference Manual
Page 17
...FVX538 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-5 • "Router Front and Rear Panels" on page 1-6 • "The Router's IP Address, Login...and one 1/100/1000 port connects your network from attacks and intrusions. Chapter 1 Introduction The ProSafe VPN Firewall 200 with the 5-user license of the NETGEAR ProSafe VPN Client software (VPN05L) • Quality of Service (QoS) and SIP 2.0 support for ...
...FVX538 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-5 • "Router Front and Rear Panels" on page 1-6 • "The Router's IP Address, Login...and one 1/100/1000 port connects your network from attacks and intrusions. Chapter 1 Introduction The ProSafe VPN Firewall 200 with the 5-user license of the NETGEAR ProSafe VPN Client software (VPN05L) • Quality of Service (QoS) and SIP 2.0 support for ...
FVX538 Reference Manual
Page 18
...Block Sites. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability. ...Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is inoperable, ensuring you specify as Ping of either 10 Mbps or 100 Mbps.
...Block Sites. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability. ...Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is inoperable, ensuring you specify as Ping of either 10 Mbps or 100 Mbps.
FVX538 Reference Manual
Page 19
ProSafe VPN Firewall 200 FVX538 Reference Manual • Logs security incidents. You can configure the firewall to email the log to specific PCs based on your PCs. Security Features The VPN firewall is a response to one of discarding this section. • PCs Hidden by screening for keywords within .... You can connect to a switch or hub. The firewall allows you have a 'normal' connection such as to a PC or an 'uplink' connection such as blocked incoming traffic, port scans, attacks, and administrator logins. Each Ethernet port will accommodate either a 10 Mbps standard...
ProSafe VPN Firewall 200 FVX538 Reference Manual • Logs security incidents. You can configure the firewall to email the log to specific PCs based on your PCs. Security Features The VPN firewall is a response to one of discarding this section. • PCs Hidden by screening for keywords within .... You can connect to a switch or hub. The firewall allows you have a 'normal' connection such as to a PC or an 'uplink' connection such as blocked incoming traffic, port scans, attacks, and administrator logins. Each Ethernet port will accommodate either a 10 Mbps standard...
FVX538 Reference Manual
Page 20
...ProSafe VPN Firewall 200 FVX538 Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). The VPN firewall... VPN routers and clients. • SNMP. The VPN firewall ...login program such as a DNS server to ensure the VPN tunnels are specified, the firewall provides its own address as EnterNet or WinPOET on your type of the Virtual Private Network Consortium (VPNC) to the attached PCs. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN...
...ProSafe VPN Firewall 200 FVX538 Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). The VPN firewall... VPN routers and clients. • SNMP. The VPN firewall ...login program such as a DNS server to ensure the VPN tunnels are specified, the firewall provides its own address as EnterNet or WinPOET on your type of the Virtual Private Network Consortium (VPNC) to the attached PCs. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN...
FVX538 Reference Manual
Page 21
.... Maintenance and Support NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 • Resource CD, including: - Package Contents The product package should contain the following features to help you to login to return the...
.... Maintenance and Support NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 • Resource CD, including: - Package Contents The product package should contain the following features to help you to login to return the...
FVX538 Reference Manual
Page 25
... displays, enter admin for the User Name and the password for Password. Introduction 1-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual The Router's IP Address, Login Name, and Password Check the label on the bottom of the FVX538's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the... Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-4 To log in to the FVX538 once it is connected, go to http://192.168.1.1.
... displays, enter admin for the User Name and the password for Password. Introduction 1-9 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference Manual The Router's IP Address, Login Name, and Password Check the label on the bottom of the FVX538's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the... Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-4 To log in to the FVX538 once it is connected, go to http://192.168.1.1.
FVX538 Reference Manual
Page 27
... 2-2 • "Configuring the WAN Mode (Required for DHCP, refer to the link in to your Internet connection.) 3. Connecting the FVX538 to the firewall by typing http://192.168.1.1 in to Your ISPs" on page 6-10). If you enable remote management, you are not the same...• "Configuring the Advanced WAN Options (If Needed)" on page 6-8). Click Login. Chapter 2 Connecting the FVX538 to the Internet This chapter includes these topics: • "Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to obtain an IP address automatically via DHCP....
... 2-2 • "Configuring the WAN Mode (Required for DHCP, refer to the link in to your Internet connection.) 3. Connecting the FVX538 to the firewall by typing http://192.168.1.1 in to Your ISPs" on page 6-10). If you enable remote management, you are not the same...• "Configuring the Advanced WAN Options (If Needed)" on page 6-8). Click Login. Chapter 2 Connecting the FVX538 to the Internet This chapter includes these topics: • "Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to obtain an IP address automatically via DHCP....
FVX538 Reference Manual
Page 29
... Name Login (Username, Password), Account Name, Local IP address, and PPTP Server IP address; Figure 2-2 Connecting the FVX538 to verify WAN Port 1 connection status. Static IP address, Subnet, and Gateway IP; No data is required. Click WAN Status at the top right of the screen to the Internet 2-3 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference...
... Name Login (Username, Password), Account Name, Local IP address, and PPTP Server IP address; Figure 2-2 Connecting the FVX538 to verify WAN Port 1 connection status. Static IP address, Subnet, and Gateway IP; No data is required. Click WAN Status at the top right of the screen to the Internet 2-3 v1.0, March 2009 ProSafe VPN Firewall 200 FVX538 Reference...
FVX538 Reference Manual
Page 30
... Internet, use the Rules menu (Figure 4-2 on the WAN1 ISP Settings and WAN2 ISP Settings screen (see Figure 2-1). Setting the router's MAC address is also referred to as IP Addresses, account information, type of ISP connection, etc., before you connect to the Internet... v1.0, March 2009 This is controlled through your Internet connection require a login? Does your ISP, select Yes. The default is set up the traffic meter for WAN2 ISP, if desired. ProSafe VPN Firewall 200 FVX538 Reference Manual 4. Set up the traffic meter for WAN 1 ISP if desired...
... Internet, use the Rules menu (Figure 4-2 on the WAN1 ISP Settings and WAN2 ISP Settings screen (see Figure 2-1). Setting the router's MAC address is also referred to as IP Addresses, account information, type of ISP connection, etc., before you connect to the Internet... v1.0, March 2009 This is controlled through your Internet connection require a login? Does your ISP, select Yes. The default is set up the traffic meter for WAN2 ISP, if desired. ProSafe VPN Firewall 200 FVX538 Reference Manual 4. Set up the traffic meter for WAN 1 ISP if desired...
FVX538 Reference Manual
Page 31
...the Yes radio box. The text box fields that require data entry will identify the router to your ISP. If your ISP has not assigned any other ISP that you have installed login software such as Host Name or System Name): Enter the valid account name for the...based on . Gateway IP Address: IP address of the PPTP server. • Other (PPPoE): If you must login. Connecting the FVX538 to make the connection with the ISP server. - ProSafe VPN Firewall 200 FVX538 Reference Manual 2. What type of minutes to wait before disconnecting in the following highlighted fields: - Some ISPs require ...
...the Yes radio box. The text box fields that require data entry will identify the router to your ISP. If your ISP has not assigned any other ISP that you have installed login software such as Host Name or System Name): Enter the valid account name for the...based on . Gateway IP Address: IP address of the PPTP server. • Other (PPPoE): If you must login. Connecting the FVX538 to make the connection with the ISP server. - ProSafe VPN Firewall 200 FVX538 Reference Manual 2. What type of minutes to wait before disconnecting in the following highlighted fields: - Some ISPs require ...
FVX538 Reference Manual
Page 99
... attack information, and other general information based on the settings you input on the Firewall Logs & E-mail screen. E-Mail Notifications of Event Logs and Alerts The Firewall Logs can be generated when someone on different segments of the following fields: a. ...a log will display in Kbps for the Load Balancing mode. d. To edit a Bandwidth Profile: 1. Click Apply. hacker probes and Login attempts; ProSafe VPN Firewall 200 FVX538 Reference Manual • Name: Displays the user-defined name for this bandwidth profile. • Bandwidth Range: Displays the range for the...
... attack information, and other general information based on the settings you input on the Firewall Logs & E-mail screen. E-Mail Notifications of Event Logs and Alerts The Firewall Logs can be generated when someone on different segments of the following fields: a. ...a log will display in Kbps for the Load Balancing mode. d. To edit a Bandwidth Profile: 1. Click Apply. hacker probes and Login attempts; ProSafe VPN Firewall 200 FVX538 Reference Manual • Name: Displays the user-defined name for this bandwidth profile. • Bandwidth Range: Displays the range for the...
FVX538 Reference Manual
Page 101
...network segments radio box for providing the ident service is checked by selecting the authentication type-either Login Plain or CRAM-MD5-based on your ISP (for the type of your SMTP server requirements. ...this box blank, no logs will be logged. 6. Select the appropriate syslog severity from SMTP Server radio box. Firewall Protection and Content Filtering v1.0, March 2009 4-41 From the Unit pull-down menu. Enter a Schedule for authentication...send messages to enable E-mail Logs. Enter your selection. 4. c. ProSafe VPN Firewall 200 FVX538 Reference Manual 3.
...network segments radio box for providing the ident service is checked by selecting the authentication type-either Login Plain or CRAM-MD5-based on your ISP (for the type of your SMTP server requirements. ...this box blank, no logs will be logged. 6. Select the appropriate syslog severity from SMTP Server radio box. Firewall Protection and Content Filtering v1.0, March 2009 4-41 From the Unit pull-down menu. Enter a Schedule for authentication...send messages to enable E-mail Logs. Enter your selection. 4. c. ProSafe VPN Firewall 200 FVX538 Reference Manual 3.
FVX538 Reference Manual
Page 151
...-out value too large, you will have to wait a long time before you are able to log back into the router if your previous login was disrupted (i.e., you did not click Logout on the Main Menu bar to save your previous settings. 5. Click Apply to log out). 6. Change the ... and then entering the new password twice. 4. Click Apply to save this setting. Select Users from the main menu and Local Authentication from the submenu. Router and Network Management 6-9 v1.0, March 2009 Figure 6-1 2. ProSafe VPN Firewall 200 FVX538 Reference Manual 1. Select the Settings you require.
...-out value too large, you will have to wait a long time before you are able to log back into the router if your previous login was disrupted (i.e., you did not click Logout on the Main Menu bar to save your previous settings. 5. Click Apply to log out). 6. Change the ... and then entering the new password twice. 4. Click Apply to save this setting. Select Users from the main menu and Local Authentication from the submenu. Router and Network Management 6-9 v1.0, March 2009 Figure 6-1 2. ProSafe VPN Firewall 200 FVX538 Reference Manual 1. Select the Settings you require.
FVX538 Reference Manual
Page 155
....0.123:8080 The router's remote login URL is a common alternate for Telnet Management: 1. Choose a number between 1024 and 65535, but do not use the SSL https://address, but rather use the number of your firewall for HTTP. 5. Specify what external addresses will display. 2. Check the Allow Telnet Management radio box. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual Web...
....0.123:8080 The router's remote login URL is a common alternate for Telnet Management: 1. Choose a number between 1024 and 65535, but do not use the SSL https://address, but rather use the number of your firewall for HTTP. 5. Specify what external addresses will display. 2. Check the Allow Telnet Management radio box. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual Web...
FVX538 Reference Manual
Page 162
... be set to your settings or click Cancel to revert to the Default Netgear NTP servers. 4. If required, you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. You can also enter the address of the... Click Apply to save your previous settings. ProSafe VPN Firewall 200 FVX538 Reference Manual • Use Custom NTP Servers: If you prefer to important events such as WAN port rollover, WAN traffic limits reached, and login failures and attacks. Figure 6-6 Monitoring the Router You can be alerted to use a particular...
... be set to your settings or click Cancel to revert to the Default Netgear NTP servers. 4. If required, you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. You can also enter the address of the... Click Apply to save your previous settings. ProSafe VPN Firewall 200 FVX538 Reference Manual • Use Custom NTP Servers: If you prefer to important events such as WAN port rollover, WAN traffic limits reached, and login failures and attacks. Figure 6-6 Monitoring the Router You can be alerted to use a particular...
FVX538 Reference Manual
Page 164
You can send a System log of firewall activities to an email address or a log of the firewall activities can view the logs by selecting Monitoring from the main menu and selecting Firewall Logs & E-mail from the submenu. You can be viewed, saved to a Syslog server, and then sent to an e-mail address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-8 Setting Login Failures and Attacks Notification Figure 6-9 shows the Firewall Logs & E-mail screen that is invoked by clicking View Logs. 6-22 v1.0, March 2009 Router and Network Management
You can send a System log of firewall activities to an email address or a log of the firewall activities can view the logs by selecting Monitoring from the main menu and selecting Firewall Logs & E-mail from the submenu. You can be viewed, saved to a Syslog server, and then sent to an e-mail address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-8 Setting Login Failures and Attacks Notification Figure 6-9 shows the Firewall Logs & E-mail screen that is invoked by clicking View Logs. 6-22 v1.0, March 2009 Router and Network Management
FVX538 Reference Manual
Page 177
... login information. The factory default login name is admin and the password is explained in this information. If your IP address is in "Restoring the Default Configuration and Password" on the same subnet as 169.254.x.x: Recent versions of Windows and MacOS will set the firewall's... the firewall and reboot your PC. • If your firewall's IP address has been changed and you can reboot the router and use sniffer to 192.168.1.1. The changes may have made in the range of 169.254.x.x. Look at the ARP packets to factory defaults. ProSafe VPN Firewall 200 FVX538 Reference ...
... login information. The factory default login name is admin and the password is explained in this information. If your IP address is in "Restoring the Default Configuration and Password" on the same subnet as 169.254.x.x: Recent versions of Windows and MacOS will set the firewall's... the firewall and reboot your PC. • If your firewall's IP address has been changed and you can reboot the router and use sniffer to 192.168.1.1. The changes may have made in the range of 169.254.x.x. Look at the ARP packets to factory defaults. ProSafe VPN Firewall 200 FVX538 Reference ...