FVX538 Reference Manual
Page 22
ProSafe VPN Firewall 200 FVX538 Reference Manual Router Front and Rear Panels The ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. 1 2 3 4 5 6 7 Figure 1-1 Table 1-1 describes each item on other WAN port fails. Table 1-1. The system has booted successfully. 3. Active LED On (Green) On (Amber) Off The ...
ProSafe VPN Firewall 200 FVX538 Reference Manual Router Front and Rear Panels The ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. 1 2 3 4 5 6 7 Figure 1-1 Table 1-1 describes each item on other WAN port fails. Table 1-1. The system has booted successfully. 3. Active LED On (Green) On (Amber) Off The ...
FVX538 Reference Manual
Page 23
... (Green) Off N-way automatic speed negotiation, auto MDI/MDIX. The LAN port has detected a link with a sharp Factory Defaults reset push button (see Appendix A, "Default Defaults object Settings and Technical Specifications" for the factory defaults). DMZ (port 8) On (Green...Blinking (Green) Off Port for connecting to a gigabit Ethernet device. pinouts: (2) Tx, (3) Rx, (5) and (7) Gnd. 7. ProSafe VPN Firewall 200 FVX538 Reference Manual Table 1-1. Console DB9 male connector Port for connecting to an optional console terminal. The LAN port is being transmitted or ...
... (Green) Off N-way automatic speed negotiation, auto MDI/MDIX. The LAN port has detected a link with a sharp Factory Defaults reset push button (see Appendix A, "Default Defaults object Settings and Technical Specifications" for the factory defaults). DMZ (port 8) On (Green...Blinking (Green) Off Port for connecting to a gigabit Ethernet device. pinouts: (2) Tx, (3) Rx, (5) and (7) Gnd. 7. ProSafe VPN Firewall 200 FVX538 Reference Manual Table 1-1. Console DB9 male connector Port for connecting to an optional console terminal. The LAN port is being transmitted or ...
FVX538 Reference Manual
Page 32
ProSafe VPN Firewall 200 FVX538 Reference Manual If your ISP has assigned DNS addresses, select the Use these DNS Servers radio box. If your ISP has not assigned a Static IP address, select the Get dynamically from ISP radio box. to the NETGEAR Web site. Repeat steps 1 through 7 above. From ... time or if you fill in valid DNS server IP addresses in Table 2-2. 2-6 Connecting the FVX538 to save the settings. 6. To configure your WAN2 ISP settings: 1. Click Reset to the router using DHCP network protocol. 4. The ISP will display. 2. Incorrect DNS entries may click Logout ...
ProSafe VPN Firewall 200 FVX538 Reference Manual If your ISP has assigned DNS addresses, select the Use these DNS Servers radio box. If your ISP has not assigned a Static IP address, select the Get dynamically from ISP radio box. to the NETGEAR Web site. Repeat steps 1 through 7 above. From ... time or if you fill in valid DNS server IP addresses in Table 2-2. 2-6 Connecting the FVX538 to save the settings. 6. To configure your WAN2 ISP settings: 1. Click Reset to the router using DHCP network protocol. 4. The ISP will display. 2. Incorrect DNS entries may click Logout ...
FVX538 Reference Manual
Page 33
Table 2-2. If this is selected the specified restriction will be applied when traffic limit is reached. • Download only - ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-3 2. Note: Both incoming and outgoing traffic are included in the limit. the entire configuration is selected specified restriction will be ... can be applied to set the Traffic Meter the the WAN2 port. Select the WAN2 Traffic Meter tab and repeat steps 1 through the Router's WAN1 or WAN2 port. Click Apply to the previous settings. 3. Click Reset to return to apply the settings.
Table 2-2. If this is selected the specified restriction will be applied when traffic limit is reached. • Download only - ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-3 2. Note: Both incoming and outgoing traffic are included in the limit. the entire configuration is selected specified restriction will be ... can be applied to set the Traffic Meter the the WAN2 port. Select the WAN2 Traffic Meter tab and repeat steps 1 through the Router's WAN1 or WAN2 port. Click Apply to the previous settings. 3. Click Reset to return to apply the settings.
FVX538 Reference Manual
Page 37
... FVX538 to save your settings. 8. Click Reset to revert to elicit a reply. The rollover link is 4 failures. When notified that the failed WAN interface has been restored, you can force traffic back on page 4-39). The default time to roll over after the primary WAN interface fails is considered down after this. ProSafe VPN Firewall 200 FVX538...
... FVX538 to save your settings. 8. Click Reset to revert to elicit a reply. The rollover link is 4 failures. When notified that the failed WAN interface has been restored, you can force traffic back on page 4-39). The default time to roll over after the primary WAN interface fails is considered down after this. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 40
Click Reset to return to DynDNS, TZO, and Oray are provided for the protocol binding service you will be ...VPN firewall firmware includes software that notifies dynamic DNS servers of changes in the WAN IP address, so that the services running on this network can register a domain name and have that allows routers with your IP address by others on the Internet. However, if your 2-14 Connecting the FVX538... provider such as DynDNS.org, TZO.com, or Oray.net. (Links to the previously configured settings. Click Apply. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-6 3.
Click Reset to return to DynDNS, TZO, and Oray are provided for the protocol binding service you will be ...VPN firewall firmware includes software that notifies dynamic DNS servers of changes in the WAN IP address, so that the services running on this network can register a domain name and have that allows routers with your IP address by others on the Internet. However, if your 2-14 Connecting the FVX538... provider such as DynDNS.org, TZO.com, or Oray.net. (Links to the previously configured settings. Click Apply. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 2-6 3.
FVX538 Reference Manual
Page 43
... address as yourhost.dyndns.org 5. For some ISPs you want to save your ISP connection. Connecting the FVX538 to access the WAN1 Advanced Options screen. ProSafe VPN Firewall 200 FVX538 Reference Manual For example, the wildcard feature will display. Click Reset to return to reduce the MTU. The normal MTU (Maximum Transmit Unit) value for most Ethernet...
... address as yourhost.dyndns.org 5. For some ISPs you want to save your ISP connection. Connecting the FVX538 to access the WAN1 Advanced Options screen. ProSafe VPN Firewall 200 FVX538 Reference Manual For example, the wildcard feature will display. Click Reset to return to reduce the MTU. The normal MTU (Maximum Transmit Unit) value for most Ethernet...
FVX538 Reference Manual
Page 49
... added to the router. • IP Address: The IP address alias added to Chapter 4, "Firewall Protection and Content Filtering. Click Apply to the previous configuration. When enabled, the router will receive the DNS IP addresses of the ISP. 5. Click Reset to discard any ... requests to the router and the router, in the WAN settings page). - This is discarded. However, when the DNS proxy is particularly useful in the LAN, (for each connection are different, then a link failure may render the DNS servers inaccessible. ProSafe VPN Firewall 200 FVX538 Reference Manual The...
... added to the router. • IP Address: The IP address alias added to Chapter 4, "Firewall Protection and Content Filtering. Click Apply to the previous configuration. When enabled, the router will receive the DNS IP addresses of the ISP. 5. Click Reset to discard any ... requests to the router and the router, in the WAN settings page). - This is discarded. However, when the DNS proxy is particularly useful in the LAN, (for each connection are different, then a link failure may render the DNS servers inaccessible. ProSafe VPN Firewall 200 FVX538 Reference Manual The...
FVX538 Reference Manual
Page 53
...pool. If the IP Address Type is Reserved (DHCP Client), the router will reserve the IP address for a device on the LAN (based on the computer. • IP Address: The IP address that this computer or device is assigned. ProSafe VPN Firewall 200 FVX538 Reference Manual • MAC Address: The MAC address of the .... • IP Address Type: - Click Add to add the new entry to the previous settings. Click Apply to save the settings or click Reset to revert to the network database. Select Fixed (Set on PC) if the IP address is assigned to the network database manually, fill in the...
...pool. If the IP Address Type is Reserved (DHCP Client), the router will reserve the IP address for a device on the LAN (based on the computer. • IP Address: The IP address that this computer or device is assigned. ProSafe VPN Firewall 200 FVX538 Reference Manual • MAC Address: The MAC address of the .... • IP Address Type: - Click Add to add the new entry to the previous settings. Click Apply to save the settings or click Reset to revert to the network database. Select Fixed (Set on PC) if the IP address is assigned to the network database manually, fill in the...
FVX538 Reference Manual
Page 55
...Reset to cancel changes made on your network. Then configure the following items: a. b. e. Enable DNS Proxy - c. d. Lease Time - LAN Configuration v1.0, March 2009 3-11 Starting IP Address - This box specifies the first of the contiguous addresses in the IP address pool. If enabled, the VPN firewall... IP. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-4 4. If desired, Enable the DHCP Server (Dynamic Host Configuration Protocol), which will not use the FVX538 as a DHCP server but rather as a DNS for all computers connected to the router's DMZ network...
...Reset to cancel changes made on your network. Then configure the following items: a. b. e. Enable DNS Proxy - c. d. Lease Time - LAN Configuration v1.0, March 2009 3-11 Starting IP Address - This box specifies the first of the contiguous addresses in the IP address pool. If enabled, the VPN firewall... IP. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-4 4. If desired, Enable the DHCP Server (Dynamic Host Configuration Protocol), which will not use the FVX538 as a DHCP server but rather as a DNS for all computers connected to the router's DMZ network...
FVX538 Reference Manual
Page 57
Select Active to the route. Enter the IP Subnet Mask for this destination. Enter the Interface which is accessible. 9. Click Reset to discard any changes and revert to save your settings. The static route will be advertised in the Action column adjacent to make this ... RIP. 6. If the destination is chosen. (value must be between 1 and 15), 11. Select Private if you want to limit access to Route table. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-5 4. The new static route will not be added to the LAN only. LAN Configuration v1.0, March 2009 3-13
Select Active to the route. Enter the IP Subnet Mask for this destination. Enter the Interface which is accessible. 9. Click Reset to discard any changes and revert to save your settings. The static route will be advertised in the Action column adjacent to make this ... RIP. 6. If the destination is chosen. (value must be between 1 and 15), 11. Select Private if you want to limit access to Route table. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-5 4. The new static route will not be added to the LAN only. LAN Configuration v1.0, March 2009 3-13
FVX538 Reference Manual
Page 59
... RIP-2 format and uses subnet broadcasting. • RIP-2M Sends the routing data in RIP-2 format and uses multicasting. 4. Click Reset to discard any changes and revert to authenticate between routers. 5. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-6 3. LAN Configuration v1.0, March 2009 3-15 Authentication for RIP2B/2M required? From the RIP Version pull-down menu...
... RIP-2 format and uses subnet broadcasting. • RIP-2M Sends the routing data in RIP-2 format and uses multicasting. 4. Click Reset to discard any changes and revert to authenticate between routers. 5. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 3-6 3. LAN Configuration v1.0, March 2009 3-15 Authentication for RIP2B/2M required? From the RIP Version pull-down menu...
FVX538 Reference Manual
Page 71
... serious problems. To create a new outbound service rule: 1. The new rule will specify exceptions to your changes and reset the fields on this screen. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will be listed on the Outbound Services table. You... IP addresses, and time of day. Complete the Outbound Service screen, and save your specific needs (see Table 4-2 on page 4-43). Firewall Protection and Content Filtering v1.0, March 2009 4-11 By adding custom rules, you can also tailor these rules to the default rules. The ...
... serious problems. To create a new outbound service rule: 1. The new rule will specify exceptions to your changes and reset the fields on this screen. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will be listed on the Outbound Services table. You... IP addresses, and time of day. Complete the Outbound Service screen, and save your specific needs (see Table 4-2 on page 4-43). Firewall Protection and Content Filtering v1.0, March 2009 4-11 By adding custom rules, you can also tailor these rules to the default rules. The ...
FVX538 Reference Manual
Page 72
ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Services Rules This Inbound Services Rules table lists all inbound traffic is to allow all traffic from either going 4-12 Firewall Protection and Content Filtering v1.0, March 2009 Remember that are configured on this screen. Complete the Add WAN ...Services Table. The Default Outbound Policy is blocked. Only enable those ports that allowing inbound services opens holes in your changes and reset the fields on the DMZ WAN Rules screen. The Add LAN WAN Inbound Service screen will be listed on page 4-7). 3....
ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Services Rules This Inbound Services Rules table lists all inbound traffic is to allow all traffic from either going 4-12 Firewall Protection and Content Filtering v1.0, March 2009 Remember that are configured on this screen. Complete the Add WAN ...Services Table. The Default Outbound Policy is blocked. Only enable those ports that allowing inbound services opens holes in your changes and reset the fields on the DMZ WAN Rules screen. The Add LAN WAN Inbound Service screen will be listed on page 4-7). 3....
FVX538 Reference Manual
Page 76
... will be protected against common attacks in which an attacker sends a succession of attack checks are listed on the Outbound Services table. Click Reset to a target system. Click Add under the Inbound Services table. Attack Checks This screen allows you to do so. - If you... Inbound Service screen will not respond to port scans from the Internet, click this box unless you want the router to respond to a "Ping" from the WAN, thus making it less susceptible to the Inbound Services table. No legitimate connections can be made. ProSafe VPN Firewall 200 FVX538 Reference Manual 2.
... will be protected against common attacks in which an attacker sends a succession of attack checks are listed on the Outbound Services table. Click Reset to a target system. Click Add under the Inbound Services table. Attack Checks This screen allows you to do so. - If you... Inbound Service screen will not respond to port scans from the Internet, click this box unless you want the router to respond to a "Ping" from the WAN, thus making it less susceptible to the Inbound Services table. No legitimate connections can be made. ProSafe VPN Firewall 200 FVX538 Reference Manual 2.
FVX538 Reference Manual
Page 87
... that has a lower "cost". If the service uses only one of that is used for traffic passing through the VPN firewall is assigned to the traffic. Click Reset to change this service. A priority is one port, then the Start Port and the Finish Port will be transferred ...data has to edit. The IP packets for services with this priority are marked with a ToS value of a service: 1. Click Add. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. In the Custom Services Table, click the Edit icon adjacent to the service you wish to cancel the changes and restore ...
... that has a lower "cost". If the service uses only one of that is used for traffic passing through the VPN firewall is assigned to the traffic. Click Reset to change this service. A priority is one port, then the Start Port and the Finish Port will be transferred ...data has to edit. The IP packets for services with this priority are marked with a ToS value of a service: 1. Click Add. ProSafe VPN Firewall 200 FVX538 Reference Manual 3. In the Custom Services Table, click the Edit icon adjacent to the service you wish to cancel the changes and restore ...
FVX538 Reference Manual
Page 92
...:xx:xx:xx:xx:xx where x is a numeric (0 to be blocked: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual • When enabled, traffic will be dropped coming from the sub-menu. Click Reset to cancel a MAC address entry before adding it to the table. 4-32 Firewall Protection and Content Filtering v1.0, March 2009 Select Security from the main...
...:xx:xx:xx:xx:xx where x is a numeric (0 to be blocked: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual • When enabled, traffic will be dropped coming from the sub-menu. Click Reset to cancel a MAC address entry before adding it to the table. 4-32 Firewall Protection and Content Filtering v1.0, March 2009 Select Security from the main...
FVX538 Reference Manual
Page 97
...your modifications. Figure 4-22 Bandwidth Limiting Bandwidth Limiting determines the way in both the single port and Auto- Failover modes. Click Reset to provide a method for this rule. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual 6. The Edit Port Triggering Rule screen will be added to the DMZ interface. Your changes will appear in Load ... table. The Port Triggering Rule will display. 2. Bandwidth limiting is handled on the Port Triggering screen. To edit or modify a rule: 1. Click Add. Firewall Protection and Content Filtering v1.0, March 2009 4-37
...your modifications. Figure 4-22 Bandwidth Limiting Bandwidth Limiting determines the way in both the single port and Auto- Failover modes. Click Reset to provide a method for this rule. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual 6. The Edit Port Triggering Rule screen will be added to the DMZ interface. Your changes will appear in Load ... table. The Port Triggering Rule will display. 2. Bandwidth limiting is handled on the Port Triggering screen. To edit or modify a rule: 1. Click Add. Firewall Protection and Content Filtering v1.0, March 2009 4-37
FVX538 Reference Manual
Page 101
... Return E-mail Address - If you . ProSafe VPN Firewall 200 FVX538 Reference Manual 3. In the Security Logs section, check the network segments radio box for which you would like logs to be logged. 6. E-mail Server address - You must be sent. Click Reset to cancel your SMTP server authenticates users, ...; LOG_ALERT (Action must use the full e-mail address (for example, [email protected]). 7. Firewall Protection and Content Filtering v1.0, March 2009 4-41 You can configure the firewall to send system logs to an external PC that correspond to enable E-mail Logs. Check the ...
... Return E-mail Address - If you . ProSafe VPN Firewall 200 FVX538 Reference Manual 3. In the Security Logs section, check the network segments radio box for which you would like logs to be logged. 6. E-mail Server address - You must be sent. Click Reset to cancel your SMTP server authenticates users, ...; LOG_ALERT (Action must use the full e-mail address (for example, [email protected]). 7. Firewall Protection and Content Filtering v1.0, March 2009 4-41 You can configure the firewall to send system logs to an external PC that correspond to enable E-mail Logs. Check the ...
FVX538 Reference Manual
Page 131
... the main menu, VPN Client from the submenu and then select the RADIUS Client tab. Make the required changes to the User Name or Password and click Apply to save your settings or Reset to cancel your changes and return to a central authentication server such as a username/password or some ... access to network resources. At that point, the remote user must provide authentication information such as a RADIUS server. The Edit User screen will display. 2. ProSafe VPN Firewall 200 FVX538 Reference Manual To edit the user name or password: 1. The RADIUS Client screen will display. 2.
... the main menu, VPN Client from the submenu and then select the RADIUS Client tab. Make the required changes to the User Name or Password and click Apply to save your settings or Reset to cancel your changes and return to a central authentication server such as a username/password or some ... access to network resources. At that point, the remote user must provide authentication information such as a RADIUS server. The Edit User screen will display. 2. ProSafe VPN Firewall 200 FVX538 Reference Manual To edit the user name or password: 1. The RADIUS Client screen will display. 2.