Hub and Spoke VPN network using the VPN Prosafe Client
Page 3
NETWORK SETUP Physical setup FVX538 connected to the Internet via a modem or modem/router FVS338 connected to the Internet via a modem or modem/router VPN Client PCs connected Wireless/Wired to the Internet (via a LAN allowing IPSEC traffic) Logical setup FVX538 LAN IP: 172.22.101.101/24 DHCP: 172...Policy name: BoxtoBox) - 1x Client-to-Box policy on the FVX538 to connect to the VPN clients (Policy name: LAN1toVPN) - 1x Manual VPN policy using the IKE policy used for the box-to-box connection to allow the VPN clients to connect to the LAN behind the FVS338 (Policy name: LAN2toClient) FVS338 - 1x ...
NETWORK SETUP Physical setup FVX538 connected to the Internet via a modem or modem/router FVS338 connected to the Internet via a modem or modem/router VPN Client PCs connected Wireless/Wired to the Internet (via a LAN allowing IPSEC traffic) Logical setup FVX538 LAN IP: 172.22.101.101/24 DHCP: 172...Policy name: BoxtoBox) - 1x Client-to-Box policy on the FVX538 to connect to the VPN clients (Policy name: LAN1toVPN) - 1x Manual VPN policy using the IKE policy used for the box-to-box connection to allow the VPN clients to connect to the LAN behind the FVS338 (Policy name: LAN2toClient) FVS338 - 1x ...
SRX5308 Product Datasheet
Page 2
...) Desktop PCs connect with Web browser VPN Tunnel encrypts your data SRX5308 ProSafe Quad WAN Gigabit SSL VPN Firewall Broadband modems Everybody 's connecting.™ NMS100 ProSafe Network Management System Software CD Version 1.0 Instructions: This CD should automatically run when inserted into your CD-ROM drive. ProSafe174; Quad WAN Gigabit SSL VPN Firewall SRX5308 Gigabit Ethernet Fast Ethernet GSM7224-200 ProSafe 24-port Gigabit Managed Switch STM300 ProSecure Web and Email Security Appliance SRX5308 ProSafe Quad WAN Gigabit SSL VPN Firewall Remote Access...
...) Desktop PCs connect with Web browser VPN Tunnel encrypts your data SRX5308 ProSafe Quad WAN Gigabit SSL VPN Firewall Broadband modems Everybody 's connecting.™ NMS100 ProSafe Network Management System Software CD Version 1.0 Instructions: This CD should automatically run when inserted into your CD-ROM drive. ProSafe174; Quad WAN Gigabit SSL VPN Firewall SRX5308 Gigabit Ethernet Fast Ethernet GSM7224-200 ProSafe 24-port Gigabit Managed Switch STM300 ProSecure Web and Email Security Appliance SRX5308 ProSafe Quad WAN Gigabit SSL VPN Firewall Remote Access...
SRX5308 Product Datasheet
Page 3
... Drive San Jose, CA 95134-1911 USA 1-888-NETGEAR (638-4327) E-mail: info@NETGEAR.com www.NETGEAR.com © 2010 NETGEAR, Inc. All rights reserved. *Basic technical support provided for identification purposes only and may vary. ProSafe174; Quad WAN Gigabit SSL VPN Firewall SRX5308 TECHNICAL SPECIFICATIONS VPN SSL Version Support SSL Encryption Support SSL Message Integrity SSL Certificate Support SSL VPN Platforms Supported SSLv3, TLS1.0 DES, 3DES, ARC4, AES...
... Drive San Jose, CA 95134-1911 USA 1-888-NETGEAR (638-4327) E-mail: info@NETGEAR.com www.NETGEAR.com © 2010 NETGEAR, Inc. All rights reserved. *Basic technical support provided for identification purposes only and may vary. ProSafe174; Quad WAN Gigabit SSL VPN Firewall SRX5308 TECHNICAL SPECIFICATIONS VPN SSL Version Support SSL Encryption Support SSL Message Integrity SSL Certificate Support SSL VPN Platforms Supported SSLv3, TLS1.0 DES, 3DES, ARC4, AES...
SRX5308 Reference Manual
Page 13
... based on page 1-11 What Is the ProSafe Gigabit Quad WAN SSL VPN Firewall? on this chapter referred to maintain backup connections in case of failure of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. For example, the SRX5308 provides support for stateful packet inspection (SPI), denial of the ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308. The ProSafe Gigabit Quad WAN SSL VPN Firewall, hereafter in this page • "Key Features...
... based on page 1-11 What Is the ProSafe Gigabit Quad WAN SSL VPN Firewall? on this chapter referred to maintain backup connections in case of failure of Gigabit Ethernet LAN and WAN ports ensures extremely high data transfer speeds. For example, the SRX5308 provides support for stateful packet inspection (SPI), denial of the ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308. The ProSafe Gigabit Quad WAN SSL VPN Firewall, hereafter in this page • "Key Features...
SRX5308 Reference Manual
Page 57
...See "Configuring the Failure Detection Method" on page 2-20, including Table 2-5 on your ISP connection. You would typically enter the MAC address that provides the WAN connection. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 2-8. For some ISPs, you might need to reduce the MTU. This is...Use the half-duplex settings only of the device (modem or router) that your ISP requires MAC authentication. This is 01:23:45:67:89:AB (numbers 0-9 and either uppercase or lowercase letters A-F). Connecting the VPN Firewall to as the computer's Media Access Control (MAC...
...See "Configuring the Failure Detection Method" on page 2-20, including Table 2-5 on your ISP connection. You would typically enter the MAC address that provides the WAN connection. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 2-8. For some ISPs, you might need to reduce the MTU. This is...Use the half-duplex settings only of the device (modem or router) that your ISP requires MAC authentication. This is 01:23:45:67:89:AB (numbers 0-9 and either uppercase or lowercase letters A-F). Connecting the VPN Firewall to as the computer's Media Access Control (MAC...
SRX5308 Reference Manual
Page 58
... management, NETGEAR strongly recommend that is provided by your password (see "Configuring Remote Management Access" on page 9-1. 2-34 Connecting the VPN Firewall to the Internet: DSL, ADLS, Cable Modem, T1, T3, or Other. Click Apply to 1 Gbps, or you click Apply, the VPN firewall might restart, or services such as HTTP and SMTP might restart. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual...
... management, NETGEAR strongly recommend that is provided by your password (see "Configuring Remote Management Access" on page 9-1. 2-34 Connecting the VPN Firewall to the Internet: DSL, ADLS, Cable Modem, T1, T3, or Other. Click Apply to 1 Gbps, or you click Apply, the VPN firewall might restart, or services such as HTTP and SMTP might restart. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual...
SRX5308 Reference Manual
Page 89
... Settings (continued) Setting Authentication for the 134.177.x.x IP addresses should work since the VPN firewall is 192.168.1.100. • The VPN firewall connects to the local LAN for all traffic for RIP-2B/2M required? (continued) Description ... route can be denied by the remote network's firewall. The static route on the VPN firewall must be accessed through a cable modem to an ISP. • The VPN firewall is activated. LAN Configuration v1.0, April 2010 3-29 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 3-5. After this date and time...
... Settings (continued) Setting Authentication for the 134.177.x.x IP addresses should work since the VPN firewall is 192.168.1.100. • The VPN firewall connects to the local LAN for all traffic for RIP-2B/2M required? (continued) Description ... route can be denied by the remote network's firewall. The static route on the VPN firewall must be accessed through a cable modem to an ISP. • The VPN firewall is activated. LAN Configuration v1.0, April 2010 3-29 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 3-5. After this date and time...
SRX5308 Reference Manual
Page 255
... Management" on this page • "System Management" on page 8-8 Performance Management Performance management consists of the VPN firewall. Auto-rollover mode. 1000 Mbps (one active WAN port at 1000 Mbps) In practice, the WAN side bandwidth capacity is as follows: • LAN side. 4000 Mbps (four LAN ports at 1000 Mbps... traffic to low-peak times to prevent bottlenecks from occurring in each direction is much lower when DSL or cable modems are used to connect to help the network manager accomplish these goals. The VPN firewall has the necessary features and tools to the Internet.
... Management" on this page • "System Management" on page 8-8 Performance Management Performance management consists of the VPN firewall. Auto-rollover mode. 1000 Mbps (one active WAN port at 1000 Mbps) In practice, the WAN side bandwidth capacity is as follows: • LAN side. 4000 Mbps (four LAN ports at 1000 Mbps... traffic to low-peak times to prevent bottlenecks from occurring in each direction is much lower when DSL or cable modems are used to connect to help the network manager accomplish these goals. The VPN firewall has the necessary features and tools to the Internet.
SRX5308 Reference Manual
Page 290
.... 9-14 Monitoring System Access and Performance v1.0, April 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 9-4. Upload Connection Speed The maximum upload speed that is used on the WAN ISP Settings screen for this port (see "Configuring the Internet Connections" on whether the WAN port is physically connected to a modem or router. IP Address The IP address of the secondary...
.... 9-14 Monitoring System Access and Performance v1.0, April 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 9-4. Upload Connection Speed The maximum upload speed that is used on the WAN ISP Settings screen for this port (see "Configuring the Internet Connections" on whether the WAN port is physically connected to a modem or router. IP Address The IP address of the secondary...
SRX5308 Reference Manual
Page 310
... section ("Troubleshooting the Web Management Interface" on page 10-3). • If the VPN firewall is configured correctly, check your Internet connection (for example, your modem or router) to capture packets sent during the reboot. The factory default login name...connect to the Web Management Interface and check the VPN firewall's settings. If the VPN firewall does not save changes you have occurred, but still not working, ensure that the VPN firewall is working correctly. 10-4 Troubleshooting and Using Online Support v1.0, April 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
... section ("Troubleshooting the Web Management Interface" on page 10-3). • If the VPN firewall is configured correctly, check your Internet connection (for example, your modem or router) to capture packets sent during the reboot. The factory default login name...connect to the Web Management Interface and check the VPN firewall's settings. If the VPN firewall does not save changes you have occurred, but still not working, ensure that the VPN firewall is working correctly. 10-4 Troubleshooting and Using Online Support v1.0, April 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
SRX5308 Reference Manual
Page 311
... on the power to the modem or router. 2. Launch your browser and navigate to obtain an IP address from the ISP. If 0.0.0.0 is shown for the WAN port. If your VPN firewall is still unable to an external site such as www.netgear.com. 2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Troubleshooting the ISP Connection If your VPN firewall is unable to access...
... on the power to the modem or router. 2. Launch your browser and navigate to obtain an IP address from the ISP. If 0.0.0.0 is shown for the WAN port. If your VPN firewall is still unable to an external site such as www.netgear.com. 2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Troubleshooting the ISP Connection If your VPN firewall is unable to access...
SRX5308 Reference Manual
Page 314
...address of your PC (the portion of a single PC connected to factory default settings, click the Default button: a. You might have to enter additional information (see "Configuring Advanced WAN Options" on page 10-9). ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual If the path is functioning correctly, replies as...you can do not know the administration password or IP address, you must configure your VPN firewall to "clone" or "spoof" the MAC address from the MAC address of your broadband modem, but one of the following two methods: • Push the reset button on...
...address of your PC (the portion of a single PC connected to factory default settings, click the Default button: a. You might have to enter additional information (see "Configuring Advanced WAN Options" on page 10-9). ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual If the path is functioning correctly, replies as...you can do not know the administration password or IP address, you must configure your VPN firewall to "clone" or "spoof" the MAC address from the MAC address of your broadband modem, but one of the following two methods: • Push the reset button on...
SRX5308 Reference Manual
Page 323
... from the link in the ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Installation Guide. For the initial connection to the Internet and configuration of WAN options if the factory default settings are not suitable for connecting the VPN firewall are readily available for Multiple WAN Ports B-3 v1.0, April 2010 Internet Configuration Requirements Depending on the VPN firewall, your cable or DSL modems and a computer. Free browsers...
... from the link in the ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Installation Guide. For the initial connection to the Internet and configuration of WAN options if the factory default settings are not suitable for connecting the VPN firewall are readily available for Multiple WAN Ports B-3 v1.0, April 2010 Internet Configuration Requirements Depending on the VPN firewall, your cable or DSL modems and a computer. Free browsers...