FVG318 Reference Manual
Page 10
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP ...IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP ...IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
FVG318 Reference Manual
Page 28
... FVG318 should be lit. To log in the router: 1. 0pen a browser such as Internet Explorer, Netscape Navigator or Firefox and enter the default IP address of the router in this guide. • Internet: The Internet light on how to configure your TCP/IP settings to obtain an IP address...this guide. • LOCAL: A LOCAL light should be sure you begin, be lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be configured to obtain an IP address automatically via DHCP, which is usually the case for Internet Access with Auto Detect To ...
... FVG318 should be lit. To log in the router: 1. 0pen a browser such as Internet Explorer, Netscape Navigator or Firefox and enter the default IP address of the router in this guide. • Internet: The Internet light on how to configure your TCP/IP settings to obtain an IP address...this guide. • LOCAL: A LOCAL light should be sure you begin, be lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be configured to obtain an IP address automatically via DHCP, which is usually the case for Internet Access with Auto Detect To ...
FVG318 Reference Manual
Page 34
... service provider you have configured your account information in the gateway, whenever your ISP-assigned IP address changes, your gateway will automatically contact your dynamic DNS service provider, log in resolving...default Dynamic DNS selected as yourhost.dyndns.org 2-10 Connecting the Firewall to use this feature. d. The Dynamic DNS screen will cause *.yourhost.dyndns.org to be aliased to your account, and register your new IP address. Select the tab for the DNS service provider you want to the Internet v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318...
... service provider you have configured your account information in the gateway, whenever your ISP-assigned IP address changes, your gateway will automatically contact your dynamic DNS service provider, log in resolving...default Dynamic DNS selected as yourhost.dyndns.org 2-10 Connecting the Firewall to use this feature. d. The Dynamic DNS screen will cause *.yourhost.dyndns.org to be aliased to your account, and register your new IP address. Select the tab for the DNS service provider you want to the Internet v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318...
FVG318 Reference Manual
Page 36
.../IP Address field. - Click Apply to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. Troubleshooting Tips Here are turned on the modem, wait two minutes; 3) plug in Ethernet cable, the corresponding VPN firewall router LAN port status light will be lit. The Wireless ... status light on the computer. Make sure the Ethernet cables are correct. • LAN and wirelessly connected computers must match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you may have.
.../IP Address field. - Click Apply to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. Troubleshooting Tips Here are turned on the modem, wait two minutes; 3) plug in Ethernet cable, the corresponding VPN firewall router LAN port status light will be lit. The Wireless ... status light on the computer. Make sure the Ethernet cables are correct. • LAN and wirelessly connected computers must match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you may have.
FVG318 Reference Manual
Page 38
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Table 2-2. Accessing the firewall router (continued) Firewall State Access Options Description Configuration Enter the standard Settings Have Been URL to access the Applied VPN firewall router Enter the IP address of the VPN firewall router Connect to enter the user name of admin and the password. Connect to the VPN firewall router by typing the IP address of the VPN firewall router in the address field...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Table 2-2. Accessing the firewall router (continued) Firewall State Access Options Description Configuration Enter the standard Settings Have Been URL to access the Applied VPN firewall router Enter the IP address of the VPN firewall router Connect to enter the user name of admin and the password. Connect to the VPN firewall router by typing the IP address of the VPN firewall router in the address field...
FVG318 Reference Manual
Page 45
...IP Address: Primary Secondary Port Shared Key Use the procedures described in the FVG318. • WEP Encryption Keys For all four 802.11b keys, choose the Key Size. Choose "Shared Key" for more security. All wireless nodes in the configuration parameters. For an existing wireless network, the person who set up to configure the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318... well and have the same keys in the wireless adapter card. Be sure to set to provide this information in the VPN firewall router is the default FVG318 SSID. Write your customized SSID on the line...
...IP Address: Primary Secondary Port Shared Key Use the procedures described in the FVG318. • WEP Encryption Keys For all four 802.11b keys, choose the Key Size. Choose "Shared Key" for more security. All wireless nodes in the configuration parameters. For an existing wireless network, the person who set up to configure the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318... well and have the same keys in the wireless adapter card. Be sure to set to provide this information in the VPN firewall router is the default FVG318 SSID. Write your customized SSID on the line...
FVG318 Reference Manual
Page 47
.... The Access Control List screen will lose your PCs have a wireless link and are configuring the FVG318 from the VPN firewall router. Click Apply to match the FVG318's new settings. 9. Note: If you click on MAC addresses, follow these steps: 1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 7. You must then change the VPN firewall router's SSID, channel, or security settings, you will display. Once...
.... The Access Control List screen will lose your PCs have a wireless link and are configuring the FVG318 from the VPN firewall router. Click Apply to match the FVG318's new settings. 9. Note: If you click on MAC addresses, follow these steps: 1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 7. You must then change the VPN firewall router's SSID, channel, or security settings, you will display. Once...
FVG318 Reference Manual
Page 51
... name or IP address of the primary Radius Server on the Radius server. 5. Configuring Wireless Connectivity v1.0, September 2007 3-13 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-6 3. This must match the value used for the Shared Key. The RADIUS settings fields in the Wireless Security Type section. Note: The Encryption choice will be TKIP by default. Click Apply...
... name or IP address of the primary Radius Server on the Radius server. 5. Configuring Wireless Connectivity v1.0, September 2007 3-13 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-6 3. This must match the value used for the Shared Key. The RADIUS settings fields in the Wireless Security Type section. Note: The Encryption choice will be TKIP by default. Click Apply...
FVG318 Reference Manual
Page 53
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. The Wireless Settings Screen will be AES by default. Configuring WPA and WPA2 with Service Pack 3 do include the client software that supports WPA and WPA2. Log in at the default LAN address of http://192.168.0.1 with the default user name of admin and default... password of the primary Radius Server on the Radius server. 5. Enter the name or IP address of password, or ...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. The Wireless Settings Screen will be AES by default. Configuring WPA and WPA2 with Service Pack 3 do include the client software that supports WPA and WPA2. Log in at the default LAN address of http://192.168.0.1 with the default user name of admin and default... password of the primary Radius Server on the Radius server. 5. Enter the name or IP address of password, or ...
FVG318 Reference Manual
Page 54
... Server on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring Wireless Connectivity Note: The Encryption choice will be TKIP+AES by default. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3. This must match the value used . 4. Select the WPA and...
... Server on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring Wireless Connectivity Note: The Encryption choice will be TKIP+AES by default. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3. This must match the value used . 4. Select the WPA and...
FVG318 Reference Manual
Page 65
...modified rule will display. You can block or allow access based on the service or application, source or destination IP addresses, and time of the FVG318 are implemented by clicking the Up or Down icons. After you can also choose to log traffic that specify...modifications, click Apply. To delete or disable/enable rules: • Click select all to delete all access from outside . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A firewall has two default rules, one for inbound traffic and one for a given service. • Check the box adjacent to the rules you want...
...modified rule will display. You can block or allow access based on the service or application, source or destination IP addresses, and time of the FVG318 are implemented by clicking the Up or Down icons. After you can also choose to log traffic that specify...modifications, click Apply. To delete or disable/enable rules: • Click select all to delete all access from outside . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A firewall has two default rules, one for inbound traffic and one for a given service. • Check the box adjacent to the rules you want...
FVG318 Reference Manual
Page 70
...Security < Services screen. 4. This rule will affect packets for the selected service to the defined IP address or range of IP addresses on the WAN side. • Any: All IP addresses on the WAN will be affected by the rule. • Single Address: A single ...port number checkbox and enter a port number ONLY if the server is called the Default DMZ Server. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a response to one computer on your network. This computer...
...Security < Services screen. 4. This rule will affect packets for the selected service to the defined IP address or range of IP addresses on the WAN side. • Any: All IP addresses on the WAN will be affected by the rule. • Single Address: A single ...port number checkbox and enter a port number ONLY if the server is called the Default DMZ Server. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a response to one computer on your network. This computer...
FVG318 Reference Manual
Page 77
...router to respond to Local7). 11. Firewall Protection and Content Filtering v1.0, September 2007 4-17 From the Unit pull-down menu, select to which logs and alerts are sent. Depending on your network tried to a schedule. If you don't have e-mail notification enabled, you according to access a blocked site. ProSafe 802.11g Wireless VPN Firewall FVG318... when the log is running a syslog logging program. SysLog Facility. Enter the IP address or Internet Name of the SysLog server. The firewall logs security-related events such as the Send To E-mail address. If the SMTP...
...router to respond to Local7). 11. Firewall Protection and Content Filtering v1.0, September 2007 4-17 From the Unit pull-down menu, select to which logs and alerts are sent. Depending on your network tried to a schedule. If you don't have e-mail notification enabled, you according to access a blocked site. ProSafe 802.11g Wireless VPN Firewall FVG318... when the log is running a syslog logging program. SysLog Facility. Enter the IP address or Internet Name of the SysLog server. The firewall logs security-related events such as the Send To E-mail address. If the SMTP...
FVG318 Reference Manual
Page 81
... by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Factory Default Main Mode Pre-shared Key 3DES Basic ...NETGEAR VPN-enabled firewalls is configured on each endpoint with a dynamic DNS (DynDNS) service provider simplifies the configuration task. Planning a VPN To set of IP addresses), or a single PC? • Will the remote end be the initiator. • What method will you use to a tunnel request. The VPN Wizard using FDQN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A VPN between the two VPN...
... by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Factory Default Main Mode Pre-shared Key 3DES Basic ...NETGEAR VPN-enabled firewalls is configured on each endpoint with a dynamic DNS (DynDNS) service provider simplifies the configuration task. Planning a VPN To set of IP addresses), or a single PC? • Will the remote end be the initiator. • What method will you use to a tunnel request. The VPN Wizard using FDQN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A VPN between the two VPN...
FVG318 Reference Manual
Page 85
... the NETGEAR ProSafe VPN Client. Basic Virtual Private Networking 5-7 v1.0, September 2007 Click the VPN Wizard Default Values link on the VPN Wizard screen to defaults as proposed by the VPN Consortium. Figure 5-5 5. This example assumes the PC running the client has a dynamically assigned IP address. The VPN Policies screen will display showing that the new tunnel is enabled. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
... the NETGEAR ProSafe VPN Client. Basic Virtual Private Networking 5-7 v1.0, September 2007 Click the VPN Wizard Default Values link on the VPN Wizard screen to defaults as proposed by the VPN Consortium. Figure 5-5 5. This example assumes the PC running the client has a dynamically assigned IP address. The VPN Policies screen will display showing that the new tunnel is enabled. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
FVG318 Reference Manual
Page 97
... Networking" to set up the VPN tunnel. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Gateway-to-Gateway VPN Configuration Note: This section uses the VPN Wizard to set up the VPN tunnel using the NETGEAR default address range of 192.168.0.x. • In this example, LAN A uses 192.168.0.1 and LAN B uses 192.168.3.1. FVG318 VPN Firewall FVG318 VPN Firewall Figure 5-22 The following procedure...
... Networking" to set up the VPN tunnel. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Gateway-to-Gateway VPN Configuration Note: This section uses the VPN Wizard to set up the VPN tunnel using the NETGEAR default address range of 192.168.0.x. • In this example, LAN A uses 192.168.0.1 and LAN B uses 192.168.3.1. FVG318 VPN Firewall FVG318 VPN Firewall Figure 5-22 The following procedure...
FVG318 Reference Manual
Page 98
...key: (12345678 in this example) Enter the WAN IP address of the remote VPN gateway. Note: The IP Address range on the remote LAN must be different from the IP Address range on the local LAN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. In the End Point Information section, ...enter the Remote WANs IP Address or Internet Name and the Local WAN's IP Address or Internet Name. Both local and remote ends must be defined as the default...
...key: (12345678 in this example) Enter the WAN IP address of the remote VPN gateway. Note: The IP Address range on the remote LAN must be different from the IP Address range on the local LAN. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. In the End Point Information section, ...enter the Remote WANs IP Address or Internet Name and the Local WAN's IP Address or Internet Name. Both local and remote ends must be defined as the default...
FVG318 Reference Manual
Page 100
...ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To configure a gateway-to-gateway VPN tunnel using the VPN Wizard on LAN B at the VPN Logs by performing the following network settings as appropriate. • WAN IP of the remote VPN gateway (for example, 14.15.16.17) • LAN IP settings of the remote VPN gateway: - IP... Address (for example, 255.255.255.0) - Subnet Mask (for example, 192.168.0.1) - a. Look at its default LAN address of ...
...ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To configure a gateway-to-gateway VPN tunnel using the VPN Wizard on LAN B at the VPN Logs by performing the following network settings as appropriate. • WAN IP of the remote VPN gateway (for example, 14.15.16.17) • LAN IP settings of the remote VPN gateway: - IP... Address (for example, 255.255.255.0) - Subnet Mask (for example, 192.168.0.1) - a. Look at its default LAN address of ...
FVG318 Reference Manual
Page 116
...WAN Settings to the FVG318 labeled Gateway A as in at the default address of http://192.168.0.1 with the default user name of admin and default password of the FVG318. a. Log in the illustration. Log in Figure 6-5 Note: FVG318 FVG318 Figure 6-5 Use ...IP addresses of password, or using whatever password and LAN address you have chosen. 2. You can verify this by reviewing the security settings as a model to FVG318 Gateway B (IKE and VPN Policies) Note: This scenario assumes all ports are open on the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual FVG318...
...WAN Settings to the FVG318 labeled Gateway A as in at the default address of http://192.168.0.1 with the default user name of admin and default password of the FVG318. a. Log in the illustration. Log in Figure 6-5 Note: FVG318 FVG318 Figure 6-5 Use ...IP addresses of password, or using whatever password and LAN address you have chosen. 2. You can verify this by reviewing the security settings as a model to FVG318 Gateway B (IKE and VPN Policies) Note: This scenario assumes all ports are open on the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual FVG318...
FVG318 Reference Manual
Page 126
...IP, PPPoE, BPA or PPTP. Indicates if the WAN port is NETGEAR. The MAC address used by the LAN port of the firewall. The default is connected or not. Indicates if the WAN port is shown, the firewall...wireless settings of the router The name of the WAN port. The default is none Shows the region is which the wireless gateway is configured to Client, the firewall is in NAT mode (enabled) or in routing mode (disabled). The IP address used to Client, the firewall is operating Indicates the operating channel of the firewall. ProSafe 802.11g Wireless VPN Firewall FVG318...
...IP, PPPoE, BPA or PPTP. Indicates if the WAN port is NETGEAR. The MAC address used by the LAN port of the firewall. The default is connected or not. Indicates if the WAN port is shown, the firewall...wireless settings of the router The name of the WAN port. The default is none Shows the region is which the wireless gateway is configured to Client, the firewall is in NAT mode (enabled) or in routing mode (disabled). The IP address used to Client, the firewall is operating Indicates the operating channel of the firewall. ProSafe 802.11g Wireless VPN Firewall FVG318...