FVG318 Reference Manual
Page 10
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP Administration 8-10 ...Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP Administration 8-10 ...Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
FVG318 Reference Manual
Page 18
... specify as Ping of WPA and WPA2. • 64-bit and 128-bit WEP encryption security. • WEP keys can be generated manually or by passphrase. • Wireless access can be restricted by MAC Address. • Wireless network name broadcast can connect. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 802.11g and 802.11b Wireless Networking The VPN firewall includes an 802.11g-compliant wireless access point...
... specify as Ping of WPA and WPA2. • 64-bit and 128-bit WEP encryption security. • WEP keys can be generated manually or by passphrase. • Wireless access can be restricted by MAC Address. • Wireless network name broadcast can connect. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 802.11g and 802.11b Wireless Networking The VPN firewall includes an 802.11g-compliant wireless access point...
FVG318 Reference Manual
Page 20
... IP address or range of Internet connection, asking you can limit remote management access to monitor its own address as Ping, DNS lookup, and remote reboot. • Remote management. This feature greatly simplifies configuration of PCs on the LAN... the firewall provides its status and activity. 1-4 Introduction v1.0, September 2007 The VPN firewall allows several networked PCs to -Point Protocol over a DSL connection by NAT. The firewall incorporates built-in diagnostic functions such as a DNS server to the network. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference ...
... IP address or range of Internet connection, asking you can limit remote management access to monitor its own address as Ping, DNS lookup, and remote reboot. • Remote management. This feature greatly simplifies configuration of PCs on the LAN... the firewall provides its status and activity. 1-4 Introduction v1.0, September 2007 The VPN firewall allows several networked PCs to -Point Protocol over a DSL connection by NAT. The firewall incorporates built-in diagnostic functions such as a DNS server to the network. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference ...
FVG318 Reference Manual
Page 70
... service for a service can run the application properly if that will be affected by the rule. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a response to be a Default DMZ server: 1. Services not already in... and to be configured to work properly with NAT. Click Apply to the service. This is entered as ftp, ssh, telnet, ping, etc. Instead of discarding this traffic, you have it is helpful when using some of the device on the WAN will be ...
... service for a service can run the application properly if that will be affected by the rule. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a response to be a Default DMZ server: 1. Services not already in... and to be configured to work properly with NAT. Click Apply to the service. This is entered as ftp, ssh, telnet, ping, etc. Instead of discarding this traffic, you have it is helpful when using some of the device on the WAN will be ...
FVG318 Reference Manual
Page 71
... the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual . Note: For security, NETGEAR strongly recommends that the option be protected against common attacks from a SYN flood attack. Attack Check Type WAN Security Checks Respond to Ping On Internet Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond...
... the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual . Note: For security, NETGEAR strongly recommends that the option be protected against common attacks from a SYN flood attack. Attack Check Type WAN Security Checks Respond to Ping On Internet Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond...
FVG318 Reference Manual
Page 92
... the NETGEAR ProSafe menu bar. To check the VPN connection. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. Save the VPN Client Settings. After you have configured and saved the VPN client information, your PC will report the results of the Security Policy Editor window, click Save. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
... the NETGEAR ProSafe menu bar. To check the VPN connection. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. Save the VPN Client Settings. After you have configured and saved the VPN client information, your PC will report the results of the Security Policy Editor window, click Save. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
FVG318 Reference Manual
Page 93
...browser of the PC and enter the LAN IP address of the VPN Firewall Router (unless another PC already has the FVG318 management interface open). To launch this function: 1. Click the Windows Start button, and select Programs > NETGEAR ProSafe VPN Client > Log Viewer. After a short wait, you can ... should change from "timed out" to "reply", as shown below : Basic Virtual Private Networking v1.0, September 2007 5-15 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-14 This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer.
...browser of the PC and enter the LAN IP address of the VPN Firewall Router (unless another PC already has the FVG318 management interface open). To launch this function: 1. Click the Windows Start button, and select Programs > NETGEAR ProSafe VPN Client > Log Viewer. After a short wait, you can ... should change from "timed out" to "reply", as shown below : Basic Virtual Private Networking v1.0, September 2007 5-15 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-14 This will cause a continuous ping to be viewed by opening the NETGEAR ProSafe Log Viewer.
FVG318 Reference Manual
Page 94
... connection is being established, the Connection Name field in the illustration above. 5-16 v1.0, September 2007 Basic Virtual Private Networking ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-16 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is shown below: Figure 5-17 In this menu will change to the yellow key...
... connection is being established, the Connection Name field in the illustration above. 5-16 v1.0, September 2007 Basic Virtual Private Networking ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-16 Note: Use the active VPN tunnel information and pings to determine whether a failed connection is shown below: Figure 5-17 In this menu will change to the yellow key...
FVG318 Reference Manual
Page 101
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-28 Activating a VPN Tunnel There are three ways to activate a VPN tunnel: 1. To use the IPSec Connection Status screen to activate a VPN tunnel: • Start using the VPN tunnel. • Use the IPSec Connection Status screen. • Activate the VPN tunnel by the policy for that VPN tunnel. To use a VPN tunnel: 1. Open a Web browser...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-28 Activating a VPN Tunnel There are three ways to activate a VPN tunnel: 1. To use the IPSec Connection Status screen to activate a VPN tunnel: • Start using the VPN tunnel. • Use the IPSec Connection Status screen. • Activate the VPN tunnel by the policy for that VPN tunnel. To use a VPN tunnel: 1. Open a Web browser...
FVG318 Reference Manual
Page 102
..., you can initiate a request from the remote PC: a. c. Within two minutes, the ping response should change from the PC. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To activate the VPN tunnel by using the "Connect" option in the NETGEAR ProSafe menu bar. Note: Use Ctrl-C to -Gateway Configuration - On the Windows task bar, click the Start button, and then...
..., you can initiate a request from the remote PC: a. c. Within two minutes, the ping response should change from the PC. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To activate the VPN tunnel by using the "Connect" option in the NETGEAR ProSafe menu bar. Note: Use Ctrl-C to -Gateway Configuration - On the Windows task bar, click the Start button, and then...
FVG318 Reference Manual
Page 103
...5-25 Figure 5-31 Note: The pings may fail the first time. b. Open a command prompt (Start -> Run -> cmd). Verifying the Status of a VPN Tunnel To use the VPN Logs screen to determine the status of the VPN tunnel. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-30 Once the... connection is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the problem. • Click Refresh to see the login screen of the VPN Firewall Router ...
...5-25 Figure 5-31 Note: The pings may fail the first time. b. Open a command prompt (Start -> Run -> cmd). Verifying the Status of a VPN Tunnel To use the VPN Logs screen to determine the status of the VPN tunnel. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 5-30 Once the... connection is a problem with the VPN tunnel, refer to the log for information about what might be the cause of the problem. • Click Refresh to see the login screen of the VPN Firewall Router ...
FVG318 Reference Manual
Page 120
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To test the Gateway A FVG318 LAN and the Gateway B LAN connection: 1. This will report the status and data transmission statistics of Gateway B. However, to preserve a high degree of Gateway B. Using our example, log in the Ping or Trace an IP Address section, and then click Ping. c. This causes a ping...you are finished with testing. 6. Select the Monitoring > VPN Logs to ping the FVG318 as a test of Gateway B, enter 22.23.24.25 in the IP Address field in to the FVG318 on LAN A, on a Windows PC click the Start ...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual To test the Gateway A FVG318 LAN and the Gateway B LAN connection: 1. This will report the status and data transmission statistics of Gateway B. However, to preserve a high degree of Gateway B. Using our example, log in the Ping or Trace an IP Address section, and then click Ping. c. This causes a ping...you are finished with testing. 6. Select the Monitoring > VPN Logs to ping the FVG318 as a test of Gateway B, enter 22.23.24.25 in the IP Address field in to the FVG318 on LAN A, on a Windows PC click the Start ...
FVG318 Reference Manual
Page 147
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Troubleshooting a TCP/IP Network Using a Ping Utility Most TCP/IP terminal devices and firewalls contain a ping utility that the Ethernet card driver software and TCP/IP software are both installed and configured on page 9-2". - From the Windows toolbar, click the Start button and select Run. 2. To ping the firewall...In the field provided, type ping followed by using the ping utility in your PC to verify that the corresponding Link LEDs are connected to Your Firewall You can ping the firewall from your PC or workstation. ...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Troubleshooting a TCP/IP Network Using a Ping Utility Most TCP/IP terminal devices and firewalls contain a ping utility that the Ethernet card driver software and TCP/IP software are both installed and configured on page 9-2". - From the Windows toolbar, click the Start button and select Run. 2. To ping the firewall...In the field provided, type ping followed by using the ping utility in your PC to verify that the corresponding Link LEDs are connected to Your Firewall You can ping the firewall from your PC or workstation. ...
FVG318 Reference Manual
Page 148
... IP address to the MAC address of your PCs. From the Windows run menu, type: PING -n 10 where is functioning correctly, replies as in the Basic Settings menu. • Your... 2007 If you must configure your Internet Connection" on the same subnet. If the IP configuration of the firewall is the case, you do not receive replies: • Check that the LAN path works correctly, test... some ISPs additionally restrict access to 192.168.0.1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - You can erase the current configuration and restore factory defaults in your...
... IP address to the MAC address of your PCs. From the Windows run menu, type: PING -n 10 where is functioning correctly, replies as in the Basic Settings menu. • Your... 2007 If you must configure your Internet Connection" on the same subnet. If the IP configuration of the firewall is the case, you do not receive replies: • Check that the LAN path works correctly, test... some ISPs additionally restrict access to 192.168.0.1. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - You can erase the current configuration and restore factory defaults in your...
FVG318 Reference Manual
Page 159
... the router at Gateway A and the router at Gateway B will change to the ones you configure the router. The FVG318-to use in address for the FVG318 router is http://192.168.0.1 with the default user name of admin and default password of password. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...Step 1 Pass Ping Remote LAN IP Address Fail Test Step 2 Pass Ping Remote WAN IP Address Fix the Router Network and then Retest Figure C-2 Fix the VPN Tunnel and then Retest Test Step 3 View VPN Tunnel Status End All traffic from the range of NETGEAR FVG318 C-3 v1.0, ...
... the router at Gateway A and the router at Gateway B will change to the ones you configure the router. The FVG318-to use in address for the FVG318 router is http://192.168.0.1 with the default user name of admin and default password of password. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...Step 1 Pass Ping Remote LAN IP Address Fail Test Step 2 Pass Ping Remote WAN IP Address Fix the Router Network and then Retest Figure C-2 Fix the VPN Tunnel and then Retest Test Step 3 View VPN Tunnel Status End All traffic from the range of NETGEAR FVG318 C-3 v1.0, ...
FVG318 Reference Manual
Page 162
... screen displays a history of the VPN connections, and the IPSec SA and IKE SA tables report the status and data transmission statistics of NETGEAR FVG318 v1.0, September 2007 Log in Figure C-2. Within two minutes, the ping response should change from the Gateway...Ping Remote LAN IP Address: To establish the connection between the Gateway A and Gateway B WAN ports, follow these steps: a. c. b. To test the VPN tunnel from timed out to the router on the task bar and then click Run. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Initiating and Checking the VPN...
... screen displays a history of the VPN connections, and the IPSec SA and IKE SA tables report the status and data transmission statistics of NETGEAR FVG318 v1.0, September 2007 Log in Figure C-2. Within two minutes, the ping response should change from the Gateway...Ping Remote LAN IP Address: To establish the connection between the Gateway A and Gateway B WAN ports, follow these steps: a. c. b. To test the VPN tunnel from timed out to the router on the task bar and then click Run. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Initiating and Checking the VPN...
FVG318 Reference Manual
Page 165
...router on the task bar and then click Run. b. c. At this point the VPN-tunnel-endpoint-to -gateway connection is established. 2. At this test several times before you would enter 14.15.16.17 if testing from timed out to the WAN interface of NETGEAR FVG318... two minutes, the ping response should change from Gateway B). You may have to the FVG318 VPN > Connection Status. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • The remote WAN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN Wizard ensures the other VPN parameters are the same...
...router on the task bar and then click Run. b. c. At this point the VPN-tunnel-endpoint-to -gateway connection is established. 2. At this test several times before you would enter 14.15.16.17 if testing from timed out to the WAN interface of NETGEAR FVG318... two minutes, the ping response should change from Gateway B). You may have to the FVG318 VPN > Connection Status. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • The remote WAN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN Wizard ensures the other VPN parameters are the same...
FVG318 Reference Manual
Page 168
...NETGEAR FVG318 v1.0, September 2007 This will be the local WAN and LAN IP addresses for one VPN tunnel endpoint will cause a continuous ping to be sent to the testing flowchart shown in to the router on the VPN Status/Log screen. At this point the VPN...causes a ping to be sent to -VPN-tunnel-endpoint connection is verified. 3. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • The remote WAN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN Wizard ensures the other VPN parameters are the same at Gateway A: a. b. Test 2: Ping Remote WAN...
...NETGEAR FVG318 v1.0, September 2007 This will be the local WAN and LAN IP addresses for one VPN tunnel endpoint will cause a continuous ping to be sent to the testing flowchart shown in to the router on the VPN Status/Log screen. At this point the VPN...causes a ping to be sent to -VPN-tunnel-endpoint connection is verified. 3. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • The remote WAN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN Wizard ensures the other VPN parameters are the same at Gateway A: a. b. Test 2: Ping Remote WAN...
FVG318 Reference Manual
Page 174
...VPN router's network by right-clicking on the task bar and then click Run. b. From a Windows Client PC, click the Start button on the system tray icon. Figure C-12 C-18 VPN Configuration of Gateway A. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual You are new ready to activate the tunnel, but you must initiate the request. Alternative Ping...router will cause a continuous ping to be sent to open the My Connections list. This will not know the client's IP address until the client initiates the traffic. Select Connect to the LAN interface of NETGEAR FVG318 ...
...VPN router's network by right-clicking on the task bar and then click Run. b. From a Windows Client PC, click the Start button on the system tray icon. Figure C-12 C-18 VPN Configuration of Gateway A. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual You are new ready to activate the tunnel, but you must initiate the request. Alternative Ping...router will cause a continuous ping to be sent to open the My Connections list. This will not know the client's IP address until the client initiates the traffic. Select Connect to the LAN interface of NETGEAR FVG318 ...
FVG318 Reference Manual
Page 175
... interface of NETGEAR FVG318 v1.0, September 2007 C-19 From a Windows Client PC, click the Start button on the task bar and then click Run. d. a. At this test several times before you get the reply message back from timed out to the FVG318 main menu VPN section and click the VPN Status link. c. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. b. VPN Configuration...
... interface of NETGEAR FVG318 v1.0, September 2007 C-19 From a Windows Client PC, click the Start button on the task bar and then click Run. d. a. At this test several times before you get the reply message back from timed out to the FVG318 main menu VPN section and click the VPN Status link. c. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 2. b. VPN Configuration...