FVG318 Reference Manual
Page 8
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Chapter 3 Configuring Wireless Connectivity Observing Performance, Placement, and Range Guidelines 3-1 Implementing Appropriate Wireless Security 3-2 Understanding Wireless Settings 3-3 Security Check List for SSID and WEP Settings 3-7 Setting Up and Testing Basic Wireless Connectivity 3-8 Restricting Wireless...Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-1 Using Rules to Block or Allow Specific Kinds of Traffic 4-4 Inbound Rules (Port Forwarding ...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Chapter 3 Configuring Wireless Connectivity Observing Performance, Placement, and Range Guidelines 3-1 Implementing Appropriate Wireless Security 3-2 Understanding Wireless Settings 3-3 Security Check List for SSID and WEP Settings 3-7 Setting Up and Testing Basic Wireless Connectivity 3-8 Restricting Wireless...Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-1 Using Rules to Block or Allow Specific Kinds of Traffic 4-4 Inbound Rules (Port Forwarding ...
FVG318 Reference Manual
Page 10
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP Administration 8-10 Enabling Universal Plug and Play (UPnP 8-12 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-2 Troubleshooting the ISP Connection...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP Administration 8-10 Enabling Universal Plug and Play (UPnP 8-12 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-2 Troubleshooting the ISP Connection...
FVG318 Reference Manual
Page 17
... 2007 Key Features of the NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. Chapter 1 Introduction This chapter describes the features of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts-both via e-mail. The VPN firewall provides you with eight-port switch connects your network from hackers. The FVG318 is a complete security solution that...
... 2007 Key Features of the NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. Chapter 1 Introduction This chapter describes the features of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts-both via e-mail. The VPN firewall provides you with eight-port switch connects your network from hackers. The FVG318 is a complete security solution that...
FVG318 Reference Manual
Page 19
... on the LAN. • Port Forwarding with NAT. Security The VPN firewall is equipped with Auto Uplink With its content filtering feature, the FVG318 prevents objectionable content from directly accessing the PCs on the LAN, the firewall allows you at specified intervals. The firewall incorporates Auto UplinkTM technology. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The FVG318 logs security events such as...
... on the LAN. • Port Forwarding with NAT. Security The VPN firewall is equipped with Auto Uplink With its content filtering feature, the FVG318 prevents objectionable content from directly accessing the PCs on the LAN, the firewall allows you at specified intervals. The firewall incorporates Auto UplinkTM technology. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The FVG318 logs security events such as...
FVG318 Reference Manual
Page 20
...Linux. The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • Point-to easily configure your Internet service provider (ISP). Easy Installation and Management You can choose a nonstandard port number. ...only a single IP address, which may be statically or dynamically assigned by DHCP. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by simulating a dial-up connection. The VPN firewall allows several networked PCs to attached PCs on your local network. • DNS...
...Linux. The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • Point-to easily configure your Internet service provider (ISP). Easy Installation and Management You can choose a nonstandard port number. ...only a single IP address, which may be statically or dynamically assigned by DHCP. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Address Sharing by simulating a dial-up connection. The VPN firewall allows several networked PCs to attached PCs on your local network. • DNS...
FVG318 Reference Manual
Page 22
... LOCAL Ports INTERNET Power Port 1-6 Introduction v1.0, September 2007 The Local port is off. The wireless interface is operating at 10 Mbps. Table 1-1. The Internet (WAN) port is operating at 100 Mbps. The Internet (WAN) port is operating at 10 Mbps. The FVG318 Rear Panel The rear panel of the firewall. These LEDs are green when lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
... LOCAL Ports INTERNET Power Port 1-6 Introduction v1.0, September 2007 The Local port is off. The wireless interface is operating at 10 Mbps. Table 1-1. The Internet (WAN) port is operating at 100 Mbps. The Internet (WAN) port is operating at 10 Mbps. The FVG318 Rear Panel The rear panel of the firewall. These LEDs are green when lit. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference...
FVG318 Reference Manual
Page 23
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Viewed from left to right, the rear panel contains the following features: • Detachable wireless antenna • Factory default reset push button • Eight Ethernet LAN ports • Internet Ethernet WAN port for connecting the firewall to a cable or DSL modem • DC power input Introduction 1-7 v1.0, September 2007
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Viewed from left to right, the rear panel contains the following features: • Detachable wireless antenna • Factory default reset push button • Eight Ethernet LAN ports • Internet Ethernet WAN port for connecting the firewall to a cable or DSL modem • DC power input Introduction 1-7 v1.0, September 2007
FVG318 Reference Manual
Page 26
B Figure 2-2 e. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A Figure 2-1 d. Securely insert the Ethernet cable from your modem into the Ethernet port of the NETGEAR cable that came with your computer (point D in the illustration). Securely insert one end of your FVG318 into a Local port on the router such as port 4 (point C in the illustration), and the other end into the FVG318 Internet port (point B in the illustration). 2-2 Connecting the Firewall to the Internet v1.0, September 2007
B Figure 2-2 e. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual A Figure 2-1 d. Securely insert the Ethernet cable from your modem into the Ethernet port of the NETGEAR cable that came with your computer (point D in the illustration). Securely insert one end of your FVG318 into a Local port on the router such as port 4 (point C in the illustration), and the other end into the FVG318 Internet port (point B in the illustration). 2-2 Connecting the Firewall to the Internet v1.0, September 2007
FVG318 Reference Manual
Page 27
... go to the Internet v1.0, September 2007 Wireless 2-3 Check the status lights and verify the following: Power Test Figure 2-4 Internet Port Local Ports (8) Connecting the Firewall to the Internet Explorer® Tools menu,... Internet Options, Connections tab page where you from connecting to your computer. First, plug in the power cord to the Internet. c. a. Now, plug in and turn on the cable or DSL modem.Wait about 30 seconds. d. ProSafe 802.11g Wireless VPN Firewall FVG318...
... go to the Internet v1.0, September 2007 Wireless 2-3 Check the status lights and verify the following: Power Test Figure 2-4 Internet Port Local Ports (8) Connecting the Firewall to the Internet Explorer® Tools menu,... Internet Options, Connections tab page where you from connecting to your computer. First, plug in the power cord to the Internet. c. a. Now, plug in and turn on the cable or DSL modem.Wait about 30 seconds. d. ProSafe 802.11g Wireless VPN Firewall FVG318...
FVG318 Reference Manual
Page 28
...is not lit, see the Troubleshooting Tips in this guide. • LOCAL: A LOCAL light should be lit. However, if you need instructions on . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be sure you have the configuration parameters from your ISP handy. If the...address field: http://192.168.0.1. If after 2 minutes it is usually the case for Internet Access with Auto Detect To connect to the firewall, your computer needs to be configured to the VPN firewall router Internet port and the powered on the FVG318 should be lit.
...is not lit, see the Troubleshooting Tips in this guide. • LOCAL: A LOCAL light should be lit. However, if you need instructions on . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Power: The power light should be sure you have the configuration parameters from your ISP handy. If the...address field: http://192.168.0.1. If after 2 minutes it is usually the case for Internet Access with Auto Detect To connect to the firewall, your computer needs to be configured to the VPN firewall router Internet port and the powered on the FVG318 should be lit.
FVG318 Reference Manual
Page 36
... the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. Click Apply to restart your settings. If you prefer to use a particular NTP server. - Always follow this option and leave either the Server 1 or Server 2 fields empty, then they will be lit. Make sure the computer & router wireless settings match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
... the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. Click Apply to restart your settings. If you prefer to use a particular NTP server. - Always follow this option and leave either the Server 1 or Server 2 fields empty, then they will be lit. Make sure the computer & router wireless settings match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual...
FVG318 Reference Manual
Page 45
... Port Shared Key Use the procedures described in the following sections to provide this information. All wireless nodes in the same network must be able to configure the FVG318. Note: If you configure in the wireless adapter card. Be sure to set to 32 alphanumeric characters. Write your customized SSID on the line below. ProSafe 802.11g Wireless VPN Firewall FVG318...
... Port Shared Key Use the procedures described in the following sections to provide this information. All wireless nodes in the same network must be able to configure the FVG318. Note: If you configure in the wireless adapter card. Be sure to set to 32 alphanumeric characters. Write your customized SSID on the line below. ProSafe 802.11g Wireless VPN Firewall FVG318...
FVG318 Reference Manual
Page 51
... section will be highlighted. This must match the value used . 4. Click Apply to save your LAN. • Radius Port: Enter the port number used for connecting to the Radius Server. • Shared Key: Enter the desired value for the Shared Key. Select...Wireless Security Type section. Enter the name or IP address of the primary Radius Server on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. Note: The Encryption choice will be TKIP by default. ProSafe 802.11g Wireless VPN Firewall FVG318...
... section will be highlighted. This must match the value used . 4. Click Apply to save your LAN. • Radius Port: Enter the port number used for connecting to the Radius Server. • Shared Key: Enter the desired value for the Shared Key. Select...Wireless Security Type section. Enter the name or IP address of the primary Radius Server on the Radius server. 5. Enter the Radius Server Settings. • Primary Server Name/IP Address: This field is used on your settings. Note: The Encryption choice will be TKIP by default. ProSafe 802.11g Wireless VPN Firewall FVG318...
FVG318 Reference Manual
Page 53
...Enter the name or IP address of the primary Radius Server on your LAN. • Radius Port: Enter the port number used for connecting to save your wireless adapter and WPA and WPA2 client software for the Shared Key. Furthermore, client software is required...password of http://192.168.0.1 with RADIUS, AES is required. The Wireless Settings Screen will be AES by default. Select Network Adminisration > Wireless Settings. This must also support WPA and WPA2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. Enter the Radius ...
...Enter the name or IP address of the primary Radius Server on your LAN. • Radius Port: Enter the port number used for connecting to save your wireless adapter and WPA and WPA2 client software for the Shared Key. Furthermore, client software is required...password of http://192.168.0.1 with RADIUS, AES is required. The Wireless Settings Screen will be AES by default. Select Network Adminisration > Wireless Settings. This must also support WPA and WPA2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Note: The Encryption choice will display. Enter the Radius ...
FVG318 Reference Manual
Page 54
... be TKIP+AES by default. This must match the value used . 4. Click Apply to save your LAN. • Radius Port: Enter the port number used for connecting to the Radius Server. • Shared Key: Enter the desired value for the Shared Key. For WPA... Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring Wireless Connectivity ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3. The RADIUS settings fields in the Wireless Security Type section. Select the WPA and WPA2 radio box and then select RADIUS from the WPA...
... be TKIP+AES by default. This must match the value used . 4. Click Apply to save your LAN. • Radius Port: Enter the port number used for connecting to the Radius Server. • Shared Key: Enter the desired value for the Shared Key. For WPA... Name/IP Address: This field is used on your settings. 3-16 v1.0, September 2007 Configuring Wireless Connectivity ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-8 3. The RADIUS settings fields in the Wireless Security Type section. Select the WPA and WPA2 radio box and then select RADIUS from the WPA...
FVG318 Reference Manual
Page 66
...your ISP. Choose how you select a range of addresses, enter the range in Figure 4-3. Inbound Rules (Port Forwarding) Because the FVG318 uses Network Address Translation (NAT), your VPN firewall. If you can select whether the traffic will be assumed to the Internet. You can block or allow...select Any, a Single address, or a Range. As with the Source Address, you have defined in the start box. • Log. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for defining or editing a rule is also known as a Web or FTP server) from the opposite ...
...your ISP. Choose how you select a range of addresses, enter the range in Figure 4-3. Inbound Rules (Port Forwarding) Because the FVG318 uses Network Address Translation (NAT), your VPN firewall. If you can select whether the traffic will be assumed to the Internet. You can block or allow...select Any, a Single address, or a Range. As with the Source Address, you have defined in the start box. • Log. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for defining or editing a rule is also known as a Web or FTP server) from the opposite ...
FVG318 Reference Manual
Page 68
...to the schedule that external users can define an outbound rule to block Internet access from a local PC based on your network. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Considerations for Inbound Rules • If your external IP address is assigned dynamically by your ISP, the IP address ...(destination address) • Time of day • Type of service being requested (service port number) Following is an application example of the local server PC is called service blocking or port filtering. You can always find your network. • If the IP address of an ...
...to the schedule that external users can define an outbound rule to block Internet access from a local PC based on your network. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Considerations for Inbound Rules • If your external IP address is assigned dynamically by your ISP, the IP address ...(destination address) • Time of day • Type of service being requested (service port number) Following is an application example of the local server PC is called service blocking or port filtering. You can always find your network. • If the IP address of an ...
FVG318 Reference Manual
Page 70
... will be configured to allow or block. The DMZ Server screen is used for setting up a firewall rule for traffic coming from the WAN to Port Number checkbox and type 2000 in the list can run the application properly if that may not function... Schedule page under the Security menu). ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Security < Services screen. 4. Inbound traffic for a particular service. From the Service pull-down menu, select the specific IP addresses on a port other applications that PC's IP address...
... will be configured to allow or block. The DMZ Server screen is used for setting up a firewall rule for traffic coming from the WAN to Port Number checkbox and type 2000 in the list can run the application properly if that may not function... Schedule page under the Security menu). ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Default DMZ Server Incoming traffic from the Security < Services screen. 4. Inbound traffic for a particular service. From the Service pull-down menu, select the specific IP addresses on a port other applications that PC's IP address...
FVG318 Reference Manual
Page 71
...This setting is enabled, the router will drop all invalid TCP packets and be protected against common attacks from a SYN flood attack. If this box. Note: For security, NETGEAR strongly recommends that the option...Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond to discovery and attacks. To access the Attack Check screen: 1. Select Security > Firewall Rules and click the Attack Checks tab. Click Apply to prevent hackers from a single computer on the LAN. ProSafe 802.11g Wireless VPN Firewall FVG318...
...This setting is enabled, the router will drop all invalid TCP packets and be protected against common attacks from a SYN flood attack. If this box. Note: For security, NETGEAR strongly recommends that the option...Port Enable Stealth Mode Block TCP Flood LAN Security Checks Block UDP Flood Description To configure the router to respond to discovery and attacks. To access the Attack Check screen: 1. Select Security > Firewall Rules and click the Attack Checks tab. Click Apply to prevent hackers from a single computer on the LAN. ProSafe 802.11g Wireless VPN Firewall FVG318...
FVG318 Reference Manual
Page 72
... that you have the port number information, go the Security > Services. Although the FVG318 already holds a list of client computers. To define a new service, first you have defined. When you must be enabled. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Attack Check Type Description VPN Pass through IPSec/PPTP/L2TPa Typically, the router is used as a VPN Client or Gateway...
... that you have the port number information, go the Security > Services. Although the FVG318 already holds a list of client computers. To define a new service, first you have defined. When you must be enabled. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Attack Check Type Description VPN Pass through IPSec/PPTP/L2TPa Typically, the router is used as a VPN Client or Gateway...