FVG318 Reference Manual
Page 7
... to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Features of the VPN Firewall Router 1-1 802.11g and 802.11b Wireless Networking 1-2 Wireless Multimedia (WMM) Support 1-2 A Powerful, True Firewall with Content Filtering 1-2 Security ...1-3 Autosensing Ethernet Connections with Auto Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 The FVG318 Front...
... to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Features of the VPN Firewall Router 1-1 802.11g and 802.11b Wireless Networking 1-2 Wireless Multimedia (WMM) Support 1-2 A Powerful, True Firewall with Content Filtering 1-2 Security ...1-3 Autosensing Ethernet Connections with Auto Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-5 The FVG318 Front...
FVG318 Reference Manual
Page 8
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Chapter 3 Configuring Wireless Connectivity Observing Performance, Placement, and Range Guidelines 3-1 Implementing Appropriate Wireless Security 3-2 Understanding Wireless Settings 3-3 Security Check List for SSID and WEP Settings 3-7 Setting Up and Testing Basic Wireless Connectivity 3-8 Restricting Wireless Access by MAC Address 3-9 Configuring WEP Security Settings 3-10 Configuring WPA with RADIUS 3-12 Configuring WPA2 with RADIUS 3-14 Configuring...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Chapter 3 Configuring Wireless Connectivity Observing Performance, Placement, and Range Guidelines 3-1 Implementing Appropriate Wireless Security 3-2 Understanding Wireless Settings 3-3 Security Check List for SSID and WEP Settings 3-7 Setting Up and Testing Basic Wireless Connectivity 3-8 Restricting Wireless Access by MAC Address 3-9 Configuring WEP Security Settings 3-10 Configuring WPA with RADIUS 3-12 Configuring WPA2 with RADIUS 3-14 Configuring...
FVG318 Reference Manual
Page 9
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 5-5 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-7 Monitoring the Progress and Status of the VPN Client Connection 5-15 Transferring a Security Policy to Another Client 5-17 Setting Up a Gateway-to-Gateway VPN Configuration 5-19 Activating a VPN Tunnel...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Setting Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVG318 5-5 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-7 Monitoring the Progress and Status of the VPN Client Connection 5-15 Transferring a Security Policy to Another Client 5-17 Setting Up a Gateway-to-Gateway VPN Configuration 5-19 Activating a VPN Tunnel...
FVG318 Reference Manual
Page 10
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP ...Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Configuring Static Routes 8-5 Configuring RIP ...8-6 Static Route Example 8-7 Enabling Remote Management Access 8-8 SNMP ...Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-6 Problems with Date and Time 9-7 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B Related Documents Appendix C VPN Configuration of NETGEAR FVG318...
FVG318 Reference Manual
Page 14
...Each page in the manual. •A button to Use This Manual The HTML version of this manual, you can choose one page at http://kbserver.netgear.com/products/FVG318.asp. Select File > Print from HTML. xiv About...on the NETGEAR, Inc. This manual is a safety warning. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Danger: This is written for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe 802.11g Wireless VPN Firewall September 2007 For more information about network, Internet, firewall, and VPN technologies, ...
...Each page in the manual. •A button to Use This Manual The HTML version of this manual, you can choose one page at http://kbserver.netgear.com/products/FVG318.asp. Select File > Print from HTML. xiv About...on the NETGEAR, Inc. This manual is a safety warning. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Danger: This is written for the VPN firewall according to these specifications: Product Version Manual Publication Date ProSafe 802.11g Wireless VPN Firewall September 2007 For more information about network, Internet, firewall, and VPN technologies, ...
FVG318 Reference Manual
Page 17
...NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. With minimum setup, you with eight-port switch connects your network from hackers. Unlike simple Internet sharing firewalls that protects your local area network (LAN) to a WAN device, such as a cable modem or DSL modem and provides 802.11b/g wireless LAN connectivity. Parents and network administrators can install and use the firewall...support. • Flash memory for Denial of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering options, plus browsing ...
...NETGEAR® ProSafe 802.11g Wireless VPN Firewall, Model FVG318. With minimum setup, you with eight-port switch connects your network from hackers. Unlike simple Internet sharing firewalls that protects your local area network (LAN) to a WAN device, such as a cable modem or DSL modem and provides 802.11b/g wireless LAN connectivity. Parents and network administrators can install and use the firewall...support. • Flash memory for Denial of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall with multiple Web content filtering options, plus browsing ...
FVG318 Reference Manual
Page 18
... Address. • Wireless network name broadcast can connect. Wireless Multimedia (WMM) Support WMM is a true firewall, using stateful packet inspection to function correctly, wireless clients must also support WMM. For WMM to defend against hacker attacks. A Powerful, True Firewall with all of the strong security of data. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 802.11g and 802.11b Wireless Networking The VPN firewall includes an 802.11g-compliant wireless access point.
... Address. • Wireless network name broadcast can connect. Wireless Multimedia (WMM) Support WMM is a true firewall, using stateful packet inspection to function correctly, wireless clients must also support WMM. For WMM to defend against hacker attacks. A Powerful, True Firewall with all of the strong security of data. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 802.11g and 802.11b Wireless Networking The VPN firewall includes an 802.11g-compliant wireless access point.
FVG318 Reference Manual
Page 20
...ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to the attached PCs. The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. The VPN firewall automatically senses the type of ISP account. • Diagnostic functions. ProSafe 802.11g Wireless VPN Firewall FVG318 ...login to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). The firewall allows you can choose a nonstandard port number. • Visual monitoring. The VPN firewall allows several networked PCs to the Web Management ...
...ProSafe 802.11g Wireless VPN Firewall within minutes after connecting it to the attached PCs. The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. The VPN firewall automatically senses the type of ISP account. • Diagnostic functions. ProSafe 802.11g Wireless VPN Firewall FVG318 ...login to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). The firewall allows you can choose a nonstandard port number. • Visual monitoring. The VPN firewall allows several networked PCs to the Web Management ...
FVG318 Reference Manual
Page 32
...the PPPoE connection • Domain Name: Name of the PPTP server. - The ISP will identify the router to you have logged in the Timeout field. 2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Select this option and configure the following fields: • IP Address: Static IP address... logout after the connection is idle for a period of time, select Idle Time and enter the number of minutes to the router using DHCP network protocol. - This will automatically assign an IP address to wait before disconnecting, in . • My IP Address: IP...
...the PPPoE connection • Domain Name: Name of the PPTP server. - The ISP will identify the router to you have logged in the Timeout field. 2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Select this option and configure the following fields: • IP Address: Static IP address... logout after the connection is idle for a period of time, select Idle Time and enter the number of minutes to the router using DHCP network protocol. - This will automatically assign an IP address to wait before disconnecting, in . • My IP Address: IP...
FVG318 Reference Manual
Page 33
If your network has a permanently assigned (static or fixed) IP address, you will need a fully qualified domain name (FQDN) to implement features such as www.google.com, www.netgear.com, etc. For rollover mode, you can register a domain name and have that the connection is... Domain name servers (DNS) convert Internet names such as exposed hosts and virtual private networks regardless of your ISP's gateway. If the Use these DNS Servers radio box is active. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP or ...
If your network has a permanently assigned (static or fixed) IP address, you will need a fully qualified domain name (FQDN) to implement features such as www.google.com, www.netgear.com, etc. For rollover mode, you can register a domain name and have that the connection is... Domain name servers (DNS) convert Internet names such as exposed hosts and virtual private networks regardless of your ISP's gateway. If the Use these DNS Servers radio box is active. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • IP Subnet Mask: This is usually provided by the ISP or ...
FVG318 Reference Manual
Page 34
To configure Dynamic DNS: 1. Select Network Configuration > Dynamic DNS. Each DNS service provider-Dynamic DNS, DNS TZO or DNS Oray-requires its own parameters (Figure 2-9). Select the tab for the DNS service provider you may select the Use wild cards check box to activate this... *.yourhost.dyndns.org to be aliased to use and then select the Yes radio box. If your dynamic DNS provider allows the use this feature. To use of wild cards in to the Internet v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The gateway contains a client that...
To configure Dynamic DNS: 1. Select Network Configuration > Dynamic DNS. Each DNS service provider-Dynamic DNS, DNS TZO or DNS Oray-requires its own parameters (Figure 2-9). Select the tab for the DNS service provider you may select the Use wild cards check box to activate this... *.yourhost.dyndns.org to be aliased to use and then select the Yes radio box. If your dynamic DNS provider allows the use this feature. To use of wild cards in to the Internet v1.0, September 2007 ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual The gateway contains a client that...
FVG318 Reference Manual
Page 35
...time zone: 1. If this box for Daylight Savings Time on the first day of several Network Time Servers on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. Automatically Adjust for time-stamping log entries. 3. Click Apply to the ...used for the blocking schedule and for Daylight Savings Time. The Time Zone screen will display. 2. Configuring Your Time Zone The VPN firewall uses the Network Time Protocol (NTP) to the Internet v1.0, September 2007 2-11 Check this is enabled, then the RTC (Real-Time Clock) is selected by contacting a NETGEAR...
...time zone: 1. If this box for Daylight Savings Time on the first day of several Network Time Servers on the Internet. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual 5. Automatically Adjust for time-stamping log entries. 3. Click Apply to the ...used for the blocking schedule and for Daylight Savings Time. The Time Zone screen will display. 2. Configuring Your Time Zone The VPN firewall uses the Network Time Protocol (NTP) to the Internet v1.0, September 2007 2-11 Check this is enabled, then the RTC (Real-Time Clock) is selected by contacting a NETGEAR...
FVG318 Reference Manual
Page 36
... the Ethernet cables are correct. • LAN and wirelessly connected computers must match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you prefer to save your network in the correct sequence. Enter the name or IP ...FVG318 and wireless computer must be lit. Be sure to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. The label on the bottom of the VPN firewall router identifies the number of the computer are securely plugged in securely and the modem and VPN firewall router...
... the Ethernet cables are correct. • LAN and wirelessly connected computers must match exactly. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Select the Use Custom NTP Servers if you prefer to save your network in the correct sequence. Enter the name or IP ...FVG318 and wireless computer must be lit. Be sure to the default NETGEAR NTP servers (time-a.netgear.com, timeb.netgear.com, etc.). 5. The label on the bottom of the VPN firewall router identifies the number of the computer are securely plugged in securely and the modem and VPN firewall router...
FVG318 Reference Manual
Page 37
...MAC Address." Table 2-2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Some cable modem ISPs require you finish entering your settings. Click Apply to enter the VPN firewall router URL in the browser, or provide the login user name and password. Restart the network in the browser address...state of the Basic Settings menu, select, "Use this feature. You can bypass the Smart Wizard Configuration Assistant feature by clicking Apply when you to the VPN firewall router, the VPN firewall router will then capture and use the factory reset button. If so, in the...
...MAC Address." Table 2-2. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Some cable modem ISPs require you finish entering your settings. Click Apply to enter the VPN firewall router URL in the browser, or provide the login user name and password. Restart the network in the browser address...state of the Basic Settings menu, select, "Use this feature. You can bypass the Smart Wizard Configuration Assistant feature by clicking Apply when you to the VPN firewall router, the VPN firewall router will then capture and use the factory reset button. If so, in the...
FVG318 Reference Manual
Page 40
... of your wireless equipment. FVG318 Figure 3-1 Note: Indoors, computers can connect to wireless networks at ranges of the SSID, only devices that unknown PCs cannot wirelessly connect to the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Implementing Appropriate Wireless Security Unlike wired network data, your wireless data transmissions ...access to your network, but the data broadcast over the wireless link is still exposed. • WEP. There are covered in detail in this reason, use the security features of your area to access your network. WEP Shared ...
... of your wireless equipment. FVG318 Figure 3-1 Note: Indoors, computers can connect to wireless networks at ranges of the SSID, only devices that unknown PCs cannot wirelessly connect to the FVG318. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Implementing Appropriate Wireless Security Unlike wired network data, your wireless data transmissions ...access to your network, but the data broadcast over the wireless link is still exposed. • WEP. There are covered in detail in this reason, use the security features of your area to access your network. WEP Shared ...
FVG318 Reference Manual
Page 41
... the Radius Server-normally done via a digital certificate. You must be limited. - Select Network Configuration > Wireless Settings from the main menu. Configuring Wireless Connectivity 3-3 v1.0, September 2007 This version of WPA requires the use AES encryption, and configure the RADIUS Server Settings. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Wi-Fi Protected Access (WPA and WPA2). WPA-PSK...
... the Radius Server-normally done via a digital certificate. You must be limited. - Select Network Configuration > Wireless Settings from the main menu. Configuring Wireless Connectivity 3-3 v1.0, September 2007 This version of WPA requires the use AES encryption, and configure the RADIUS Server Settings. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual • Wi-Fi Protected Access (WPA and WPA2). WPA-PSK...
FVG318 Reference Manual
Page 42
... in exactly the same fashion. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-2 Note: The 802.11b and 802.11g wireless networking protocols are configured in the 802.11b/g wireless network will automatically adjust to the 802.11g or 802.11b protocol as the wireless network name. The FVG318 will need to use this SSID for separating the traffic. The SSID is more than one wireless network, different wireless network names provide a means for...
... in exactly the same fashion. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Figure 3-2 Note: The 802.11b and 802.11g wireless networking protocols are configured in the 802.11b/g wireless network will automatically adjust to the 802.11g or 802.11b protocol as the wireless network name. The FVG318 will need to use this SSID for separating the traffic. The SSID is more than one wireless network, different wireless network names provide a means for...
FVG318 Reference Manual
Page 43
... mode. If you will be used . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Unless you select a region, you disable broadcast of the SSID, only devices that have the correct SSID can operate in this device. • Wireless Access Point - The options are no wireless communications through the FVG318. - Both 802.11g and 802.11b wireless stations can be used . The default is selected, the...
... mode. If you will be used . ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual - Unless you select a region, you disable broadcast of the SSID, only devices that have the correct SSID can operate in this device. • Wireless Access Point - The options are no wireless communications through the FVG318. - Both 802.11g and 802.11b wireless stations can be used . The default is selected, the...
FVG318 Reference Manual
Page 45
..." for SSID and WEP Settings For a new wireless network, print or copy this information in the VPN firewall router is the SSID you may customize it by using up or is the default FVG318 SSID. Store this form and fill in the wireless adapter card. Note: The SSID in a safe place. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for more...
..." for SSID and WEP Settings For a new wireless network, print or copy this information in the VPN firewall router is the SSID you may customize it by using up or is the default FVG318 SSID. Store this form and fill in the wireless adapter card. Note: The SSID in a safe place. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Security Check List for more...
FVG318 Reference Manual
Page 66
... Range. no log entries will be made for this type of traffic to the Acceptable Use Policy of your network. Inbound Rules (Port Forwarding) Because the FVG318 uses Network Address Translation (NAT), your network presents only one local server based on the LAN (outbound) or the WAN (inbound), ... and available to be assumed to the Internet, and outside users cannot directly address any active services at your local computers. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for defining or editing a rule is shown in the start box. • Log...
... Range. no log entries will be made for this type of traffic to the Acceptable Use Policy of your network. Inbound Rules (Port Forwarding) Because the FVG318 uses Network Address Translation (NAT), your network presents only one local server based on the LAN (outbound) or the WAN (inbound), ... and available to be assumed to the Internet, and outside users cannot directly address any active services at your local computers. ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual An example of the menu for defining or editing a rule is shown in the start box. • Log...