FVS114 Reference Manual
Page 1
Reference Manual for the ProSafe VPN Firewall FVS114 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10098-01 April 2005 202-10098-01, April 2005
Reference Manual for the ProSafe VPN Firewall FVS114 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10098-01 April 2005 202-10098-01, April 2005
FVS114 Reference Manual
Page 5
... to Use This Manual 1-2 How to Print this Manual 1-3 Chapter 2 Introduction Key Features of the VPN Firewall 2-1 A Powerful, True Firewall with Content Filtering 2-2 Security ...2-2 Autosensing Ethernet Connections with Auto Uplink 2-3 Extensive Protocol Support 2-3 Easy Installation and Management 2-4 Maintenance and Support 2-4 Package Contents ...2-5 The FVS114 Front Panel 2-5 The FVS114 Rear Panel 2-6 NETGEAR-Related Products 2-7 NETGEAR Product Registration...
... to Use This Manual 1-2 How to Print this Manual 1-3 Chapter 2 Introduction Key Features of the VPN Firewall 2-1 A Powerful, True Firewall with Content Filtering 2-2 Security ...2-2 Autosensing Ethernet Connections with Auto Uplink 2-3 Extensive Protocol Support 2-3 Easy Installation and Management 2-4 Maintenance and Support 2-4 Package Contents ...2-5 The FVS114 Front Panel 2-5 The FVS114 Rear Panel 2-6 NETGEAR-Related Products 2-7 NETGEAR Product Registration...
FVS114 Reference Manual
Page 6
Using the Smart Setup Wizard 3-10 How to Manually Configure Your Internet Connection 3-11 Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-2 Using Rules to ... VPN Tunnel Configuration 5-5 How to Set Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS114 5-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-9 Monitoring the Progress and Status of the VPN Client Connection 5-16 Transferring a Security Policy to Another Client...
Using the Smart Setup Wizard 3-10 How to Manually Configure Your Internet Connection 3-11 Chapter 4 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 4-1 Block Sites ...4-2 Using Rules to ... VPN Tunnel Configuration 5-5 How to Set Up a Client-to-Gateway VPN Configuration 5-5 Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS114 5-6 Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC ...........5-9 Monitoring the Progress and Status of the VPN Client Connection 5-16 Transferring a Security Policy to Another Client...
FVS114 Reference Manual
Page 7
...the VPN Status Page to Deactivate a VPN Tunnel 5-31 Deleting a VPN Tunnel 5-32 Chapter 6 Advanced Virtual Private Networking Overview of FVS114 Policy-Based VPN Configuration 6-1 Using Policies to Manage VPN Traffic 6-2 Using Automatic Key Management 6-2 IKE Policies' Automatic Key and Authentication ...Management 6-3 VPN Policy Configuration for Auto Key Negotiation 6-5 VPN Policy Configuration for Manual Key Exchange 6-9 Using Digital Certificates for IKE Auto-Policy Authentication 6-13 Certificate Revocation List (CRL 6-14 Walk-Through of ...
...the VPN Status Page to Deactivate a VPN Tunnel 5-31 Deleting a VPN Tunnel 5-32 Chapter 6 Advanced Virtual Private Networking Overview of FVS114 Policy-Based VPN Configuration 6-1 Using Policies to Manage VPN Traffic 6-2 Using Automatic Key Management 6-2 IKE Policies' Automatic Key and Authentication ...Management 6-3 VPN Policy Configuration for Auto Key Negotiation 6-5 VPN Policy Configuration for Manual Key Exchange 6-9 Using Digital Certificates for IKE Auto-Policy Authentication 6-13 Certificate Revocation List (CRL 6-14 Walk-Through of ...
FVS114 Reference Manual
Page 13
... guide uses the following typographical conventions: Table 1-1. About This Manual 1-1 202-10098-01, April 2005 Manual Scope Product Version Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. Audience, Scope, Conventions, and Formats This reference manual assumes that the reader has basic to intermediate computer and...
... guide uses the following typographical conventions: Table 1-1. About This Manual 1-1 202-10098-01, April 2005 Manual Scope Product Version Manual Publication Date FVS114 ProSafe VPN Firewall April 2005 Note: Product updates are available on the NETGEAR Web site. Audience, Scope, Conventions, and Formats This reference manual assumes that the reader has basic to intermediate computer and...
FVS114 Reference Manual
Page 14
online Knowledge Base for browsing forwards or backwards through the manual one page at a time •A button that displays the table of the full manual and individual chapters. 1-2 About This Manual 202-10098-01, April 2005 Double-click on a link in the table of contents or index... to navigate directly to where the topic is described in the manual. •A button to PDF versions of contents and an button. Reference Manual for the ProSafe VPN Firewall FVS114 How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for the ...
online Knowledge Base for browsing forwards or backwards through the manual one page at a time •A button that displays the table of the full manual and individual chapters. 1-2 About This Manual 202-10098-01, April 2005 Double-click on a link in the table of contents or index... to navigate directly to where the topic is described in the manual. •A button to PDF versions of contents and an button. Reference Manual for the ProSafe VPN Firewall FVS114 How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for the ...
FVS114 Reference Manual
Page 15
... of This Chapter link at the top left of paper, you can save paper and printer ink by selecting this feature. • Printing the Full Manual. The Acrobat reader is dedicated to a major topic. Tip: If your needs. • Printing a Page in the HTML View. Tip: If your ...the page contents. • Printing a Chapter. The PDF version of the complete manual opens in the HTML version of any page in the manual. Reference Manual for the ProSafe VPN Firewall FVS114 How to Print this Manual To print this manual you were viewing opens in a browser window. Click the print icon in order ...
... of This Chapter link at the top left of paper, you can save paper and printer ink by selecting this feature. • Printing the Full Manual. The Acrobat reader is dedicated to a major topic. Tip: If your needs. • Printing a Page in the HTML View. Tip: If your ...the page contents. • Printing a Chapter. The PDF version of the complete manual opens in the HTML version of any page in the manual. Reference Manual for the ProSafe VPN Firewall FVS114 How to Print this Manual To print this manual you were viewing opens in a browser window. Click the print icon in order ...
FVS114 Reference Manual
Page 16
Reference Manual for the ProSafe VPN Firewall FVS114 1-4 About This Manual 202-10098-01, April 2005
Reference Manual for the ProSafe VPN Firewall FVS114 1-4 About This Manual 202-10098-01, April 2005
FVS114 Reference Manual
Page 18
...Death, SYN Flood, LAND Attack, and IP Spoofing. • Blocks unwanted traffic from the Internet to access objectionable Internet sites. Reference Manual for keywords within Web addresses. Its firewall features include: • DoS protection. You can also configure the firewall to send immediate ...Internet locations from your e-mail address or email pager whenever a significant event occurs. • With its content filtering feature, the FVS114 prevents objectionable content from the local network. You can configure the firewall to log and report attempts to your PCs. You can...
...Death, SYN Flood, LAND Attack, and IP Spoofing. • Blocks unwanted traffic from the Internet to access objectionable Internet sites. Reference Manual for keywords within Web addresses. Its firewall features include: • DoS protection. You can also configure the firewall to send immediate ...Internet locations from your e-mail address or email pager whenever a significant event occurs. • With its content filtering feature, the FVS114 prevents objectionable content from the local network. You can configure the firewall to log and report attempts to your PCs. You can...
FVS114 Reference Manual
Page 19
... DSL connection by simulating a dial-up connection. Extensive Protocol Support The FVS114 VPN Firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Reference Manual for connecting remote hosts to share an Internet account using the Dynamic Host...capable of PCs on the LAN using only a single IP address, which may be statically or dynamically assigned by DHCP The FVS114 VPN Firewall dynamically assigns network configuration information, including IP, gateway, and Domain Name Server (DNS) addresses, to attached PCs ...
... DSL connection by simulating a dial-up connection. Extensive Protocol Support The FVS114 VPN Firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Reference Manual for connecting remote hosts to share an Internet account using the Dynamic Host...capable of PCs on the LAN using only a single IP address, which may be statically or dynamically assigned by DHCP The FVS114 VPN Firewall dynamically assigns network configuration information, including IP, gateway, and Domain Name Server (DNS) addresses, to attached PCs ...
FVS114 Reference Manual
Page 20
...NETGEAR offers the following features simplify installation and management tasks: • Browser-based management Browser-based configuration allows you to monitor its status and activity. A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Smart Wizard The FVS114... a remote location on the Internet. Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can choose a nonstandard port number. • Visual monitoring The FVS114 VPN Firewall's front panel LEDs provide an ...
...NETGEAR offers the following features simplify installation and management tasks: • Browser-based management Browser-based configuration allows you to monitor its status and activity. A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Smart Wizard The FVS114... a remote location on the Internet. Reference Manual for the ProSafe VPN Firewall FVS114 Easy Installation and Management You can choose a nonstandard port number. • Visual monitoring The FVS114 VPN Firewall's front panel LEDs provide an ...
FVS114 Reference Manual
Page 21
... on the front panel of the firewall. These LEDs are incorrect, missing, or damaged, contact your NETGEAR dealer. Package Contents Reference Manual for the ProSafe VPN Firewall FVS114 The product package should contain the following items: • FVS114 ProSafe VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable. • Installation Guide. •...
... on the front panel of the firewall. These LEDs are incorrect, missing, or damaged, contact your NETGEAR dealer. Package Contents Reference Manual for the ProSafe VPN Firewall FVS114 The product package should contain the following items: • FVS114 ProSafe VPN Firewall. • AC power adapter. • Category 5 (Cat 5) Ethernet cable. • Installation Guide. •...
FVS114 Reference Manual
Page 22
Reference Manual for connecting the firewall to the firewall. LED Descriptions LED Label PWR TEST INTERNET 100 (100 Mbps) LINK/ACT (Link/Activity) LOCAL 100 (100 Mbps) ... port has detected a link with an attached device. The Local port has detected a link with an attached device. FACTORY DEFAULTS Reset Button LOCAL Ports Figure 2-2: FVS114 rear panel INTERNET Port DC Power Viewed from left to right, the rear panel contains the following features: • Factory default reset push button •...
Reference Manual for connecting the firewall to the firewall. LED Descriptions LED Label PWR TEST INTERNET 100 (100 Mbps) LINK/ACT (Link/Activity) LOCAL 100 (100 Mbps) ... port has detected a link with an attached device. The Local port has detected a link with an attached device. FACTORY DEFAULTS Reset Button LOCAL Ports Figure 2-2: FVS114 rear panel INTERNET Port DC Power Viewed from left to right, the rear panel contains the following features: • Factory default reset push button •...
FVS114 Reference Manual
Page 23
... is required before you can use our telephone support service. Reference Manual for the ProSafe VPN Firewall FVS114 • DC power input • ON/OFF switch NETGEAR-Related Products NETGEAR products related to the FVS114 are always available by going to: http://kbserver.netgear.com. NETGEAR-Related Products Category Notebooks Desktops VPN Firewalls PDAs Antennas and Accessories...
... is required before you can use our telephone support service. Reference Manual for the ProSafe VPN Firewall FVS114 • DC power input • ON/OFF switch NETGEAR-Related Products NETGEAR products related to the FVS114 are always available by going to: http://kbserver.netgear.com. NETGEAR-Related Products Category Notebooks Desktops VPN Firewalls PDAs Antennas and Accessories...
FVS114 Reference Manual
Page 24
When the VPN firewall router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Documentation is available on the Resource CD and at http://kbserver.netgear.com. Reference Manual for the VPN firewall router. 2-8 Introduction 202-10098-01, April 2005
When the VPN firewall router is connected to the Internet, click the Knowledge Base or the Documentation link under the Web Support menu to view support information or the documentation for the ProSafe VPN Firewall FVS114 Documentation is available on the Resource CD and at http://kbserver.netgear.com. Reference Manual for the VPN firewall router. 2-8 Introduction 202-10098-01, April 2005
FVS114 Reference Manual
Page 25
... be sure to use the computer you first registered with the contents of your FVS114 ProSafe VPN Firewall using the Setup Wizard, or how to manually configure your Internet connection. First, Connect the FVS114 1. Turn off your computer. Turn off the cable or DSL broadband modem.... Connecting the Firewall to the Internet 3-1 202-10098-01, April 2005 CONNECT THE CABLES BETWEEN THE FVS114, COMPUTER, AND MODEM a. Chapter...
... be sure to use the computer you first registered with the contents of your FVS114 ProSafe VPN Firewall using the Setup Wizard, or how to manually configure your Internet connection. First, Connect the FVS114 1. Turn off your computer. Turn off the cable or DSL broadband modem.... Connecting the Firewall to the Internet 3-1 202-10098-01, April 2005 CONNECT THE CABLES BETWEEN THE FVS114, COMPUTER, AND MODEM a. Chapter...
FVS114 Reference Manual
Page 26
... your PC to the Internet 202-10098-01, April 2005 Securely insert the Ethernet cable from the computer d. e. Locate the Internet port. Reference Manual for the ProSafe VPN Firewall FVS114 c. B Internet port Internet VPN Firewall Cable 1 Figure 3-2: Connect the VPN firewall router to the modem Modem 3-2 Connecting the Firewall to the modem...
... your PC to the Internet 202-10098-01, April 2005 Securely insert the Ethernet cable from the computer d. e. Locate the Internet port. Reference Manual for the ProSafe VPN Firewall FVS114 c. B Internet port Internet VPN Firewall Cable 1 Figure 3-2: Connect the VPN firewall router to the modem Modem 3-2 Connecting the Firewall to the modem...
FVS114 Reference Manual
Page 27
...NETGEAR cable in the power cord to the Internet 3-3 202-10098-01, April 2005 Note: For DSL customers, if software logs you from connecting to the Internet, do not run that came with your computer. Last, turn on the broadband modem and wait two minutes. Reference Manual for the ProSafe VPN Firewall FVS114... insert the blue cable that software. Connecting the Firewall to your computer (point D in to the Internet. c. D Blue NETGEAR Cable C VPN Firewall Computer Local Ports Figure 3-3: Connect the computer to the VPN firewall router Internet Modem Your network cables are...
...NETGEAR cable in the power cord to the Internet 3-3 202-10098-01, April 2005 Note: For DSL customers, if software logs you from connecting to the Internet, do not run that came with your computer. Last, turn on the broadband modem and wait two minutes. Reference Manual for the ProSafe VPN Firewall FVS114... insert the blue cable that software. Connecting the Firewall to your computer (point D in to the Internet. c. D Blue NETGEAR Cable C VPN Firewall Computer Local Ports Figure 3-3: Connect the computer to the VPN firewall router Internet Modem Your network cables are...
FVS114 Reference Manual
Page 28
...Firewall to the firewall is powered on . Green on page 3-6. • INTERNET: The Internet LINK/ACT light should turn solid green. Reference Manual for Internet Access 1. Check the VPN firewall router status lights to the VPN firewall router Internet port and the modem, and the modem is... Ethernet cable is securely attached to verify the following: • PWR: The power light should be lit. Now, Configure the FVS114 for the ProSafe VPN Firewall FVS114 Power Test Figure 3-4: Status lights Internet Local Port 4 d. If a LOCAL light is not lit, check that the Ethernet cable...
...Firewall to the firewall is powered on . Green on page 3-6. • INTERNET: The Internet LINK/ACT light should turn solid green. Reference Manual for Internet Access 1. Check the VPN firewall router status lights to the VPN firewall router Internet port and the modem, and the modem is... Ethernet cable is securely attached to verify the following: • PWR: The power light should be lit. Now, Configure the FVS114 for the ProSafe VPN Firewall FVS114 Power Test Figure 3-4: Status lights Internet Local Port 4 d. If a LOCAL light is not lit, check that the Ethernet cable...
FVS114 Reference Manual
Page 29
...open a browser such as the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its factory default state, your computer networking setup.... To do not see this , see "Troubleshooting Tips" on the Resource CD. 2. Reference Manual for the password both IP and DNS server addresses automatically, which is in its factory default ...on page 3-9. If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Click OK. Connecting the Firewall to correct basic problems...
...open a browser such as the user name and password for the ProSafe VPN Firewall FVS114 With the VPN firewall router in its factory default state, your computer networking setup.... To do not see this , see "Troubleshooting Tips" on the Resource CD. 2. Reference Manual for the password both IP and DNS server addresses automatically, which is in its factory default ...on page 3-9. If you configure the VPN firewall router, it will automatically display the NETGEAR Smart Wizard Configuration Assistant welcome page. Click OK. Connecting the Firewall to correct basic problems...