FVS124G Product datasheet
Page 1
... connectivity, creating high-speed links for maximum bandwidth efficiency. The ProSafe Dual WAN Gigabit Firewall Router provides powerful yet economical security for high-speed switches. Additional licenses available for easy, widespread deployment. Support for DHCP (client and server) as well as a backbone for businesses coping with NETGEAR ProSafe VPN Client Software Al2l 4ri0g-h1t0s 0re4s1e-r0v1ed 240-10129-01 Desktop PC with GA311 NMS100 ProSafe Network Management Software Broadband Modem Internet Broadband Modem WAG511 ProSafe Dual Band 108 Wireless Adapter PC Card...
... connectivity, creating high-speed links for maximum bandwidth efficiency. The ProSafe Dual WAN Gigabit Firewall Router provides powerful yet economical security for high-speed switches. Additional licenses available for easy, widespread deployment. Support for DHCP (client and server) as well as a backbone for businesses coping with NETGEAR ProSafe VPN Client Software Al2l 4ri0g-h1t0s 0re4s1e-r0v1ed 240-10129-01 Desktop PC with GA311 NMS100 ProSafe Network Management Software Broadband Modem Internet Broadband Modem WAG511 ProSafe Dual Band 108 Wireless Adapter PC Card...
FVS124G Product datasheet
Page 2
... Routing: RIP v1, RIPv2 (Static Routing, Dynamic Routing) - Power requirements: 12V DC, 1.2A - IP Addressing: DHCP (client and server) - Cable, DSL or wireless broadband modem and Internet service - Ethernet cable - FVS318 ProSafe VPN Firewall 8 - WG102 ProSafe 802.11g Access Point - Network software (e.g. Administration Interface: SNMP (v.2c) support, Telnet, web graphic user interface, user name and password protected via Web Browser, Display Statistics, Logging, SYSLOG support. • Hardware Specifications: - Ethernet connectivity from date of sale - Network card...
... Routing: RIP v1, RIPv2 (Static Routing, Dynamic Routing) - Power requirements: 12V DC, 1.2A - IP Addressing: DHCP (client and server) - Cable, DSL or wireless broadband modem and Internet service - Ethernet cable - FVS318 ProSafe VPN Firewall 8 - WG102 ProSafe 802.11g Access Point - Network software (e.g. Administration Interface: SNMP (v.2c) support, Telnet, web graphic user interface, user name and password protected via Web Browser, Display Statistics, Logging, SYSLOG support. • Hardware Specifications: - Ethernet connectivity from date of sale - Network card...
FVS124G Reference Manual
Page 10
... the VPN Client 7-12 Testing the Connection 7-20 Chapter 8 Router and Network Management Performance Management 8-1 Bandwidth Capacity 8-1 VPN Firewall Features That Reduce Traffic 8-2 Service Blocking 8-2 Block Sites ...8-4 Source MAC Filtering 8-4 VPN Firewall Features That Increase Traffic 8-4 Port Forwarding 8-5 Port Triggering 8-6 VPN Tunnels ...8-7 Using QoS to Shift the Traffic Mix 8-7 Tools for Traffic Management 8-7 Administrator and Guest Access Authorization 8-8 Changing the Passwords and Login Timeout 8-8 Enabling Remote Management Access 8-9 Command Line Interface...
... the VPN Client 7-12 Testing the Connection 7-20 Chapter 8 Router and Network Management Performance Management 8-1 Bandwidth Capacity 8-1 VPN Firewall Features That Reduce Traffic 8-2 Service Blocking 8-2 Block Sites ...8-4 Source MAC Filtering 8-4 VPN Firewall Features That Increase Traffic 8-4 Port Forwarding 8-5 Port Triggering 8-6 VPN Tunnels ...8-7 Using QoS to Shift the Traffic Mix 8-7 Tools for Traffic Management 8-7 Administrator and Guest Access Authorization 8-8 Changing the Passwords and Login Timeout 8-8 Enabling Remote Management Access 8-9 Command Line Interface...
FVS124G Reference Manual
Page 11
... the Configuration 8-30 Upgrading the Firewall Software 8-30 Erasing the Configuration (Factory Defaults Reset 8-31 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix...
... the Configuration 8-30 Upgrading the Firewall Software 8-30 Erasing the Configuration (Factory Defaults Reset 8-31 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix...
FVS124G Reference Manual
Page 19
... Mbps ports for an Ethernet connection to 10 VPN tunnels. • Easy, web-based setup for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the NETGEAR FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. Chapter 2 Introduction This chapter describes the features of Service (QoS) support for traffic prioritization. • Built in 4-port 10/100/1000 Mbps switch. • Extensive Protocol Support. • Login capability. both via e-mail. With minimum setup, you with 4 port switch connects your...
... Mbps ports for an Ethernet connection to 10 VPN tunnels. • Easy, web-based setup for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the NETGEAR FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. Chapter 2 Introduction This chapter describes the features of Service (QoS) support for traffic prioritization. • Built in 4-port 10/100/1000 Mbps switch. • Extensive Protocol Support. • Login capability. both via e-mail. With minimum setup, you with 4 port switch connects your...
FVS124G Reference Manual
Page 20
..., using stateful packet inspection to consider when implementing the following capabilities with dual WAN port gateways: • Inbound traffic (e.g., port forwarding, port triggering) • Virtual private networks A Powerful, True Firewall with 4 Gigabit LAN and Dual WAN Ports • Front panel LEDs for easy monitoring of status and activity. • Flash memory for maximum bandwidth efficiency. The firewall balances users between the two lines for firmware upgrade. The FVS124G will log security events such as off-limits. • Logs security incidents. Dual WAN Ports for...
..., using stateful packet inspection to consider when implementing the following capabilities with dual WAN port gateways: • Inbound traffic (e.g., port forwarding, port triggering) • Virtual private networks A Powerful, True Firewall with 4 Gigabit LAN and Dual WAN Ports • Front panel LEDs for easy monitoring of status and activity. • Flash memory for maximum bandwidth efficiency. The firewall balances users between the two lines for firmware upgrade. The FVS124G will log security events such as off-limits. • Logs security incidents. Dual WAN Ports for...
FVS124G Reference Manual
Page 22
... Windows, Macintosh, or Linux. A user-friendly Setup Wizard is provided and online help documentation is a protocol for connecting remote hosts to the attached PCs. Easy Installation and Management You can install, configure, and operate the FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Extensive Protocol Support The FVS124G VPN Firewall supports the Transmission Control Protocol/Internet Protocol (TCP/ IP) and Routing Information Protocol (RIP). The following features simplify installation and management tasks: • Browser-based management...
... Windows, Macintosh, or Linux. A user-friendly Setup Wizard is provided and online help documentation is a protocol for connecting remote hosts to the attached PCs. Easy Installation and Management You can install, configure, and operate the FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Extensive Protocol Support The FVS124G VPN Firewall supports the Transmission Control Protocol/Internet Protocol (TCP/ IP) and Routing Information Protocol (RIP). The following features simplify installation and management tasks: • Browser-based management...
FVS124G Reference Manual
Page 23
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN Wizard The FVS124G VPN Firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the FVS124G VPN Firewall: • Flash memory for MIB2. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote management The firewall allows you can choose a nonstandard port number. • Visual monitoring The FVS124G VPN Firewall's front panel LEDs provide ...
Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN Wizard The FVS124G VPN Firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the FVS124G VPN Firewall: • Flash memory for MIB2. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote management The firewall allows you can choose a nonstandard port number. • Visual monitoring The FVS124G VPN Firewall's front panel LEDs provide ...
FVS124G Reference Manual
Page 50
... Resource CD included with your network. Configure the WAN mode (required for connecting the FVS124G VPN Firewall. Configure dynamic DNS on a mutually exclusive basis) during this step. 6. Configure the WAN options (if needed in to the firewall to a ping during this step. You can also refer to your network (required) You physically connect the cables during this step. For load balancing, you can also change the factory default MTU size, port speed, and uplink bandwidth. You can also select...
... Resource CD included with your network. Configure the WAN mode (required for connecting the FVS124G VPN Firewall. Configure dynamic DNS on a mutually exclusive basis) during this step. 6. Configure the WAN options (if needed in to the firewall to a ping during this step. You can also refer to your network (required) You physically connect the cables during this step. For load balancing, you can also change the factory default MTU size, port speed, and uplink bandwidth. You can also select...
FVS124G Reference Manual
Page 72
... the firewall's LAN. IP addresses will manually configure the network settings of all computers connected to any LAN device that requests DHCP: • An IP Address from a pool of the contiguous addresses in your network. You must then open a new connection to the attached PCs from the range you will be given to assign IP addresses for devices with 4 Gigabit LAN and Dual WAN Ports • Ending IP Address - This box specifies the Lease time...
... the firewall's LAN. IP addresses will manually configure the network settings of all computers connected to any LAN device that requests DHCP: • An IP Address from a pool of the contiguous addresses in your network. You must then open a new connection to the attached PCs from the range you will be given to assign IP addresses for devices with 4 Gigabit LAN and Dual WAN Ports • Ending IP Address - This box specifies the Lease time...
FVS124G Reference Manual
Page 79
... the table. The default rule blocks all outgoing traffic. • To create a new outbound service rule: a. b. This screen has its own help file. Click the radio button next to the rule definition. Edit - to move the selected rule to a new position in the table when you have not defined any changes to an row in the table. Reference Manual for the ProSafe VPN Firewall 25 with the data for Advanced Administrators only...
... the table. The default rule blocks all outgoing traffic. • To create a new outbound service rule: a. b. This screen has its own help file. Click the radio button next to the rule definition. Edit - to move the selected rule to a new position in the table when you have not defined any changes to an row in the table. Reference Manual for the ProSafe VPN Firewall 25 with the data for Advanced Administrators only...
FVS124G Reference Manual
Page 102
....pictures.XXX. • If the keyword ".com" is enabled will undergo the Filtering process. The word or domain name appears in the list. Keyword application examples: • If the keyword "XXX" is specified, the URL is blocked, as .edu or .gov) can be blocked. Reference Manual for which Keyword filtering is specified, only websites with 4 Gigabit LAN and Dual WAN Ports Table 6-4. The Request from the...
....pictures.XXX. • If the keyword ".com" is enabled will undergo the Filtering process. The word or domain name appears in the list. Keyword application examples: • If the keyword "XXX" is specified, the URL is blocked, as .edu or .gov) can be blocked. Reference Manual for which Keyword filtering is specified, only websites with 4 Gigabit LAN and Dual WAN Ports Table 6-4. The Request from the...
FVS124G Reference Manual
Page 117
Reference Manual for the pre-shared key. 4. WAN1 IP address is 192.168.2.1 255.255.255.0 Configuring the FVX538 1. Give the client connection a name, such as to_fvs. 3. Using each firewall's VPN Wizard, we will create a set of policies (IKE and VPN) that will allow the two firewalls to connect from locations with 4 Gigabit LAN and Dual WAN Ports Creating a VPN Connection: Between FVX538 and FVS124G This section describes how to configure a VPN connection between a NETGEAR FVX538 VPN Firewall and a NETGEAR FVS124G VPN Firewall. This procedure was...
Reference Manual for the pre-shared key. 4. WAN1 IP address is 192.168.2.1 255.255.255.0 Configuring the FVX538 1. Give the client connection a name, such as to_fvs. 3. Using each firewall's VPN Wizard, we will create a set of policies (IKE and VPN) that will allow the two firewalls to connect from locations with 4 Gigabit LAN and Dual WAN Ports Creating a VPN Connection: Between FVX538 and FVS124G This section describes how to configure a VPN connection between a NETGEAR FVX538 VPN Firewall and a NETGEAR FVS124G VPN Firewall. This procedure was...
FVS124G Reference Manual
Page 139
... is between two VPN tunnel end points. • Drop fragmented IP packets-Enable this to drop the fragmented IP packets. • UDP Flooding-Enable this to limit the number of Service) attacks. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN tunnels Port Forwarding The firewall always blocks DoS (Denial of UDP sessions created from one LAN machine. • TCP Flooding-Enable this to protect the router from WAN to block or allow specific traffic. A DoS attack...
... is between two VPN tunnel end points. • Drop fragmented IP packets-Enable this to drop the fragmented IP packets. • UDP Flooding-Enable this to limit the number of Service) attacks. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN tunnels Port Forwarding The firewall always blocks DoS (Denial of UDP sessions created from one LAN machine. • TCP Flooding-Enable this to protect the router from WAN to block or allow specific traffic. A DoS attack...
FVS124G Reference Manual
Page 144
... time you remotely connect the FVS124G with 4 Gigabit LAN and Dual WAN Ports a. Tip: If you are using a dynamic DNS service such as TZO, you can change the remote management web interface to have your ISP assigned to https://address. Check the Netgear Web site for HTTP. 4. Reference Manual for the ProSafe VPN Firewall 25 with a browser via SSL, you may get a message regarding the SSL certificate. Web browser access normally uses the standard HTTP service port 80. To allow access from the Internet, the Secure Sockets Layer (SSL) will be enabled. b. To allow access...
... time you remotely connect the FVS124G with 4 Gigabit LAN and Dual WAN Ports a. Tip: If you are using a dynamic DNS service such as TZO, you can change the remote management web interface to have your ISP assigned to https://address. Check the Netgear Web site for HTTP. 4. Reference Manual for the ProSafe VPN Firewall 25 with a browser via SSL, you may get a message regarding the SSL certificate. Web browser access normally uses the standard HTTP service port 80. To allow access from the Internet, the Secure Sockets Layer (SSL) will be enabled. b. To allow access...
FVS124G Reference Manual
Page 163
... Internet will break any existing connections either to the Router (such as this button to factory default settings. Configuration File Management The configuration settings of the browser interface, under the Management heading, select the Settings Backup heading to bring up ) to a user's PC, retrieved (restored) from Netgear. From the Main Menu of the FVS124G VPN Firewall are described in a configuration file. You can use these! You can also upgrade the firewall software with 4 Gigabit LAN and Dual WAN Ports Table 8-1. Figure 8-18: Settings...
... Internet will break any existing connections either to the Router (such as this button to factory default settings. Configuration File Management The configuration settings of the browser interface, under the Management heading, select the Settings Backup heading to bring up ) to a user's PC, retrieved (restored) from Netgear. From the Main Menu of the FVS124G VPN Firewall are described in a configuration file. You can use these! You can also upgrade the firewall software with 4 Gigabit LAN and Dual WAN Ports Table 8-1. Figure 8-18: Settings...
FVS124G Reference Manual
Page 167
... power outlet. • Check that you are using the 12 V DC power adapter supplied by NETGEAR for any of these conditions does not occur, refer to the appropriate following sequence of events should contact technical support. After each problem description, instructions are off when your firewall is properly connected to your FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. The Internet port LED is 10 Mbps, the LED will be amber. If...
... power outlet. • Check that you are using the 12 V DC power adapter supplied by NETGEAR for any of these conditions does not occur, refer to the appropriate following sequence of events should contact technical support. After each problem description, instructions are off when your firewall is properly connected to your FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. The Internet port LED is 10 Mbps, the LED will be amber. If...
FVS124G Reference Manual
Page 168
... address to a cable or DSL modem, use the cable that power is explained in "Restoring the Default Configuration and Password" on one minute after power up: • Cycle the power to see if the firewall recovers. • Clear the firewall's configuration to factory defaults. This cable could be a standard straight-through Ethernet cable or an Ethernet crossover cable. 9-2 Troubleshooting 202-10085-01, March 2005 LAN or Internet Port LEDs Not On If either the LAN LEDs or Internet LED do not light when the Ethernet connection...
... address to a cable or DSL modem, use the cable that power is explained in "Restoring the Default Configuration and Password" on one minute after power up: • Cycle the power to see if the firewall recovers. • Clear the firewall's configuration to factory defaults. This cable could be a standard straight-through Ethernet cable or an Ethernet crossover cable. 9-2 Troubleshooting 202-10085-01, March 2005 LAN or Internet Port LEDs Not On If either the LAN LEDs or Internet LED do not light when the Ethernet connection...
FVS124G Reference Manual
Page 169
... auto-generated addresses are in "Restoring the Default Configuration and Password" on page 9-7. • Make sure your browser has Java, JavaScript, or ActiveX enabled. This procedure is on the same subnet as described in this information. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the Web Configuration Interface If you are unable to access the firewall's Web Configuration interface from a PC on your local network, check the following : • When entering configuration settings...
... auto-generated addresses are in "Restoring the Default Configuration and Password" on page 9-7. • Make sure your browser has Java, JavaScript, or ActiveX enabled. This procedure is on the same subnet as described in this information. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the Web Configuration Interface If you are unable to access the firewall's Web Configuration interface from a PC on your local network, check the following : • When entering configuration settings...
FVS124G Reference Manual
Page 173
.... Check that modem. Use this is stamped with Date and Time The E-Mail menu in two ways: • Use the Erase function of the firewall (see "Erasing the Configuration (Factory Defaults Reset)" on page 8-31). • Use the Default Reset button on the Internet. The FVS124G VPN Firewall uses the Network Time Protocol (NTP) to "clone" or "spoof" the MAC address from the MAC address of your Internet access settings are configured correctly. Problems with 4 Gigabit LAN and Dual WAN Ports - If you must use the Default Reset...
.... Check that modem. Use this is stamped with Date and Time The E-Mail menu in two ways: • Use the Erase function of the firewall (see "Erasing the Configuration (Factory Defaults Reset)" on page 8-31). • Use the Default Reset button on the Internet. The FVS124G VPN Firewall uses the Network Time Protocol (NTP) to "clone" or "spoof" the MAC address from the MAC address of your Internet access settings are configured correctly. Problems with 4 Gigabit LAN and Dual WAN Ports - If you must use the Default Reset...