FVS124G Reference Manual
Page 9
...4 Gigabit LAN and Dual WAN Ports Load Balancing (and Protocol Binding) Setup 4-17 Step 5: Configure Dynamic DNS (If Needed 4-20 Step 6: Configure the WAN Options (If Needed 4-23 Chapter 5 LAN Configuration Using the LAN IP Setup Options 5-1 Configuring LAN TCP/IP Setup Parameters 5-2 Using the Firewall as a DHCP server 5-4 Using Address Reservation 5-5 Multi Home LAN IPs 5-6 Configuring Static Routes 5-6 Chapter 6 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 6-1 Using Rules to Block or Allow Specific Kinds of Traffic 6-1 Services-Based...
...4 Gigabit LAN and Dual WAN Ports Load Balancing (and Protocol Binding) Setup 4-17 Step 5: Configure Dynamic DNS (If Needed 4-20 Step 6: Configure the WAN Options (If Needed 4-23 Chapter 5 LAN Configuration Using the LAN IP Setup Options 5-1 Configuring LAN TCP/IP Setup Parameters 5-2 Using the Firewall as a DHCP server 5-4 Using Address Reservation 5-5 Multi Home LAN IPs 5-6 Configuring Static Routes 5-6 Chapter 6 Firewall Protection and Content Filtering Firewall Protection and Content Filtering Overview 6-1 Using Rules to Block or Allow Specific Kinds of Traffic 6-1 Services-Based...
FVS124G Reference Manual
Page 10
... the VPN Client 7-12 Testing the Connection 7-20 Chapter 8 Router and Network Management Performance Management 8-1 Bandwidth Capacity 8-1 VPN Firewall Features That Reduce Traffic 8-2 Service Blocking 8-2 Block Sites ...8-4 Source MAC Filtering 8-4 VPN Firewall Features That Increase Traffic 8-4 Port Forwarding 8-5 Port Triggering 8-6 VPN Tunnels ...8-7 Using QoS to Shift the Traffic Mix 8-7 Tools for Traffic Management 8-7 Administrator and Guest Access Authorization 8-8 Changing the Passwords and Login Timeout 8-8 Enabling Remote Management Access 8-9 Command Line Interface...
... the VPN Client 7-12 Testing the Connection 7-20 Chapter 8 Router and Network Management Performance Management 8-1 Bandwidth Capacity 8-1 VPN Firewall Features That Reduce Traffic 8-2 Service Blocking 8-2 Block Sites ...8-4 Source MAC Filtering 8-4 VPN Firewall Features That Increase Traffic 8-4 Port Forwarding 8-5 Port Triggering 8-6 VPN Tunnels ...8-7 Using QoS to Shift the Traffic Mix 8-7 Tools for Traffic Management 8-7 Administrator and Guest Access Authorization 8-8 Changing the Passwords and Login Timeout 8-8 Enabling Remote Management Access 8-9 Command Line Interface...
FVS124G Reference Manual
Page 11
... the Configuration 8-30 Upgrading the Firewall Software 8-30 Erasing the Configuration (Factory Defaults Reset 8-31 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix...
... the Configuration 8-30 Upgrading the Firewall Software 8-30 Erasing the Configuration (Factory Defaults Reset 8-31 Chapter 9 Troubleshooting Basic Functioning ...9-1 Power LED Not On 9-1 LEDs Never Turn Off 9-2 LAN or Internet Port LEDs Not On 9-2 Troubleshooting the Web Configuration Interface 9-3 Troubleshooting the ISP Connection 9-4 Troubleshooting a TCP/IP Network Using a Ping Utility 9-5 Testing the LAN Path to Your Firewall 9-5 Testing the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 Problems with Date and Time 9-7 Appendix...
FVS124G Reference Manual
Page 19
...establish restricted access policies based on Network Address Translation for security, the FVS124G uses Stateful Packet Inspection for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the VPN Firewall The FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports with multiple Web content filtering options, plus browsing activity reporting and instant alerts -- Network administrators can install and use the firewall within minutes. With minimum setup, you with 4 port switch connects your network from attacks...
...establish restricted access policies based on Network Address Translation for security, the FVS124G uses Stateful Packet Inspection for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the VPN Firewall The FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports with multiple Web content filtering options, plus browsing activity reporting and instant alerts -- Network administrators can install and use the firewall within minutes. With minimum setup, you with 4 port switch connects your network from attacks...
FVS124G Reference Manual
Page 20
.... Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • Front panel LEDs for easy monitoring of status and activity. • Flash memory for the planning factors to consider when implementing the following capabilities with dual WAN port gateways: • Inbound traffic (e.g., port forwarding, port triggering) • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS124G is inoperable, ensuring you are never disconnected. • Load balance, or use both Internet lines...
.... Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • Front panel LEDs for easy monitoring of status and activity. • Flash memory for the planning factors to consider when implementing the following capabilities with dual WAN port gateways: • Inbound traffic (e.g., port forwarding, port triggering) • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS124G is inoperable, ensuring you are never disconnected. • Load balance, or use both Internet lines...
FVS124G Reference Manual
Page 22
... ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports within minutes after connecting it to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). For further information about TCP/IP, refer to Appendix B, "Network, Routing, Firewall, and Basics." • IP Address Sharing by simulating a dial-up connection. Reference Manual for your type of personal computer, such as a DNS server to easily configure your firewall from the LAN. • PPP over a DSL connection by NAT The FVS124G VPN Firewall allows...
... ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports within minutes after connecting it to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). For further information about TCP/IP, refer to Appendix B, "Network, Routing, Firewall, and Basics." • IP Address Sharing by simulating a dial-up connection. Reference Manual for your type of personal computer, such as a DNS server to easily configure your firewall from the LAN. • PPP over a DSL connection by NAT The FVS124G VPN Firewall allows...
FVS124G Reference Manual
Page 23
... monitor and manage log resources from a remote location on the Internet. Reference Manual for firmware upgrade • Free technical support seven days a week, twenty-four hours a day Package Contents The product package should contain the following features to help you maximize your use of the FVS124G VPN Firewall: • Flash memory for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN Wizard The FVS124G VPN Firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according...
... monitor and manage log resources from a remote location on the Internet. Reference Manual for firmware upgrade • Free technical support seven days a week, twenty-four hours a day Package Contents The product package should contain the following features to help you maximize your use of the FVS124G VPN Firewall: • Flash memory for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN Wizard The FVS124G VPN Firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according...
FVS124G Reference Manual
Page 46
... you are strongly advised to change the default password password to something that provided by cable or DSL broadband accounts and locate the Internet Service Provider (ISP) configuration information. • In this document • If your network management approach • The FVS124G VPN Firewall is more secure at the time you use each factory default reset. Reference Manual for the ProSafe VPN Firewall 25 with two ISPs connected to the FVS124G VPN Firewall through the same ISP. b. You...
... you are strongly advised to change the default password password to something that provided by cable or DSL broadband accounts and locate the Internet Service Provider (ISP) configuration information. • In this document • If your network management approach • The FVS124G VPN Firewall is more secure at the time you use each factory default reset. Reference Manual for the ProSafe VPN Firewall 25 with two ISPs connected to the FVS124G VPN Firewall through the same ISP. b. You...
FVS124G Reference Manual
Page 50
... provides instructions for ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports included with your firewall: 1. Configure dynamic DNS on a mutually exclusive basis) during this step. You can program the WAN traffic meters at this time if you want. 3. Connect the firewall physically to your network (required) You physically connect the cables during this step. 6. Follow the steps below to connect your firewall to your network. You can also change the factory default MTU size, port speed, and uplink bandwidth. Configure the Internet connections...
... provides instructions for ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports included with your firewall: 1. Configure dynamic DNS on a mutually exclusive basis) during this step. You can program the WAN traffic meters at this time if you want. 3. Connect the firewall physically to your network (required) You physically connect the cables during this step. 6. Follow the steps below to connect your firewall to your network. You can also change the factory default MTU size, port speed, and uplink bandwidth. Configure the Internet connections...
FVS124G Reference Manual
Page 72
... • Subnet Mask • Gateway IP Address (the firewall's LAN IP address) 5-4 LAN Configuration 202-10085-01, March 2005 Each pool address is assigned to assign IP addresses for devices with 4 Gigabit LAN and Dual WAN Ports • Ending IP Address - If another device on your network. Using the default addressing scheme, you should be assigned to save part of your network. • Lease Time - The firewall will manually configure the network settings of all computers connected to all of the...
... • Subnet Mask • Gateway IP Address (the firewall's LAN IP address) 5-4 LAN Configuration 202-10085-01, March 2005 Each pool address is assigned to assign IP addresses for devices with 4 Gigabit LAN and Dual WAN Ports • Ending IP Address - If another device on your network. Using the default addressing scheme, you should be assigned to save part of your network. • Lease Time - The firewall will manually configure the network settings of all computers connected to all of the...
FVS124G Reference Manual
Page 79
... 4 Gigabit LAN and Dual WAN Ports Note: This feature is for inbound traffic. Click the Add button. This screen has its own help file. to move the selected rule to delete the selected rule. Reference Manual for the ProSafe VPN Firewall 25 with the data for outbound traffic. Complete the Outbound Service screen, and save the data. c. Firewall Protection and Content Filtering 6-3 202-10085-01, March 2005 The Outbound Service screen will be listed. to a new position in the table when...
... 4 Gigabit LAN and Dual WAN Ports Note: This feature is for inbound traffic. Click the Add button. This screen has its own help file. to move the selected rule to delete the selected rule. Reference Manual for the ProSafe VPN Firewall 25 with the data for outbound traffic. Complete the Outbound Service screen, and save the data. c. Firewall Protection and Content Filtering 6-3 202-10085-01, March 2005 The Outbound Service screen will be listed. to a new position in the table when...
FVS124G Reference Manual
Page 102
... Delete All button to enable respective content filtering. See "Managing Groups and Hosts" on check box. Reference Manual for the ProSafe VPN Firewall 25 with other domain suffixes (such as is the newsgroup alt.pictures.XXX. • If the keyword ".com" is enabled will undergo the Filtering process. Internet domains: • Type a keyword or domain name in this domain. Any number of domain names can be allowed without...
... Delete All button to enable respective content filtering. See "Managing Groups and Hosts" on check box. Reference Manual for the ProSafe VPN Firewall 25 with other domain suffixes (such as is the newsgroup alt.pictures.XXX. • If the keyword ".com" is enabled will undergo the Filtering process. Internet domains: • Type a keyword or domain name in this domain. Any number of domain names can be allowed without...
FVS124G Reference Manual
Page 124
... select the Security Policy Editor. 7-12 202-10085-01, March 2005 Virtual Private Networking Enter a value for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports This procedure was developed and tested using: • Netgear FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports with version 1.0 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVS124G 1. Configuring the VPN Client 1. Reference Manual for the pre-shared key. 4. Give the client connection a name...
... select the Security Policy Editor. 7-12 202-10085-01, March 2005 Virtual Private Networking Enter a value for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports This procedure was developed and tested using: • Netgear FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports with version 1.0 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVS124G 1. Configuring the VPN Client 1. Reference Manual for the pre-shared key. 4. Give the client connection a name...
FVS124G Reference Manual
Page 139
... DNS queries. • Enable Stealth Mode-Enable this field. As you define your Internet connection so you specify the desired action for Advanced Administrators only! Router and Network Management 8-5 202-10085-01, March 2005 A DoS attack does not attempt to allow specific traffic. Note: This feature is unavailable). The default rule blocks all existing rules for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN tunnels Port Forwarding The firewall always blocks DoS (Denial of UDP sessions created...
... DNS queries. • Enable Stealth Mode-Enable this field. As you define your Internet connection so you specify the desired action for Advanced Administrators only! Router and Network Management 8-5 202-10085-01, March 2005 A DoS attack does not attempt to allow specific traffic. Note: This feature is unavailable). The default rule blocks all existing rules for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports • VPN tunnels Port Forwarding The firewall always blocks DoS (Denial of UDP sessions created...
FVS124G Reference Manual
Page 144
... can change the remote management web interface to the FVS124G. If you are using a Windows computer with a browser via SSL, you may get a message regarding the SSL certificate. For example, tracert yourFVS124G.mynetgear.net and you do not use the SSL https://address, but do not use port number 8080, type the following in the box provided. To allow access from any common service port. Web browser access normally uses the standard HTTP service port 80. Command Line Interface Note: The command line interface is https...
... can change the remote management web interface to the FVS124G. If you are using a Windows computer with a browser via SSL, you may get a message regarding the SSL certificate. For example, tracert yourFVS124G.mynetgear.net and you do not use the SSL https://address, but do not use port number 8080, type the following in the box provided. To allow access from any common service port. Web browser access normally uses the standard HTTP service port 80. Command Line Interface Note: The command line interface is https...
FVS124G Reference Manual
Page 167
... FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. After approximately 10 seconds, verify that the port's LED is 10 Mbps, the LED will be amber. The TEST LED is lit, a link has been established to the appropriate following sequence of these conditions does not occur, refer to the connected device. The Internet port LED is properly connected to a functioning power outlet. • Check that you diagnose and solve the problem. c. Power LED Not...
... FVS124G ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports. After approximately 10 seconds, verify that the port's LED is 10 Mbps, the LED will be amber. The TEST LED is lit, a link has been established to the appropriate following sequence of these conditions does not occur, refer to the connected device. The Internet port LED is properly connected to a functioning power outlet. • Check that you diagnose and solve the problem. c. Power LED Not...
FVS124G Reference Manual
Page 168
... DSL modem, use the cable that power is turned on for the ProSafe VPN Firewall 25 with the cable or DSL modem. Reference Manual for about 10 seconds and then turn off. This cable could be a standard straight-through Ethernet cable or an Ethernet crossover cable. 9-2 Troubleshooting 202-10085-01, March 2005 This will set the firewall's IP address to 192.168.1.1. If the error persists, you are using the correct cable: When connecting the firewall's Internet port to factory defaults...
... DSL modem, use the cable that power is turned on for the ProSafe VPN Firewall 25 with the cable or DSL modem. Reference Manual for about 10 seconds and then turn off. This cable could be a standard straight-through Ethernet cable or an Ethernet crossover cable. 9-2 Troubleshooting 202-10085-01, March 2005 This will set the firewall's IP address to 192.168.1.1. If the error persists, you are using the correct cable: When connecting the firewall's Internet port to factory defaults...
FVS124G Reference Manual
Page 169
... password. If you are using the correct login information. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the Web Configuration Interface If you are unable to access the firewall's Web Configuration interface from the PC to the firewall and reboot your PC. • If your firewall's IP address has been changed and you don't know the current IP address, clear the firewall's configuration to factory defaults. Note: If your browser has Java, JavaScript, or ActiveX enabled. These auto...
... password. If you are using the correct login information. Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the Web Configuration Interface If you are unable to access the firewall's Web Configuration interface from the PC to the firewall and reboot your PC. • If your firewall's IP address has been changed and you don't know the current IP address, clear the firewall's configuration to factory defaults. Note: If your browser has Java, JavaScript, or ActiveX enabled. These auto...
FVS124G Reference Manual
Page 170
... your ISP that it has reacquired sync with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the ISP Connection If your firewall is unable to access the Internet, you have incorrectly set the login name and password. • Your ISP may check for your PC's MAC address. Turn off power to your firewall. 3. Assign the PC Host Name of the firewall's configuration at http://192.168.1.1 3. Reference Manual for the ProSafe VPN Firewall 25 with the ISP, reapply...
... your ISP that it has reacquired sync with 4 Gigabit LAN and Dual WAN Ports Troubleshooting the ISP Connection If your firewall is unable to access the Internet, you have incorrectly set the login name and password. • Your ISP may check for your PC's MAC address. Turn off power to your firewall. 3. Assign the PC Host Name of the firewall's configuration at http://192.168.1.1 3. Reference Manual for the ProSafe VPN Firewall 25 with the ISP, reapply...
FVS124G Reference Manual
Page 173
... factory default configuration settings, changing the firewall's administration password to password and the IP address to reboot. Problems with 4 Gigabit LAN and Dual WAN Ports - You can include: • Date shown is not known. Cause: The firewall has not yet successfully reached a Network Time Server. Release the Default Reset button and wait for cases when the administration password or IP address is January 1, 2000. Your ISP could be rejecting the Ethernet MAC addresses of all but some ISPs additionally restrict access...
... factory default configuration settings, changing the firewall's administration password to password and the IP address to reboot. Problems with 4 Gigabit LAN and Dual WAN Ports - You can include: • Date shown is not known. Cause: The firewall has not yet successfully reached a Network Time Server. Release the Default Reset button and wait for cases when the administration password or IP address is January 1, 2000. Your ISP could be rejecting the Ethernet MAC addresses of all but some ISPs additionally restrict access...