FVS318 Reference Manual
Page 28
... or DSL modem. Log in to stop blinking. 2. Now that the Cable or DSL Modem, firewall, and the computer are turned on, verify the following: • When power on the firewall was first turned on, the PWR light went off after approximately 10 seconds. • The...this. Now, turn on the Cable or DSL modem and wait about 30 seconds for the Model FVS318 Broadband ProSafe VPN Firewall e. Turn on your Internet connection, do not run software to log in to the firewall 3-6 Connecting the Firewall to stop blinking. Reference Manual for the lights to the Internet M-10146-01
... or DSL modem. Log in to stop blinking. 2. Now that the Cable or DSL Modem, firewall, and the computer are turned on, verify the following: • When power on the firewall was first turned on, the PWR light went off after approximately 10 seconds. • The...this. Now, turn on the Cable or DSL modem and wait about 30 seconds for the Model FVS318 Broadband ProSafe VPN Firewall e. Turn on your Internet connection, do not run software to log in to the firewall 3-6 Connecting the Firewall to stop blinking. Reference Manual for the lights to the Internet M-10146-01
FVS318 Reference Manual
Page 66
... Manual for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to define the authentication scheme and automatically generate the encryption keys. NETGEAR provides support for connections between NETGEAR VPN Firewalls, and between an FVS318 VPN Firewall and the SafeNet SoftRemote VPN Client for additional VPN information. Understanding How FVS318 VPN Tunnels Are Configured You create VPN tunnels definitions via the...
... Manual for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to define the authentication scheme and automatically generate the encryption keys. NETGEAR provides support for connections between NETGEAR VPN Firewalls, and between an FVS318 VPN Firewall and the SafeNet SoftRemote VPN Client for additional VPN information. Understanding How FVS318 VPN Tunnels Are Configured You create VPN tunnels definitions via the...
FVS318 Reference Manual
Page 73
...To set up a VPN, it is helpful to plan the network configuration and record the configuration parameters on the NETGEAR web site at the end of this chapter on one hour). You must configure each endpoint with various gateway and client software products. more secure Enter...connection information describing the other end, and vice versa. These topics are provided at www.netgear.com/docs/ for the Model FVS318 Broadband ProSafe VPN Firewall Table 6-1. If you must configure the outbound VPN settings on page 6-31. These topics are discussed below and a blank worksheets are ...
...To set up a VPN, it is helpful to plan the network configuration and record the configuration parameters on the NETGEAR web site at the end of this chapter on one hour). You must configure each endpoint with various gateway and client software products. more secure Enter...connection information describing the other end, and vice versa. These topics are provided at www.netgear.com/docs/ for the Model FVS318 Broadband ProSafe VPN Firewall Table 6-1. If you must configure the outbound VPN settings on page 6-31. These topics are discussed below and a blank worksheets are ...
FVS318 Reference Manual
Page 80
...router, or if you wish to use different VPN client software, please refer to "reply." The SafeNet VPN Client can be purchased from "timed out" to NETGEAR's web site for example, if your VPN connection is working, whenever a PC on the second LAN needs to access an IP address on the first LAN, the Firewalls... will cause a continuous ping to be sent to the Internet using an FVS318 with a fixed IP address. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVS318 Broadband ProSafe VPN Firewall c. This will ...
...router, or if you wish to use different VPN client software, please refer to "reply." The SafeNet VPN Client can be purchased from "timed out" to NETGEAR's web site for example, if your VPN connection is working, whenever a PC on the second LAN needs to access an IP address on the first LAN, the Firewalls... will cause a continuous ping to be sent to the Internet using an FVS318 with a fixed IP address. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVS318 Broadband ProSafe VPN Firewall c. This will ...
FVS318 Reference Manual
Page 83
... installed." Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Remote WAN IP Address: 0.0.0.0 since the remote PC has a dynamically assigned IP address. e. Default is 28800 seconds (8 hours). Install the SafeNet Secure VPN Client. • You may be temporarily disconnected upon renegotiation. Set Up the SafeNet VPN Client Software on your PC. You can disregard...
... installed." Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Remote WAN IP Address: 0.0.0.0 since the remote PC has a dynamically assigned IP address. e. Default is 28800 seconds (8 hours). Install the SafeNet Secure VPN Client. • You may be temporarily disconnected upon renegotiation. Set Up the SafeNet VPN Client Software on your PC. You can disregard...
FVS318 Reference Manual
Page 85
.... • Check the Enable Perfect Forward Secrecy (PFS) checkbox. • Select Diffie-Hellman Group 1 for the Model FVS318 Broadband ProSafe VPN Firewall c. Figure 6-15: Security Policy Editor Security Policy • Select Main Mode in the SafeNet VPN Client Software. • In the Network Security Policy list, expand the new connection by double clicking its name or...
.... • Check the Enable Perfect Forward Secrecy (PFS) checkbox. • Select Diffie-Hellman Group 1 for the Model FVS318 Broadband ProSafe VPN Firewall c. Figure 6-15: Security Policy Editor Security Policy • Select Main Mode in the SafeNet VPN Client Software. • In the Network Security Policy list, expand the new connection by double clicking its name or...
FVS318 Reference Manual
Page 109
...uploads. Enter the IP address that will type your router's WAN IP address into the firewall must first extract the binary (.BIN or .IMG) file before uploading it to Upgrade the Router's Firmware The software of the FVS318 VPN Firewall is 134.177.0.123 and you can be used ...Model FVS318 Broadband ProSafe VPN Firewall a. For greater security, you use the number of IP addresses on the Internet, select Only this PC. Managing Your Network M-10146-01 7-13 Click Apply to define the allowed range. To allow access from NETGEAR's website. Download and unzip the new software ...
...uploads. Enter the IP address that will type your router's WAN IP address into the firewall must first extract the binary (.BIN or .IMG) file before uploading it to Upgrade the Router's Firmware The software of the FVS318 VPN Firewall is 134.177.0.123 and you can be used ...Model FVS318 Broadband ProSafe VPN Firewall a. For greater security, you use the number of IP addresses on the Internet, select Only this PC. Managing Your Network M-10146-01 7-13 Click Apply to define the allowed range. To allow access from NETGEAR's website. Download and unzip the new software ...
FVS318 Reference Manual
Page 110
... FVS318 Broadband ProSafe VPN Firewall 2. When the upload is important not to locate the binary (.BIN or .IMG) upgrade file. 5. Reference Manual for the firewall. 3. Log in Figure 7-10. From the Main Menu of password, or using whatever User Name, Password and LAN address you may corrupt the software....Web browser by closing the window, clicking a link, or loading a new page. Figure 7-10: Router Upgrade menu 4. Note: When uploading software to the firewall, it may need to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default...
... FVS318 Broadband ProSafe VPN Firewall 2. When the upload is important not to locate the binary (.BIN or .IMG) upgrade file. 5. Reference Manual for the firewall. 3. Log in Figure 7-10. From the Main Menu of password, or using whatever User Name, Password and LAN address you may corrupt the software....Web browser by closing the window, clicking a link, or loading a new page. Figure 7-10: Router Upgrade menu 4. Note: When uploading software to the firewall, it may need to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default...
FVS318 Reference Manual
Page 116
...Start button and select Run. 2. Verify that the IP address for your firewall and your workstation are correct and that the Ethernet card driver software and TCP/IP software are connected to your workstation and firewall. • Wrong network configuration - In the field provided, type Ping ... to verify that are both installed and configured on the same subnet. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Testing the LAN Path to Your Firewall You can ping the firewall from your PC to a remote device. Click on page 8-2. - Check that the corresponding Link ...
...Start button and select Run. 2. Verify that the IP address for your firewall and your workstation are correct and that the Ethernet card driver software and TCP/IP software are connected to your workstation and firewall. • Wrong network configuration - In the field provided, type Ping ... to verify that are both installed and configured on the same subnet. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Testing the LAN Path to Your Firewall You can ping the firewall from your PC to a remote device. Click on page 8-2. - Check that the corresponding Link ...
FVS318 Reference Manual
Page 122
...maintain a picture of the network is used by a router to enter into two parts. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Routing Information Protocol One of the protocols used by the TCP/IP software to the routing table. Blocks of addresses are five ... which each address type. Using RIP, routers periodically update one another and check for most home applications. The Internet Protocol (IP) uses a 32-bit address structure. Among other improvements, RIP-2 supports subnet and multicast protocols. The FVS318 VPN Firewall supports both the older RIP-1 and the...
...maintain a picture of the network is used by a router to enter into two parts. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Routing Information Protocol One of the protocols used by the TCP/IP software to the routing table. Blocks of addresses are five ... which each address type. Using RIP, routers periodically update one another and check for most home applications. The Internet Protocol (IP) uses a 32-bit address structure. Among other improvements, RIP-2 supports subnet and multicast protocols. The FVS318 VPN Firewall supports both the older RIP-1 and the...
FVS318 Reference Manual
Page 137
... to connect to the Internet through the FVS318 Broadband ProSafe VPN Firewall and how to verify the readiness of broadband Internet service from an Internet service provider (ISP). If a Network Interface Card (NIC) is probably already installed as NetManage Chameleon. • Macintosh Operating System 7 or later includes the software components for TCP/IP Networking Computers...
... to connect to the Internet through the FVS318 Broadband ProSafe VPN Firewall and how to verify the readiness of broadband Internet service from an Internet service provider (ISP). If a Network Interface Card (NIC) is probably already installed as NetManage Chameleon. • Macintosh Operating System 7 or later includes the software components for TCP/IP Networking Computers...
FVS318 Reference Manual
Page 138
...information automatically from a DHCP server during the TCP/IP installation process. Before starting, locate your operating system or networking software to install TCP/IP on each PC and the firewall must also have certain other IP configuration information such as a DHCP server. you need to Settings, and then ...CD; For a detailed explanation of the meaning and purpose of UNIX or Linux include TCP/IP components. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • All versions of these configuration items, refer to "Appendix B, "Networks, Routing, and...
...information automatically from a DHCP server during the TCP/IP installation process. Before starting, locate your operating system or networking software to install TCP/IP on each PC and the firewall must also have certain other IP configuration information such as a DHCP server. you need to Settings, and then ...CD; For a detailed explanation of the meaning and purpose of UNIX or Linux include TCP/IP components. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • All versions of these configuration items, refer to "Appendix B, "Networks, Routing, and...
FVS318 Reference Manual
Page 167
...negotiation 1. Each gateway must negotiate its Security Association with Host B. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall VPN Gateway A VPN Tunnel VPN Gateway B Figure D-5: VPN Tunnel SA The SA contains all the information necessary for gateway A to the gateways. The ... and encrypted communication stream with gateway B. VPN Gateway IPSec Security Association IKE VPN Tunnel Negotiation Steps 1) Communication request sent to as a "tunnel." Virtual Private Networking D-9 M-10146-01 The IPSec software on both gateways. Alternatively, you can ...
...negotiation 1. Each gateway must negotiate its Security Association with Host B. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall VPN Gateway A VPN Tunnel VPN Gateway B Figure D-5: VPN Tunnel SA The SA contains all the information necessary for gateway A to the gateways. The ... and encrypted communication stream with gateway B. VPN Gateway IPSec Security Association IKE VPN Tunnel Negotiation Steps 1) Communication request sent to as a "tunnel." Virtual Private Networking D-9 M-10146-01 The IPSec software on both gateways. Alternatively, you can ...
FVS318 Reference Manual
Page 204
... encryption technique in October 2000, replacing the DES encryption it is given a timestamp. ARP See "ADSL" on page 2. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Advanced Network Device Layer/Software Term for transporting traffic between network segments. 2 Glossary M-10146-01 AES Advanced Encryption Standard, a symmetric 128-bit block data encryption technique. API...
... encryption technique in October 2000, replacing the DES encryption it is given a timestamp. ARP See "ADSL" on page 2. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Advanced Network Device Layer/Software Term for transporting traffic between network segments. 2 Glossary M-10146-01 AES Advanced Encryption Standard, a symmetric 128-bit block data encryption technique. API...
FVS318 Reference Manual
Page 207
... still connected. F Fast Ethernet An Ethernet system that provides the ADSL signal. Dynamic addressing simplifies network administration because the software tracks IP addresses rather than requiring an administrator to the network. In some systems, the device's IP address can also...as source address, destination address, or protocol. Filtering is used to determine whether traffic is a protocol for the Model FVS318 Broadband ProSafe VPN Firewall DSLAM DSL Access Multiplexor. DHCP is to be added to operate at the telephone company central office that is checked ...
... still connected. F Fast Ethernet An Ethernet system that provides the ADSL signal. Dynamic addressing simplifies network administration because the software tracks IP addresses rather than requiring an administrator to the network. In some systems, the device's IP address can also...as source address, destination address, or protocol. Filtering is used to determine whether traffic is a protocol for the Model FVS318 Broadband ProSafe VPN Firewall DSLAM DSL Access Multiplexor. DHCP is to be added to operate at the telephone company central office that is checked ...
FVS318v3 Reference Manual
Page 7
... Scenario 1: FVS318v3 to Gateway B IKE and VPN Policies 6-16 How to Check VPN Connections 6-21 Testing the Gateway A FVS318v3 LAN and the Gateway B LAN 6-21 FVS318v3 Scenario 2: FVS318v3 to FVS318v3 with RSA Certificates 6-22 Chapter 7 Maintenance Viewing VPN Firewall Status Information 7-1 Viewing a List of Attached Devices 7-5 Upgrading the Firewall Software 7-5 Configuration File Management 7-7 Contents vii January...
... Scenario 1: FVS318v3 to Gateway B IKE and VPN Policies 6-16 How to Check VPN Connections 6-21 Testing the Gateway A FVS318v3 LAN and the Gateway B LAN 6-21 FVS318v3 Scenario 2: FVS318v3 to FVS318v3 with RSA Certificates 6-22 Chapter 7 Maintenance Viewing VPN Firewall Status Information 7-1 Viewing a List of Attached Devices 7-5 Upgrading the Firewall Software 7-5 Configuration File Management 7-7 Contents vii January...
FVS318v3 Reference Manual
Page 23
... Cables-1.5, 3, 5, 10, and 30 m lengths VPN01L and VPN05L ProSafe VPN Client Software NETGEAR Product Registration, Support, and Documentation Register your product at http://kbserver.netgear.com. Registration is available on the Resource CD and at http://www.NETGEAR.com/register. Introduction 2-7 January 2005 Reference Manual for the ProSafe VPN Firewall FVS318v3 • DC power input • ON/OFF switch...
... Cables-1.5, 3, 5, 10, and 30 m lengths VPN01L and VPN05L ProSafe VPN Client Software NETGEAR Product Registration, Support, and Documentation Register your product at http://kbserver.netgear.com. Registration is available on the Resource CD and at http://www.NETGEAR.com/register. Introduction 2-7 January 2005 Reference Manual for the ProSafe VPN Firewall FVS318v3 • DC power input • ON/OFF switch...
FVS318v3 Reference Manual
Page 27
... software logs you from connecting to the Internet. Connecting the Firewall to restart your computer. Now, plug in the power cord to restart your VPN firewall router and wait one minute. First, turn on the broadband modem and wait two minutes. Reference Manual for the ProSafe VPN Firewall... the blue cable that software. D Blue NETGEAR Cable C Computer Firewall Local Ports Figure 3-3: Connect the computer to the Internet, do not run that came with your VPN firewall router (the blue NETGEAR cable in the diagram below) into a LOCAL port on the firewall such as LOCAL port ...
... software logs you from connecting to the Internet. Connecting the Firewall to restart your computer. Now, plug in the power cord to restart your VPN firewall router and wait one minute. First, turn on the broadband modem and wait two minutes. Reference Manual for the ProSafe VPN Firewall... the blue cable that software. D Blue NETGEAR Cable C Computer Firewall Local Ports Figure 3-3: Connect the computer to the Internet, do not run that came with your VPN firewall router (the blue NETGEAR cable in the diagram below) into a LOCAL port on the firewall such as LOCAL port ...
FVS318v3 Reference Manual
Page 58
The FVS318v3 supports both of these types of VPN Configuration Two common scenarios for the ProSafe VPN Firewall FVS318v3 Overview of VPN configurations. FVS318 24.0.0.1 VPN Tunnel 192.168.3.1 PCs Figure 5-1: Client-to-gateway VPN tunnel A VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running the VPN client software. In this configuration. See "How to...
The FVS318v3 supports both of these types of VPN Configuration Two common scenarios for the ProSafe VPN Firewall FVS318v3 Overview of VPN configurations. FVS318 24.0.0.1 VPN Tunnel 192.168.3.1 PCs Figure 5-1: Client-to-gateway VPN tunnel A VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running the VPN client software. In this configuration. See "How to...
FVS318v3 Reference Manual
Page 60
...- 128 bits, faster but more secure. Note: NETGEAR publishes additional interoperability scenarios with three different, unrelated keys. - Reference Manual for the ProSafe VPN Firewall FVS318v3 FQDNs supplied by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Authentication ...VPN tunnels? - AES • What level of security by encrypting the data three times using a dynamic IP address must always be the initiator. • What method will you use ? - Otherwise, the side using DES with various gateway and client software...
...- 128 bits, faster but more secure. Note: NETGEAR publishes additional interoperability scenarios with three different, unrelated keys. - Reference Manual for the ProSafe VPN Firewall FVS318v3 FQDNs supplied by the VPNC and used in the VPN Wizard Parameter Secure Association Authentication Method Encryption Method Authentication ...VPN tunnels? - AES • What level of security by encrypting the data three times using a dynamic IP address must always be the initiator. • What method will you use ? - Otherwise, the side using DES with various gateway and client software...