FVS318 Reference Manual
Page 2
... the equipment and receiver. • Connect the equipment into an outlet on a circuit different from that the FVS318 Broadband ProSafe VPN Firewall is shielded against harmful interference in accordance with the limits for help. Conformity is no guarantee that may cause harmful... the product(s) or circuit layout(s) described herein. Trademarks NETGEAR and Auto Uplink are registered trademarks of Netgear, Inc. However, there is declared by NETGEAR, Inc. All rights reserved. Microsoft, Windows, and Windows NT are trademarks or registered trademarks of Microsoft Corporation. ...
... the equipment and receiver. • Connect the equipment into an outlet on a circuit different from that the FVS318 Broadband ProSafe VPN Firewall is shielded against harmful interference in accordance with the limits for help. Conformity is no guarantee that may cause harmful... the product(s) or circuit layout(s) described herein. Trademarks NETGEAR and Auto Uplink are registered trademarks of Netgear, Inc. However, there is declared by NETGEAR, Inc. All rights reserved. Microsoft, Windows, and Windows NT are trademarks or registered trademarks of Microsoft Corporation. ...
FVS318 Reference Manual
Page 16
...printer ink by selecting this feature. • The Full Manual. Click the print icon in the toolbar at the top right of the browser window. - Tip: If your printer supports printing two pages on the upper right of the toolbar to worry about specifying the correct range of ... showing the PDF version of the chapter you were viewing. - A new browser window opens showing the PDF version of the chapter you were viewing. - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall How to Print this Manual To print this manual you man choose one of the following several ...
...printer ink by selecting this feature. • The Full Manual. Click the print icon in the toolbar at the top right of the browser window. - Tip: If your printer supports printing two pages on the upper right of the toolbar to worry about specifying the correct range of ... showing the PDF version of the chapter you were viewing. - A new browser window opens showing the PDF version of the chapter you were viewing. - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall How to Print this Manual To print this manual you man choose one of the following several ...
FVS318 Reference Manual
Page 20
... when you can choose a nonstandard port number. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Easy Installation and Management You can install, configure, and operate the FVS318 within minutes after connecting it to the Web Management Interface from a remote...
... when you can choose a nonstandard port number. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Easy Installation and Management You can install, configure, and operate the FVS318 within minutes after connecting it to the Web Management Interface from a remote...
FVS318 Reference Manual
Page 24
...FVS318 Broadband ProSafe VPN Firewall LAN Configuration Requirements For the initial connection to the Internet and configuration of the options below according to the instructions in "Worksheet for Recording Your Internet Connection Information" on page 3-3. 3-2 Connecting the Firewall...get its TCP/IP configuration from that computer. • For Windows 95/98/ME, open the Network control panel, select the TCP/IP entry...You may also refer to the FVS318 Resource CD (SW-10021-01) for the NETGEAR Router ISP Guide which is set to the firewall which provides Internet connection information for...
...FVS318 Broadband ProSafe VPN Firewall LAN Configuration Requirements For the initial connection to the Internet and configuration of the options below according to the instructions in "Worksheet for Recording Your Internet Connection Information" on page 3-3. 3-2 Connecting the Firewall...get its TCP/IP configuration from that computer. • For Windows 95/98/ME, open the Network control panel, select the TCP/IP entry...You may also refer to the FVS318 Resource CD (SW-10021-01) for the NETGEAR Router ISP Guide which is set to the firewall which provides Internet connection information for...
FVS318 Reference Manual
Page 29
...d. For security reasons, the firewall has its own user name and password. Connecting the Firewall to the Internet Figure 3-6: Setup Wizard a. When prompted, enter admin for the firewall User Name and password for the Model FVS318 Broadband ProSafe VPN Firewall A login window opens as any user name or... password you were unable to connect to the firewall, please refer to your Internet connection. 3. Note: The...
...d. For security reasons, the firewall has its own user name and password. Connecting the Firewall to the Internet Figure 3-6: Setup Wizard a. When prompted, enter admin for the firewall User Name and password for the Model FVS318 Broadband ProSafe VPN Firewall A login window opens as any user name or... password you were unable to connect to the firewall, please refer to your Internet connection. 3. Note: The...
FVS318 Reference Manual
Page 59
...and renew. Type the MAC Address of Windows. Note: Reboot the PC to the PC or server. This allows your network, you can copy its local network. Click Edit or Delete. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The Firewall will deliver the following parameters to any ...to the reserved address you connect to edit or delete. 2. Reserved IP addresses should be assigned until the next time the PC contacts the router's DHCP server. Advanced WAN and LAN Configuration 5-9 M-10146-01 To reserve an IP address: 1. To edit or delete a reserved address ...
...and renew. Type the MAC Address of Windows. Note: Reboot the PC to the PC or server. This allows your network, you can copy its local network. Click Edit or Delete. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The Firewall will deliver the following parameters to any ...to the reserved address you connect to edit or delete. 2. Reserved IP addresses should be assigned until the next time the PC contacts the router's DHCP server. Advanced WAN and LAN Configuration 5-9 M-10146-01 To reserve an IP address: 1. To edit or delete a reserved address ...
FVS318 Reference Manual
Page 66
... for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to your network is the other initiators can know its IP address. • Security Association (SA). However, due to variations in how manufacturers interpret these two kinds of the router. Please see NETGEAR's web site for Windows. Understanding How FVS318 VPN Tunnels Are Configured...
... for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to your network is the other initiators can know its IP address. • Security Association (SA). However, due to variations in how manufacturers interpret these two kinds of the router. Please see NETGEAR's web site for Windows. Understanding How FVS318 VPN Tunnels Are Configured...
FVS318 Reference Manual
Page 77
... look like this: FVS318 A 24.0.0.1 VPN Tunnel FVS318 B 10.0.0.1 192.168.3.1 192.168.0.1 Figure 6-8: Network configuration 2. From the main menu, click the VPN Settings link, click the radio button of http://192.168.3.1. Reboot all computers on each FVS318. a. Main Mode window: LAN A LAN B From FVS B From FVS A Figure 6-9: VPN Settings - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall d.
... look like this: FVS318 A 24.0.0.1 VPN Tunnel FVS318 B 10.0.0.1 192.168.3.1 192.168.0.1 Figure 6-8: Network configuration 2. From the main menu, click the VPN Settings link, click the radio button of http://192.168.3.1. Reboot all computers on each FVS318. a. Main Mode window: LAN A LAN B From FVS B From FVS A Figure 6-9: VPN Settings - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall d.
FVS318 Reference Manual
Page 79
...r>T(h4&3@#kB as Network Neighborhood, click the NETBIOS Enable check box to the FVS318 on LAN A, on the Windows taskbar click the Start button, and then click Run. Default is used for each FVS318: • Enable Perfect Forward Secrecy. • For Encryption Protocol, select:... then click OK. With IKE, a pre-shared key that FVS318's network. The Pre-Shared Key should be temporarily disconnected upon renegotiation. Click Apply to the other FVS318. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The IKE settings for mutual identification. If you make up is...
...r>T(h4&3@#kB as Network Neighborhood, click the NETBIOS Enable check box to the FVS318 on LAN A, on the Windows taskbar click the Start button, and then click Run. Default is used for each FVS318: • Enable Perfect Forward Secrecy. • For Encryption Protocol, select:... then click OK. With IKE, a pre-shared key that FVS318's network. The Pre-Shared Key should be temporarily disconnected upon renegotiation. Click Apply to the other FVS318. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The IKE settings for mutual identification. If you make up is...
FVS318 Reference Manual
Page 80
...connected to the Internet through a simple cable/DSL router, or if you wish to use different VPN client software, please refer to NETGEAR's web site for the Model FVS318 Broadband ProSafe VPN Firewall c. The PC must have a VPN client program that your remote PC is connected through...different, for example, if your VPN connection is established. Now that supports IPSec. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for Windows. The SafeNet VPN Client can be purchased from "timed out" to Network VPN This procedure describes linking a remote...
...connected to the Internet through a simple cable/DSL router, or if you wish to use different VPN client software, please refer to NETGEAR's web site for the Model FVS318 Broadband ProSafe VPN Firewall c. The PC must have a VPN client program that your remote PC is connected through...different, for example, if your VPN connection is established. Now that supports IPSec. NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for Windows. The SafeNet VPN Client can be purchased from "timed out" to Network VPN This procedure describes linking a remote...
FVS318 Reference Manual
Page 81
... Forward Secrecy: Enabled Encryption Protocol -- To configure the Firewall, follow these steps: a. From the Setup Menu, click the VPN Settings link, then click Add to Network IKE VPN Tunnel Settings Configuration Worksheet" on LAN A. IKE window opens as shown below: Virtual Private Networking M-10146-01... 6-17 Null, DES, 3DES, or AES -128, -192, or -256: DES Key Life in seconds: 3600 (1 hour) IKE Life Time in the procedure below. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The...
... Forward Secrecy: Enabled Encryption Protocol -- To configure the Firewall, follow these steps: a. From the Setup Menu, click the VPN Settings link, then click Add to Network IKE VPN Tunnel Settings Configuration Worksheet" on LAN A. IKE window opens as shown below: Virtual Private Networking M-10146-01... 6-17 Null, DES, 3DES, or AES -128, -192, or -256: DES Key Life in seconds: 3600 (1 hour) IKE Life Time in the procedure below. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The...
FVS318 Reference Manual
Page 83
... Neighborhood, click the NETBIOS Enable check box to allow NETBIOS traffic over the VPN tunnel. You can disregard this message. • Install the IPSec Component. Reboot your Windows CD to install either or both of the VPN Adapter or the IPSec Component. You may have the option to complete the... FQDN, that side must always initiate the connection. Default is 3600 seconds (1 hour) • IKE Life Time - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Remote WAN IP Address: 0.0.0.0 since the remote PC has a dynamically assigned IP address.
... Neighborhood, click the NETBIOS Enable check box to allow NETBIOS traffic over the VPN tunnel. You can disregard this message. • Install the IPSec Component. Reboot your Windows CD to install either or both of the VPN Adapter or the IPSec Component. You may have the option to complete the... FQDN, that side must always initiate the connection. Default is 3600 seconds (1 hour) • IKE Life Time - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Remote WAN IP Address: 0.0.0.0 since the remote PC has a dynamically assigned IP address.
FVS318 Reference Manual
Page 86
Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall d. Configure the VPN Client Identity In this step, you configured in the FVS318. - Either a fixed IP address or a "fixed virtual" IP address of the VPN client PC. • In the Network Security Policy list on My Identity. 6-22 M-10146-...Policy Editor Global Policy Options • From the Options menu at the top of the Security Policy Editor window, click on the left side of the Security Policy Editor window, select Global Policy Settings. • Increase the Retransmit Interval period to 45 seconds. • Check...
Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall d. Configure the VPN Client Identity In this step, you configured in the FVS318. - Either a fixed IP address or a "fixed virtual" IP address of the VPN client PC. • In the Network Security Policy list on My Identity. 6-22 M-10146-...Policy Editor Global Policy Options • From the Options menu at the top of the Security Policy Editor window, click on the left side of the Security Policy Editor window, select Global Policy Settings. • Increase the Retransmit Interval period to 45 seconds. • Check...
FVS318 Reference Manual
Page 87
...may also choose Any if you will provide the type of the Security Policy Editor window, expand the Security Policy heading by double clicking its name or clicking on the "+" symbol. Configure the VPN Client Authentication Proposal. Select PPP Adapter in the ID Type menu. Note that this...be switching between adapters or if you have only one adapter. • Click the Pre-Shared Key button. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Figure 6-17: Security Policy Editor My Identity • Choose None in the Select Certificate menu. • Select IP Address in the ...
...may also choose Any if you will provide the type of the Security Policy Editor window, expand the Security Policy heading by double clicking its name or clicking on the "+" symbol. Configure the VPN Client Authentication Proposal. Select PPP Adapter in the ID Type menu. Note that this...be switching between adapters or if you have only one adapter. • Click the Pre-Shared Key button. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Figure 6-17: Security Policy Editor My Identity • Choose None in the Select Certificate menu. • Select IP Address in the ...
FVS318 Reference Manual
Page 88
...of encryption to correspond with what you configured for this step, you configured for the Model FVS318 Broadband ProSafe VPN Firewall • Expand the Authentication subheading by double clicking its name or clicking on the "+" ...window, select Save Changes. In this connection. Configure the VPN Client Key Exchange Proposal. This selection must match your PC will automatically open the VPN connection when you attempt to access any IP addresses in the FVS318... Encrypt Alg menu, select the type of the remote VPN router's LAN. 6-24 M-10146-01 Virtual Private Networking g.
...of encryption to correspond with what you configured for this step, you configured for the Model FVS318 Broadband ProSafe VPN Firewall • Expand the Authentication subheading by double clicking its name or clicking on the "+" ...window, select Save Changes. In this connection. Configure the VPN Client Key Exchange Proposal. This selection must match your PC will automatically open the VPN connection when you attempt to access any IP addresses in the FVS318... Encrypt Alg menu, select the type of the remote VPN router's LAN. 6-24 M-10146-01 Virtual Private Networking g.
FVS318 Reference Manual
Page 89
Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall 3. Another method is established, you can open the browser of the remote PC and enter the LAN IP Address of the Firewall. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. To perform a ...Virtual Private Networking M-10146-01 6-25 On the Windows taskbar, click the Start button, and then click Run. c. Type ping -t 192.168.3.1 , and then click OK. The SafeNet client will cause a continuous ping to be sent to the FVS318's network by using our example, start from the...
Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall 3. Another method is established, you can open the browser of the remote PC and enter the LAN IP Address of the Firewall. Since the remote PC has a dynamically assigned WAN IP address, it must initiate the request. To perform a ...Virtual Private Networking M-10146-01 6-25 On the Windows taskbar, click the Start button, and then click Run. c. Type ping -t 192.168.3.1 , and then click OK. The SafeNet client will cause a continuous ping to be sent to the FVS318's network by using our example, start from the...
FVS318 Reference Manual
Page 90
... Networking The Log Viewer screen for a successful connection is shown below: Figure 6-20: Log Viewer screen The Connection Monitor screen for the Model FVS318 Broadband ProSafe VPN Firewall Monitoring the PC VPN Connection Using SafeNet Tools Information on the Windows Start button, then select Programs, then SafeNet SoftRemote, then either the Connection Monitor or Log Viewer.
... Networking The Log Viewer screen for a successful connection is shown below: Figure 6-20: Log Viewer screen The Connection Monitor screen for the Model FVS318 Broadband ProSafe VPN Firewall Monitoring the PC VPN Connection Using SafeNet Tools Information on the Windows Start button, then select Programs, then SafeNet SoftRemote, then either the Connection Monitor or Log Viewer.
FVS318 Reference Manual
Page 99
...window. The time elapsed since this port since reset or manual clear. Managing Your Network 7-3 M-10146-01 The time elapsed since reset or manual clear. Click on Stop to display firewall... usage statistics, as shown in this port since the last power cycle or reset. The number of packets received on this port acquired link. Router Statistics Fields ...used on this port since reset or manual clear. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Click on the "Show Statistics" button to freeze the display. Specifies the intervals ...
...window. The time elapsed since this port since reset or manual clear. Managing Your Network 7-3 M-10146-01 The time elapsed since reset or manual clear. Click on Stop to display firewall... usage statistics, as shown in this port since the last power cycle or reset. The number of packets received on this port acquired link. Router Statistics Fields ...used on this port since reset or manual clear. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Click on the "Show Statistics" button to freeze the display. Specifies the intervals ...
FVS318 Reference Manual
Page 110
... the window, clicking a link, or loading a new page. Reference Manual for the firewall. 3. The upgrade process will automatically restart. When the upload is complete, your firewall will typically take about one minute. Log in Figure 7-10. Figure 7-10: Router Upgrade menu 4. In some cases, you have chosen for the Model FVS318 Broadband ProSafe VPN Firewall 2. In the Router Upgrade...
... the window, clicking a link, or loading a new page. Reference Manual for the firewall. 3. The upgrade process will automatically restart. When the upload is complete, your firewall will typically take about one minute. Log in Figure 7-10. Figure 7-10: Router Upgrade menu 4. In some cases, you have chosen for the Model FVS318 Broadband ProSafe VPN Firewall 2. In the Router Upgrade...
FVS318 Reference Manual
Page 113
...Configuration Interface, check the following : • Check the Ethernet connection between the PC and the firewall as described in the range of Windows and MacOS will set the firewall's IP address to factory defaults. This will generate and assign an IP address if the computer ...LOCK is explained in this information. Refer to "Verifying TCP/IP Properties" on page C-6 or "Configuring the Macintosh for the Model FVS318 Broadband ProSafe VPN Firewall • Make sure that power is on to configure your local network, check the following : Troubleshooting 8-3 M-10146-01 These auto...
...Configuration Interface, check the following : • Check the Ethernet connection between the PC and the firewall as described in the range of Windows and MacOS will set the firewall's IP address to factory defaults. This will generate and assign an IP address if the computer ...LOCK is explained in this information. Refer to "Verifying TCP/IP Properties" on page C-6 or "Configuring the Macintosh for the Model FVS318 Broadband ProSafe VPN Firewall • Make sure that power is on to configure your local network, check the following : Troubleshooting 8-3 M-10146-01 These auto...