FVS318 Reference Manual
Page 17
... FVS318 VPN Firewall provides a secure encrypted connection between your network from attacks and intrusions. It includes the following features. • Trustworthy VPN Communications Over the Internet • A Powerful, True Firewall • Content Filtering • Auto Uplink Ethernet Connection • Extensive Protocol Support • Easy Installation and Management • Helpful Status Indicators A description of the NETGEAR FVS318 Broadband ProSafe VPN Firewall...
... FVS318 VPN Firewall provides a secure encrypted connection between your network from attacks and intrusions. It includes the following features. • Trustworthy VPN Communications Over the Internet • A Powerful, True Firewall • Content Filtering • Auto Uplink Ethernet Connection • Extensive Protocol Support • Easy Installation and Management • Helpful Status Indicators A description of the NETGEAR FVS318 Broadband ProSafe VPN Firewall...
FVS318 Reference Manual
Page 18
... content by screening for the Model FVS318 Broadband ProSafe VPN Firewall • Supports 8 VPN connections. • Supports industry standard VPN protocols The FVS318 VPN Firewall supports standard Manual or IKE keying methods, standard MD5 and SHA-1 authentication methods, and standard DES, 3DES, and AES encryption methods. A Powerful, True Firewall Unlike simple Internet sharing NAT routers, the FVS318 is compatible with many other...
... content by screening for the Model FVS318 Broadband ProSafe VPN Firewall • Supports 8 VPN connections. • Supports industry standard VPN protocols The FVS318 VPN Firewall supports standard Manual or IKE keying methods, standard MD5 and SHA-1 authentication methods, and standard DES, 3DES, and AES encryption methods. A Powerful, True Firewall Unlike simple Internet sharing NAT routers, the FVS318 is compatible with many other...
FVS318 Reference Manual
Page 24
...Please refer to the Internet. Once you locate your Internet configuration parameters, you may also refer to the FVS318 Resource CD (SW-10021-01) for the NETGEAR Router ISP Guide which is set up your Internet account, you will need one of the options below according ... open the TCP/IP or Network control panel. • You may want to record them on page 3-3. 3-2 Connecting the Firewall to the Internet M-10146-01 Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall LAN Configuration Requirements For the initial connection to the Internet and configuration of your...
...Please refer to the Internet. Once you locate your Internet configuration parameters, you may also refer to the FVS318 Resource CD (SW-10021-01) for the NETGEAR Router ISP Guide which is set up your Internet account, you will need one of the options below according ... open the TCP/IP or Network control panel. • You may want to record them on page 3-3. 3-2 Connecting the Firewall to the Internet M-10146-01 Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall LAN Configuration Requirements For the initial connection to the Internet and configuration of your...
FVS318 Reference Manual
Page 27
.... B Cable or DSL modem Figure 3-3: Connect the computers on the router to the firewall Note: The FVS318 VPN Firewall incorporates Auto UplinkTM technology. Each LAN Ethernet port will accommodate either type of cable to the firewall d. connecting to a switch or hub). connecting to a PC) or... cable (A) from a Local port on your network to your Cable or DSL modem to the FVS318's Internet port. A Cable or DSL modem Figure 3-2: Connect the Cable or DSL Modem to make the right connection. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall c.
.... B Cable or DSL modem Figure 3-3: Connect the computers on the router to the firewall Note: The FVS318 VPN Firewall incorporates Auto UplinkTM technology. Each LAN Ethernet port will accommodate either type of cable to the firewall d. connecting to a switch or hub). connecting to a PC) or... cable (A) from a Local port on your network to your Cable or DSL modem to the FVS318's Internet port. A Cable or DSL modem Figure 3-2: Connect the Cable or DSL Modem to make the right connection. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall c.
FVS318 Reference Manual
Page 31
...Setup Wizard menu for the Model FVS318 Broadband ProSafe VPN Firewall Wizard-Detected PPPoE Option If the Setup Wizard determines that your ISP. Enter your Account Name (may also be necessary to access your ISP's services such as PPP over Ethernet (PPPoE), you will keep the router connected to a menu like ...IP address of your Internet service account uses a login protocol such as mail or news servers. When you start an Internet application, your firewall will automatically log you know that your ISP's Primary DNS Server. If you may be called Host Name) and Domain Name. If ...
...Setup Wizard menu for the Model FVS318 Broadband ProSafe VPN Firewall Wizard-Detected PPPoE Option If the Setup Wizard determines that your ISP. Enter your Account Name (may also be necessary to access your ISP's services such as PPP over Ethernet (PPPoE), you will keep the router connected to a menu like ...IP address of your Internet service account uses a login protocol such as mail or news servers. When you start an Internet application, your firewall will automatically log you know that your ISP's Primary DNS Server. If you may be called Host Name) and Domain Name. If ...
FVS318 Reference Manual
Page 33
...Router's MAC Address is a host on the Internet port. Note: Some ISPs will be using . You must obtain it manually here. Typically your ISP transfers the IP address of the network interface card in Figure 3-9 below: Figure 3-9: Setup Wizard menu for the Model FVS318 Broadband ProSafe VPN Firewall... A DNS server is the Ethernet MAC address that your PCs after configuring the firewall. 3. If your firewall to masquerade as www.netgear.com) to numeric IP addresses. This feature allows your...
...Router's MAC Address is a host on the Internet port. Note: Some ISPs will be using . You must obtain it manually here. Typically your ISP transfers the IP address of the network interface card in Figure 3-9 below: Figure 3-9: Setup Wizard menu for the Model FVS318 Broadband ProSafe VPN Firewall... A DNS server is the Ethernet MAC address that your PCs after configuring the firewall. 3. If your firewall to masquerade as www.netgear.com) to numeric IP addresses. This feature allows your...
FVS318 Reference Manual
Page 34
... your ISP's gateway router. You will need the configuration parameters from your ISP you must obtain DNS server addresses from the Setup Basic Settings link, click on page 3-3. 2. For a fixed IP address configuration, you recorded in "Worksheet for the Model FVS318 Broadband ProSafe VPN Firewall 1. Log in , or disconnect. If the NETGEAR website does not appear...
... your ISP's gateway router. You will need the configuration parameters from your ISP you must obtain DNS server addresses from the Setup Basic Settings link, click on page 3-3. 2. For a fixed IP address configuration, you recorded in "Worksheet for the Model FVS318 Broadband ProSafe VPN Firewall 1. Log in , or disconnect. If the NETGEAR website does not appear...
FVS318 Reference Manual
Page 36
...available, enter it . Select Yes if you are now using the one PC that is the ISP's router to access the Internet. When you start an Internet application, your firewall will then capture and use the MAC address of the main menu. 3. Enter the IP address that you... normally must be used by "cloning" its MAC address. Domain Name Server (DNS) Address: If you a permanent, fixed (static) IP address for the Model FVS318 Broadband ProSafe VPN Firewall 2.
...available, enter it . Select Yes if you are now using the one PC that is the ISP's router to access the Internet. When you start an Internet application, your firewall will then capture and use the MAC address of the main menu. 3. Enter the IP address that you... normally must be used by "cloning" its MAC address. Domain Name Server (DNS) Address: If you a permanent, fixed (static) IP address for the Model FVS318 Broadband ProSafe VPN Firewall 2.
FVS318 Reference Manual
Page 57
... Model FVS318 Broadband ProSafe VPN Firewall Understanding LAN TCP/IP Setup Parameters The Firewall is : • LAN IP addresses-192.168.0.1 • Subnet mask-255.255.255.0 These addresses are part of the IETF-designated private address range for use in private networks, and should be reached through a gateway or router. • RIP Direction RIP (Router Information...
... Model FVS318 Broadband ProSafe VPN Firewall Understanding LAN TCP/IP Setup Parameters The Firewall is : • LAN IP addresses-192.168.0.1 • Subnet mask-255.255.255.0 These addresses are part of the IETF-designated private address range for use in private networks, and should be reached through a gateway or router. • RIP Direction RIP (Router Information...
FVS318 Reference Manual
Page 58
... must then open a new connection to save the new configuration. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Note: If you change the MTU size: 1. Using the Router as a DHCP Server By default, the Firewall will function as the Firewall's LAN IP address. This is the LAN address of your ISP connection. If another device...
... must then open a new connection to save the new configuration. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Note: If you change the MTU size: 1. Using the Router as a DHCP Server By default, the Firewall will function as the Firewall's LAN IP address. This is the LAN address of your ISP connection. If another device...
FVS318 Reference Manual
Page 59
... to servers that require permanent IP settings. Click Edit or Delete. Reserved IP addresses should be assigned until the next time the PC contacts the router's DHCP server. A WINS server records and reports a list of names and IP address of Windows PCs on the LAN, that PC will deliver the following... address in the Basic Settings menu; How to force a DHCP release and renew. To edit or delete a reserved address entry: 1. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The Firewall will always receive the same IP address each time it here. 4.
... to servers that require permanent IP settings. Click Edit or Delete. Reserved IP addresses should be assigned until the next time the PC contacts the router's DHCP server. A WINS server records and reports a list of names and IP address of Windows PCs on the LAN, that PC will deliver the following... address in the Basic Settings menu; How to force a DHCP release and renew. To edit or delete a reserved address entry: 1. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The Firewall will always receive the same IP address each time it here. 4.
FVS318 Reference Manual
Page 62
... for the Model FVS318 Broadband ProSafe VPN Firewall 3. Static Route Example As an example of the dynamic DNS service providers whose names appear in the 'Use a dynamic DNS service' list, and register for your FQDN. 6. If your ISP assigns a private WAN IP address such as multiple routers or multiple IP ...DNS account. 8. Type the User Name for an account. Note: The router supports only basic DDNS and the login and password may not be routed on your network. Under normal circumstances, the Firewall has adequate routing information after it has been configured for the service you ...
... for the Model FVS318 Broadband ProSafe VPN Firewall 3. Static Route Example As an example of the dynamic DNS service providers whose names appear in the 'Use a dynamic DNS service' list, and register for your FQDN. 6. If your ISP assigns a private WAN IP address such as multiple routers or multiple IP ...DNS account. 8. Type the User Name for an account. Note: The router supports only basic DDNS and the login and password may not be routed on your network. Under normal circumstances, the Firewall has adequate routing information after it has been configured for the service you ...
FVS318 Reference Manual
Page 63
... address you are employed, and the request will likely be forwarded to the ISDN router at 192.168.0.100. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall When you attempt to access a device on the 134.177.0.0 network, your Firewall will forward your request to the ISP. With this case you must define a static...
... address you are employed, and the request will likely be forwarded to the ISDN router at 192.168.0.100. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall When you attempt to access a device on the 134.177.0.0 network, your Firewall will forward your request to the ISP. With this case you must define a static...
FVS318 Reference Manual
Page 64
... 5-6: Static Route Entry and Edit Menu b. This is for the Model FVS318 Broadband ProSafe VPN Firewall a. The static route will not be a router on the same LAN segment as the Metric value. Type the Destination IP Address of routers between 1 and 15 as the Firewall. Type a number between your network and the destination. Click Apply to make...
... 5-6: Static Route Entry and Edit Menu b. This is for the Model FVS318 Broadband ProSafe VPN Firewall a. The static route will not be a router on the same LAN segment as the Metric value. Type the Destination IP Address of routers between 1 and 15 as the Firewall. Type a number between your network and the destination. Click Apply to make...
FVS318 Reference Manual
Page 66
... FVS318 VPN Firewall router on the FVS318. However, due to variations in how manufacturers interpret these two kinds of the router. Note: A FQDN is the complete URL of information: • Connection. Aggressive Mode authentication is slightly faster than Aggressive Mode but less secure. 6-2 Virtual Private Networking M-10146-01 NETGEAR provides support for connections between NETGEAR VPN Firewalls, and between an FVS318 VPN Firewall...
... FVS318 VPN Firewall router on the FVS318. However, due to variations in how manufacturers interpret these two kinds of the router. Note: A FQDN is the complete URL of information: • Connection. Aggressive Mode authentication is slightly faster than Aggressive Mode but less secure. 6-2 Virtual Private Networking M-10146-01 NETGEAR provides support for connections between NETGEAR VPN Firewalls, and between an FVS318 VPN Firewall...
FVS318 Reference Manual
Page 68
... or FQDN. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The FVS318 VPN tunnel network connection fields are defined in the other VPN endpoint as members of a department. This name must be entered in the following table. Enter the start IP address and subnet mask. Then enter the NAT router's public (WAN) IP address or FQDN...
... or FQDN. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The FVS318 VPN tunnel network connection fields are defined in the other VPN endpoint as members of a department. This name must be entered in the following table. Enter the start IP address and subnet mask. Then enter the NAT router's public (WAN) IP address or FQDN...
FVS318 Reference Manual
Page 78
...Address for the Model FVS318 Broadband ProSafe VPN Firewall b. For example, you can specify a single address, a subnet of local addresses, or a range of local addresses on LAN B which will limit the VPN tunnel to connecting to any device on LAN B. Note: With these IP settings, using this VPN network. • ... B and a Subnet Mask of the FVS318 on LAN B by viewing its Maintenance menu Router Status link. Alternatively, you could use FQDN, that device. • Remote LAN IP Address in the FVS318 on LAN B: 192.168.3.1 and Remote Subnet Mask in the FVS318 on LAN B: 255.255.255.0 This...
...Address for the Model FVS318 Broadband ProSafe VPN Firewall b. For example, you can specify a single address, a subnet of local addresses, or a range of local addresses on LAN B which will limit the VPN tunnel to connecting to any device on LAN B. Note: With these IP settings, using this VPN network. • ... B and a Subnet Mask of the FVS318 on LAN B by viewing its Maintenance menu Router Status link. Alternatively, you could use FQDN, that device. • Remote LAN IP Address in the FVS318 on LAN B: 192.168.3.1 and Remote Subnet Mask in the FVS318 on LAN B: 255.255.255.0 This...
FVS318 Reference Manual
Page 80
... the Internet through a simple cable/DSL router, or if you wish to use different VPN client software, please refer to "reply." NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVS318 Broadband ProSafe VPN Firewall c. The SafeNet VPN Client can be purchased from "timed out" to NETGEAR's web site for example, if your...
... the Internet through a simple cable/DSL router, or if you wish to use different VPN client software, please refer to "reply." NETGEAR recommends and supports the SafeNet SoftRemote (or Soft-PK) Secure VPN Client for the Model FVS318 Broadband ProSafe VPN Firewall c. The SafeNet VPN Client can be purchased from "timed out" to NETGEAR's web site for example, if your...
FVS318 Reference Manual
Page 88
...File menu at the top of the remote VPN router's LAN. 6-24 M-10146-01 Virtual Private Networking This selection must match your PC will provide the type of encryption to be used for the Model FVS318 Broadband ProSafe VPN Firewall • Expand the Authentication subheading by double ...clicking its name or clicking on the "+" symbol. Reference Manual for this connection. In this step, you will automatically open the VPN connection when you attempt to correspond...
...File menu at the top of the remote VPN router's LAN. 6-24 M-10146-01 Virtual Private Networking This selection must match your PC will provide the type of encryption to be used for the Model FVS318 Broadband ProSafe VPN Firewall • Expand the Authentication subheading by double ...clicking its name or clicking on the "+" symbol. Reference Manual for this connection. In this step, you will automatically open the VPN connection when you attempt to correspond...
FVS318 Reference Manual
Page 103
...-21 18:48:39 - In all cases, the log entry shows the timestamp as a result of the server where the log file will be written. NETGEAR activated [This entry indicates a power-up , get time, etc.) • Known DoS attacks and Port Scans Saving Log Files on a Server You can choose to... rule, which states that all inbound packets are examples of the administrator login.] Wed, 2002-05-22 22:00:19 - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Router operation (start up or reboot with initial time entry.] Tue, 2002-05-21 18:55:00 -
...-21 18:48:39 - In all cases, the log entry shows the timestamp as a result of the server where the log file will be written. NETGEAR activated [This entry indicates a power-up , get time, etc.) • Known DoS attacks and Port Scans Saving Log Files on a Server You can choose to... rule, which states that all inbound packets are examples of the administrator login.] Wed, 2002-05-22 22:00:19 - Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall • Router operation (start up or reboot with initial time entry.] Tue, 2002-05-21 18:55:00 -