FVS318G Installation Guide
Page 2
... other countries. Turn off and unplug the modem, turn off , reset the firewall as the user name and password for information on the modem, wait two minutes. 3. Use the FVS318G status lights to register your product and use our telephone support service. For Warranty...sure the network settings of within two minutes of turning the firewall on if the Ethernet cable to the FVS318G from the modem is required before you to http://kbserver.netgear.com for your MAC address. The Router Status window will automatically detect your network and click Apply. 4. Registration...
... other countries. Turn off and unplug the modem, turn off , reset the firewall as the user name and password for information on the modem, wait two minutes. 3. Use the FVS318G status lights to register your product and use our telephone support service. For Warranty...sure the network settings of within two minutes of turning the firewall on if the Ethernet cable to the FVS318G from the modem is required before you to http://kbserver.netgear.com for your MAC address. The Router Status window will automatically detect your network and click Apply. 4. Registration...
FVS318G User Manual
Page 2
...card. © 2009 by Data Processing Equipment and Electronic Office Machines aimed at http://www.netgear.com/register, we can provide you with faster expert technical support and timely notices of product and software upgrades. Microsoft, Windows, Windows NT and Vista are registered trademarks...may, however, be used near a radio or TV receiver, it may occur due to the support information card that the ProSafe VPN Firewall has been suppressed in the operating instructions. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Bestätigung des...
...card. © 2009 by Data Processing Equipment and Electronic Office Machines aimed at http://www.netgear.com/register, we can provide you with faster expert technical support and timely notices of product and software upgrades. Microsoft, Windows, Windows NT and Vista are registered trademarks...may, however, be used near a radio or TV receiver, it may occur due to the support information card that the ProSafe VPN Firewall has been suppressed in the operating instructions. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Bestätigung des...
FVS318G User Manual
Page 18
.... • VPN Wizard. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to help documentation is built into the browser-based Web Management Interface. • Auto Detection of the VPN firewall: • Flash memory for your product. 1-4 Introduction 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference...
.... • VPN Wizard. The VPN firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to help documentation is built into the browser-based Web Management Interface. • Auto Detection of the VPN firewall: • Flash memory for your product. 1-4 Introduction 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference...
FVS318G User Manual
Page 26
... if necessary. • Option arrow. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. Immediately below the main menu is detailed in the center. Each option is the submenu, containing subcategories of the menu active window, are one or more blue dots with... an arrow in the sections following. 2-4 Connecting the FVS318G to the first configuration task, configuring the VPN firewall's Internet connections. Configuring the Internet Connections To set up...
... if necessary. • Option arrow. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • Main menu. Immediately below the main menu is detailed in the center. Each option is the submenu, containing subcategories of the menu active window, are one or more blue dots with... an arrow in the sections following. 2-4 Connecting the FVS318G to the first configuration task, configuring the VPN firewall's Internet connections. Configuring the Internet Connections To set up...
FVS318G User Manual
Page 29
...configuration failed, you can attempt a manual configuration as described in the following this section, or see "Troubleshooting the ISP Connection" on page 8-4. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. If the configuration was successful, you will need to the Internet 2-7 1.1 November, 2009 To verify the connection, click the Broadband... establish an Internet connection. Manually Configuring the Internet Connection Unless your ISP automatically assigns your ISP in Table 2-1. A popup window appears, displaying the connection status of the screen.
...configuration failed, you can attempt a manual configuration as described in the following this section, or see "Troubleshooting the ISP Connection" on page 8-4. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. If the configuration was successful, you will need to the Internet 2-7 1.1 November, 2009 To verify the connection, click the Broadband... establish an Internet connection. Manually Configuring the Internet Connection Unless your ISP automatically assigns your ISP in Table 2-1. A popup window appears, displaying the connection status of the screen.
FVS318G User Manual
Page 42
... Primary DNS Server. (Optional) If an IP address is present in your VPN firewall (factory default: 192.168.1.1). Specifies the first of a local Windows NetBios Server if one is specified, the VPN firewall will manually configure all computers connected to DHCP clients. • Starting IP Address....168.1.2 is the default ending address. Specifies the last of an IP address. By default, the VPN firewall will automatically calculate the subnet mask based on your network. 3-4 LAN Configuration 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
... Primary DNS Server. (Optional) If an IP address is present in your VPN firewall (factory default: 192.168.1.1). Specifies the first of a local Windows NetBios Server if one is specified, the VPN firewall will manually configure all computers connected to DHCP clients. • Starting IP Address....168.1.2 is the default ending address. Specifies the last of an IP address. By default, the VPN firewall will automatically calculate the subnet mask based on your network. 3-4 LAN Configuration 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2.
FVS318G User Manual
Page 73
.... A malicious applet can use the VPN firewall router's Content Filtering and Web Components filtering. ActiveX. If a VPN client or gateway on the WAN, with the FVS318G between the two VPN end points, all packets going to the Remote VPN Gateway are small programs embedded in NAT...of blocking are disabled; Similar to other computers through the proxy, thus circumventing certain firewall rules. Java. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web pages that is not blocked by the rule, rendering the restriction ...
.... A malicious applet can use the VPN firewall router's Content Filtering and Web Components filtering. ActiveX. If a VPN client or gateway on the WAN, with the FVS318G between the two VPN end points, all packets going to the Remote VPN Gateway are small programs embedded in NAT...of blocking are disabled; Similar to other computers through the proxy, thus circumventing certain firewall rules. Java. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual • VPN Pass through-When the FVS318G is in web pages that is not blocked by the rule, rendering the restriction ...
FVS318G User Manual
Page 93
.... Figure 5-8 Virtual Private Networking Using IPsec 5-7 1.1 November, 2009 Figure 5-7 Use the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection From a PC with the NETGEAR Prosafe VPN Client installed, configure a VPN client policy to connect to configure your settings: the VPN Policies page shows the policy is enabled. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Click Apply to save your...
.... Figure 5-8 Virtual Private Networking Using IPsec 5-7 1.1 November, 2009 Figure 5-7 Use the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection From a PC with the NETGEAR Prosafe VPN Client installed, configure a VPN client policy to connect to configure your settings: the VPN Policies page shows the policy is enabled. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6. Click Apply to save your...
FVS318G User Manual
Page 94
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. in this example, we are using gw1_local.com. • From the second ID Type pull-down menu, choose Gateway IP Address and enter the WAN IP Gateway address of the FVS318G LAN; in this example, we are using 21.208.216.81. 5-8 Virtual Private...• Enter the LAN IP Subnet Address and Subnet Mask of the FVS318G; Enter the FQDN address which the FVS318G VPN Wizard provided; Give the New Connection a name; In the upper left of the Policy Editor window, click the New Document icon (the first on the left) to ...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2. in this example, we are using gw1_local.com. • From the second ID Type pull-down menu, choose Gateway IP Address and enter the WAN IP Gateway address of the FVS318G LAN; in this example, we are using 21.208.216.81. 5-8 Virtual Private...• Enter the LAN IP Subnet Address and Subnet Mask of the FVS318G; Enter the FQDN address which the FVS318G VPN Wizard provided; Give the New Connection a name; In the upper left of the Policy Editor window, click the New Document icon (the first on the left) to ...
FVS318G User Manual
Page 96
... save the policy. 5-10 Virtual Private Networking Using IPsec 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4. Verify the Security Policy settings. No changes are needed. • On the left of the window, click the disk icon to match the policy on the router. • On the left, expand Authentication (Phase 1) and click Proposal 1: no...
... save the policy. 5-10 Virtual Private Networking Using IPsec 1.1 November, 2009 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4. Verify the Security Policy settings. No changes are needed. • On the left of the window, click the disk icon to match the policy on the router. • On the left, expand Authentication (Phase 1) and click Proposal 1: no...
FVS318G User Manual
Page 97
... This information is useful for verifying the status of a connection and troubleshooting problems with a connection. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Testing the Connections and Viewing Status Information Both the NETGEAR VPN Client and the FVS318G provide VPN connection and status information. Figure 5-13 The VPN client icon in your Windows toolbar and choose Connect..., then My Connections\gw1.
... This information is useful for verifying the status of a connection and troubleshooting problems with a connection. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Testing the Connections and Viewing Status Information Both the NETGEAR VPN Client and the FVS318G provide VPN connection and status information. Figure 5-13 The VPN client icon in your Windows toolbar and choose Connect..., then My Connections\gw1.
FVS318G User Manual
Page 111
...; IPsec Host if you will then connect to see "Configuring XAUTH for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. Click Apply. b. From the ID Type pull-down menu which will first check the User ...authenticating this option is disabled by the remote gateway). Configuring the ProSafe VPN Client for VPN Clients" on page 5-19). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7. Enter a Pre-Shared Key that will appear in the Windows toolbar. If the user account is the LAN network IP address...
...; IPsec Host if you will then connect to see "Configuring XAUTH for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. Click Apply. b. From the ID Type pull-down menu which will first check the User ...authenticating this option is disabled by the remote gateway). Configuring the ProSafe VPN Client for VPN Clients" on page 5-19). ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7. Enter a Pre-Shared Key that will appear in the Windows toolbar. If the user account is the LAN network IP address...
FVS318G User Manual
Page 112
...Address." Enter the values to match those in the Windows toolbar and click Connect. The connection policy you created; The Internal Network IP Address should be 0.0.0.0. On the left -side of the VPN firewall; Enter the Authentication values to match your Internet Interface...address of the menu and choose Proposal 1. Right-click on the left -side of the IKE policy you configured will appear; ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual e. Under Virtual Adapter pull-down menu, choose None. a. Check the Enable Perfect Forward Secrecy (PFS) box,...
...Address." Enter the values to match those in the Windows toolbar and click Connect. The connection policy you created; The Internal Network IP Address should be 0.0.0.0. On the left -side of the VPN firewall; Enter the Authentication values to match your Internet Interface...address of the menu and choose Proposal 1. Right-click on the left -side of the IKE policy you configured will appear; ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual e. Under Virtual Adapter pull-down menu, choose None. a. Check the Enable Perfect Forward Secrecy (PFS) box,...
FVS318G User Manual
Page 115
... NetBIOS Bridging with VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for hosts on a configured VPN tunnel, follow these steps: 1. Click the VPN Policies tab, then click the edit button next to bridge NetBIOS traffic over the VPN tunnel. Because VPN routers do not normally ...an IKE connection failure, it deletes the IPSec and IKE Security Association and forces a reestablishment of the menu. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. In the IKE SA Parameters menu frame of DPD failures allowed before tearing down the connection....
... NetBIOS Bridging with VPN Windows networks use the Network Basic Input/Output System (NetBIOS) for hosts on a configured VPN tunnel, follow these steps: 1. Click the VPN Policies tab, then click the edit button next to bridge NetBIOS traffic over the VPN tunnel. Because VPN routers do not normally ...an IKE connection failure, it deletes the IPSec and IKE Security Association and forces a reestablishment of the menu. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3. In the IKE SA Parameters menu frame of DPD failures allowed before tearing down the connection....
FVS318G User Manual
Page 117
... account and one guest account. The guest can login and reconfigure the VPN firewall. Users connecting to the VPN firewall must be authenticated before being allowed to the user requires a User Name and a Password. The login window presented to access the VPN firewall or the VPN-protected network. The default name and password for the administrator is guest...
... account and one guest account. The guest can login and reconfigure the VPN firewall. Users connecting to the VPN firewall must be authenticated before being allowed to the user requires a User Name and a Password. The login window presented to access the VPN firewall or the VPN-protected network. The default name and password for the administrator is guest...
FVS318G User Manual
Page 118
Select Edit Admin Settings in the User Selection window. Click Apply. 6-2 Managing Users, Authentication, and Certificates 1.1 November, 2009 If you want to change the administrator name or password: 1. If you are changing the administrator name, enter the new name and the old administrator password (default is password). 4. The Users screen will display. 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Administrator Login To change the password, enter and reenter the new pasword. 5. Figure 6-1 3. Select Users.
Select Edit Admin Settings in the User Selection window. Click Apply. 6-2 Managing Users, Authentication, and Certificates 1.1 November, 2009 If you want to change the administrator name or password: 1. If you are changing the administrator name, enter the new name and the old administrator password (default is password). 4. The Users screen will display. 2. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the Administrator Login To change the password, enter and reenter the new pasword. 5. Figure 6-1 3. Select Users.
FVS318G User Manual
Page 119
... Settings in the User Selection window. Password/Confirm Password. If you want to change the guest login name or password:: 1. For an Administrator, this is password). 4. Select Users. The Users screen will be automatically logged out of the Web Configuration Manager. Figure 6-2 3. Click Apply. Idle Timeout. b. a. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the...
... Settings in the User Selection window. Password/Confirm Password. If you want to change the guest login name or password:: 1. For an Administrator, this is password). 4. Select Users. The Users screen will be automatically logged out of the Web Configuration Manager. Figure 6-2 3. Click Apply. Idle Timeout. b. a. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Changing the...
FVS318G User Manual
Page 120
... the user interface, the admiisrator will automatically be displayed in the login window. Changing Passwords and Settings You can also enter a domain name to be logged out. Administrator access is read/ write and guest access is password. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Setting administrator timeout and domain display name You can set the...
... the user interface, the admiisrator will automatically be displayed in the login window. Changing Passwords and Settings You can also enter a domain name to be logged out. Administrator access is read/ write and guest access is password. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Setting administrator timeout and domain display name You can set the...
FVS318G User Manual
Page 123
...responding with the passcode. The extKeyUsage would govern the certificate acceptance criteria in clear text. The client logs in -house Windows server, or by the extension. See tAppendix C, "Two Factor Authentication" for more on the authenticating client devices. The ...Certificates can be either self signed or can be authenticated by Certification Authorities (CA) such as Verisign or Thawte. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual When specifying RADIUS domain authentication, you are extended for secure web access connections over HTTPS. The same ...
...responding with the passcode. The extKeyUsage would govern the certificate acceptance criteria in clear text. The client logs in -house Windows server, or by the extension. See tAppendix C, "Two Factor Authentication" for more on the authenticating client devices. The ...Certificates can be either self signed or can be authenticated by Certification Authorities (CA) such as Verisign or Thawte. ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual When specifying RADIUS domain authentication, you are extended for secure web access connections over HTTPS. The same ...
FVS318G User Manual
Page 142
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual c. Be sure to the FVS318G with Internet Explorer 5.5 or higher, simply click Yes to have your browser. For accessing your FVS318G by running tracert from the Windows Run menu option. If you can contain alphanumeric characters, dash, and underscore." See "Password/Confirm Password. Tip: If you are using a Windows computer with a browser...
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual c. Be sure to the FVS318G with Internet Explorer 5.5 or higher, simply click Yes to have your browser. For accessing your FVS318G by running tracert from the Windows Run menu option. If you can contain alphanumeric characters, dash, and underscore." See "Password/Confirm Password. Tip: If you are using a Windows computer with a browser...