FVS328 Reference Manual
Page 6
... Internet Connection Information 3-3 Connecting the FVS328 to Your LAN 3-4 How to Connect the FVS328 to Your LAN 3-4 Configuring a Wizard-Detected Login Account 3-8 Configuring a Wizard-Detected Dynamic IP Account 3-9 Configuring a Wizard-Detected Fixed IP (Static) Account 3-10 How to...Configuring LAN IP Settings 5-1 Using the Router as a DHCP Server 5-2 How to Configure LAN TCP/IP Setup Settings 5-3 How to Configure Reserved IP Addresses 5-4 Configuring WAN Settings 5-4 Connecting Automatically, as Required 5-5 Setting Up a Default DMZ Server 5-5 How to Assign a Default DMZ Server...
... Internet Connection Information 3-3 Connecting the FVS328 to Your LAN 3-4 How to Connect the FVS328 to Your LAN 3-4 Configuring a Wizard-Detected Login Account 3-8 Configuring a Wizard-Detected Dynamic IP Account 3-9 Configuring a Wizard-Detected Fixed IP (Static) Account 3-10 How to...Configuring LAN IP Settings 5-1 Using the Router as a DHCP Server 5-2 How to Configure LAN TCP/IP Setup Settings 5-3 How to Configure Reserved IP Addresses 5-4 Configuring WAN Settings 5-4 Connecting Automatically, as Required 5-5 Setting Up a Default DMZ Server 5-5 How to Assign a Default DMZ Server...
FVS328 Reference Manual
Page 9
... Test the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 How to Use the Default Reset Button 9-7 Problems with Date and Time 9-8 Appendix A Technical Specifications Appendix B Firewall Log Formats Action List ...B-1 Field List ...B-1 Outbound Log ...B-1 Inbound Log ...B-2 Other IP Traffic ...B-2 Router Operation ...B-3 Other Connections and Traffic to this Router...
... Test the Path from Your PC to a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 How to Use the Default Reset Button 9-7 Problems with Date and Time 9-8 Appendix A Technical Specifications Appendix B Firewall Log Formats Action List ...B-1 Field List ...B-1 Outbound Log ...B-1 Inbound Log ...B-2 Other IP Traffic ...B-2 Router Operation ...B-3 Other Connections and Traffic to this Router...
FVS328 Reference Manual
Page 32
...FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Connections that use fixed IP address assignment. Enter your ISP's services such as the computer's MAC (Media Access Control) address. These parameters may be called Host Name) and Domain Name. Enter the PPPoE login user name and password provided by this Router's WAN IP... access the Internet. In most situations, NAT is also referred to an IP address. Perform a DNS Lookup. Usually, select Use default address. 3-8 Connecting the FVS328 to change the login timeout, enter a new value in the configuration menu...
...FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Connections that use fixed IP address assignment. Enter your ISP's services such as the computer's MAC (Media Access Control) address. These parameters may be called Host Name) and Domain Name. Enter the PPPoE login user name and password provided by this Router's WAN IP... access the Internet. In most situations, NAT is also referred to an IP address. Perform a DNS Lookup. Usually, select Use default address. 3-8 Connecting the FVS328 to change the login timeout, enter a new value in the configuration menu...
FVS328 Reference Manual
Page 34
...FVS328 to a numeric IP address. Enter the IP address of your Internet service account uses Fixed IP assignment, you will need the configuration parameters from your ISP you recorded in to the firewall at http://192.168.0.1 with Dial Back-up Reference Manual 5. Click Apply to stop blinking. 2. Model FVS328 ProSafe VPN Firewall with its default... for Recording Your Internet Connection Information" on your ISDN or dial-up . 3-10 Connecting the FVS328 to take effect. 3. If the NETGEAR Web site does not appear within one minute, refer to Chapter 9, Troubleshooting. Use a browser to...
...FVS328 to a numeric IP address. Enter the IP address of your Internet service account uses Fixed IP assignment, you will need the configuration parameters from your ISP you recorded in to the firewall at http://192.168.0.1 with Dial Back-up Reference Manual 5. Click Apply to stop blinking. 2. Model FVS328 ProSafe VPN Firewall with its default... for Recording Your Internet Connection Information" on your ISDN or dial-up . 3-10 Connecting the FVS328 to take effect. 3. If the NETGEAR Web site does not appear within one minute, refer to Chapter 9, Troubleshooting. Use a browser to...
FVS328 Reference Manual
Page 39
..., enter it manually here. Typically your ISP transfers the IP address of your ISP's Primary DNS Server. Select your ISP. Enter your Account Name (may be necessary to the factory default. Connecting the FVS328 to access the Internet. These parameters may also be manually...netgear.com) to disable NAT, select the Disable radio button. Disable NAT only if you are in the Basic Settings menu. 1. Note: If you are case sensitive. Also enter the netmask and the Gateway IP address. If you enter an address here, you in minutes. Model FVS328 ProSafe VPN Firewall...
..., enter it manually here. Typically your ISP transfers the IP address of your ISP's Primary DNS Server. Select your ISP. Enter your Account Name (may be necessary to the factory default. Connecting the FVS328 to access the Internet. These parameters may also be manually...netgear.com) to disable NAT, select the Disable radio button. Disable NAT only if you are in the Basic Settings menu. 1. Note: If you are case sensitive. Also enter the netmask and the Gateway IP address. If you enter an address here, you in minutes. Model FVS328 ProSafe VPN Firewall...
FVS328 Reference Manual
Page 49
If your FVS328 ProSafe VPN Firewall with the IP address, the IP Subnet Mask allows a device to know which must be reached through a gateway or router. • RIP Direction RIP (Router Information Protocol) allows a router to act ... changes. When set to configure the WAN and LAN settings of the firewall. • IP Subnet Mask This is the default. - Configuring LAN IP Settings The LAN IP Setup menu allows configuration of the browser interface. The firewall is shipped preconfigured to use private IP addresses on the LAN side, and to exchange routing information with other...
If your FVS328 ProSafe VPN Firewall with the IP address, the IP Subnet Mask allows a device to know which must be reached through a gateway or router. • RIP Direction RIP (Router Information Protocol) allows a router to act ... changes. When set to configure the WAN and LAN settings of the firewall. • IP Subnet Mask This is the default. - Configuring LAN IP Settings The LAN IP Setup menu allows configuration of the browser interface. The firewall is shipped preconfigured to use private IP addresses on the LAN side, and to exchange routing information with other...
FVS328 Reference Manual
Page 50
....0.253, although you have an unusual network setup. - Model FVS328 ProSafe VPN Firewall with fixed addresses. 5-2 WAN and LAN Configuration May 2004, 202-10031-01 When set for your computers, clear the 'Use router as the firewall's LAN IP address. It recognizes both formats when receiving. By default, this menu. You must then open a new connection to...
....0.253, although you have an unusual network setup. - Model FVS328 ProSafe VPN Firewall with fixed addresses. 5-2 WAN and LAN Configuration May 2004, 202-10031-01 When set for your computers, clear the 'Use router as the firewall's LAN IP address. It recognizes both formats when receiving. By default, this menu. You must then open a new connection to...
FVS328 Reference Manual
Page 51
... range you have defined • Subnet Mask • Gateway IP Address is the firewall's LAN IP address • Primary DNS Server, if you have chosen for the firewall. 2. Figure 5-1: LAN IP Setup Menu WAN and LAN Configuration 5-3 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with its default LAN address of password, or using whatever password and LAN...
... range you have defined • Subnet Mask • Gateway IP Address is the firewall's LAN IP address • Primary DNS Server, if you have chosen for the firewall. 2. Figure 5-1: LAN IP Setup Menu WAN and LAN Configuration 5-3 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with its default LAN address of password, or using whatever password and LAN...
FVS328 Reference Manual
Page 53
... well. Click Apply. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Connecting Automatically, as Required Normally, this option should avoid using some online games and videoconferencing applications that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. This computer is entered as the default DMZ server, it forwarded...
... well. Click Apply. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Connecting Automatically, as Required Normally, this option should avoid using some online games and videoconferencing applications that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. This computer is entered as the default DMZ server, it forwarded...
FVS328 Reference Manual
Page 55
... DNS service will not work because private addresses will use. You must configure static routes only for unusual cases such as multiple routers or multiple IP subnets located on your LAN is 192.168.0.100. • Your company's network is through a cable modem to an ISP. • You have chosen for... not be routed on your home network for TZO.com, go to www.TZO.com. 4. WAN and LAN Configuration 5-7 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual How to Configure Dynamic DNS 1.
... DNS service will not work because private addresses will use. You must configure static routes only for unusual cases such as multiple routers or multiple IP subnets located on your LAN is 192.168.0.100. • Your company's network is through a cable modem to an ISP. • You have chosen for... not be routed on your home network for TZO.com, go to www.TZO.com. 4. WAN and LAN Configuration 5-7 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual How to Configure Dynamic DNS 1.
FVS328 Reference Manual
Page 56
...default route was created to your local network for these addresses should be accessed through the ISDN router at 192.168.0.100. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. • The Gateway IP ..., click on Static Routes to view the Static Routes menu, shown in to the firewall at 192.168.0.100. • A Metric value of 1 will work since the ISDN router is activated. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual When you attempt to access a device on the ...
...default route was created to your local network for these addresses should be accessed through the ISDN router at 192.168.0.100. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 134.177.x.x addresses. • The Gateway IP ..., click on Static Routes to view the Static Routes menu, shown in to the firewall at 192.168.0.100. • A Metric value of 1 will work since the ISDN router is activated. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual When you attempt to access a device on the ...
FVS328 Reference Manual
Page 65
... FVS328 ProSafe VPN Firewall with the Source Address, you can select Any, a Single address, or a Range unless NAT is enabled and the destination is shown in Figure 6-4. An example of the table and click Edit. The list already displays many common services, but you are not limited to the default ...8226; Log. You can also choose to a different position in the table, select its button on the service or application, source or destination IP addresses, and time of addresses, enter the range in the Schedule menu. • Source Address. Specify traffic originating on the left side of...
... FVS328 ProSafe VPN Firewall with the Source Address, you can select Any, a Single address, or a Range unless NAT is enabled and the destination is shown in Figure 6-4. An example of the table and click Edit. The list already displays many common services, but you are not limited to the default ...8226; Log. You can also choose to a different position in the table, select its button on the service or application, source or destination IP addresses, and time of addresses, enter the range in the Schedule menu. • Source Address. Specify traffic originating on the left side of...
FVS328 Reference Manual
Page 70
... employees during working hours, you can create an outbound rule to block that application from any internal IP address to any external address according to the schedule that you have the router log any attempt to...settings you can also have created in the table. 6-12 May 2004, 202-10031-01 Protecting Your Network Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Outbound Rule Example: Blocking Instant Messaging If you want to block Instant Messenger ...You can configure. The Move button allows you to relocate a defined rule to the default rules at the bottom.
... employees during working hours, you can create an outbound rule to block that application from any internal IP address to any external address according to the schedule that you have the router log any attempt to...settings you can also have created in the table. 6-12 May 2004, 202-10031-01 Protecting Your Network Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Outbound Rule Example: Blocking Instant Messaging If you want to block Instant Messenger ...You can configure. The Move button allows you to relocate a defined rule to the default rules at the bottom.
FVS328 Reference Manual
Page 73
... enter its default User Name of admin, default password of http://192.168.0.1 with Dial Back-up a schedule for when blocking occurs or when access isn't restricted. 1. Click Apply to use a particular NTP server as 24-hour time. Model FVS328 ProSafe VPN Firewall with its IP address under..., select Every Day or select one hour to Schedule Firewall Services If you enabled services blocking in the Block Services menu or Port forwarding in to save your settings. The firewall uses Netgear NTP servers by default. Enabling Daylight Savings Time will cause one or more days...
... enter its default User Name of admin, default password of http://192.168.0.1 with Dial Back-up a schedule for when blocking occurs or when access isn't restricted. 1. Click Apply to use a particular NTP server as 24-hour time. Model FVS328 ProSafe VPN Firewall with its IP address under..., select Every Day or select one hour to Schedule Firewall Services If you enabled services blocking in the Block Services menu or Port forwarding in to save your settings. The firewall uses Netgear NTP servers by default. Enabling Daylight Savings Time will cause one or more days...
FVS328 Reference Manual
Page 79
... - more secure and is common. over an hour (3600) is the default Authentication Algorithm If you enable Authentication Headers (AH), this menu lets you select from the drop-down list: • By its Internet (WAN) port IP address. • By its Fully Qualified Domain Name (FQDN) - your ... match the value used in seconds before the Security Association expires; Virtual Private Networking 7-5 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Table 7-1. You can select Pre-Shared Key or RSA Signature. The DH Group setting determines...
... - more secure and is common. over an hour (3600) is the default Authentication Algorithm If you enable Authentication Headers (AH), this menu lets you select from the drop-down list: • By its Internet (WAN) port IP address. • By its Fully Qualified Domain Name (FQDN) - your ... match the value used in seconds before the Security Association expires; Virtual Private Networking 7-5 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Table 7-1. You can select Pre-Shared Key or RSA Signature. The DH Group setting determines...
FVS328 Reference Manual
Page 82
...preventing for example, remote management or response to configure the source IP address of the outbound network traffic for the payload (data) sent through the VPN tunnel. the default, or SHA1 - the default, or 3DES - Authentication Algorithm If you enable ESP encryption, ...security. Generally, you to enable or disable ESP Encryption. Model FVS328 ProSafe VPN Firewall with authentication These settings must match the remote VPN endpoint. VPN Auto Policy Configuration Fields Field Description Local IP The drop-down menu allows you will want to enable or disable...
...preventing for example, remote management or response to configure the source IP address of the outbound network traffic for the payload (data) sent through the VPN tunnel. the default, or SHA1 - the default, or 3DES - Authentication Algorithm If you enable ESP encryption, ...security. Generally, you to enable or disable ESP Encryption. Model FVS328 ProSafe VPN Firewall with authentication These settings must match the remote VPN endpoint. VPN Auto Policy Configuration Fields Field Description Local IP The drop-down menu allows you will want to enable or disable...
FVS328 Reference Manual
Page 89
...FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual How to Use the VPN Wizard to Configure a VPN Tunnel Note: If you have turned NAT off, before configuring VPN IPSec tunnels you must be different. The connection will fail if both are using the VPN... main menu to display this procedure to configure a VPN tunnel using the NETGEAR default address range of target end point, and click Next to proceed. Figure 7-5: VPN Wizard Start Screen 2. Note: The LAN IP address ranges of password. Virtual Private Networking May 2004...
...FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual How to Use the VPN Wizard to Configure a VPN Tunnel Note: If you have turned NAT off, before configuring VPN IPSec tunnels you must be different. The connection will fail if both are using the VPN... main menu to display this procedure to configure a VPN tunnel using the NETGEAR default address range of target end point, and click Next to proceed. Figure 7-5: VPN Wizard Start Screen 2. Note: The LAN IP address ranges of password. Virtual Private Networking May 2004...
FVS328 Reference Manual
Page 94
... seen in the "Using Inbound/Outbound Rules to Block or Allow Services" on the FVS328. Configure the WAN (Internet) and LAN IP addresses of password, or using whatever Password and LAN address you have chosen for the firewall. 2. Model FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual...
... seen in the "Using Inbound/Outbound Rules to Block or Allow Services" on the FVS328. Configure the WAN (Internet) and LAN IP addresses of password, or using whatever Password and LAN address you have chosen for the firewall. 2. Model FVS328 ProSafe VPN Firewall with its default LAN address of http://192.168.0.1 with Dial Back-up Reference Manual...
FVS328 Reference Manual
Page 107
Note: Be sure to change the router's default password to as few external IP addresses as practical. b. The ideal password should be a mixture of your FVS328 ProSafe VPN Firewall with your FVS328 Firewall. Note: For security reasons, restrict access to a very secure password. To allow access from any IP address on the Internet to configure, upgrade and check the status...
Note: Be sure to change the router's default password to as few external IP addresses as practical. b. The ideal password should be a mixture of your FVS328 ProSafe VPN Firewall with your FVS328 Firewall. Note: For security reasons, restrict access to a very secure password. To allow access from any IP address on the Internet to configure, upgrade and check the status...
FVS328 Reference Manual
Page 108
...: If you are using a dynamic DNS service such as seen from the Internet, the Secure Sockets Layer (SSL) will be enabled. Model FVS328 ProSafe VPN Firewall with a browser via the Internet. To allow access from the Windows Start menu Run option. For greater security, you can connect using a ...of your external address is 134.177.0.123 and you a Fixed IP address. The default is 8080, which is shown here. b. But if your ISP account uses a Dynamic IP Address, the address can always identify the IP address of any common service port. Click Apply to accept the certificate...
...: If you are using a dynamic DNS service such as seen from the Internet, the Secure Sockets Layer (SSL) will be enabled. Model FVS328 ProSafe VPN Firewall with a browser via the Internet. To allow access from the Windows Start menu Run option. For greater security, you can connect using a ...of your external address is 134.177.0.123 and you a Fixed IP address. The default is 8080, which is shown here. b. But if your ISP account uses a Dynamic IP Address, the address can always identify the IP address of any common service port. Click Apply to accept the certificate...