FVS328 Reference Manual
Page 2
... Declaration of Conformance This is to certify that the FVS328 ProSafe VPN Firewall with Dial Back-up has been suppressed in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. Please refer to the use or application of the product(s) or circuit layout(s) described herein. Trademarks NETGEAR and Auto Uplink are copyright Intoto, Inc. Certificate of...
... Declaration of Conformance This is to certify that the FVS328 ProSafe VPN Firewall with Dial Back-up has been suppressed in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. Please refer to the use or application of the product(s) or circuit layout(s) described herein. Trademarks NETGEAR and Auto Uplink are copyright Intoto, Inc. Certificate of...
FVS328 Reference Manual
Page 3
...for Interference by Data Processing Equipment and Electronic Office Machines, aimed at the universal resource locator (URL) http://www.netgear.com. A direct connection to be used near a radio or TV receiver, it may become the cause of radio interference. Lesen Sie dazu bitte die ...in such residential areas. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. World Wide Web NETGEAR maintains a World Wide Web home page that shipped with your FVS328 ProSafe VPN Firewall with Dial Back-up . iii May 2004, 202-10031-01 Voluntary Control Council for correct handling....
...for Interference by Data Processing Equipment and Electronic Office Machines, aimed at the universal resource locator (URL) http://www.netgear.com. A direct connection to be used near a radio or TV receiver, it may become the cause of radio interference. Lesen Sie dazu bitte die ...in such residential areas. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. World Wide Web NETGEAR maintains a World Wide Web home page that shipped with your FVS328 ProSafe VPN Firewall with Dial Back-up . iii May 2004, 202-10031-01 Voluntary Control Council for correct handling....
FVS328 Reference Manual
Page 5
...Special Message Formats 1-2 How to Use this Manual 1-3 How to Print this Manual 1-4 Chapter 2 Introduction About the FVS328 ...2-1 Key Features ...2-1 Full Routing on Both the Broadband and Serial Ports 2-1 Virtual Private Networking 2-2 A Powerful, True Firewall 2-2 Content Filtering ...2-3 Configurable Auto ... 2-3 Protocol Support ...2-3 Easy Installation and Management 2-4 What's in the Box? ...2-5 The Firewall's Front Panel 2-5 The Firewall's Rear Panel 2-7 Chapter 3 Connecting the FVS328 to the Internet What You Will Need Before You Begin 3-1 LAN Hardware Requirements 3-1 LAN ...
...Special Message Formats 1-2 How to Use this Manual 1-3 How to Print this Manual 1-4 Chapter 2 Introduction About the FVS328 ...2-1 Key Features ...2-1 Full Routing on Both the Broadband and Serial Ports 2-1 Virtual Private Networking 2-2 A Powerful, True Firewall 2-2 Content Filtering ...2-3 Configurable Auto ... 2-3 Protocol Support ...2-3 Easy Installation and Management 2-4 What's in the Box? ...2-5 The Firewall's Front Panel 2-5 The Firewall's Rear Panel 2-7 Chapter 3 Connecting the FVS328 to the Internet What You Will Need Before You Begin 3-1 LAN Hardware Requirements 3-1 LAN ...
FVS328 Reference Manual
Page 6
Worksheet for Recording Your Internet Connection Information 3-3 Connecting the FVS328 to Your LAN 3-4 How to Connect the FVS328 to Your LAN 3-4 Configuring a Wizard-Detected Login Account 3-8 Configuring a Wizard-Detected Dynamic IP Account 3-9 Configuring a Wizard-Detected Fixed...Requirements for LAN-to-LAN Connections 4-6 How to Configure LAN-to-LAN Connections 4-6 Chapter 5 WAN and LAN Configuration Configuring LAN IP Settings 5-1 Using the Router as a DHCP Server 5-2 How to Configure LAN TCP/IP Setup Settings 5-3 How to Configure Reserved IP Addresses 5-4 Configuring WAN Settings...
Worksheet for Recording Your Internet Connection Information 3-3 Connecting the FVS328 to Your LAN 3-4 How to Connect the FVS328 to Your LAN 3-4 Configuring a Wizard-Detected Login Account 3-8 Configuring a Wizard-Detected Dynamic IP Account 3-9 Configuring a Wizard-Detected Fixed...Requirements for LAN-to-LAN Connections 4-6 How to Configure LAN-to-LAN Connections 4-6 Chapter 5 WAN and LAN Configuration Configuring LAN IP Settings 5-1 Using the Router as a DHCP Server 5-2 How to Configure LAN TCP/IP Setup Settings 5-3 How to Configure Reserved IP Addresses 5-4 Configuring WAN Settings...
FVS328 Reference Manual
Page 7
... Routes 5-8 Chapter 6 Protecting Your Network Protecting Access to Your FVS328 Firewall 6-1 How to Change the Built-In Password 6-1 How to Change the Administrator Login Timeout 6-2 Configuring Basic Firewall Services 6-2 Using the Block Sites Menu to Screen Content 6-3 Services and Rules ...13 Setting Times and Scheduling Firewall Services 6-13 How to Set Your Time Zone 6-14 How to Schedule Firewall Services 6-15 Chapter 7 Virtual Private Networking Overview of FVS328 Policy-Based VPN Configuration 7-1 Using Policies to Manage VPN Traffic 7-1 Using Automatic Key Management 7-2 IKE...
... Routes 5-8 Chapter 6 Protecting Your Network Protecting Access to Your FVS328 Firewall 6-1 How to Change the Built-In Password 6-1 How to Change the Administrator Login Timeout 6-2 Configuring Basic Firewall Services 6-2 Using the Block Sites Menu to Screen Content 6-3 Services and Rules ...13 Setting Times and Scheduling Firewall Services 6-13 How to Set Your Time Zone 6-14 How to Schedule Firewall Services 6-15 Chapter 7 Virtual Private Networking Overview of FVS328 Policy-Based VPN Configuration 7-1 Using Policies to Manage VPN Traffic 7-1 Using Automatic Key Management 7-2 IKE...
FVS328 Reference Manual
Page 8
... 7-14 Certificate Revocation List (CRL 7-14 How to Use the VPN Wizard to Configure a VPN Tunnel 7-15 Walk-Through of Configuration Scenarios 7-17 VPNC Scenario 1: Gateway-to-Gateway with Preshared Secrets 7-18 FVS328 Scenario 1: How to Configure the IKE and VPN Policies 7-20 How to Check VPN Connections 7-24 FVS328 Scenario 2: Authenticating with RSA Certificates 7-25 Chapter...
... 7-14 Certificate Revocation List (CRL 7-14 How to Use the VPN Wizard to Configure a VPN Tunnel 7-15 Walk-Through of Configuration Scenarios 7-17 VPNC Scenario 1: Gateway-to-Gateway with Preshared Secrets 7-18 FVS328 Scenario 1: How to Configure the IKE and VPN Policies 7-20 How to Check VPN Connections 7-24 FVS328 Scenario 2: Authenticating with RSA Certificates 7-25 Chapter...
FVS328 Reference Manual
Page 9
... a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 How to Use the Default Reset Button 9-7 Problems with Date and Time 9-8 Appendix A Technical Specifications Appendix B Firewall Log Formats Action List ...B-1 Field List ...B-1 Outbound Log ...B-1 Inbound Log ...Site ...B-6 All Web Sites and News Groups Visited B-6 System Admin Sessions B-6 Policy Administration LOG B-7 Appendix C Networks, Routing, and Firewall Basics Related Publications ...C-1 Basic Router Concepts C-1 What is a Router C-1 Routing Information Protocol C-2 IP Addresses and the Internet C-2 ...
... a Remote Device 9-6 Restoring the Default Configuration and Password 9-7 How to Use the Default Reset Button 9-7 Problems with Date and Time 9-8 Appendix A Technical Specifications Appendix B Firewall Log Formats Action List ...B-1 Field List ...B-1 Outbound Log ...B-1 Inbound Log ...Site ...B-6 All Web Sites and News Groups Visited B-6 System Admin Sessions B-6 Policy Administration LOG B-7 Appendix C Networks, Routing, and Firewall Basics Related Publications ...C-1 Basic Router Concepts C-1 What is a Router C-1 Routing Information Protocol C-2 IP Addresses and the Internet C-2 ...
FVS328 Reference Manual
Page 10
Domain Name Server C-9 IP Configuration by DHCP C-10 Internet Security and Firewalls C-10 What is a Firewall C-11 Stateful Packet Inspection C-11 Denial of Service Attack C-11 Ethernet Cabling ...C-12 Uplink Switches and ... or 9.x ...D-6 MacOS X ...D-7 Verifying TCP/IP Properties for Macintosh Computers D-8 Verifying the Readiness of Your Internet Account D-9 Are Login Protocols Used D-9 What Is Your Configuration Information D-9 Obtaining ISP Configuration Information for Windows Computers D-10 Obtaining ISP Configuration Information for Macintosh Computers D-11 Restarting the...
Domain Name Server C-9 IP Configuration by DHCP C-10 Internet Security and Firewalls C-10 What is a Firewall C-11 Stateful Packet Inspection C-11 Denial of Service Attack C-11 Ethernet Cabling ...C-12 Uplink Switches and ... or 9.x ...D-6 MacOS X ...D-7 Verifying TCP/IP Properties for Macintosh Computers D-8 Verifying the Readiness of Your Internet Account D-9 Are Login Protocols Used D-9 What Is Your Configuration Information D-9 Obtaining ISP Configuration Information for Windows Computers D-10 Obtaining ISP Configuration Information for Macintosh Computers D-11 Restarting the...
FVS328 Reference Manual
Page 11
...-Step Configuration of FVS328 Gateway B F-5 Test the VPN Connection F-9 Appendix G NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 Configuration Profile ...G-1 Using DDNS and Fully Qualified Domain Names (FQDN G-2 Step-By-Step Configuration of FVS318 or FVM318 Gateway A G-3 Step-By-Step Configuration of FVS328 Gateway B G-7 Test the VPN Connection G-11 Appendix H NETGEAR VPN Client to NETGEAR the FVS328 Profile: Traveling User...
...-Step Configuration of FVS328 Gateway B F-5 Test the VPN Connection F-9 Appendix G NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 Configuration Profile ...G-1 Using DDNS and Fully Qualified Domain Names (FQDN G-2 Step-By-Step Configuration of FVS318 or FVM318 Gateway A G-3 Step-By-Step Configuration of FVS328 Gateway B G-7 Test the VPN Connection G-11 Appendix H NETGEAR VPN Client to NETGEAR the FVS328 Profile: Traveling User...
FVS328 Reference Manual
Page 14
... file and directory names. User input. The notation [Enter] is used for the Enter key and the Return key. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Typographical Conventions This guide uses the following formats to highlight special messages: Note: This format is used to highlight information of importance or special interest. 2 About This...
... file and directory names. User input. The notation [Enter] is used for the Enter key and the Return key. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Typographical Conventions This guide uses the following formats to highlight special messages: Note: This format is used to highlight information of importance or special interest. 2 About This...
FVS328 Reference Manual
Page 15
...top right which links to navigate, print pages, and more. - To view the HTML version of the manual, you must have to Use this button when a step-by-step procedure is displayed will send the entire procedure to your printer-you need to view the Contents,... Index, Search, and Favorites tabs. About This Manual 3 May 2004, 202-10031-01 Use the right pane to a PDF version of pages. 3. Left pane. Using this Manual This manual includes both PDF and HTML versions. Model FVS328 ProSafe VPN Firewall with JavaScript enabled. 2.
...top right which links to navigate, print pages, and more. - To view the HTML version of the manual, you must have to Use this button when a step-by-step procedure is displayed will send the entire procedure to your printer-you need to view the Contents,... Index, Search, and Favorites tabs. About This Manual 3 May 2004, 202-10031-01 Use the right pane to a PDF version of pages. 3. Left pane. Using this Manual This manual includes both PDF and HTML versions. Model FVS328 ProSafe VPN Firewall with JavaScript enabled. 2.
FVS328 Reference Manual
Page 16
...you do not have to print. Click the print icon in the upper left side of the window. - Use the PDF button in the HTML View. Click the PDF button. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual How to Print this Manual To print this manual you can choose one... of the following several options, according to print the currently displayed topic. Use the Print button on the upper right side of...
...you do not have to print. Click the print icon in the upper left side of the window. - Use the PDF button in the HTML View. Click the PDF button. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual How to Print this Manual To print this manual you can choose one... of the following several options, according to print the currently displayed topic. Use the Print button on the upper right side of...
FVS328 Reference Manual
Page 17
... routers that protects your network from attacks and intrusions and enables secure communications using Virtual Private Networks (VPN). Key Features The FVS328 features are highlighted below. The FVS328 Firewall provides connection for multiple computers to the Internet through the serial port provides ...via the serial port on Network Address Translation (NAT) for security, the FVS328 uses Stateful Packet Inspection for up to 253 users with up . Chapter 2 Introduction This chapter describes the features of the NETGEAR FVS328 ProSafe VPN Firewall with Dial Back-up to 50 concurrent...
... routers that protects your network from attacks and intrusions and enables secure communications using Virtual Private Networks (VPN). Key Features The FVS328 features are highlighted below. The FVS328 Firewall provides connection for multiple computers to the Internet through the serial port provides ...via the serial port on Network Address Translation (NAT) for security, the FVS328 uses Stateful Packet Inspection for up to 253 users with up . Chapter 2 Introduction This chapter describes the features of the NETGEAR FVS328 ProSafe VPN Firewall with Dial Back-up to 50 concurrent...
FVS328 Reference Manual
Page 18
...routers, the FVS328 is a true firewall, using stateful packet inspection to 168 bit encryption (3DES) for maximum security. • Support for VPN Main Mode, Aggressive mode, or Manual Keying. • Support for industry standard VPN protocols. You can also configure the firewall to send immediate... standard keying methods (Manual or IKE), standard authentication methods (MD5 and SHA-1), and standard encryption methods (DES, 3DES). Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Remote Access Server (RAS) allows you to log in remotely through the serial port...
...routers, the FVS328 is a true firewall, using stateful packet inspection to 168 bit encryption (3DES) for maximum security. • Support for VPN Main Mode, Aggressive mode, or Manual Keying. • Support for industry standard VPN protocols. You can also configure the firewall to send immediate... standard keying methods (Manual or IKE), standard authentication methods (MD5 and SHA-1), and standard encryption methods (DES, 3DES). Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Remote Access Server (RAS) allows you to log in remotely through the serial port...
FVS328 Reference Manual
Page 19
... the port should have a 'normal' connection such as to a PC or an 'uplink' connection such as NAT, allows the use of an inexpensive single-user ISP account. This technique, known as to a switch or hub. This feature can also be statically...sites. Appendix C, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP). Protocol Support The FVS328 supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Content ...
... the port should have a 'normal' connection such as to a PC or an 'uplink' connection such as NAT, allows the use of an inexpensive single-user ISP account. This technique, known as to a switch or hub. This feature can also be statically...sites. Appendix C, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP). Protocol Support The FVS328 supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual Content ...
FVS328 Reference Manual
Page 20
... for Telstra cable in Australia. • Dynamic DNS Dynamic DNS services allow remote users to easily configure your firewall from a remote location via the Internet using a domain name when your dynamic IP address. For security, you can choose a nonstandard port number. 2-4 Introduction...The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • PPP over a DSL connection by simulating a dial-up Reference Manual • DNS Proxy When DHCP is not permanently assigned. Model FVS328 ProSafe VPN Firewall with...
... for Telstra cable in Australia. • Dynamic DNS Dynamic DNS services allow remote users to easily configure your firewall from a remote location via the Internet using a domain name when your dynamic IP address. For security, you can choose a nonstandard port number. 2-4 Introduction...The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • PPP over a DSL connection by simulating a dial-up Reference Manual • DNS Proxy When DHCP is not permanently assigned. Model FVS328 ProSafe VPN Firewall with...
FVS328 Reference Manual
Page 21
... information card If any of the LEDs to test Internet connectivity and reboot the firewall. The Firewall's Front Panel The front panel of the firewall. Introduction 2-5 May 2004, 202-10031-01 You can use these diagnostic functions directly from the FVS328 when your NETGEAR dealer. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Diagnostic functions The...
... information card If any of the LEDs to test Internet connectivity and reboot the firewall. The Firewall's Front Panel The front panel of the firewall. Introduction 2-5 May 2004, 202-10031-01 You can use these diagnostic functions directly from the FVS328 when your NETGEAR dealer. Model FVS328 ProSafe VPN Firewall with Dial Back-up Reference Manual • Diagnostic functions The...
FVS328 Reference Manual
Page 25
...Internet service such as explained below. 2. Note: Please refer to Appendix D, "Preparing Your Network" for your firewall to the firewall which is set up using the Setup Wizard, or manually configure your Internet connection. You can connect your account. The computer you must provide...a computer to the Internet: 1. LAN Hardware Requirements The FVS328 Firewall connects to your LAN via DHCP. If the computer will need to the Internet and configuration of your FVS328 ProSafe VPN Firewall with Dial Back-up the firewall on your Local Area Network (LAN) and connect to ...
...Internet service such as explained below. 2. Note: Please refer to Appendix D, "Preparing Your Network" for your firewall to the firewall which is set up using the Setup Wizard, or manually configure your Internet connection. You can connect your account. The computer you must provide...a computer to the Internet: 1. LAN Hardware Requirements The FVS328 Firewall connects to your LAN via DHCP. If the computer will need to the Internet and configuration of your FVS328 ProSafe VPN Firewall with Dial Back-up the firewall on your Local Area Network (LAN) and connect to ...
FVS328 Reference Manual
Page 26
... the page below . • If you have a computer already connected using the active Internet access account, you can gather the required Internet connection information...Internet configuration parameters, you may also refer to the FVS328 Resource CD for the NETGEAR Router ISP Guide which provides Internet connection information for many...firewall to the Internet: • Host and Domain Names • ISP Login Name and Password • ISP Domain Name Server (DNS) Addresses • Fixed or Static IP Address Where Do I Get the Internet Configuration Parameters? Model FVS328 ProSafe VPN Firewall...
... the page below . • If you have a computer already connected using the active Internet access account, you can gather the required Internet connection information...Internet configuration parameters, you may also refer to the FVS328 Resource CD for the NETGEAR Router ISP Guide which provides Internet connection information for many...firewall to the Internet: • Host and Domain Names • ISP Login Name and Password • ISP Domain Name Server (DNS) Addresses • Fixed or Static IP Address Where Do I Get the Internet Configuration Parameters? Model FVS328 ProSafe VPN Firewall...
FVS328 Reference Manual
Page 27
... 169.254.141.148 could be entered exactly as given by all ISPs. If you haven't been given host or domain names, you use a dial-up Reference Manual Worksheet for Recording Your Internet Connection Information Print this your account, user, host, computer, or system name. ...address, record the following : Account/User Name Password Telephone number Alternative number Connecting the FVS328 to the Internet 3-3 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with your ISP is [email protected], then use aaa as your host name. Fill in the following examples as a guide: •...
... 169.254.141.148 could be entered exactly as given by all ISPs. If you haven't been given host or domain names, you use a dial-up Reference Manual Worksheet for Recording Your Internet Connection Information Print this your account, user, host, computer, or system name. ...address, record the following : Account/User Name Password Telephone number Alternative number Connecting the FVS328 to the Internet 3-3 May 2004, 202-10031-01 Model FVS328 ProSafe VPN Firewall with your ISP is [email protected], then use aaa as your host name. Fill in the following examples as a guide: •...