FVS336G Reference Manual
Page 1
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 USA March 2009 202-10257-04 v1.0
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134 USA March 2009 202-10257-04 v1.0
FVS336G Reference Manual
Page 2
... circuit layout(s) described herein. However, there is a trademark of NETGEAR, Inc. Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Dual WAN Gigabit Firewall with the following EU Council Directives: 89/336/EEC and LVD ...brand and product names are registered trademarks of Microsoft Corporation. EU Regulatory Compliance Statement The ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN is hereby certified that the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN has been suppressed in accordance with the instructions, may occur...
... circuit layout(s) described herein. However, there is a trademark of NETGEAR, Inc. Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Dual WAN Gigabit Firewall with the following EU Council Directives: 89/336/EEC and LVD ...brand and product names are registered trademarks of Microsoft Corporation. EU Regulatory Compliance Statement The ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN is hereby certified that the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN has been suppressed in accordance with the instructions, may occur...
FVS336G Reference Manual
Page 5
... format) Product and Publication Details Model Number: Publication Date: Product Family: Product Name: Home or Business Product: Language: Publication Part Number: Publication Version Number FVS336G March 2009 VPN Firewall ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN Business English 202-10257-04 1.0 v 1.0, March 2009 zlib.h -- In no event will the authors be misrepresented; The name of...
... format) Product and Publication Details Model Number: Publication Date: Product Family: Product Name: Home or Business Product: Language: Publication Part Number: Publication Version Number FVS336G March 2009 VPN Firewall ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN Business English 202-10257-04 1.0 v 1.0, March 2009 zlib.h -- In no event will the authors be misrepresented; The name of...
FVS336G Reference Manual
Page 7
... Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS336G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode (Required for Dual WAN 2-10 Network Address Translation 2-11 Classical Routing 2-12 vii...
... Password Location 1-8 Qualified Web Browsers 1-8 Chapter 2 Connecting the FVS336G to the Internet Understanding the Connection Steps 2-1 Logging into the VPN Firewall Router 2-2 Navigating the Menus ...2-3 Configuring the Internet Connections 2-4 Automatically Detecting and Connecting 2-5 Manually Configuring the Internet Connection 2-7 Configuring the WAN Mode (Required for Dual WAN 2-10 Network Address Translation 2-11 Classical Routing 2-12 vii...
FVS336G Reference Manual
Page 8
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Auto-Rollover Mode 2-12 Configuring Load Balancing 2-14 Configuring Dynamic DNS (Optional 2-16 Configuring the Advanced WAN Options (Optional 2-18 Additional WAN Related Configuration 2-20 Chapter 3 LAN Configuration Choosing the Firewall DHCP Options 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and Hosts (LAN Groups 3-5 Viewing the LAN...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Auto-Rollover Mode 2-12 Configuring Load Balancing 2-14 Configuring Dynamic DNS (Optional 2-16 Configuring the Advanced WAN Options (Optional 2-18 Additional WAN Related Configuration 2-20 Chapter 3 LAN Configuration Choosing the Firewall DHCP Options 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and Hosts (LAN Groups 3-5 Viewing the LAN...
FVS336G Reference Manual
Page 9
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Port Triggering 4-24 Setting a Schedule to Block or Allow Specific Traffic 4-26 Configuring a Bandwidth Profile 4-26 Configuring Session Limits 4-28 E-Mail Notifications of Event Logs and Alerts 4-29 Administrator Tips ...4-29 Chapter 5 Virtual Private Networking Using IPsec Considerations for Dual WAN Port Systems 5-1 Using the VPN...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Port Triggering 4-24 Setting a Schedule to Block or Allow Specific Traffic 4-26 Configuring a Bandwidth Profile 4-26 Configuring Session Limits 4-28 E-Mail Notifications of Event Logs and Alerts 4-29 Administrator Tips ...4-29 Chapter 5 Virtual Private Networking Using IPsec Considerations for Dual WAN Port Systems 5-1 Using the VPN...
FVS336G Reference Manual
Page 10
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Domains, Groups, and Users 6-7 Configuring Applications for Port Forwarding 6-7 Adding Servers ...6-8 Adding A New Host Name 6-9 Configuring the SSL VPN Client 6-10 Configuring ...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Domains, Groups, and Users 6-7 Configuring Applications for Port Forwarding 6-7 Adding Servers ...6-8 Adding A New Host Name 6-9 Configuring the SSL VPN Client 6-10 Configuring ...
FVS336G Reference Manual
Page 11
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Changing Passwords and Administrator Settings 8-8 Enabling Remote Management Access 8-10 Using the Command Line Interface 8-12 Using an SNMP... 8-18 Chapter 9 Monitoring System Performance Enabling the Traffic Meter 9-1 Activating Notification of Events and Alerts 9-4 Viewing Firewall Logs ...9-6 Viewing Router Configuration and System Status 9-7 Monitoring the Status of WAN Ports 9-9 Monitoring Attached Devices 9-10 Reviewing the DHCP Log 9-12 Monitoring Active Users 9-12 Viewing Port Triggering Status...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Changing Passwords and Administrator Settings 8-8 Enabling Remote Management Access 8-10 Using the Command Line Interface 8-12 Using an SNMP... 8-18 Chapter 9 Monitoring System Performance Enabling the Traffic Meter 9-1 Activating Notification of Events and Alerts 9-4 Viewing Firewall Logs ...9-6 Viewing Router Configuration and System Status 9-7 Monitoring the Status of WAN Ports 9-9 Monitoring Attached Devices 9-10 Reviewing the DHCP Log 9-12 Monitoring Active Users 9-12 Viewing Port Triggering Status...
FVS336G Reference Manual
Page 12
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Appendix A Default Settings and Technical Specifications Appendix B Related Documents Appendix C Network Planning for Dual WAN Ports What You Will Need to Do Before You Begin C-1 Cabling and Computer Hardware Requirements C-3 Computer Network Configuration Requirements C-3 Internet ...Authentication Why do I need Two-Factor Authentication D-1 What are the benefits of Two-Factor Authentication D-1 What is Two-Factor Authentication D-2 NETGEAR Two-Factor Authentication Solutions D-2 Index xii v1.0, March 2009
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Appendix A Default Settings and Technical Specifications Appendix B Related Documents Appendix C Network Planning for Dual WAN Ports What You Will Need to Do Before You Begin C-1 Cabling and Computer Hardware Requirements C-3 Computer Network Configuration Requirements C-3 Internet ...Authentication Why do I need Two-Factor Authentication D-1 What are the benefits of Two-Factor Authentication D-1 What is Two-Factor Authentication D-2 NETGEAR Two-Factor Authentication Solutions D-2 Index xii v1.0, March 2009
FVS336G Reference Manual
Page 13
About This Manual The NETGEAR® ProSafe™ Dual WAN Gigabit Firewall with SSL & IPsec VPN Reference Manual describes how to highlight a procedure that will save time or resources. This manual uses the following formats to highlight special messages: Note: This format is used to install, configure and troubleshoot a ProSafe Dual WAN Gigabit Firewall with intermediate computer and networking skills. Warning: Ignoring...
About This Manual The NETGEAR® ProSafe™ Dual WAN Gigabit Firewall with SSL & IPsec VPN Reference Manual describes how to highlight a procedure that will save time or resources. This manual uses the following formats to highlight special messages: Note: This format is used to install, configure and troubleshoot a ProSafe Dual WAN Gigabit Firewall with intermediate computer and networking skills. Warning: Ignoring...
FVS336G Reference Manual
Page 14
...notice may result in Appendix B, "Related Documents.". Failure to align with SSL & IPsec VPN FVS336G Reference Manual Danger: This is a safety warning. ProSafe Dual WAN Gigabit Firewall with router firmware update. March 2009 Adds these corrections and topics for the March 2009 firmware ...configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv v1.0, March 2009 For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in personal injury or death.
...notice may result in Appendix B, "Related Documents.". Failure to align with SSL & IPsec VPN FVS336G Reference Manual Danger: This is a safety warning. ProSafe Dual WAN Gigabit Firewall with router firmware update. March 2009 Adds these corrections and topics for the March 2009 firmware ...configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv v1.0, March 2009 For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in personal injury or death.
FVS336G Reference Manual
Page 15
Chapter 1 Introduction The ProSafe Dual WAN Gigabit Firewall with multi-NAT support. 1-1 v1.0, March 2009 As a complete security solution, the FVS336G incorporates a powerful and flexible firewall to safeguard your network, while providing advanced IPsec and SSL VPN technologies for extremely fast... Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on page 1-8 Key Features The VPN firewall provides the following key features: • Dual 10/100/1000 Mbps Gigabit Ethernet WAN ports for load balancing or failover protection of your primary Internet connection.
Chapter 1 Introduction The ProSafe Dual WAN Gigabit Firewall with multi-NAT support. 1-1 v1.0, March 2009 As a complete security solution, the FVS336G incorporates a powerful and flexible firewall to safeguard your network, while providing advanced IPsec and SSL VPN technologies for extremely fast... Name, and Password Location" on page 1-8 • "Qualified Web Browsers" on page 1-8 Key Features The VPN firewall provides the following key features: • Dual 10/100/1000 Mbps Gigabit Ethernet WAN ports for load balancing or failover protection of your primary Internet connection.
FVS336G Reference Manual
Page 16
... consider when implementing the following capabilities with dual WAN port gateways: • Single or multiple exposed hosts. • Virtual private networks. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy monitoring of the NETGEAR ProSafe VPN Client software (VPN01L) - Advanced VPN Support...
... consider when implementing the following capabilities with dual WAN port gateways: • Single or multiple exposed hosts. • Virtual private networks. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy monitoring of the NETGEAR ProSafe VPN Client software (VPN01L) - Advanced VPN Support...
FVS336G Reference Manual
Page 17
... screening for Web services, Web addresses, and keywords within Web addresses. ProSafe Dual WAN Gigabit Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS336G is a true firewall, using stateful packet inspection (SPI) to make the right connection. You can also configure the firewall to send immediate alert messages to your LAN to corporate resources based...
... screening for Web services, Web addresses, and keywords within Web addresses. ProSafe Dual WAN Gigabit Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS336G is a true firewall, using stateful packet inspection (SPI) to make the right connection. You can also configure the firewall to send immediate alert messages to your LAN to corporate resources based...
FVS336G Reference Manual
Page 18
... install, configure, and operate the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN within ...ISP). This feature greatly simplifies configuration of personal computer, such as a DNS server to "Internet Configuration Requirements" on your firewall from the LAN. • PPP over a DSL connection by NAT. PPPoE is built into the browser-based Web ...
... install, configure, and operate the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN within ...ISP). This feature greatly simplifies configuration of personal computer, such as a DNS server to "Internet Configuration Requirements" on your firewall from the LAN. • PPP over a DSL connection by NAT. PPPoE is built into the browser-based Web ...
FVS336G Reference Manual
Page 19
... your use of addresses. • Visual monitoring. Maintenance and Support NETGEAR offers the following items: • ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. • One AC power cable. • Rubber feet. • One Category 5 (Cat5) Ethernet cable. • Installation Guide, FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • VPN Wizard. one user license. • Warranty...
... your use of addresses. • Visual monitoring. Maintenance and Support NETGEAR offers the following items: • ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN. • One AC power cable. • Rubber feet. • One Category 5 (Cat5) Ethernet cable. • Installation Guide, FVS336G ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • VPN Wizard. one user license. • Warranty...
FVS336G Reference Manual
Page 20
... Power and Test, WAN1, WAN2, and the LAN lights: Figure 1-1 The function of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual If any of each LED is either not enabled or has no link. 1-6 Introduction v1.0, March 2009 Writing to Flash memory...
... Power and Test, WAN1, WAN2, and the LAN lights: Figure 1-1 The function of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual If any of each LED is either not enabled or has no link. 1-6 Introduction v1.0, March 2009 Writing to Flash memory...
FVS336G Reference Manual
Page 21
ProSafe Dual WAN Gigabit Firewall with RJ-45 connectors. 4. Data is operating at 100 Mbps. WAN Ethernet ports: Two independent N-way automatic speed negotiating, Auto MDI/ MDIX, Gigabit Ethernet ports with SSL & IPsec VPN FVS336G Reference Manual Table 1-1. The LAN port is being transmitted or received by the WAN... power receptacle: Universal AC input (100-240 VAC, 50-60 Hz). 6. Rear Panel Features The rear panel of the ProSafe Dual WAN Gigabit Firewall with RJ-45 connectors. 3. LED Descriptions (continued) Object LAN Ports SPEED LINK/ACT (Link and Activity) Activity On (...
ProSafe Dual WAN Gigabit Firewall with RJ-45 connectors. 4. Data is operating at 100 Mbps. WAN Ethernet ports: Two independent N-way automatic speed negotiating, Auto MDI/ MDIX, Gigabit Ethernet ports with SSL & IPsec VPN FVS336G Reference Manual Table 1-1. The LAN port is being transmitted or received by the WAN... power receptacle: Universal AC input (100-240 VAC, 50-60 Hz). 6. Rear Panel Features The rear panel of the ProSafe Dual WAN Gigabit Firewall with RJ-45 connectors. 3. LED Descriptions (continued) Object LAN Ports SPEED LINK/ACT (Link and Activity) Activity On (...
FVS336G Reference Manual
Page 22
... Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN, an administrator must use with the VPN firewall's Web Management Interface for the SSL VPN portal, not the Web Management Interface. 1-8 Introduction v1.0, March 2009 ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Default IP Address, Login Name, and Password...
... Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN, an administrator must use with the VPN firewall's Web Management Interface for the SSL VPN portal, not the Web Management Interface. 1-8 Introduction v1.0, March 2009 ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Default IP Address, Login Name, and Password...
FVS336G Reference Manual
Page 23
... Firewall Router" on the NETGEAR website at: http://kbserver.netgear.com. 2. Connect the firewall physically to your ISP(s). A PDF of the Installation Guide is described in to the VPN Firewall. After logging in the installation guide. Configure the Internet connections to your ISPs. See "Configuring the WAN Mode (Required for complete steps. See the Installation Guide, FVS336G ProSafe Dual WAN Gigabit Firewall...
... Firewall Router" on the NETGEAR website at: http://kbserver.netgear.com. 2. Connect the firewall physically to your ISP(s). A PDF of the Installation Guide is described in to the VPN Firewall. After logging in the installation guide. Configure the Internet connections to your ISPs. See "Configuring the WAN Mode (Required for complete steps. See the Installation Guide, FVS336G ProSafe Dual WAN Gigabit Firewall...