FVS336G Reference Manual
Page 8
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Auto-Rollover Mode 2-12 Configuring Load Balancing 2-14 Configuring Dynamic DNS (Optional 2-16 Configuring the Advanced WAN Options (Optional 2-18 Additional WAN Related Configuration 2-20 Chapter 3 LAN Configuration Choosing the Firewall DHCP Options 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and Hosts (LAN Groups 3-5 Viewing the LAN Groups Database...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Configuring Auto-Rollover Mode 2-12 Configuring Load Balancing 2-14 Configuring Dynamic DNS (Optional 2-16 Configuring the Advanced WAN Options (Optional 2-18 Additional WAN Related Configuration 2-20 Chapter 3 LAN Configuration Choosing the Firewall DHCP Options 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and Hosts (LAN Groups 3-5 Viewing the LAN Groups Database...
FVS336G Reference Manual
Page 16
Remote access by telecommuters requires the installation of the NETGEAR ProSafe VPN Client software (VPN01L) - ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy monitoring of status and activity. • Flash memory for outgoing traffic. The second WAN port allows you to connect a second broadband...
Remote access by telecommuters requires the installation of the NETGEAR ProSafe VPN Client software (VPN01L) - ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy monitoring of status and activity. • Flash memory for outgoing traffic. The second WAN port allows you to connect a second broadband...
FVS336G Reference Manual
Page 18
...install, configure, and operate the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). The VPN firewall automatically senses the type of Internet ...Browser-based configuration allows you only for the information required for your Internet service provider (ISP). A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Auto Detection...
...install, configure, and operate the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Extensive Protocol Support The VPN firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). The VPN firewall automatically senses the type of Internet ...Browser-based configuration allows you only for the information required for your Internet service provider (ISP). A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Auto Detection...
FVS336G Reference Manual
Page 32
...connection is made, NETGEAR's Web site appears. 13. Click Test to the NETGEAR Web site. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN can be configured on a mutually exclusive basis for either auto-rollover (for increased system reliability) or load balancing (for Dual WAN) The dual WAN ports of the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 9. Click... and enter the DNS server IP addresses provided to you are finished, click Logout or proceed to additional setup and management tasks. If you intend to the previous settings.) 12.
...connection is made, NETGEAR's Web site appears. 13. Click Test to the NETGEAR Web site. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN can be configured on a mutually exclusive basis for either auto-rollover (for increased system reliability) or load balancing (for Dual WAN) The dual WAN ports of the ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 9. Click... and enter the DNS server IP addresses provided to you are finished, click Logout or proceed to additional setup and management tasks. If you intend to the previous settings.) 12.
FVS336G Reference Manual
Page 38
... Internet domain names. After you have that name linked with varying public IP addresses to set protocol bindings for the WAN1 port. 5. ProSafe Dual WAN Gigabit Firewall with a DDNS provider such as DynDNS.org, TZO.com or Iego.net. (Links to implement features such as 192.168.x.x or 10...For load balancing mode, you may still need a fully qualified domain name (FQDN) either for convenience or if you must setup an account with SSL & IPsec VPN FVS336G Reference Manual • Address range. Note: If your frequently-changing IP address. To use DDNS, you to register an extension...
... Internet domain names. After you have that name linked with varying public IP addresses to set protocol bindings for the WAN1 port. 5. ProSafe Dual WAN Gigabit Firewall with a DDNS provider such as DynDNS.org, TZO.com or Iego.net. (Links to implement features such as 192.168.x.x or 10...For load balancing mode, you may still need a fully qualified domain name (FQDN) either for convenience or if you must setup an account with SSL & IPsec VPN FVS336G Reference Manual • Address range. Note: If your frequently-changing IP address. To use DDNS, you to register an extension...
FVS336G Reference Manual
Page 44
..., when the DNS proxy is running, i.e. These are using a dual WAN configuration with route diversity and failover. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • An IP Address from the range you have ...defined. • Subnet Mask. • Gateway IP Address (the firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you entered a WINS server address in the DHCP Setup...
..., when the DNS proxy is running, i.e. These are using a dual WAN configuration with route diversity and failover. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • An IP Address from the range you have ...defined. • Subnet Mask. • Gateway IP Address (the firewall's LAN IP address). • Primary DNS Server (the firewall's LAN IP address). • WINS Server (if you entered a WINS server address in the DHCP Setup...
FVS336G Reference Manual
Page 45
...to Network Configuration > LAN Setup to the VPN firewall's LAN. In the LAN TCP/IP Setup section, configure the following parameters: • Domain Name. (Optional) The DHCP will automatically calculate the subnet mask based on your VPN firewall (factory default: 192.168.1.1)....Server. By default, the VPN firewall will function as the subnet mask. 3. Figure 3-1 2. Your VPN firewall will assign the entered domain to 10.0.0.1, you change the default IP address 192.168.1.1 to DHCP clients. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 1. Note:...
...to Network Configuration > LAN Setup to the VPN firewall's LAN. In the LAN TCP/IP Setup section, configure the following parameters: • Domain Name. (Optional) The DHCP will automatically calculate the subnet mask based on your VPN firewall (factory default: 192.168.1.1)....Server. By default, the VPN firewall will function as the subnet mask. 3. Figure 3-1 2. Your VPN firewall will assign the entered domain to 10.0.0.1, you change the default IP address 192.168.1.1 to DHCP clients. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 1. Note:...
FVS336G Reference Manual
Page 46
... Ending IP Address. To change these default traffic rules, refer to provide LDAP server information. • Enable DNS Proxy. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Starting IP Address. Specifies the first of the contiguous addresses in the IP address pool. Any new... Ending DHCP addresses should be leased to its LAN IP address unless you have completed the LAN setup, all outbound traffic is allowed and all inbound traffic is present in the firewall settings (see "Attack Checks" on page 4-17). 4. b. a. Note: Once you disable DNS...
... Ending IP Address. To change these default traffic rules, refer to provide LDAP server information. • Enable DNS Proxy. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Starting IP Address. Specifies the first of the contiguous addresses in the IP address pool. Any new... Ending DHCP addresses should be leased to its LAN IP address unless you have completed the LAN setup, all outbound traffic is allowed and all inbound traffic is present in the firewall settings (see "Attack Checks" on page 4-17). 4. b. a. Note: Once you disable DNS...
FVS336G Reference Manual
Page 48
The LAN Setup tab displays. 2. For computers that do not support the NetBIOS protocol, this will be listed as "Unknown" (you will need to that PC. By default, a ... edit the entry manually to a single group. For each computer or device, the following fields are displayed: • Name. The name of the computer. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • A computer is identified by clicking Edit. 3-6 LAN Configuration v1.0, March 2009 Hence, changing a computer's IP address does not affect any...
The LAN Setup tab displays. 2. For computers that do not support the NetBIOS protocol, this will be listed as "Unknown" (you will need to that PC. By default, a ... edit the entry manually to a single group. For each computer or device, the following fields are displayed: • Name. The name of the computer. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • A computer is identified by clicking Edit. 3-6 LAN Configuration v1.0, March 2009 Hence, changing a computer's IP address does not affect any...
FVS336G Reference Manual
Page 89
... NETGEAR VPN Client configuration procedures for Client and Gateway Configurations You use the VPN Wizard to configure multiple gateway or client VPN tunnel policies. Select VPN > IPsec VPN > VPN Wizard to Gateway VPN Tunnels with a series of the VPN Consortium (VPNC), an organization that will also set up . Virtual Private Networking Using IPsec 5-3 v1.0, March 2009 ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G...
... NETGEAR VPN Client configuration procedures for Client and Gateway Configurations You use the VPN Wizard to configure multiple gateway or client VPN tunnel policies. Select VPN > IPsec VPN > VPN Wizard to Gateway VPN Tunnels with a series of the VPN Consortium (VPNC), an organization that will also set up . Virtual Private Networking Using IPsec 5-3 v1.0, March 2009 ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G...
FVS336G Reference Manual
Page 101
... use. It is of the keys used in the policy tables. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual To view FVS336G VPN logs, go to remember that some traffic matches an existing VPN policy. Figure 5-19 Managing VPN Policies After you selected as the VPN tunnel connection name during Wizard setup identifies both the VPN policy and IKE policy.
... use. It is of the keys used in the policy tables. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual To view FVS336G VPN logs, go to remember that some traffic matches an existing VPN policy. Figure 5-19 Managing VPN Policies After you selected as the VPN tunnel connection name during Wizard setup identifies both the VPN policy and IKE policy.
FVS336G Reference Manual
Page 142
... tab screen is the period at which an idle user will be associated with the domain that is associated with SSL & IPsec VPN FVS336G Reference Manual c. b. The Users screen will be automatically logged out of the Web Configuration Manager 3. Select Group. Click Add. User... main menu. Select Users > Users from a list of Groups, ready for use in the List of configured groups. ProSafe Dual WAN Gigabit Firewall with that group. 7-4 Managing Users, Authentication, and Certificates v1.0, March 2009 The new group appears in user account setup. Figure 7-5 3.
... tab screen is the period at which an idle user will be associated with the domain that is associated with SSL & IPsec VPN FVS336G Reference Manual c. b. The Users screen will be automatically logged out of the Web Configuration Manager 3. Select Group. Click Add. User... main menu. Select Users > Users from a list of Groups, ready for use in the List of configured groups. ProSafe Dual WAN Gigabit Firewall with that group. 7-4 Managing Users, Authentication, and Certificates v1.0, March 2009 The new group appears in user account setup. Figure 7-5 3.
FVS336G Reference Manual
Page 182
Displays the current settings for MAC address, IP address, DHCP role and IP Subnet Mask that you entered in the LAN IP Setup page. DHCP can be either Server or None. 9-8 Monitoring System Performance v1.0, March 2009 This is the current software the router is the Account Name that you set in the Basic Settings page. This will change if you upgrade your router. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Figure 9-3 The following information is displayed: Item System Name Firmware Version LAN Port Description This is using.
Displays the current settings for MAC address, IP address, DHCP role and IP Subnet Mask that you entered in the LAN IP Setup page. DHCP can be either Server or None. 9-8 Monitoring System Performance v1.0, March 2009 This is the current software the router is the Account Name that you set in the Basic Settings page. This will change if you upgrade your router. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Figure 9-3 The following information is displayed: Item System Name Firmware Version LAN Port Description This is using.
FVS336G Reference Manual
Page 184
... to DHCP client requests from the main menu, and then select the LAN Groups tab. These requests also generate an entry in the LAN Setup menu) is an automatically-maintained list of this, leaving the DHCP Server feature enabled (in the database. Because of LAN-attached devices. The.... Select Network Configuration > LAN Settings from PCs and other LAN devices become known by the following methods: • DHCP Client Requests. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual . PCs and other network devices. To view the LAN Groups screen: 1.
... to DHCP client requests from the main menu, and then select the LAN Groups tab. These requests also generate an entry in the LAN Setup menu) is an automatically-maintained list of this, leaving the DHCP Server feature enabled (in the database. Because of LAN-attached devices. The.... Select Network Configuration > LAN Settings from PCs and other LAN devices become known by the following methods: • DHCP Client Requests. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual . PCs and other network devices. To view the LAN Groups screen: 1.
FVS336G Reference Manual
Page 186
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Reviewing the DHCP Log To review the most recent entries, click refresh. Figure 9-6 2. The DHCP Log appears in the DHCP log: 1. To view the most recent entries in a popup window. The LAN Setup screen will display. Click the DHCP Log link to the right of administrators and...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Reviewing the DHCP Log To review the most recent entries, click refresh. Figure 9-6 2. The DHCP Log appears in the DHCP log: 1. To view the most recent entries in a popup window. The LAN Setup screen will display. Click the DHCP Log link to the right of administrators and...
FVS336G Reference Manual
Page 236
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual ModeConfig, configuring with ModeConfig 5-26 IPsec host 5-19 ISP connection troubleshooting 10-4 K Keep Connected Idle TImeout 2-9 Idle Timeout 2-8 keepalive, VPN 5-28 Keyword Blocking 4-19 applying 4-21 Known PCs and Devices list of 3-6 L LAN configuration 3-1 using LAN IP setup... field descriptions 4-6 inbound traffic C-6, C-8 dual WAN ports C-8, C-9 single WAN port reference case C-8 increasing traffic 8-5 Port Forwarding 8-5 Port Triggering 8-7 VPN Tunnels 8-7 installation 1-4 Installation, instructions for...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual ModeConfig, configuring with ModeConfig 5-26 IPsec host 5-19 ISP connection troubleshooting 10-4 K Keep Connected Idle TImeout 2-9 Idle Timeout 2-8 keepalive, VPN 5-28 Keyword Blocking 4-19 applying 4-21 Known PCs and Devices list of 3-6 L LAN configuration 3-1 using LAN IP setup... field descriptions 4-6 inbound traffic C-6, C-8 dual WAN ports C-8, C-9 single WAN port reference case C-8 increasing traffic 8-5 Port Forwarding 8-5 Port Triggering 8-7 VPN Tunnels 8-7 installation 1-4 Installation, instructions for...
FVS336G Reference Manual
Page 240
See QoS. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual split tunnel configuring 6-11 description 6-10 spoof MAC address 10-5 SSL VPN Client description 6-2 SSL VPN Logs 9-16 Starting IP Address DHCP Address Pool 3-4 Stateful Packet Inspection firewall, use with DDNS 8-12 traffic increasing 8-5 ...testing your setup 10-6 Web configuration 10-3 Trusted Certificates 7-11, 7-12 two-factor authentication WiKID 7-10 TZO.com 2-16 U UDP flood 4-18 special rule 8-6 User Database 5-20 User Policies 6-15 V view protocol bindings Load Balancing 2-15 VPN gateway to ...
See QoS. ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual split tunnel configuring 6-11 description 6-10 spoof MAC address 10-5 SSL VPN Client description 6-2 SSL VPN Logs 9-16 Starting IP Address DHCP Address Pool 3-4 Stateful Packet Inspection firewall, use with DDNS 8-12 traffic increasing 8-5 ...testing your setup 10-6 Web configuration 10-3 Trusted Certificates 7-11, 7-12 two-factor authentication WiKID 7-10 TZO.com 2-16 U UDP flood 4-18 special rule 8-6 User Database 5-20 User Policies 6-15 V view protocol bindings Load Balancing 2-15 VPN gateway to ...
FVS336G Reference Manual
Page 241
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual telecommuter, about C-17 telecommuter, Dual gateway C-18 telecommuter, single gateway C-17 VPN Client configuring 5-6 VPN firewall connecting 2-1 VPN Logs screen 9-15 VPN passthrough 4-18, 8-6 VPN Policies screen 5-5, 5-8 VPN Policy Auto 5-17 Manual 5-17 VPN Tunnel addresses Dual WAN Port systems 5-2 VPN Tunnel Connection monitoring status 9-14 VPN tunnels about 5-1 increasing traffic 8-7 load balancing mode 5-2 rollover mode 5-2 VPN Wizard Gateway tunnel...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual telecommuter, about C-17 telecommuter, Dual gateway C-18 telecommuter, single gateway C-17 VPN Client configuring 5-6 VPN firewall connecting 2-1 VPN Logs screen 9-15 VPN passthrough 4-18, 8-6 VPN Policies screen 5-5, 5-8 VPN Policy Auto 5-17 Manual 5-17 VPN Tunnel addresses Dual WAN Port systems 5-2 VPN Tunnel Connection monitoring status 9-14 VPN tunnels about 5-1 increasing traffic 8-7 load balancing mode 5-2 rollover mode 5-2 VPN Wizard Gateway tunnel...
FVS336G Reference Manual
Page 8
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Network Address Translation 2-12 Classical Routing 2-12 Configuring Auto-Rollover Mode 2-13 Configuring Load Balancing 2-15 Configuring Dynamic DNS (Optional 2-17 Configuring the Advanced WAN Options (Optional 2-19 Additional WAN Related Configuration 2-21 Chapter 3 LAN Configuration Using the VPN Firewall as a DHCP server 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and...
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Network Address Translation 2-12 Classical Routing 2-12 Configuring Auto-Rollover Mode 2-13 Configuring Load Balancing 2-15 Configuring Dynamic DNS (Optional 2-17 Configuring the Advanced WAN Options (Optional 2-19 Additional WAN Related Configuration 2-21 Chapter 3 LAN Configuration Using the VPN Firewall as a DHCP server 3-1 Configuring the LAN Setup Options 3-2 Managing Groups and...
FVS336G Reference Manual
Page 18
...mutually-exclusive basis to selected corporate resources without requiring a pre-installed VPN client on the remote computer. - ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy...disconnected. • Load balance, or use both Internet lines simultaneously for a wide variety of the NETGEAR ProSafe VPN Client software (VPN01L) - The firewall balances users between a central office and telecommuters. Uses the familiar Secure Sockets Layer (SSL) protocol...
...mutually-exclusive basis to selected corporate resources without requiring a pre-installed VPN client on the remote computer. - ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual • Easy, web-based setup for installation and management. • Front panel LEDs for easy...disconnected. • Load balance, or use both Internet lines simultaneously for a wide variety of the NETGEAR ProSafe VPN Client software (VPN01L) - The firewall balances users between a central office and telecommuters. Uses the familiar Secure Sockets Layer (SSL) protocol...