FVS338 Reference Manual
Page 11
... the Web Configuration Interface 7-2 Troubleshooting the ISP Connection 7-4 Troubleshooting a TCP/IP Network Using a Ping Utility 7-5 Testing the LAN Path to Your Firewall 7-5 Testing the Path from Your PC to a Remote Device 7-6 Restoring the Default Configuration and Password 7-7 Problems with Date and Time 7-7 Appendix A Default Settings and Technical Specifications Appendix B System Logs and Error Messages...
... the Web Configuration Interface 7-2 Troubleshooting the ISP Connection 7-4 Troubleshooting a TCP/IP Network Using a Ping Utility 7-5 Testing the LAN Path to Your Firewall 7-5 Testing the Path from Your PC to a Remote Device 7-6 Restoring the Default Configuration and Password 7-7 Problems with Date and Time 7-7 Appendix A Default Settings and Technical Specifications Appendix B System Logs and Error Messages...
FVS338 Reference Manual
Page 21
FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. Object Descriptions Object Activity Power LED Test LED MDM LED ... Power is operating at 10 Mbps. The serial port has successfully connected to the router. The LAN port is supplied to an ISP and received an IP Address. Introduction 1-7 v1.0, March 2009 The LAN port is not supplied to defaults). Power is operating at 100 Mbps. Data is being transmitted or received by...
FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. Object Descriptions Object Activity Power LED Test LED MDM LED ... Power is operating at 10 Mbps. The serial port has successfully connected to the router. The LAN port is supplied to an ISP and received an IP Address. Introduction 1-7 v1.0, March 2009 The LAN port is not supplied to defaults). Power is operating at 100 Mbps. Data is being transmitted or received by...
FVS338 Reference Manual
Page 23
Enter admin for User Name and password for Password Introduction 1-9 v1.0, March 2009 Factory Default Login FVS338 ProSafe VPN Firewall 50 Reference Manual Check the label on the bottom of the FVS338's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-3 To log in to http://192.168.1.1. Go to the FVS338 once it is connected: 1. Figure 1-4 2.
Enter admin for User Name and password for Password Introduction 1-9 v1.0, March 2009 Factory Default Login FVS338 ProSafe VPN Firewall 50 Reference Manual Check the label on the bottom of the FVS338's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-3 To log in to http://192.168.1.1. Go to the FVS338 once it is connected: 1. Figure 1-4 2.
FVS338 Reference Manual
Page 29
... the Connect and disconnect manually radio box to accept the ISP assigned IP address. a. If your modem's user manual. To use ISP assigned DNS server addresses (default). Check the Connect automatically disconnect after idle for connectivity. The default setting of the router and the modem connect. Alternative Telephone: An alternative number which the serial... idle minute amount. For most 56Kbps modems, the U.S. If this does not work . d. Telephone: The telephone number or access number to dial for ___ min. FVS338 ProSafe VPN Firewall 50 Reference Manual c.
... the Connect and disconnect manually radio box to accept the ISP assigned IP address. a. If your modem's user manual. To use ISP assigned DNS server addresses (default). Check the Connect automatically disconnect after idle for connectivity. The default setting of the router and the modem connect. Alternative Telephone: An alternative number which the serial... idle minute amount. For most 56Kbps modems, the U.S. If this does not work . d. Telephone: The telephone number or access number to dial for ___ min. FVS338 ProSafe VPN Firewall 50 Reference Manual c.
FVS338 Reference Manual
Page 37
FVS338 ProSafe VPN Firewall 50 Reference Manual Configuring the WAN Mode The WAN Mode screen allows you to configure how your router uses your WAN port or dialup modem connections. • NAT. NAT is the technology which allows all inbound firewall rules when switching between NAT and Classical Routing. ...8226; If you only have a valid Internet IP address. for example, your external Internet connections; The Router uses NAT to select the correct PC (on your ISP has assigned only one IP address to share a single Internet IP address. NAT is the default. 3. Select NAT if your LAN) to...
FVS338 ProSafe VPN Firewall 50 Reference Manual Configuring the WAN Mode The WAN Mode screen allows you to configure how your router uses your WAN port or dialup modem connections. • NAT. NAT is the technology which allows all inbound firewall rules when switching between NAT and Classical Routing. ...8226; If you only have a valid Internet IP address. for example, your external Internet connections; The Router uses NAT to select the correct PC (on your ISP has assigned only one IP address to share a single Internet IP address. NAT is the default. 3. Select NAT if your LAN) to...
FVS338 Reference Manual
Page 38
...that allows routers with varying public IP addresses to an IP address. Once you have both ISP links connected for Internet connectivity, check the Primary Broadband with Dialup as backup for detecting WAN failure • Select Ping to this destination host is 4. 7. The default is detected...link failure if you have a fixed or dynamic IP address.) 2-14 Connecting the FVS338 to the previous settings. Configuring Dynamic DNS (If Needed) Note: If your settings or Cancel to revert to the Internet v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual • If you must be ...
...that allows routers with varying public IP addresses to an IP address. Once you have both ISP links connected for Internet connectivity, check the Primary Broadband with Dialup as backup for detecting WAN failure • Select Ping to this destination host is 4. 7. The default is detected...link failure if you have a fixed or dynamic IP address.) 2-14 Connecting the FVS338 to the previous settings. Configuring Dynamic DNS (If Needed) Note: If your settings or Cancel to revert to the Internet v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual • If you must be ...
FVS338 Reference Manual
Page 41
... Groups and Routing (Static IP) features of your ProSafe VPN Firewall 50, including the following parameters to any LAN device that requests DHCP: • An IP Address from a pool of addresses specified in Appendix C, "Related Documents" for devices with fixed addresses. For most applications, the default DHCP and TCP/IP settings of the firewall are available for your network...
... Groups and Routing (Static IP) features of your ProSafe VPN Firewall 50, including the following parameters to any LAN device that requests DHCP: • An IP Address from a pool of addresses specified in Appendix C, "Related Documents" for devices with fixed addresses. For most applications, the default DHCP and TCP/IP settings of the firewall are available for your network...
FVS338 Reference Manual
Page 42
...However, when the DNS proxy is not located on your clients would only be sent over routers that do not support forwarding of these types of the active connection. The default values are advanced settings most users and situations. Configuring the LAN Setup Options The LAN...messages to configure a secondary or "multi-home" LAN IP setup in the WAN settings page). the box's LAN IP. These are suitable for a DHCP server somewhere else on the local subnet. If you to your DHCP server. FVS338 ProSafe VPN Firewall 50 Reference Manual • WINS Server (if you have...
...However, when the DNS proxy is not located on your clients would only be sent over routers that do not support forwarding of these types of the active connection. The default values are advanced settings most users and situations. Configuring the LAN Setup Options The LAN...messages to configure a secondary or "multi-home" LAN IP setup in the WAN settings page). the box's LAN IP. These are suitable for a DHCP server somewhere else on the local subnet. If you to your DHCP server. FVS338 ProSafe VPN Firewall 50 Reference Manual • WINS Server (if you have...
FVS338 Reference Manual
Page 43
... is optional). Enable DHCP Server is selected, enter the following parameters: a. FVS338 ProSafe VPN Firewall 50 Reference Manual 1. Unless you will manually configure all computers connected to the router's LAN. Enter the IP Subnet Mask. If Enabled is the default. Check the Enable DHCP Server radio button. LAN Configuration 3-3 v1.0, March 2009 Enter the Domain Name of an...
... is optional). Enable DHCP Server is selected, enter the following parameters: a. FVS338 ProSafe VPN Firewall 50 Reference Manual 1. Unless you will manually configure all computers connected to the router's LAN. Enter the IP Subnet Mask. If Enabled is the default. Check the Enable DHCP Server radio button. LAN Configuration 3-3 v1.0, March 2009 Enter the Domain Name of an...
FVS338 Reference Manual
Page 44
...Configuration v1.0, March 2009 Enter a WINS Server IP address. This box can specify the Windows NetBios Server IP if one is the default start address. e. g. FVS338 ProSafe VPN Firewall 50 Reference Manual b. Enter the Ending IP Address. Note: The Starting and Ending DHCP ...IP Address for which IP addresses will provide this address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is the default ending address. You must enter http://10.0.0.1 in your network. For example, if you change the LAN IP address of the router (the IP...
...Configuration v1.0, March 2009 Enter a WINS Server IP address. This box can specify the Windows NetBios Server IP if one is the default start address. e. g. FVS338 ProSafe VPN Firewall 50 Reference Manual b. Enter the Ending IP Address. Note: The Starting and Ending DHCP ...IP Address for which IP addresses will provide this address as the primary DNS server IP address. • Secondary DNS Server. (Optional) If an IP address is the default ending address. You must enter http://10.0.0.1 in your network. For example, if you change the LAN IP address of the router (the IP...
FVS338 Reference Manual
Page 49
...The MAC address should be appended to the first group (Group 1). By default, a computer is Reserved (DHCP Client), the router will reserve the IP address for easier management. LAN Configuration 3-9 v1.0, March 2009 Computers that this IP address will be edited manually for the associated MAC address. • MAC ... selected entry. To edit the names of any of the computer or device. FVS338 ProSafe VPN Firewall 50 Reference Manual • Name: The name of the eight available groups: 1. Select Fixed (Set on PC) if the IP address is be in the form: xx:xx:xx:xx:xx:xx (for...
...The MAC address should be appended to the first group (Group 1). By default, a computer is Reserved (DHCP Client), the router will reserve the IP address for easier management. LAN Configuration 3-9 v1.0, March 2009 Computers that this IP address will be edited manually for the associated MAC address. • MAC ... selected entry. To edit the names of any of the computer or device. FVS338 ProSafe VPN Firewall 50 Reference Manual • Name: The name of the eight available groups: 1. Select Fixed (Set on PC) if the IP address is be in the form: xx:xx:xx:xx:xx:xx (for...
FVS338 Reference Manual
Page 52
...Interior Gateway Protocol (IGP) and is activated. FVS338 ProSafe VPN Firewall 50 Reference Manual • You have an ISDN firewall on your home network for connecting to the company where you are employed, and the request will likely be denied by default. 3-12 v1.0, March 2009 LAN Configuration ...: • The Destination IP Address and IP Subnet Mask fields specify that this configuration, if you first configured your firewall, two implicit static routes were created. It allows a router to exchange its routing tables and adapt to the ISDN firewall at 192.168.1.100. The...
...Interior Gateway Protocol (IGP) and is activated. FVS338 ProSafe VPN Firewall 50 Reference Manual • You have an ISDN firewall on your home network for connecting to the company where you are employed, and the request will likely be denied by default. 3-12 v1.0, March 2009 LAN Configuration ...: • The Destination IP Address and IP Subnet Mask fields specify that this configuration, if you first configured your firewall, two implicit static routes were created. It allows a router to exchange its routing tables and adapt to the ISDN firewall at 192.168.1.100. The...
FVS338 Reference Manual
Page 57
...by schedule, otherwise Allow" or "ALLOW by schedule, otherwise Block" is not blocked by the Default rule. These settings determine which computers on page 4-17). Enter the required address in the list,...the desired service or application does not appear in the start and finish fields. • Groups - FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-1. If this rule to apply to Block or Allow Specific Traffic" on page 3-6....outgoing connections covered by another rule. All Internet IP address are only useful if the traffic is currently blocked by this rule. All PCs ...
...by schedule, otherwise Allow" or "ALLOW by schedule, otherwise Block" is not blocked by the Default rule. These settings determine which computers on page 4-17). Enter the required address in the list,...the desired service or application does not appear in the start and finish fields. • Groups - FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-1. If this rule to apply to Block or Allow Specific Traffic" on page 3-6....outgoing connections covered by another rule. All Internet IP address are only useful if the traffic is currently blocked by this rule. All PCs ...
FVS338 Reference Manual
Page 58
FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-1. Outbound Rules Fields (continued) Item QoS Priority Log Description This setting determines the priority of a service, which in the LAN Groups menu (under Network Configuration) so that would otherwise be applied to one IP address to the Internet. ...- always log traffic considered by your ISP (DHCP enabled), the IP address may change when the PC is assigned by the firewall. 4-4 Firewall Protection and Content Filtering v1.0, March 2009 By default, the priority shown is that of that service for yet another ...
FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-1. Outbound Rules Fields (continued) Item QoS Priority Log Description This setting determines the priority of a service, which in the LAN Groups menu (under Network Configuration) so that would otherwise be applied to one IP address to the Internet. ...- always log traffic considered by your ISP (DHCP enabled), the IP address may change when the PC is assigned by the firewall. 4-4 Firewall Protection and Content Filtering v1.0, March 2009 By default, the priority shown is that of that service for yet another ...
FVS338 Reference Manual
Page 59
... Services menu (see "Adding Customized Services" on page 4-19. See "Specifying Quality of the WAN1 or WAN2 ports or another public IP address. By default, the priority shown is the public IP address that service for packets covered by this rule: • BLOCK always • BLOCK by schedule, otherwise Allow • ALLOW always... service or application does not appear in turn, determines the quality of the service will be the address of Service (QoS) Priorities" on page 4-17). FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-2.
... Services menu (see "Adding Customized Services" on page 4-19. See "Specifying Quality of the WAN1 or WAN2 ports or another public IP address. By default, the priority shown is the public IP address that service for packets covered by this rule: • BLOCK always • BLOCK by schedule, otherwise Allow • ALLOW always... service or application does not appear in turn, determines the quality of the service will be the address of Service (QoS) Priorities" on page 4-17). FVS338 ProSafe VPN Firewall 50 Reference Manual Table 4-2.
FVS338 Reference Manual
Page 62
FVS338 ProSafe VPN Firewall 50 Reference Manual • Up - A check will be listed on the Outbound Services table. 4-8 Firewall Protection and Content Filtering v1.0, March 2009 You can ...rule. The new rule will appear in the radio box for Advanced Administrators only! to the default rules. Click Select All to move the rule down one position in the table rank. 2....screen, and save your specific needs (see Table 4-1 on the service or application, source or destination IP addresses, and time of day. to select all rules. Click Apply to disable the rule. Check...
FVS338 ProSafe VPN Firewall 50 Reference Manual • Up - A check will be listed on the Outbound Services table. 4-8 Firewall Protection and Content Filtering v1.0, March 2009 You can ...rule. The new rule will appear in the radio box for Advanced Administrators only! to the default rules. Click Select All to move the rule down one position in the table rank. 2....screen, and save your specific needs (see Table 4-1 on the service or application, source or destination IP addresses, and time of day. to select all rules. Click Apply to disable the rule. Check...
FVS338 Reference Manual
Page 63
...the Inbound Services Table. Figure 4-3 LAN WAN Inbound Services Rules This Inbound Services Rules table lists all WAN addresses or specific IP addresses are included in the rule. WAN Users: Whether all existing rules for inbound traffic. Click Apply to save your settings ... screen (see Table 4-2 on this screen. Click Apply to cancel your settings. To create a new inbound service rule: 1. FVS338 ProSafe VPN Firewall 50 Reference Manual . By default, all inbound traffic is blocked. Click Reset to save your changes and reset the fields on page 4-5). 3. The new rule will...
...the Inbound Services Table. Figure 4-3 LAN WAN Inbound Services Rules This Inbound Services Rules table lists all WAN addresses or specific IP addresses are included in the rule. WAN Users: Whether all existing rules for inbound traffic. Click Apply to save your settings ... screen (see Table 4-2 on this screen. Click Apply to cancel your settings. To create a new inbound service rule: 1. FVS338 ProSafe VPN Firewall 50 Reference Manual . By default, all inbound traffic is blocked. Click Reset to save your changes and reset the fields on page 4-5). 3. The new rule will...
FVS338 Reference Manual
Page 109
.... Enable Keep Alive: Check to keep the tunnel alive. - Detection period: Router sends ping packets periodically at regular intervals of the VPN policy associated with this policy. (The VPN Wizard default requires the remote LAN IP address and subnet mask for a gateway policy). • AH. The name ...addresses to be covered by selecting VPN from the main menu and Connection Status from (or to) these addresses to be covered by this policy. (Subnet address is shown on the peer side of all active IKE Policies to be sent. - FVS338 ProSafe VPN Firewall 50 Reference Manual • ! ...
.... Enable Keep Alive: Check to keep the tunnel alive. - Detection period: Router sends ping packets periodically at regular intervals of the VPN policy associated with this policy. (The VPN Wizard default requires the remote LAN IP address and subnet mask for a gateway policy). • AH. The name ...addresses to be covered by selecting VPN from the main menu and Connection Status from (or to) these addresses to be covered by this policy. (Subnet address is shown on the peer side of all active IKE Policies to be sent. - FVS338 ProSafe VPN Firewall 50 Reference Manual • ! ...
FVS338 Reference Manual
Page 46
... the default IP address 192.168.1.1 to 10.0.0.1, you will be disconnected. Configuring Multi-Home LAN IPs If you have computers using different IP networks in again. FVS338 ProSafe VPN Firewall 50 Reference Manual The feature is enabled, then clients can add aliases to the LAN port and give computers on those requests to the DNS servers of the router...
... the default IP address 192.168.1.1 to 10.0.0.1, you will be disconnected. Configuring Multi-Home LAN IPs If you have computers using different IP networks in again. FVS338 ProSafe VPN Firewall 50 Reference Manual The feature is enabled, then clients can add aliases to the LAN port and give computers on those requests to the DNS servers of the router...
FVS338 Reference Manual
Page 101
...Traffic must be covered by this policy. (The VPN Wizard default requires the remote LAN IP address and subnet mask for each active IPSec SA (Security Association): • Policy Name. VPN Tunnel Connection Status Recent VPN tunnel activity is the default IP address when using the VPN Wizard). • Remote. Phase 1 is "...IPSec (SA)s table also lists current data for a gateway policy). • AH. This specifies the authentication protocol for the VPN header (VPN Wizard default is "Key Exchange phase". • Action. FVS338 ProSafe VPN Firewall 50 Reference Manual -
...Traffic must be covered by this policy. (The VPN Wizard default requires the remote LAN IP address and subnet mask for each active IPSec SA (Security Association): • Policy Name. VPN Tunnel Connection Status Recent VPN tunnel activity is the default IP address when using the VPN Wizard). • Remote. Phase 1 is "...IPSec (SA)s table also lists current data for a gateway policy). • AH. This specifies the authentication protocol for the VPN header (VPN Wizard default is "Key Exchange phase". • Action. FVS338 ProSafe VPN Firewall 50 Reference Manual -