FVS338 Reference Manual
Page 2
All rights reserved. EU Regulatory Compliance Statement ProSafe VPN Firewall 50 is connected. • Consult the dealer or an experienced radio/TV technician for help. Testsender) kann jedoch gewissen Beschränkungen unterliegen. NETGEAR does not assume any liability that to which the ... the equipment and receiver. • Connect the equipment into an outlet on , the user is no guarantee that the ProSafe VPN Firewall 50 has been suppressed in accordance with the limits for example, test transmitters) in der Betriebsanleitung. Federal Communications Commission (FCC) ...
All rights reserved. EU Regulatory Compliance Statement ProSafe VPN Firewall 50 is connected. • Consult the dealer or an experienced radio/TV technician for help. Testsender) kann jedoch gewissen Beschränkungen unterliegen. NETGEAR does not assume any liability that to which the ... the equipment and receiver. • Connect the equipment into an outlet on , the user is no guarantee that the ProSafe VPN Firewall 50 has been suppressed in accordance with the limits for example, test transmitters) in der Betriebsanleitung. Federal Communications Commission (FCC) ...
FVS338 Reference Manual
Page 9
... a Secure Connection 5-7 Testing the Connections and Viewing Status Information 5-11 NETGEAR VPN Client Status and Log Information 5-11 FVS338 VPN Connection Status and Logs 5-13 IKE Policies ...5-14 IKE Policy Operation 5-14 IKE Policy Table ...5-15 VPN Policies ...5-16 VPN Policy Operation 5-16 VPN Policy Table ...5-16 VPN Tunnel Connection Status 5-17 Extended Authentication (XAUTH) Configuration 5-18 Configuring...
... a Secure Connection 5-7 Testing the Connections and Viewing Status Information 5-11 NETGEAR VPN Client Status and Log Information 5-11 FVS338 VPN Connection Status and Logs 5-13 IKE Policies ...5-14 IKE Policy Operation 5-14 IKE Policy Table ...5-15 VPN Policies ...5-16 VPN Policy Operation 5-16 VPN Policy Table ...5-16 VPN Tunnel Connection Status 5-17 Extended Authentication (XAUTH) Configuration 5-18 Configuring...
FVS338 Reference Manual
Page 13
... text Command prompt, CLI text, code URL links • Formats. The information in a malfunction or damage to install, configure and troubleshoot the ProSafe VPN Firewall 50. This manual uses the following formats to highlight special messages: Note: This format is intended for readers with intermediate computer and Internet skills. This ...highlight information of note may result in this type of importance or special interest. xiii v1.0, March 2009 About This Manual The NETGEAR® ProSafe™ VPN Firewall 50 FVS338 Reference Manual describes how to the equipment.
... text Command prompt, CLI text, code URL links • Formats. The information in a malfunction or damage to install, configure and troubleshoot the ProSafe VPN Firewall 50. This manual uses the following formats to highlight special messages: Note: This format is intended for readers with intermediate computer and Internet skills. This ...highlight information of note may result in this type of importance or special interest. xiii v1.0, March 2009 About This Manual The NETGEAR® ProSafe™ VPN Firewall 50 FVS338 Reference Manual describes how to the equipment.
FVS338 Reference Manual
Page 14
... • DHCP Relay support • Update VPN configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv About This Manual v1.0, March 2009 Session Limits; Dead Peer Detection; FVS338 ProSafe VPN Firewall 50 Reference Manual Danger: This is a safety warning...features: IP/MAC Binding; For more information about network, Internet, firewall, and VPN technologies, see the links to take heed of this product are available on the NETGEAR, Inc. Bandwidth Limits; Failure to the NETGEAR website in personal injury or death.
... • DHCP Relay support • Update VPN configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv About This Manual v1.0, March 2009 Session Limits; Dead Peer Detection; FVS338 ProSafe VPN Firewall 50 Reference Manual Danger: This is a safety warning...features: IP/MAC Binding; For more information about network, Internet, firewall, and VPN technologies, see the links to take heed of this product are available on the NETGEAR, Inc. Bandwidth Limits; Failure to the NETGEAR website in personal injury or death.
FVS338 Reference Manual
Page 15
Chapter 1 Introduction The ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. For example, the FVS338 provides support for Stateful Packet Inspection, Denial of Service (QoS) support for a local network. This chapter ... alerts-both, via e-mail. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-6 • "Router Hardware Components" on page 1-6 •...
Chapter 1 Introduction The ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. For example, the FVS338 provides support for Stateful Packet Inspection, Denial of Service (QoS) support for a local network. This chapter ... alerts-both, via e-mail. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-6 • "Router Hardware Components" on page 1-6 •...
FVS338 Reference Manual
Page 16
...email address or email pager whenever a significant event occurs. • With its URL keyword filtering feature, the FVS338 prevents objectionable content from your PCs. FVS338 ProSafe VPN Firewall 50 Reference Manual • Built in 8-port 10/100 Mbps switch. • Extensive Protocol Support. • ...ports, including: • Internet access via the serial port on the firewall. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to Internet locations or services that you at ...
...email address or email pager whenever a significant event occurs. • With its URL keyword filtering feature, the FVS338 prevents objectionable content from your PCs. FVS338 ProSafe VPN Firewall 50 Reference Manual • Built in 8-port 10/100 Mbps switch. • Extensive Protocol Support. • ...ports, including: • Internet access via the serial port on the firewall. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to Internet locations or services that you at ...
FVS338 Reference Manual
Page 17
...-user ISP account. That port will accommodate either a 10 Mbps standard Ethernet network or a 100 Mbps Fast Ethernet network. Introduction 1-3 v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual Security The VPN firewall is equipped with several networked PCs to share an Internet account using only a single IP address, which you have a 'normal' connection such as...
...-user ISP account. That port will accommodate either a 10 Mbps standard Ethernet network or a 100 Mbps Fast Ethernet network. Introduction 1-3 v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual Security The VPN firewall is equipped with several networked PCs to share an Internet account using only a single IP address, which you have a 'normal' connection such as...
FVS338 Reference Manual
Page 18
FVS338 ProSafe VPN Firewall 50 Reference Manual • Automatic Configuration of ISP account. • VPN Wizard. When DHCP is enabled and no DNS addresses are interoperable with other VPNC-compliant VPN routers and clients. • SNMP. This feature eliminates the need to run a login program such as a DNS server to ensure the VPN tunnels are specified, the firewall provides its status...
FVS338 ProSafe VPN Firewall 50 Reference Manual • Automatic Configuration of ISP account. • VPN Wizard. When DHCP is enabled and no DNS addresses are interoperable with other VPNC-compliant VPN routers and clients. • SNMP. This feature eliminates the need to run a login program such as a DNS server to ensure the VPN tunnels are specified, the firewall provides its status...
FVS338 Reference Manual
Page 19
FVS338 ProSafe VPN Firewall 50 Reference Manual Maintenance and Support NETGEAR offers the following features to help you maximize your use of the VPN firewall: • Flash memory for firmware upgrade • Free technical support seven days a week, twenty-four hours a day Introduction 1-5 v1.0, March 2009
FVS338 ProSafe VPN Firewall 50 Reference Manual Maintenance and Support NETGEAR offers the following features to help you maximize your use of the VPN firewall: • Flash memory for firmware upgrade • Free technical support seven days a week, twenty-four hours a day Introduction 1-5 v1.0, March 2009
FVS338 Reference Manual
Page 20
... return the firewall for installing the FVS338 using the rack mounting hardware. Router Front Panel The ProSafe VPN Firewall 50 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. Application Notes and other helpful information. - FVS338 ProSafe VPN Firewall 50 Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall 50. • AC...
... return the firewall for installing the FVS338 using the rack mounting hardware. Router Front Panel The ProSafe VPN Firewall 50 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. Application Notes and other helpful information. - FVS338 ProSafe VPN Firewall 50 Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall 50. • AC...
FVS338 Reference Manual
Page 21
... no link. The WAN port has no link. The WAN port is not supplied to the router. Data is being transmitted or received by the WAN port. The LAN port is operating at 100 Mbps. FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. Server...
... no link. The WAN port has no link. The WAN port is not supplied to the router. Data is being transmitted or received by the WAN port. The LAN port is operating at 100 Mbps. FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. Server...
FVS338 Reference Manual
Page 22
...-45 WAN port, N-way automatic speed negotiation, Auto MDI/MDIX. • On/Off switch • DC power in (12 VDC, 1.2A) 1-8 Introduction v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual Router Rear Panel The rear panel of the ProSafe VPN Firewall 50 (Figure 1-2) contains the On/Off switch and AC power connection.
...-45 WAN port, N-way automatic speed negotiation, Auto MDI/MDIX. • On/Off switch • DC power in (12 VDC, 1.2A) 1-8 Introduction v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual Router Rear Panel The rear panel of the ProSafe VPN Firewall 50 (Figure 1-2) contains the On/Off switch and AC power connection.
FVS338 Reference Manual
Page 23
Go to the FVS338 once it is connected: 1. Figure 1-4 2. Factory Default Login FVS338 ProSafe VPN Firewall 50 Reference Manual Check the label on the bottom of the FVS338's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-3 To log in to http://192.168.1.1. Enter admin for User Name and password for Password Introduction 1-9 v1.0, March 2009
Go to the FVS338 once it is connected: 1. Figure 1-4 2. Factory Default Login FVS338 ProSafe VPN Firewall 50 Reference Manual Check the label on the bottom of the FVS338's enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the Web-based GUI from the LAN • User name: admin • Password: password LAN IP Address User Name Password Figure 1-3 To log in to http://192.168.1.1. Enter admin for User Name and password for Password Introduction 1-9 v1.0, March 2009
FVS338 Reference Manual
Page 24
FVS338 ProSafe VPN Firewall 50 Reference Manual 1-10 v1.0, March 2009 Introduction
FVS338 ProSafe VPN Firewall 50 Reference Manual 1-10 v1.0, March 2009 Introduction
FVS338 Reference Manual
Page 25
... to the IFVS338 ProSafe VPN Firewall 50 Installation Guide (a copy is also available on page 2-14 Setting up VPN tunnels are covered in Chapter 5, "Virtual Private Networking": Connecting the VPN Firewall to Your Network To physically connect your VPN firewall, refer to the VPN firewall: Step 1.Open a Internet Explorer, Netscape® Navigator, or Firefox browser. Chapter 2 Connecting the FVS338 to the Internet...
... to the IFVS338 ProSafe VPN Firewall 50 Installation Guide (a copy is also available on page 2-14 Setting up VPN tunnels are covered in Chapter 5, "Virtual Private Networking": Connecting the VPN Firewall to Your Network To physically connect your VPN firewall, refer to the VPN firewall: Step 1.Open a Internet Explorer, Netscape® Navigator, or Firefox browser. Chapter 2 Connecting the FVS338 to the Internet...
FVS338 Reference Manual
Page 26
... main menu and WAN Settings from the WAN Settings menu. Configuring your Internet Connection You can configure both in lower case letters.The firewall user name and password are not the same as any user name or password you enable remote management, change your Internet connection. ...both Broadband ISP Settings and Dialup ISP Settings.from the submenu. The Broadband ISP Settings screen will display. Figure 2-2 2-2 Connecting the FVS338 to a more information on page 6-7). The Broadband ISP Settings screen will display. FVS338 ProSafe VPN Firewall 50 Reference Manual 2.
... main menu and WAN Settings from the WAN Settings menu. Configuring your Internet Connection You can configure both in lower case letters.The firewall user name and password are not the same as any user name or password you enable remote management, change your Internet connection. ...both Broadband ISP Settings and Dialup ISP Settings.from the submenu. The Broadband ISP Settings screen will display. Figure 2-2 2-2 Connecting the FVS338 to a more information on page 6-7). The Broadband ISP Settings screen will display. FVS338 ProSafe VPN Firewall 50 Reference Manual 2.
FVS338 Reference Manual
Page 27
...2-1. Figure 2-3 If Auto Detect does not find a connection, you will be prompted to check the physical connection between your firewall and the cable or DSL line or to automatically detect the type of Internet connection provided by your ISP will probe for...the Internet 2-3 v1.0, March 2009 Auto Detect will most likely support. No data is required. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Click Connect if connection not already present. Connecting the FVS338 to verify your Router's MAC address (see "Setting the Router's MAC Address (Advanced Options)" on page 2-6).
...2-1. Figure 2-3 If Auto Detect does not find a connection, you will be prompted to check the physical connection between your firewall and the cable or DSL line or to automatically detect the type of Internet connection provided by your ISP will probe for...the Internet 2-3 v1.0, March 2009 Auto Detect will most likely support. No data is required. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Click Connect if connection not already present. Connecting the FVS338 to verify your Router's MAC address (see "Setting the Router's MAC Address (Advanced Options)" on page 2-6).
FVS338 Reference Manual
Page 28
...Since the Dialup ISP Settings must be used to log in setting up the traffic meter for the dialup ISP 2-4 Connecting the FVS338 to access the Internet connection using a dialup modem. Account/User name: Enter the account name or the user name provided by ... you can continue with the configuration of your ISP. Password: The account password for ISP1 if desired. Figure 2-4 2. b. Set up the router to the Internet v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual 4. The Dialup Settings screen will need all of the dialup ISP serial WAN interface.
...Since the Dialup ISP Settings must be used to log in setting up the traffic meter for the dialup ISP 2-4 Connecting the FVS338 to access the Internet connection using a dialup modem. Account/User name: Enter the account name or the user name provided by ... you can continue with the configuration of your ISP. Password: The account password for ISP1 if desired. Figure 2-4 2. b. Set up the router to the Internet v1.0, March 2009 FVS338 ProSafe VPN Firewall 50 Reference Manual 4. The Dialup Settings screen will need all of the dialup ISP serial WAN interface.
FVS338 Reference Manual
Page 29
FVS338 ProSafe VPN Firewall 50 Reference Manual c. radios box for connectivity. The router will be configured to use for your modem's user manual. To connect manually, click the DIAL-Up Status link at the top and then ...available (optional). 3. Modem Type: If your Dial-up . Specify the idle minute amount. DialUp ISPs usually assign the IP address automatically when connecting. b. The VPN firewall can automatically dial to use ISP assigned DNS server addresses (default). Internet (IP Address). Robotics 56K FAX EXT PnP selection should work , select User Defined...
FVS338 ProSafe VPN Firewall 50 Reference Manual c. radios box for connectivity. The router will be configured to use for your modem's user manual. To connect manually, click the DIAL-Up Status link at the top and then ...available (optional). 3. Modem Type: If your Dial-up . Specify the idle minute amount. DialUp ISPs usually assign the IP address automatically when connecting. b. The VPN firewall can automatically dial to use ISP assigned DNS server addresses (default). Internet (IP Address). Robotics 56K FAX EXT PnP selection should work , select User Defined...
FVS338 Reference Manual
Page 30
...this is either : a. This is a number from the submenu and click the Advanced link. To Change the Router Default MAC Address Step 1.Select Network Configuration from the main menu, Broadband ISP Settings from 0 to configure additional...FVS338. Tip: If you experience connectivity problems with your network has a unique 48-bit local Ethernet address. select Pulse for the Dialup ISP if desired (see "Programming the Traffic Meter (if Desired)" on the following criteria: • MTU Size. Select Other - Use this screen, based on page 2-11). FVS338 ProSafe VPN Firewall 50...
...this is either : a. This is a number from the submenu and click the Advanced link. To Change the Router Default MAC Address Step 1.Select Network Configuration from the main menu, Broadband ISP Settings from 0 to configure additional...FVS338. Tip: If you experience connectivity problems with your network has a unique 48-bit local Ethernet address. select Pulse for the Dialup ISP if desired (see "Programming the Traffic Meter (if Desired)" on the following criteria: • MTU Size. Select Other - Use this screen, based on page 2-11). FVS338 ProSafe VPN Firewall 50...