FVS338 Reference Manual
Page 7
... Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-6 Router Hardware Components 1-6 Router Front Panel 1-6 Router Rear Panel 1-8 Factory Default Login ...1-9 Chapter 2 Connecting the FVS338 to the Internet Connecting the VPN Firewall to Your Network 2-1 Logging in to the VPN Firewall 2-1 Configuring your Internet Connection 2-2 Broadband ISP Settings 2-2 Dialup ISP Serial WAN port Settings 2-4 Setting...
... Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-6 Router Hardware Components 1-6 Router Front Panel 1-6 Router Rear Panel 1-8 Factory Default Login ...1-9 Chapter 2 Connecting the FVS338 to the Internet Connecting the VPN Firewall to Your Network 2-1 Logging in to the VPN Firewall 2-1 Configuring your Internet Connection 2-2 Broadband ISP Settings 2-2 Dialup ISP Serial WAN port Settings 2-4 Setting...
FVS338 Reference Manual
Page 9
... Status Information 5-11 NETGEAR VPN Client Status and Log Information 5-11 FVS338 VPN Connection Status and Logs 5-13 IKE Policies ...5-14 IKE Policy Operation 5-14 IKE Policy Table ...5-15 VPN Policies ...5-16 VPN Policy Operation 5-16 VPN Policy Table ...5-16 VPN Tunnel Connection Status 5-17 Extended Authentication (XAUTH) Configuration 5-18 Configuring XAUTH for VPN Clients 5-19 User Database Configuration 5-20 RADIUS Client...
... Status Information 5-11 NETGEAR VPN Client Status and Log Information 5-11 FVS338 VPN Connection Status and Logs 5-13 IKE Policies ...5-14 IKE Policy Operation 5-14 IKE Policy Table ...5-15 VPN Policies ...5-16 VPN Policy Operation 5-16 VPN Policy Table ...5-16 VPN Tunnel Connection Status 5-17 Extended Authentication (XAUTH) Configuration 5-18 Configuring XAUTH for VPN Clients 5-19 User Database Configuration 5-20 RADIUS Client...
FVS338 Reference Manual
Page 10
...List (CRL 5-36 Chapter 6 Router and Network Management Performance Management 6-1 VPN Firewall Features That Reduce Traffic 6-1 Service Blocking 6-1 Block Sites ...6-3 Source MAC Filtering 6-4 VPN Firewall Features That Increase Traffic 6-4 Port Forwarding 6-4 Port Triggering 6-6 VPN Tunnels ...6-6 Using QoS to Shift...Router 6-18 Enabling the Traffic Meter 6-19 Setting Login Failures and Attacks Notification 6-20 Viewing Port Triggering Status 6-22 Viewing Router Configuration and System Status 6-23 Monitoring WAN Ports Status 6-24 Monitoring VPN Tunnel Connection Status 6-25 VPN ...
...List (CRL 5-36 Chapter 6 Router and Network Management Performance Management 6-1 VPN Firewall Features That Reduce Traffic 6-1 Service Blocking 6-1 Block Sites ...6-3 Source MAC Filtering 6-4 VPN Firewall Features That Increase Traffic 6-4 Port Forwarding 6-4 Port Triggering 6-6 VPN Tunnels ...6-6 Using QoS to Shift...Router 6-18 Enabling the Traffic Meter 6-19 Setting Login Failures and Attacks Notification 6-20 Viewing Port Triggering Status 6-22 Viewing Router Configuration and System Status 6-23 Monitoring WAN Ports Status 6-24 Monitoring VPN Tunnel Connection Status 6-25 VPN ...
FVS338 Reference Manual
Page 13
... type of this manual is used to install, configure and troubleshoot the ProSafe VPN Firewall 50. Conventions, Formats and Scope The conventions, formats, and scope of note may result in this manual are described in the following paragraphs. • Typographical Conventions. About This Manual The NETGEAR® ProSafe™ VPN Firewall 50 FVS338 Reference Manual describes how to highlight a procedure that...
... type of this manual is used to install, configure and troubleshoot the ProSafe VPN Firewall 50. Conventions, Formats and Scope The conventions, formats, and scope of note may result in this manual are described in the following paragraphs. • Typographical Conventions. About This Manual The NETGEAR® ProSafe™ VPN Firewall 50 FVS338 Reference Manual describes how to highlight a procedure that...
FVS338 Reference Manual
Page 14
...Updated features New features: IP/MAC Binding; Oray support Document corrections Document additions to the NETGEAR website in personal injury or death. Session Limits; FVS338 ProSafe VPN Firewall 50 Reference Manual Danger: This is a safety warning. Bandwidth Limits; IKE Keep Alive; For...; DHCP Relay support • Update VPN configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv About This Manual v1.0, March 2009 website at http://kbserver.netgear.com/products/FVS338.asp. Dead Peer Detection; Note: ...
...Updated features New features: IP/MAC Binding; Oray support Document corrections Document additions to the NETGEAR website in personal injury or death. Session Limits; FVS338 ProSafe VPN Firewall 50 Reference Manual Danger: This is a safety warning. Bandwidth Limits; IKE Keep Alive; For...; DHCP Relay support • Update VPN configuration procedure topics • Update the Certificate management topic • Correct the firewall scheduling topic xiv About This Manual v1.0, March 2009 website at http://kbserver.netgear.com/products/FVS338.asp. Dead Peer Detection; Note: ...
FVS338 Reference Manual
Page 15
For example, the FVS338 provides support for Stateful Packet Inspection, Denial of Service (QoS) support for a local network. Network administrators can be installed and configured within minutes. This chapter contains the ...ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-6 • "Router...
For example, the FVS338 provides support for Stateful Packet Inspection, Denial of Service (QoS) support for a local network. Network administrators can be installed and configured within minutes. This chapter contains the ...ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following sections: • "Key Features" on page 1-1 • "Package Contents" on page 1-6 • "Router...
FVS338 Reference Manual
Page 16
...administrator logins. You can also configure the firewall to send immediate alert messages to the serial port If the broadband Internet connection fails, after waiting for an pre-specified amount of routing options on the firewall. FVS338 ProSafe VPN Firewall 50 Reference Manual • Built ... addresses. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to access objectionable Internet sites. 1-2 Introduction v1.0, March 2009 The firewall allows you to control access ...
...administrator logins. You can also configure the firewall to send immediate alert messages to the serial port If the broadband Internet connection fails, after waiting for an pre-specified amount of routing options on the firewall. FVS338 ProSafe VPN Firewall 50 Reference Manual • Built ... addresses. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to access objectionable Internet sites. 1-2 Introduction v1.0, March 2009 The firewall allows you to control access ...
FVS338 Reference Manual
Page 17
FVS338 ProSafe VPN Firewall 50 Reference Manual Security The VPN firewall is equipped with several networked PCs to a PC or an 'uplink' connection such as NAT, allows the use of ports. • Exposed Host (Software DMZ). Although NAT prevents Internet locations from directly accessing the PCs on the LAN, the firewall...' connection such as to share an Internet account using only a single IP address, which you can have configured an inbound rule. The VPN firewall allows several features designed to maintain security, as described in this traffic, you have it forwarded to either type...
FVS338 ProSafe VPN Firewall 50 Reference Manual Security The VPN firewall is equipped with several networked PCs to a PC or an 'uplink' connection such as NAT, allows the use of ports. • Exposed Host (Software DMZ). Although NAT prevents Internet locations from directly accessing the PCs on the LAN, the firewall...' connection such as to share an Internet account using only a single IP address, which you can have configured an inbound rule. The VPN firewall allows several features designed to maintain security, as described in this traffic, you have it forwarded to either type...
FVS338 Reference Manual
Page 18
... over Ethernet (PPPoE). Easy Installation and Management You can install, configure, and operate the ProSafe VPN Firewall 50 within minutes after connecting it to ensure the VPN tunnels are specified, the firewall provides its status and activity. 1-4 Introduction v1.0, March 2009 The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network...
... over Ethernet (PPPoE). Easy Installation and Management You can install, configure, and operate the ProSafe VPN Firewall 50 within minutes after connecting it to ensure the VPN tunnels are specified, the firewall provides its status and activity. 1-4 Introduction v1.0, March 2009 The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network...
FVS338 Reference Manual
Page 25
... connect your VPN firewall, refer to the IFVS338 ProSafe VPN Firewall 50 Installation Guide (a copy is also available on page 2-14 Setting up VPN tunnels are covered in the address field. Chapter 2 Connecting the FVS338 to the Internet This section provides instructions for connecting the VPN firewall, including these topics: • "Connecting the VPN Firewall to Your Network" on page 2-1 • "Configuring the...
... connect your VPN firewall, refer to the IFVS338 ProSafe VPN Firewall 50 Installation Guide (a copy is also available on page 2-14 Setting up VPN tunnels are covered in the address field. Chapter 2 Connecting the FVS338 to the Internet This section provides instructions for connecting the VPN firewall, including these topics: • "Connecting the VPN Firewall to Your Network" on page 2-1 • "Configuring the...
FVS338 Reference Manual
Page 26
... name and password are not the same as any user name or password you enable remote management, change your Internet connection. 3. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Note: See "Enabling Remote Management Access" on page 6-7). Enter admin for the User Name and password for more... the Password, both Broadband ISP Settings and Dialup ISP Settings.from the submenu. The Broadband ISP Settings screen will display. Configuring your Internet Connection You can configure both in to your password to the Internet v1.0, March 2009 Broadband ISP Settings Step 1.Select Network...
... name and password are not the same as any user name or password you enable remote management, change your Internet connection. 3. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Note: See "Enabling Remote Management Access" on page 6-7). Enter admin for the User Name and password for more... the Password, both Broadband ISP Settings and Dialup ISP Settings.from the submenu. The Broadband ISP Settings screen will display. Configuring your Internet Connection You can configure both in to your password to the Internet v1.0, March 2009 Broadband ISP Settings Step 1.Select Network...
FVS338 Reference Manual
Page 28
... Configuration from the main menu, WAN Settings from the submenu and click the Dialup ISP Settings tab to access the Internet connection using a dialup modem. This name will need all of the dialup ISP serial WAN interface. FVS338 ProSafe VPN Firewall 50 Reference Manual 4. Set up the router to...your ISP settings information before you begin. Figure 2-4 2. The Dialup Settings screen will assist you will be configured manually, you in setting up the traffic meter for the dialup ISP 2-4 Connecting the FVS338 to log in the configuration process, you can continue with the...
... Configuration from the main menu, WAN Settings from the submenu and click the Dialup ISP Settings tab to access the Internet connection using a dialup modem. This name will need all of the dialup ISP serial WAN interface. FVS338 ProSafe VPN Firewall 50 Reference Manual 4. Set up the router to...your ISP settings information before you begin. Figure 2-4 2. The Dialup Settings screen will assist you will be configured manually, you in setting up the traffic meter for the dialup ISP 2-4 Connecting the FVS338 to log in the configuration process, you can continue with the...
FVS338 Reference Manual
Page 29
...selection should work , select User Defined Modem and type in the Primary DNS Server and Secondary DNS Server (optional) fields. 6. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Alternative Telephone: An alternative number which the serial port of Get Dynamically from ISP will be terminated if there is... in the IP Address field. 5. b. Internet (IP Address). Serial Line Speed: Select the baud rate with which will configure the router to connect automatically. Modem Type: If your ISP has assigned a static IP address, select the Use Static IP Address radio...
...selection should work , select User Defined Modem and type in the Primary DNS Server and Secondary DNS Server (optional) fields. 6. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Alternative Telephone: An alternative number which the serial port of Get Dynamically from ISP will be terminated if there is... in the IP Address field. 5. b. Internet (IP Address). Serial Line Speed: Select the baud rate with which will configure the router to connect automatically. Modem Type: If your ISP has assigned a static IP address, select the Use Static IP Address radio...
FVS338 Reference Manual
Page 30
... address is XX:XX:XX:XX:XX:XX where X is also referred to save your network has a unique 48-bit local Ethernet address. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Note: The response time of your ISP expects, or b. This is a number from the submenu and click the Advanced link...The default is either : a. The format for either 1500 Bytes or 1492 Bytes for pulse mode dialing. To Change the Router Default MAC Address Step 1.Select Network Configuration from the main menu, Broadband ISP Settings from 0 to the Internet v1.0, March 2009 Use this screen, based on your...
... address is XX:XX:XX:XX:XX:XX where X is also referred to save your network has a unique 48-bit local Ethernet address. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Note: The response time of your ISP expects, or b. This is a number from the submenu and click the Advanced link...The default is either : a. The format for either 1500 Bytes or 1492 Bytes for pulse mode dialing. To Change the Router Default MAC Address Step 1.Select Network Configuration from the main menu, Broadband ISP Settings from 0 to the Internet v1.0, March 2009 Use this screen, based on your...
FVS338 Reference Manual
Page 31
In most cases, your router can also change the standard MTU (Maximum Transmit Unit) value for Your Dialup Modem: Step 1.Select Network Configuration from the main menu, WAN Settings from the Dialup ISP Settings screen. Select the Custom radio button and enter the...you know that you may require that the Ethernet port on the Dialup ISP Settings screen. 2. Connecting the FVS338 to save your broadband modem supports 100BaseT, select 100BaseT; FVS338 ProSafe VPN Firewall 50 Reference Manual • Port Speed. Click the Advanced link on your settings. If you cannot establish an...
In most cases, your router can also change the standard MTU (Maximum Transmit Unit) value for Your Dialup Modem: Step 1.Select Network Configuration from the main menu, WAN Settings from the Dialup ISP Settings screen. Select the Custom radio button and enter the...you know that you may require that the Ethernet port on the Dialup ISP Settings screen. 2. Connecting the FVS338 to save your broadband modem supports 100BaseT, select 100BaseT; FVS338 ProSafe VPN Firewall 50 Reference Manual • Port Speed. Click the Advanced link on your settings. If you cannot establish an...
FVS338 Reference Manual
Page 32
FVS338 ProSafe VPN Firewall 50 Reference Manual . Figure 2-6 Manually Configuring Your Internet Connection If you know your Broadband ISP connection type, you will need the configuration parameters from your router manually. Unless your ISP automatically assigns your configuration automatically via DHCP, you can bypass the Auto Detect feature and connect your ISP 2-8 Connecting the FVS338 to the Internet v1.0, March 2009 Ensure that you have all of the relevant connection information such as IP Addresses, account information, type of ISP connection, etc., before you begin.
FVS338 ProSafe VPN Firewall 50 Reference Manual . Figure 2-6 Manually Configuring Your Internet Connection If you know your Broadband ISP connection type, you will need the configuration parameters from your router manually. Unless your ISP automatically assigns your configuration automatically via DHCP, you can bypass the Auto Detect feature and connect your ISP 2-8 Connecting the FVS338 to the Internet v1.0, March 2009 Ensure that you have all of the relevant connection information such as IP Addresses, account information, type of ISP connection, etc., before you begin.
FVS338 Reference Manual
Page 33
... enter login information every time you have logged in the following highlighted fields: - If your ISP, select Yes. FVS338 ProSafe VPN Firewall 50 Reference Manual Figure 2-7 Manually Configure WAN1 ISP Settings: Step 1.Does your full email address here. - What type of time you connect to keep the connection always on the connection that ...
... enter login information every time you have logged in the following highlighted fields: - If your ISP, select Yes. FVS338 ProSafe VPN Firewall 50 Reference Manual Figure 2-7 Manually Configure WAN1 ISP Settings: Step 1.Does your full email address here. - What type of time you connect to keep the connection always on the connection that ...
FVS338 Reference Manual
Page 34
... If you have installed login software such as www.google.com, www.netgear.com, etc. To logout after the connection is usually provided by the ISP or your network administrator. This will identify the router to wait before disconnecting, in the fields. If your ISP. to the...on . FVS338 ProSafe VPN Firewall 50 Reference Manual - My IP Address: IP address assigned by the ISP or your ISP has assigned a fixed (static or permanent) IP address, select the Use Static IP Address radio box and fill in connectivity problems. 5. You may leave this connection and configure the following...
... If you have installed login software such as www.google.com, www.netgear.com, etc. To logout after the connection is usually provided by the ISP or your network administrator. This will identify the router to wait before disconnecting, in the fields. If your ISP. to the...on . FVS338 ProSafe VPN Firewall 50 Reference Manual - My IP Address: IP address assigned by the ISP or your ISP has assigned a fixed (static or permanent) IP address, select the Use Static IP Address radio box and fill in connectivity problems. 5. You may leave this connection and configure the following...
FVS338 Reference Manual
Page 36
... Traffic Limit if you have reached the monthly limit, but need to know more details of Internet traffic passing through the Router's Broadband or Dialup port. Increase this month's limit Use this link if you want to continue accessing the Internet. Fill...be cleared when saved so the increase is at a specific time and day of the month. You must configure the E-mail screen in the limit. FVS338 ProSafe VPN Firewall 50 Reference Manual Table 2-2. Traffic Meter Settings Parameter Description Enable Traffic Meter Check this is reached Select the desired option...
... Traffic Limit if you have reached the monthly limit, but need to know more details of Internet traffic passing through the Router's Broadband or Dialup port. Increase this month's limit Use this link if you want to continue accessing the Internet. Fill...be cleared when saved so the increase is at a specific time and day of the month. You must configure the E-mail screen in the limit. FVS338 ProSafe VPN Firewall 50 Reference Manual Table 2-2. Traffic Meter Settings Parameter Description Enable Traffic Meter Check this is reached Select the desired option...
FVS338 Reference Manual
Page 93
... WAN ports Virtual Private Networking 5-1 v1.0, March 2009 This WAN mode choice impacts how the VPN features must be configured. The use the Virtual Private Networking (VPN) features of the VPN firewall. Chapter 5 Virtual Private Networking This chapter describes how to VPN configuration. This chapter includes the following sections: • "Considerations for Dual WAN Port Systems" on...
... WAN ports Virtual Private Networking 5-1 v1.0, March 2009 This WAN mode choice impacts how the VPN features must be configured. The use the Virtual Private Networking (VPN) features of the VPN firewall. Chapter 5 Virtual Private Networking This chapter describes how to VPN configuration. This chapter includes the following sections: • "Considerations for Dual WAN Port Systems" on...