FVS338 Reference Manual
Page 7
... Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-6 Router Hardware Components 1-6 Router Front Panel 1-6 Router Rear Panel 1-8 Factory Default Login ...1-9 Chapter 2 Connecting the FVS338 to the Internet Connecting the VPN Firewall to Your Network 2-1 Logging in to the VPN Firewall 2-1 Configuring your Internet Connection 2-2 Broadband ISP Settings 2-2 Dialup ISP Serial WAN port Settings...
... Uplink 1-3 Extensive Protocol Support 1-3 Easy Installation and Management 1-4 Maintenance and Support 1-5 Package Contents ...1-6 Router Hardware Components 1-6 Router Front Panel 1-6 Router Rear Panel 1-8 Factory Default Login ...1-9 Chapter 2 Connecting the FVS338 to the Internet Connecting the VPN Firewall to Your Network 2-1 Logging in to the VPN Firewall 2-1 Configuring your Internet Connection 2-2 Broadband ISP Settings 2-2 Dialup ISP Serial WAN port Settings...
FVS338 Reference Manual
Page 10
... Certificates 5-32 Self Certificates ...5-33 Managing your Certificate Revocation List (CRL 5-36 Chapter 6 Router and Network Management Performance Management 6-1 VPN Firewall Features That Reduce Traffic 6-1 Service Blocking 6-1 Block Sites ...6-3 Source MAC Filtering 6-4 VPN Firewall Features That Increase Traffic 6-4 Port Forwarding 6-4 Port Triggering 6-6 VPN Tunnels ...6-6 Using QoS to Shift the Traffic Mix 6-6 Tools for Traffic Management 6-7 Administration...
... Certificates 5-32 Self Certificates ...5-33 Managing your Certificate Revocation List (CRL 5-36 Chapter 6 Router and Network Management Performance Management 6-1 VPN Firewall Features That Reduce Traffic 6-1 Service Blocking 6-1 Block Sites ...6-3 Source MAC Filtering 6-4 VPN Firewall Features That Increase Traffic 6-4 Port Forwarding 6-4 Port Triggering 6-6 VPN Tunnels ...6-6 Using QoS to Shift the Traffic Mix 6-6 Tools for Traffic Management 6-7 Administration...
FVS338 Reference Manual
Page 15
... administrators can be installed and configured within minutes. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following features: • One 10/100 ...Router Hardware Components" on page 1-6 • "Factory Default Login" on time-of-day, Website addresses and address keywords, and share high-speed cable/DSL Internet access for traffic prioritization. Chapter 1 Introduction The ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. The FVS338...
... administrators can be installed and configured within minutes. The FVS338 is a complete security solution that can establish restricted access policies based on page 1-9 Key Features The VPN firewall provides the following features: • One 10/100 ...Router Hardware Components" on page 1-6 • "Factory Default Login" on time-of-day, Website addresses and address keywords, and share high-speed cable/DSL Internet access for traffic prioritization. Chapter 1 Introduction The ProSafe VPN Firewall 50 with 8 port switch connects your network from attacks and intrusions. The FVS338...
FVS338 Reference Manual
Page 16
...and operate the FVS338 to take full advantage of a variety of routing options on the firewall. Its firewall features include: • DoS protection. The FVS338 will log security events such as off-limits. • Logs security incidents. FVS338 ProSafe VPN Firewall 50 Reference Manual &#... for firmware upgrade. The firewall allows you specify as blocked incoming traffic, port scans, attacks, and administrator logins. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to...
...and operate the FVS338 to take full advantage of a variety of routing options on the firewall. Its firewall features include: • DoS protection. The FVS338 will log security events such as off-limits. • Logs security incidents. FVS338 ProSafe VPN Firewall 50 Reference Manual &#... for firmware upgrade. The firewall allows you specify as blocked incoming traffic, port scans, attacks, and administrator logins. A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVS338 is a true firewall, using stateful packet inspection to...
FVS338 Reference Manual
Page 18
...for MIB2. • Diagnostic functions. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to the network. The VPN firewall automatically senses the type of Internet connection, ...to easily configure your PC. FVS338 ProSafe VPN Firewall 50 Reference Manual • Automatic Configuration of Attached PCs by simulating a dial-up connection. The firewall allows you to the Web Management Interface from a remote location on your firewall from an SNMP-compliant system...
...for MIB2. • Diagnostic functions. The VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to the network. The VPN firewall automatically senses the type of Internet connection, ...to easily configure your PC. FVS338 ProSafe VPN Firewall 50 Reference Manual • Automatic Configuration of Attached PCs by simulating a dial-up connection. The firewall allows you to the Web Management Interface from a remote location on your firewall from an SNMP-compliant system...
FVS338 Reference Manual
Page 20
FVS338 ProSafe VPN Firewall 50 Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall 50. • AC power adapter. • Category 5 Ethernet cable. • Resource CD, including: - Router Hardware Components Following is a description of the front and rear panels of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. If any of the...
FVS338 ProSafe VPN Firewall 50 Reference Manual Package Contents The product package should contain the following items: • ProSafe VPN Firewall 50. • AC power adapter. • Category 5 Ethernet cable. • Resource CD, including: - Router Hardware Components Following is a description of the front and rear panels of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. If any of the...
FVS338 Reference Manual
Page 21
... Blinking (Green) Off 100 LED On (Green) Off Description Power is operating at 10 Mbps. The serial port has successfully connected to the router. The serial port has no link. The WAN port has no link. The WAN port is being transmitted or received by the WAN port....data is not supplied to an ISP and received an IP Address. Power is being transmitted or received by the LAN port. Table 1-1. FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. The LAN port is initializing or the initialization has failed...
... Blinking (Green) Off 100 LED On (Green) Off Description Power is operating at 10 Mbps. The serial port has successfully connected to the router. The serial port has no link. The WAN port has no link. The WAN port is being transmitted or received by the WAN port....data is not supplied to an ISP and received an IP Address. Power is being transmitted or received by the LAN port. Table 1-1. FVS338 ProSafe VPN Firewall 50 Reference Manual The table below describes each item on the front panel and its operation. The LAN port is initializing or the initialization has failed...
FVS338 Reference Manual
Page 22
... power in (12 VDC, 1.2A) 1-8 Introduction v1.0, March 2009 Figure 1-2 Viewed from left to right, the rear panel contains the following elements: • Modem port - FVS338 ProSafe VPN Firewall 50 Reference Manual Router Rear Panel The rear panel of the ProSafe VPN Firewall 50 (Figure 1-2) contains the On/Off switch and AC power connection. serves as the WAN1 Internet port.
... power in (12 VDC, 1.2A) 1-8 Introduction v1.0, March 2009 Figure 1-2 Viewed from left to right, the rear panel contains the following elements: • Modem port - FVS338 ProSafe VPN Firewall 50 Reference Manual Router Rear Panel The rear panel of the ProSafe VPN Firewall 50 (Figure 1-2) contains the On/Off switch and AC power connection. serves as the WAN1 Internet port.
FVS338 Reference Manual
Page 27
.... The options are described in the following table. IP address and related data supplied by your Router's MAC address (see "Setting the Router's MAC Address (Advanced Options)" on page 2-6). Click Connect if connection not already present. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Table 2-1. Figure 2-3 If Auto Detect does not find a connection, you will most likely support...
.... The options are described in the following table. IP address and related data supplied by your Router's MAC address (see "Setting the Router's MAC Address (Advanced Options)" on page 2-6). Click Connect if connection not already present. FVS338 ProSafe VPN Firewall 50 Reference Manual 2. Table 2-1. Figure 2-3 If Auto Detect does not find a connection, you will most likely support...
FVS338 Reference Manual
Page 28
... a dialup modem. Set up the router to the Internet v1.0, March 2009 Password: The account password for ISP1 if desired. This name will be configured manually, you will assist you can continue with the configuration of your ISP. b. Figure 2-4 2. Enter the following Dialup Account settings: a. FVS338 ProSafe VPN Firewall 50 Reference Manual 4. Account/User name: Enter...
... a dialup modem. Set up the router to the Internet v1.0, March 2009 Password: The account password for ISP1 if desired. This name will be configured manually, you will assist you can continue with the configuration of your ISP. b. Figure 2-4 2. Enter the following Dialup Account settings: a. FVS338 ProSafe VPN Firewall 50 Reference Manual 4. Account/User name: Enter...
FVS338 Reference Manual
Page 29
...460.8Kbps. The connection will be dialed if the first is usually defined in the IP Address field. 5. The default setting of the router and the modem connect. Check the Get Automatically From ISP radio box to the Internet 2-5 v1.0, March 2009 The Initial string is not... the Primary DNS Server and Secondary DNS Server (optional) fields. 6. b. DialUp ISPs usually assign the IP address automatically when connecting. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Telephone: The telephone number or access number to dial for the modem to save your modem's user manual.
...460.8Kbps. The connection will be dialed if the first is usually defined in the IP Address field. 5. The default setting of the router and the modem connect. Check the Get Automatically From ISP radio box to the Internet 2-5 v1.0, March 2009 The Initial string is not... the Primary DNS Server and Secondary DNS Server (optional) fields. 6. b. DialUp ISPs usually assign the IP address automatically when connecting. FVS338 ProSafe VPN Firewall 50 Reference Manual c. Telephone: The telephone number or access number to dial for the modem to save your modem's user manual.
FVS338 Reference Manual
Page 30
FVS338 ProSafe VPN Firewall 50 Reference Manual c. Tip: If you experience connectivity problems with your ISP expects. The default is rarely required, and should not be slower than a broadband Internet ... time of your serial port Internet connection will be done unless required by your phone line supports touch tone dialing; Setting the Router's MAC Address (Advanced Options) Each computer or router on page 2-11). This is a number from the submenu and click the Advanced link. Check the radio box for either 1500...
FVS338 ProSafe VPN Firewall 50 Reference Manual c. Tip: If you experience connectivity problems with your ISP expects. The default is rarely required, and should not be slower than a broadband Internet ... time of your serial port Internet connection will be done unless required by your phone line supports touch tone dialing; Setting the Router's MAC Address (Advanced Options) Each computer or router on page 2-11). This is a number from the submenu and click the Advanced link. Check the radio box for either 1500...
FVS338 Reference Manual
Page 31
otherwise, select 10BaseT. Connecting the FVS338 to save your router can also change the standard MTU (Maximum Transmit Unit) value for Your Dialup Modem: Step 1.Select Network Configuration from the main menu, WAN Settings from ... be done unless specifically required by the ISP, To Change the MTU Value for dialup modems from the submenu and the Dialup ISP Settings tab. FVS338 ProSafe VPN Firewall 50 Reference Manual • Port Speed.
otherwise, select 10BaseT. Connecting the FVS338 to save your router can also change the standard MTU (Maximum Transmit Unit) value for Your Dialup Modem: Step 1.Select Network Configuration from the main menu, WAN Settings from ... be done unless specifically required by the ISP, To Change the MTU Value for dialup modems from the submenu and the Dialup ISP Settings tab. FVS338 ProSafe VPN Firewall 50 Reference Manual • Port Speed.
FVS338 Reference Manual
Page 32
Figure 2-6 Manually Configuring Your Internet Connection If you know your Broadband ISP connection type, you can bypass the Auto Detect feature and connect your ISP 2-8 Connecting the FVS338 to the Internet v1.0, March 2009 Unless your ISP automatically assigns your configuration automatically via DHCP, you begin. FVS338 ProSafe VPN Firewall 50 Reference Manual . Ensure that you have all of the relevant connection information such as IP Addresses, account information, type of ISP connection, etc., before you will need the configuration parameters from your router manually.
Figure 2-6 Manually Configuring Your Internet Connection If you know your Broadband ISP connection type, you can bypass the Auto Detect feature and connect your ISP 2-8 Connecting the FVS338 to the Internet v1.0, March 2009 Unless your ISP automatically assigns your configuration automatically via DHCP, you begin. FVS338 ProSafe VPN Firewall 50 Reference Manual . Ensure that you have all of the relevant connection information such as IP Addresses, account information, type of ISP connection, etc., before you will need the configuration parameters from your router manually.
FVS338 Reference Manual
Page 34
...NETGEAR Web site. You can also click on the Broadband Status link or the Current IP Address link to wait before disconnecting, in connectivity problems. 5. If your ISP has assigned one. c. Note: Domain name servers (DNS) convert Internet names such as WinPoET or Enternet, then your network administrator. FVS338 ProSafe VPN Firewall 50...or permanent) IP address, select the Use Static IP Address radio box and fill in the fields. to the router using DHCP network protocol. 4. Incorrect settings here will automatically assign an IP address to Internet addresses called IP ...
...NETGEAR Web site. You can also click on the Broadband Status link or the Current IP Address link to wait before disconnecting, in connectivity problems. 5. If your ISP has assigned one. c. Note: Domain name servers (DNS) convert Internet names such as WinPoET or Enternet, then your network administrator. FVS338 ProSafe VPN Firewall 50...or permanent) IP address, select the Use Static IP Address radio box and fill in the fields. to the router using DHCP network protocol. 4. Incorrect settings here will automatically assign an IP address to Internet addresses called IP ...
FVS338 Reference Manual
Page 36
...restarting You must configure the E-mail screen in order for additional traffic. FVS338 ProSafe VPN Firewall 50 Reference Manual Table 2-2. If this function to restart the Traffic Counter at least 1MB. 2-12 Connecting the FVS338 to each protocol will be allowed. before restarting the counter. If ... traffic counter restarts. Internet Traffic Statistics This displays statistics on page 4-30). The volume of Internet traffic passing through the Router's Broadband or Dialup port. If enabled, enter the monthly volume limit and select the desired behavior when the limit is...
...restarting You must configure the E-mail screen in order for additional traffic. FVS338 ProSafe VPN Firewall 50 Reference Manual Table 2-2. If this function to restart the Traffic Counter at least 1MB. 2-12 Connecting the FVS338 to each protocol will be allowed. before restarting the counter. If ... traffic counter restarts. Internet Traffic Statistics This displays statistics on page 4-30). The volume of Internet traffic passing through the Router's Broadband or Dialup port. If enabled, enter the monthly volume limit and select the desired behavior when the limit is...
FVS338 Reference Manual
Page 37
...IP addresses from the submenu. Otherwise, selecting this mode, the Router performs Routing, but without NAT. Check either the NAT or Classical Routing radio box. Connecting the FVS338 to you. FVS338 ProSafe VPN Firewall 50 Reference Manual Configuring the WAN Mode The WAN Mode screen allows ...you to receive any "private" IP address range, and these addresses to each PC on your router to use Classical Routing for example...
...IP addresses from the submenu. Otherwise, selecting this mode, the Router performs Routing, but without NAT. Check either the NAT or Classical Routing radio box. Connecting the FVS338 to you. FVS338 ProSafe VPN Firewall 50 Reference Manual Configuring the WAN Mode The WAN Mode screen allows ...you to receive any "private" IP address range, and these addresses to each PC on your router to use Classical Routing for example...
FVS338 Reference Manual
Page 38
... you must be routed on the primary broadband connection, the secondary dialup connection connects to the Internet. The default is 4. 7. FVS338 ProSafe VPN Firewall 50 Reference Manual • If you have both ISP links connected for Internet connectivity, check the Primary Broadband with Dialup as 192.168..., in the Broadband ISP Settings screen. • Select DNS lookup using Dialup as exposed hosts and virtual private networks regardless of router failures that should run the configured detection method. The default is 30 seconds. 6. Configuring Dynamic DNS (If Needed) Note: If...
... you must be routed on the primary broadband connection, the secondary dialup connection connects to the Internet. The default is 4. 7. FVS338 ProSafe VPN Firewall 50 Reference Manual • If you have both ISP links connected for Internet connectivity, check the Primary Broadband with Dialup as 192.168..., in the Broadband ISP Settings screen. • Select DNS lookup using Dialup as exposed hosts and virtual private networks regardless of router failures that should run the configured detection method. The default is 30 seconds. 6. Configuring Dynamic DNS (If Needed) Note: If...
FVS338 Reference Manual
Page 39
...Select Network Configuration from the main menu and Dynamic DNS from the submenu. A tab is provided for that port. FVS338 ProSafe VPN Firewall 50 Reference Manual This router firmware includes software that notifies dynamic DNS servers of changes in to your account, and register your dynamic DNS service ...DNS TZO), and Oray.net (tab DNS Oray). If you have configured your account information in the firewall, whenever your ISP-assigned IP address changes, your firewall will be accessible.) 2. The fields corresponding to the selection you have configured Single Port, select the tab...
...Select Network Configuration from the main menu and Dynamic DNS from the submenu. A tab is provided for that port. FVS338 ProSafe VPN Firewall 50 Reference Manual This router firmware includes software that notifies dynamic DNS servers of changes in to your account, and register your dynamic DNS service ...DNS TZO), and Oray.net (tab DNS Oray). If you have configured your account information in the firewall, whenever your ISP-assigned IP address changes, your firewall will be accessible.) 2. The fields corresponding to the selection you have configured Single Port, select the tab...
FVS338 Reference Manual
Page 42
FVS338 ProSafe VPN Firewall 50 Reference Manual • WINS Server (if you entered a WINS server address in the DHCP...communicate with the ISP's DNS servers (as configured in the LAN. However, when the DNS proxy is enabled, the router will receive the DNS IP addresses of lease). The default values are advanced settings most users and situations. the box...for a DHCP server somewhere else on a remote subnet, you to the router and the router, in Auto Rollover mode. The DHCP Relay Agent makes it can make the firewall a dhcp relay agent. When the DNS Proxy option is enabled, then ...
FVS338 ProSafe VPN Firewall 50 Reference Manual • WINS Server (if you entered a WINS server address in the DHCP...communicate with the ISP's DNS servers (as configured in the LAN. However, when the DNS proxy is enabled, the router will receive the DNS IP addresses of lease). The default values are advanced settings most users and situations. the box...for a DHCP server somewhere else on a remote subnet, you to the router and the router, in Auto Rollover mode. The DHCP Relay Agent makes it can make the firewall a dhcp relay agent. When the DNS Proxy option is enabled, then ...
