FVX538 Reference Manual
Page 17
...-NAT support. Chapter 1 Introduction The ProSafe VPN Firewall 200 with eight 10/100 ports and one 1/100/1000 port connects your network from attacks and intrusions. Introduction 1-1 v1.0, March 2009 The VPN firewall supports multiple Web content filtering options, plus 1 Gigabit Switch port. • One console port for local management. The FVX538 is a complete security solution that...
...-NAT support. Chapter 1 Introduction The ProSafe VPN Firewall 200 with eight 10/100 ports and one 1/100/1000 port connects your network from attacks and intrusions. Introduction 1-1 v1.0, March 2009 The VPN firewall supports multiple Web content filtering options, plus 1 Gigabit Switch port. • One console port for local management. The FVX538 is a complete security solution that...
FVX538 Reference Manual
Page 18
... gateways: • Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is inoperable, ensuring you specify as Ping of Death, SYN Flood, LAND Attack, and IP ...of status and activity. • Flash memory for firmware upgrade. • One U Rack mountable. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced...
... gateways: • Single or multiple exposed hosts • Virtual private networks A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FVX538 is inoperable, ensuring you specify as Ping of Death, SYN Flood, LAND Attack, and IP ...of status and activity. • Flash memory for firmware upgrade. • One U Rack mountable. ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced...
FVX538 Reference Manual
Page 20
... NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of Internet connection, asking you monitor and manage log resources from almost any type of personal computer, such as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by simulating a dial-up connection. ProSafe VPN Firewall 200 FVX538...
... NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of Internet connection, asking you monitor and manage log resources from almost any type of personal computer, such as NAT, allows the use of an inexpensive single-user ISP account. • Automatic Configuration of Attached PCs by simulating a dial-up connection. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 32
...Use these DNS Servers radio box. ProSafe VPN Firewall 200 FVX538 Reference Manual If your ISP has not assigned a Static IP address, select the Get dynamically from the secondary menu. Note: Domain Name Servers (DNS) convert Internet names such as www.google.com, www.netgear.com, etc. To enable the ... out the information described in the fields. to the NETGEAR Web site. Click Test to try and connect to Internet addresses called IP addresses. The ISP will result in connectivity problems. 5. Click Apply to the router using DHCP network protocol. 4. Click Reset to discard ...
...Use these DNS Servers radio box. ProSafe VPN Firewall 200 FVX538 Reference Manual If your ISP has not assigned a Static IP address, select the Get dynamically from the secondary menu. Note: Domain Name Servers (DNS) convert Internet names such as www.google.com, www.netgear.com, etc. To enable the ... out the information described in the fields. to the NETGEAR Web site. Click Test to try and connect to Internet addresses called IP addresses. The ISP will result in connectivity problems. 5. Click Apply to the router using DHCP network protocol. 4. Click Reset to discard ...
FVX538 Reference Manual
Page 38
...ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Load Balancing To use WAN2 for specified traffic. For example, if the HTTP protocol is bound to the computers on the LAN through the WAN1 port. The only way to use multiple ISP links simultaneously, select Load Balancing. Figure 2-5 2. Note: NETGEAR... recommends that are bound to them. To configure the dual WAN ports for the WAN2 port. Enter the following data in Figure 2-4 above, and click view protocol bindings (if protocol binding is bound to WAN2, then the router will display.
...ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Load Balancing To use WAN2 for specified traffic. For example, if the HTTP protocol is bound to the computers on the LAN through the WAN1 port. The only way to use multiple ISP links simultaneously, select Load Balancing. Figure 2-5 2. Note: NETGEAR... recommends that are bound to them. To configure the dual WAN ports for the WAN2 port. Enter the following data in Figure 2-4 above, and click view protocol bindings (if protocol binding is bound to WAN2, then the router will display.
FVX538 Reference Manual
Page 81
... servers. Access to Web server is to your LAN, select LAN WAN Rules. Select Security from the main menu and Firewall Rules from a specified range of the router. LAN IP address: 192.168.1.2 - LAN WAN or DMZ WAN Inbound Rule: Setting Up One-to-One NAT Mapping... or DMZ. The other addresses are available to map to host an additional public IP address and associate this procedure: • Netgear FVX538 ProSafe VPN Firewall - ProSafe VPN Firewall 200 FVX538 Reference Manual In the example, CU-SeeMe connections are allowed only from the submenu. 2. subnet 255.255.255.0 -
... servers. Access to Web server is to your LAN, select LAN WAN Rules. Select Security from the main menu and Firewall Rules from a specified range of the router. LAN IP address: 192.168.1.2 - LAN WAN or DMZ WAN Inbound Rule: Setting Up One-to-One NAT Mapping... or DMZ. The other addresses are available to map to host an additional public IP address and associate this procedure: • Netgear FVX538 ProSafe VPN Firewall - ProSafe VPN Firewall 200 FVX538 Reference Manual In the example, CU-SeeMe connections are allowed only from the submenu. 2. subnet 255.255.255.0 -
FVX538 Reference Manual
Page 133
... from the router. Virtual Private Networking v1.0, March 2009 5-29 LAN IP address/subnet: 192.168.2.1/255.255.255.0 • NETGEAR ProSafe VPN Client software ...activate a temporary IPSec policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - The VPN Policies menu does not need to be used to assign IP addresses...VPN clients to the IKE Policies menu and configure an IKE policy using the newly-created Mode Config record as the Remote Host Configuration Record. Remote users are given IP addresses available in the Mode Config record. ProSafe VPN Firewall 200 FVX538...
... from the router. Virtual Private Networking v1.0, March 2009 5-29 LAN IP address/subnet: 192.168.2.1/255.255.255.0 • NETGEAR ProSafe VPN Client software ...activate a temporary IPSec policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - The VPN Policies menu does not need to be used to assign IP addresses...VPN clients to the IKE Policies menu and configure an IKE policy using the newly-created Mode Config record as the Remote Host Configuration Record. Remote users are given IP addresses available in the Mode Config record. ProSafe VPN Firewall 200 FVX538...
FVX538 Reference Manual
Page 150
... page 6-20 for class of service tag. Netgear recommends that can also configure a separate password for guests. The quality of a service is read-only. See "Monitoring the Router" on how to use this password to a more secure password. Administration You can change this feature. ProSafe VPN Firewall 200 FVX538 Reference Manual The QoS priority settings conform to...
... page 6-20 for class of service tag. Netgear recommends that can also configure a separate password for guests. The quality of a service is read-only. See "Monitoring the Router" on how to use this password to a more secure password. Administration You can change this feature. ProSafe VPN Firewall 200 FVX538 Reference Manual The QoS priority settings conform to...
FVX538 Reference Manual
Page 158
...backup file (by default, netgear.cfg). 2. Click Browse. Do not try to go online, turn off the router, shutdown the computer or do NOT interrupt the process. If you have located the file, click restore. You must manually restart the VPN firewall for the restored settings to ...save downloaded files automatically, the file will be saved to your browser's download location on your hard disk to use a different firmware version. ProSafe VPN Firewall 200 FVX538 Reference Manual • Back up and save a copy of your current settings • Restore saved settings from the backed-up file. ...
...backup file (by default, netgear.cfg). 2. Click Browse. Do not try to go online, turn off the router, shutdown the computer or do NOT interrupt the process. If you have located the file, click restore. You must manually restart the VPN firewall for the restored settings to ...save downloaded files automatically, the file will be saved to your browser's download location on your hard disk to use a different firmware version. ProSafe VPN Firewall 200 FVX538 Reference Manual • Back up and save a copy of your current settings • Restore saved settings from the backed-up file. ...
FVX538 Reference Manual
Page 159
... act as a DHCP client to the NETGEAR Web site at http://www.netgear.com/support and click on using them before upgrading the router. To download a firmware version: 1. Go to the Internet. ProSafe VPN Firewall 200 FVX538 Reference Manual You must manually restart the VPN firewall in the download, read them ! After rebooting, the router's password will be password and the...
... act as a DHCP client to the NETGEAR Web site at http://www.netgear.com/support and click on using them before upgrading the router. To download a firmware version: 1. Go to the Internet. ProSafe VPN Firewall 200 FVX538 Reference Manual You must manually restart the VPN firewall in the download, read them ! After rebooting, the router's password will be password and the...
FVX538 Reference Manual
Page 161
... is a protocol that your VPN firewall router. After the VPN firewall has rebooted, select Monitoring and confirm the new firmware version to the router until the router finishes the upgrade! Network Time Protocol (NTP) is used to synchronize computer clock times in order for Daylight Savings Time radio box. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual To upgrade router software: 1. Locate the downloaded...
... is a protocol that your VPN firewall router. After the VPN firewall has rebooted, select Monitoring and confirm the new firmware version to the router until the router finishes the upgrade! Network Time Protocol (NTP) is used to synchronize computer clock times in order for Daylight Savings Time radio box. 3. ProSafe VPN Firewall 200 FVX538 Reference Manual To upgrade router software: 1. Locate the downloaded...
FVX538 Reference Manual
Page 162
Click Apply to save your previous settings. ProSafe VPN Firewall 200 FVX538 Reference Manual • Use Custom NTP Servers: If you prefer to use a particular NTP server, enable this option and leave either the Server 1 or Server 2 ... also provides the following information: 6-20 v1.0, March 2009 Router and Network Management If you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. Figure 6-6 Monitoring the Router You can be set to the Default Netgear NTP servers. 4. Enabling the Traffic Meter To monitor traffic...
Click Apply to save your previous settings. ProSafe VPN Firewall 200 FVX538 Reference Manual • Use Custom NTP Servers: If you prefer to use a particular NTP server, enable this option and leave either the Server 1 or Server 2 ... also provides the following information: 6-20 v1.0, March 2009 Router and Network Management If you can also view status information about the firewall, WAN ports, LAN ports, and VPN tunnels and program SNMP connections. Figure 6-6 Monitoring the Router You can be set to the Default Netgear NTP servers. 4. Enabling the Traffic Meter To monitor traffic...
FVX538 Reference Manual
Page 172
Traceroute (often called Trace Route) - www.netgear.com) to the Diagnostics screen. If you can be configured not to respond to find the IP address. 6-30 v1.0, March 2009 Router and Network Management The Trace Route results will be displayed in a new screen; However,... that the destination is unreachable. A DNS (Domain Name Server) converts the Internet name (e.g. Lists all Routers between the source (this device) and the destination IP address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-16 Table 6-5. Used to send a ping packet request to a specified IP address...
Traceroute (often called Trace Route) - www.netgear.com) to the Diagnostics screen. If you can be configured not to respond to find the IP address. 6-30 v1.0, March 2009 Router and Network Management The Trace Route results will be displayed in a new screen; However,... that the destination is unreachable. A DNS (Domain Name Server) converts the Internet name (e.g. Lists all Routers between the source (this device) and the destination IP address. ProSafe VPN Firewall 200 FVX538 Reference Manual Figure 6-16 Table 6-5. Used to send a ping packet request to a specified IP address...
FVX538 Reference Manual
Page 178
Under the Monitoring menu, select Router Status 4. Turn off power to your firewall. 3. If your firewall is able to obtain a WAN IP address from the ISP. In this case: - or 7-4 Troubleshooting v1.0, March 2009 Launch your browser and ...ISP account as www.netgear.com 2. Turn off power to the cable or DSL modem. 2. Assign the PC Host Name of the following procedure: 1. Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of the firewall's configuration at http://192.168.1.1 3. ProSafe VPN Firewall 200 FVX538 Reference Manual Troubleshooting ...
Under the Monitoring menu, select Router Status 4. Turn off power to your firewall. 3. If your firewall is able to obtain a WAN IP address from the ISP. In this case: - or 7-4 Troubleshooting v1.0, March 2009 Launch your browser and ...ISP account as www.netgear.com 2. Turn off power to the cable or DSL modem. 2. Assign the PC Host Name of the following procedure: 1. Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of the firewall's configuration at http://192.168.1.1 3. ProSafe VPN Firewall 200 FVX538 Reference Manual Troubleshooting ...
FVX538 Reference Manual
Page 22
...parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in case you need to the firewall. Router Front Panel The ProSafe VPN Firewall 200 front panel shown below contains the port connections, ... to Flash memory (during upgrading or resetting to the firewall. ProSafe VPN Firewall 200 FVX538 Reference Manual • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 • Resource CD, including: - five user licenses...
...parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in case you need to the firewall. Router Front Panel The ProSafe VPN Firewall 200 front panel shown below contains the port connections, ... to Flash memory (during upgrading or resetting to the firewall. ProSafe VPN Firewall 200 FVX538 Reference Manual • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat5) Ethernet cable. • Installation Guide, FVX538 ProSafe VPN Firewall 200 • Resource CD, including: - five user licenses...
FVX538 Reference Manual
Page 29
...features and changing them is on the NETGEAR website at this phase (if required). 6. Configure the Internet connections to your firewall. Select either auto-rollover mode or load balancing mode (on the WAN ports (if needed ). Configure your router and wait for complete steps. You ... Typically, six steps are required to complete the basic connection of your ISP(s). Connect the firewall physically to your Ethernet and LAN LEDs are lit. (See the Installation Guide, FVX538 ProSafe VPN Firewall 200 for the Test LED to the Internet 2-1 v1.0, August 2006 Optionally, you can also ...
...features and changing them is on the NETGEAR website at this phase (if required). 6. Configure the Internet connections to your firewall. Select either auto-rollover mode or load balancing mode (on the WAN ports (if needed ). Configure your router and wait for complete steps. You ... Typically, six steps are required to complete the basic connection of your ISP(s). Connect the firewall physically to your Ethernet and LAN LEDs are lit. (See the Installation Guide, FVX538 ProSafe VPN Firewall 200 for the Test LED to the Internet 2-1 v1.0, August 2006 Optionally, you can also ...
FVX538 Reference Manual
Page 83
...from a restricted range of outside IP addresses, such as the primary IP address of the router. One of external IP addresses. If you arrange with a Web server on the LAN.... IP addresses will configure the firewall to illustrate this example, we will be used to provide Internet access to servers on your servers. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Rule...WAN Inbound Rule: Setting Up One-to-One NAT Mapping In this procedure: • Netgear FVX538 ProSafe VPN Firewall - The other addresses are allowed only from a branch office, you can use the additional...
...from a restricted range of outside IP addresses, such as the primary IP address of the router. One of external IP addresses. If you arrange with a Web server on the LAN.... IP addresses will configure the firewall to illustrate this example, we will be used to provide Internet access to servers on your servers. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Inbound Rule...WAN Inbound Rule: Setting Up One-to-One NAT Mapping In this procedure: • Netgear FVX538 ProSafe VPN Firewall - The other addresses are allowed only from a branch office, you can use the additional...
FVX538 Reference Manual
Page 23
Maintenance and Support NETGEAR offers the following items: • FVX538 ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • ...FVX538 VPN firewall: • Flash memory for the ProSafe VPN Firewall 200 FVX538 • VPN Wizard The FVX538 VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to ensure the VPN tunnels are interoperable with other VPNC-compliant VPN routers and clients. • SNMP The FVX538 VPN firewall...
Maintenance and Support NETGEAR offers the following items: • FVX538 ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • ...FVX538 VPN firewall: • Flash memory for the ProSafe VPN Firewall 200 FVX538 • VPN Wizard The FVX538 VPN firewall includes the NETGEAR VPN Wizard to easily configure VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to ensure the VPN tunnels are interoperable with other VPNC-compliant VPN routers and clients. • SNMP The FVX538 VPN firewall...
FVX538 Reference Manual
Page 24
... front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Power is not supplied to the firewall. The Router's Front Panel The FVX538 ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory...successfully. 2-6 Introduction January 2005 Reference Manual for the ProSafe VPN Firewall 200 FVX538 • Resource CD for repair. Keep the carton, including the original packing materials, in case you need to return the firewall for ProSafe VPN Firewall, including: - Writing to Flash memory (during ...
... front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Power is not supplied to the firewall. The Router's Front Panel The FVX538 ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory...successfully. 2-6 Introduction January 2005 Reference Manual for the ProSafe VPN Firewall 200 FVX538 • Resource CD for repair. Keep the carton, including the original packing materials, in case you need to return the firewall for ProSafe VPN Firewall, including: - Writing to Flash memory (during ...
FVX538 Reference Manual
Page 126
... a value for the ProSafe VPN Firewall 200 FVX538 This procedure was developed and tested using: • Netgear FVX538 ProSafe VPN Firewall 200 with version 1.6.11 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVX538 1. Select 'a remote VPN client'. Click Next to go to create the 'home' IKE and VPN policies. Right-click on the VPN client icon in...
... a value for the ProSafe VPN Firewall 200 FVX538 This procedure was developed and tested using: • Netgear FVX538 ProSafe VPN Firewall 200 with version 1.6.11 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVX538 1. Select 'a remote VPN client'. Click Next to go to create the 'home' IKE and VPN policies. Right-click on the VPN client icon in...