SRXN3205 Reference Manual
Page 8
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the WAN Mode 2-10 Configuring Dynamic DNS 2-11 Configuring the Advanced WAN Options (Optional 2-12 Additional WAN Related Configuration 2-14 Chapter 3 LAN Configuration Configuring the LAN Setup Options 3-1 Using the VPN Firewall as a DHCP Server 3-3 Configuring DHCP Address Reservation 3-4 Managing Groups and Hosts (LAN Groups 3-4 Viewing the LAN Groups Database...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the WAN Mode 2-10 Configuring Dynamic DNS 2-11 Configuring the Advanced WAN Options (Optional 2-12 Additional WAN Related Configuration 2-14 Chapter 3 LAN Configuration Configuring the LAN Setup Options 3-1 Using the VPN Firewall as a DHCP Server 3-3 Configuring DHCP Address Reservation 3-4 Managing Groups and Hosts (LAN Groups 3-4 Viewing the LAN Groups Database...
SRXN3205 Reference Manual
Page 19
..., known as EnterNet or WinPOET on the LAN and Wireless LAN using only a single IP address, which may be statically or dynamically assigned by your Internet service provider (ISP). The firewall obtains actual DNS addresses from the ISP during connection setup... DNS Proxy. Supports up connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Extensive Protocol Support The firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Remote access by DHCP. IPsec VPN with broad protocol support for Both IPsec...
..., known as EnterNet or WinPOET on the LAN and Wireless LAN using only a single IP address, which may be statically or dynamically assigned by your Internet service provider (ISP). The firewall obtains actual DNS addresses from the ISP during connection setup... DNS Proxy. Supports up connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Extensive Protocol Support The firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). Remote access by DHCP. IPsec VPN with broad protocol support for Both IPsec...
SRXN3205 Reference Manual
Page 31
... (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data is required. c. DNS Server IP addresses. If Auto Detect does not find a connection, you will prompt you , it will be prompted to (1) check the physical connection between your firewall and the cable or DSL line, or to the Internet (WAN) 2-5 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference...
... (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data is required. c. DNS Server IP addresses. If Auto Detect does not find a connection, you will prompt you , it will be prompted to (1) check the physical connection between your firewall and the cable or DSL line, or to the Internet (WAN) 2-5 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference...
SRXN3205 Reference Manual
Page 34
... the Static IP address assigned to you based on . Configure the Login Server and Idle Timeout fields. Enter the valid account name for a period of time, click Idle Time and enter the number of the local BigPond Login Server in the timeout field. b. Select BigPond Cable. b. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual a. This is the IP address...
... the Static IP address assigned to you based on . Configure the Login Server and Idle Timeout fields. Enter the valid account name for a period of time, click Idle Time and enter the number of the local BigPond Login Server in the timeout field. b. Select BigPond Cable. b. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual a. This is the IP address...
SRXN3205 Reference Manual
Page 35
... 2-10 • If your entries. If a successful connection is made, NETGEAR's Web site appears. The text fields will attempt to connect to the firewall using DHCP network protocol. 11. Click Test to the Internet (WAN) 2-9...IP address to the NETGEAR Web site. The firewall will be inactivated. When you in the fields. 12. If your ISP has not assigned a static IP address, click Get dynamically from ISP. • If your ISP (or your network administrator. • Gateway IP Address. Review the Domain Name Server (DNS) Servers options. ProSafe Wireless-N VPN Firewall SRXN3205...
... 2-10 • If your entries. If a successful connection is made, NETGEAR's Web site appears. The text fields will attempt to connect to the firewall using DHCP network protocol. 11. Click Test to the Internet (WAN) 2-9...IP address to the NETGEAR Web site. The firewall will be inactivated. When you in the fields. 12. If your ISP has not assigned a static IP address, click Get dynamically from ISP. • If your ISP (or your network administrator. • Gateway IP Address. Review the Domain Name Server (DNS) Servers options. ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 36
...public IP addresses to each PC, you can choose classical routing. If your firewall uses the external Internet connection. To learn the status of static IP addresses to share a single public Internet IP ...you with multiple public IP addresses, you can use classical routing for Internet access by your PCs, and you can map incoming traffic on your LAN. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the...for each PC on your LAN to you, and you can view the Router Status page (see "Monitoring VPN Tunnel Connection Status" on page 11-13) or look at the LEDs on...
...public IP addresses to each PC, you can choose classical routing. If your firewall uses the external Internet connection. To learn the status of static IP addresses to share a single public Internet IP ...you with multiple public IP addresses, you can use classical routing for Internet access by your PCs, and you can map incoming traffic on your LAN. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the...for each PC on your LAN to you, and you can view the Router Status page (see "Monitoring VPN Tunnel Connection Status" on page 11-13) or look at the LEDs on...
SRXN3205 Reference Manual
Page 41
... DHCP Address Reservation" on page 3-4 • "Using the VPN Firewall as a DHCP Server" on page 3-3 • "Configuring Multi Home LAN IP Addresses" on page 3-8 • "Configuring Static Routes" on page 3-10 • "Configuring Routing Information Protocol (RIP)" on the LAN. LAN Configuration 3-1 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 3 LAN Configuration This chapter describes how...
... DHCP Address Reservation" on page 3-4 • "Using the VPN Firewall as a DHCP Server" on page 3-3 • "Configuring Multi Home LAN IP Addresses" on page 3-8 • "Configuring Static Routes" on page 3-10 • "Configuring Routing Information Protocol (RIP)" on the LAN. LAN Configuration 3-1 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 3 LAN Configuration This chapter describes how...
SRXN3205 Reference Manual
Page 46
The name of the PC or device. 3-6 LAN Configuration v1.0, October 2008 Allows modification of the firewall, this IP address will need to update this will be appended by clicking Edit. Enter the name of the PC or device. For ... If a computer is assigned a static IP addresses, you can be listed as "Unknown" (you will not change. In the Add Known PCs and Devices section, make the following fields are displayed: • Name. Click the LAN Groups tab and the LAN Groups tab displays. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 2. The MAC address of...
The name of the PC or device. 3-6 LAN Configuration v1.0, October 2008 Allows modification of the firewall, this IP address will need to update this will be appended by clicking Edit. Enter the name of the PC or device. For ... If a computer is assigned a static IP addresses, you can be listed as "Unknown" (you will not change. In the Add Known PCs and Devices section, make the following fields are displayed: • Name. Click the LAN Groups tab and the LAN Groups tab displays. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 2. The MAC address of...
SRXN3205 Reference Manual
Page 47
...is Reserved (DHCP Client), the firewall will be outside the range of the eight available groups: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • IP Address Type. Note: When assigning a Reserved IP address to this computer or device is assigned in the IP Address field. The IP address is six colon-separated pairs... are named Group1 through Group8. Reserved (DHCP Client). Enter the MAC address of the tabs. The MAC address format is statically assigned on PC). From the pull-down menu, select the LAN Group to the right of the computer's network interface in...
...is Reserved (DHCP Client), the firewall will be outside the range of the eight available groups: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • IP Address Type. Note: When assigning a Reserved IP address to this computer or device is assigned in the IP Address field. The IP address is six colon-separated pairs... are named Group1 through Group8. Reserved (DHCP Client). Enter the MAC address of the tabs. The MAC address format is statically assigned on PC). From the pull-down menu, select the LAN Group to the right of the computer's network interface in...
SRXN3205 Reference Manual
Page 50
... adequate routing information after it has been configured for unusual cases such as multiple firewalls or multiple IP subnets located on your firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring Static Routes Static Routes provide additional routing information to configure additional static routes. You should configure static routes only for Internet access, and you do not need to your network. To...
... adequate routing information after it has been configured for unusual cases such as multiple firewalls or multiple IP subnets located on your firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring Static Routes Static Routes provide additional routing information to configure additional static routes. You should configure static routes only for Internet access, and you do not need to your network. To...
SRXN3205 Reference Manual
Page 51
...Enter the Destination IP Address to save your settings. If the destination is disabled by default. Click Apply to the host or network where the route leads. 7. Click the RIP Configuration link to make this static route in RIP. 6. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 3.... If multiple routes to the Static Route table. The new static route will not be added to the same destination exits, the route with other routers, and allows it to dynamically...
...Enter the Destination IP Address to save your settings. If the destination is disabled by default. Click Apply to the host or network where the route leads. 7. Click the RIP Configuration link to make this static route in RIP. 6. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 3.... If multiple routes to the Static Route table. The new static route will not be added to the same destination exits, the route with other routers, and allows it to dynamically...
SRXN3205 Reference Manual
Page 95
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. IP/MAC Binding Tab The IP/MAC Binding feature allows the VPN firewall to bind IP to view the options available. If users have enabled the logging option for binding: 1. To enable IP/MAC Binding and add IP and MAC address for IP/MAC Binding on their ...it will be logged before being dropped. Click the IP/MAC Binding tab to MAC address and vice-versa. To prevent users from changing static IP addresses, the VPN firewall needs to IP Binding. Figure 5-12 Firewall Security and Content Filtering v1.0, October 2008 5-21 ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. IP/MAC Binding Tab The IP/MAC Binding feature allows the VPN firewall to bind IP to view the options available. If users have enabled the logging option for binding: 1. To enable IP/MAC Binding and add IP and MAC address for IP/MAC Binding on their ...it will be logged before being dropped. Click the IP/MAC Binding tab to MAC address and vice-versa. To prevent users from changing static IP addresses, the VPN firewall needs to IP Binding. Figure 5-12 Firewall Security and Content Filtering v1.0, October 2008 5-21 ...
SRXN3205 Reference Manual
Page 131
... the portal. For port forwarding, declare the servers and services. Declare static routes or grant full access to the local network, subject to remote users. Create a list of IP addresses, IP address ranges, and services. The page is created after you have created...DNS addresses. Create one or more quickly create and configure network policies. 8. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual When you define the SSL VPN policies that determine network resource access for your SSL VPN users, you can also associate fully qualified domain names with these users.
... the portal. For port forwarding, declare the servers and services. Declare static routes or grant full access to the local network, subject to remote users. Create a list of IP addresses, IP address ranges, and services. The page is created after you have created...DNS addresses. Create one or more quickly create and configure network policies. 8. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual When you define the SSL VPN policies that determine network resource access for your SSL VPN users, you can also associate fully qualified domain names with these users.
SRXN3205 Reference Manual
Page 138
...IP address of the client's traffic across the VPN tunnel. - Sends only traffic destined for the VPN tunnel clients to the firewall. • Select whether you want to forward local traffic intended for the corporate network based on the specified client routes. Create a static route on the corporate network's firewall... to manage your company bandwidth by the corporate network, you must - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • So that the virtual (PPP) interface address of a VPN tunnel client does not conflict with addresses on your local network. Split tunnel...
...IP address of the client's traffic across the VPN tunnel. - Sends only traffic destined for the VPN tunnel clients to the firewall. • Select whether you want to forward local traffic intended for the corporate network based on the specified client routes. Create a static route on the corporate network's firewall... to manage your company bandwidth by the corporate network, you must - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • So that the virtual (PPP) interface address of a VPN tunnel client does not conflict with addresses on your local network. Split tunnel...
SRXN3205 Reference Manual
Page 194
... v1.0, October 2008 Troubleshooting Under the Monitoring menu, click Router Status. 4. Check that an IP address is able to obtain a WAN IP address from your firewall. 3. In this case: - To check the WAN IP address: 1. Wait five minutes and reapply power to an ..., and ask them to use the firewall's MAC address; ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Troubleshooting the ISP Connection If your firewall is unable to access the Internet, you have been assigned a static IP address, your firewall must request an IP address from the ISP. Unless you ...
... v1.0, October 2008 Troubleshooting Under the Monitoring menu, click Router Status. 4. Check that an IP address is able to obtain a WAN IP address from your firewall. 3. In this case: - To check the WAN IP address: 1. Wait five minutes and reapply power to an ..., and ask them to use the firewall's MAC address; ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Troubleshooting the ISP Connection If your firewall is unable to access the Internet, you have been assigned a static IP address, your firewall must request an IP address from the ISP. Unless you ...
SRXN3205 Reference Manual
Page 213
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual M MAC address 4-18, 12-6 authentication by ISP 2-13 configuring 2-5 format 2-14, 5-21 in LAN groups database 3-7 restricting access 4-3 spoofing 12-5 trusted PCs 4-3 MAC addresses blocked, adding 5-20 main menu 2-3 metric in static routes 3-11 ModeConfig 6-17 about 6-17 ...11-9 by Scanning the Network 11-9 MTU Size 2-13 multi home LAN IPs 3-4 about 3-8 multi-NAT 5-13 multiple access points placement of 4-2 performance management 9-1, 11-1 Ping troubleshooting TCP/IP 12-5 v1.0, October 2008 Index-5 See NAS. See NTP. Network Database ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual M MAC address 4-18, 12-6 authentication by ISP 2-13 configuring 2-5 format 2-14, 5-21 in LAN groups database 3-7 restricting access 4-3 spoofing 12-5 trusted PCs 4-3 MAC addresses blocked, adding 5-20 main menu 2-3 metric in static routes 3-11 ModeConfig 6-17 about 6-17 ...11-9 by Scanning the Network 11-9 MTU Size 2-13 multi home LAN IPs 3-4 about 3-8 multi-NAT 5-13 multiple access points placement of 4-2 performance management 9-1, 11-1 Ping troubleshooting TCP/IP 12-5 v1.0, October 2008 Index-5 See NAS. See NTP. Network Database ...
SRXN3205 Reference Manual
Page 214
...Source MAC Filtering 9-4 remote management 9-10 access 9-10 configuration 9-10 remote users assigning addresses 6-17 ModeConfig 6-17 reserved IP address configuring 3-4 in LAN groups database 3-7 restrictions 3-7 resources defining 7-13 restore saved settings 9-13 restricting access MAC address... assigned 5-15 protocols Routing Information Protocol 1-3 Q QoS about 3-11 advertising static routes 3-11 configuring parameters 3-11 feature 1-3 versions of 3-12 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual ping 12-8 Ping On Internet Ports 5-10 point-to-point bridge...
...Source MAC Filtering 9-4 remote management 9-10 access 9-10 configuration 9-10 remote users assigning addresses 6-17 ModeConfig 6-17 reserved IP address configuring 3-4 in LAN groups database 3-7 restrictions 3-7 resources defining 7-13 restore saved settings 9-13 restricting access MAC address... assigned 5-15 protocols Routing Information Protocol 1-3 Q QoS about 3-11 advertising static routes 3-11 configuring parameters 3-11 feature 1-3 versions of 3-12 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual ping 12-8 Ping On Internet Ports 5-10 point-to-point bridge...
SRXN3205 Reference Manual
Page 216
... 2-3 SYN flood 5-10, 9-5 SysLog Server IP Address 11-5 system requirements 1-5 T tab, menu 2-3 TCP flood special rule 9-5 TCP/IP network, troubleshooting 12-5 Technical Specifications A-5 Time setting 9-15 troubleshooting 12-7 time daylight savings, troubleshooting 12-7 Time Zone settings 9-15 Time Zone screen 9-15 timeout, administrator login 9-9 ToS. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual firewall, use with 5-2 stateful packet inspection...
... 2-3 SYN flood 5-10, 9-5 SysLog Server IP Address 11-5 system requirements 1-5 T tab, menu 2-3 TCP flood special rule 9-5 TCP/IP network, troubleshooting 12-5 Technical Specifications A-5 Time setting 9-15 troubleshooting 12-7 time daylight savings, troubleshooting 12-7 Time Zone settings 9-15 Time Zone screen 9-15 timeout, administrator login 9-9 ToS. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual firewall, use with 5-2 stateful packet inspection...