SRXN3205 Reference Manual
Page 8
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the WAN Mode 2-10 Configuring Dynamic DNS 2-11 Configuring the Advanced WAN Options (Optional 2-12 Additional WAN Related Configuration 2-14 Chapter 3 LAN Configuration Configuring the LAN Setup Options 3-1 Using the VPN Firewall as a DHCP Server 3-3 Configuring DHCP Address Reservation 3-4 Managing Groups and Hosts (LAN Groups 3-4 Viewing the LAN Groups Database 3-5 Adding...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring the WAN Mode 2-10 Configuring Dynamic DNS 2-11 Configuring the Advanced WAN Options (Optional 2-12 Additional WAN Related Configuration 2-14 Chapter 3 LAN Configuration Configuring the LAN Setup Options 3-1 Using the VPN Firewall as a DHCP Server 3-3 Configuring DHCP Address Reservation 3-4 Managing Groups and Hosts (LAN Groups 3-4 Viewing the LAN Groups Database 3-5 Adding...
SRXN3205 Reference Manual
Page 18
... connection. 1-2 Introduction v1.0, October 2008 Autosensing Ethernet Connections with Content Filtering Unlike simple Internet sharing NAT routers, the SRXN3205 is a true firewall, using stateful packet inspection (SPI) to worry about crossover cables, as blocked incoming traffic, port scans... full-duplex or half-duplex operation. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Advanced IPsec and SSL VPN support • Advanced stateful packet inspection (SPI) firewall with multi-NAT support • Easy, web-based setup for installation and management • Front...
... connection. 1-2 Introduction v1.0, October 2008 Autosensing Ethernet Connections with Content Filtering Unlike simple Internet sharing NAT routers, the SRXN3205 is a true firewall, using stateful packet inspection (SPI) to worry about crossover cables, as blocked incoming traffic, port scans... full-duplex or half-duplex operation. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Advanced IPsec and SSL VPN support • Advanced stateful packet inspection (SPI) firewall with multi-NAT support • Easy, web-based setup for installation and management • Front...
SRXN3205 Reference Manual
Page 19
... PCs on the remote computer. - IPsec VPN with 3 SSL VPN sessions). Supports up connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Extensive Protocol Support The firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). This feature greatly simplifies configuration of the NETGEAR ProSafe VPN Client software (VPN01L) - Advanced VPN Support for secure connection to the Internet...
... PCs on the remote computer. - IPsec VPN with 3 SSL VPN sessions). Supports up connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Extensive Protocol Support The firewall supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). This feature greatly simplifies configuration of the NETGEAR ProSafe VPN Client software (VPN01L) - Advanced VPN Support for secure connection to the Internet...
SRXN3205 Reference Manual
Page 21
...8226; VPN Wizard. A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Auto Detection of ISP. The firewall supports ...firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to monitor its status and activity. The following requirements: • Category 5 UTP straight through Ethernet cable with other VPNC-compliant VPN firewalls and clients. • SNMP. ProSafe Wireless-N VPN Firewall SRXN3205...
...8226; VPN Wizard. A user-friendly Setup Wizard is provided and online help documentation is built into the browser-based Web Management Interface. • Auto Detection of ISP. The firewall supports ...firewall includes the NETGEAR VPN Wizard to easily configure IPsec VPN tunnels according to the recommendations of the Virtual Private Network Consortium (VPNC) to monitor its status and activity. The following requirements: • Category 5 UTP straight through Ethernet cable with other VPNC-compliant VPN firewalls and clients. • SNMP. ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 35
...successful connection is made, NETGEAR's Web site appears. When you in the fields. 12. Click Apply to save any changes to the WAN ISP Settings. (Or click Reset to discard any Domain Name Servers (DNS) addresses, click Get dynamically from ISP. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • ...the mask provided by the ISP or your network administrator. • Gateway IP Address. The firewall will be inactivated. The text fields will attempt to connect to additional setup and management tasks. Enter the IP address of the ISP's gateway, provided by the ISP...
...successful connection is made, NETGEAR's Web site appears. When you in the fields. 12. Click Apply to save any changes to the WAN ISP Settings. (Or click Reset to discard any Domain Name Servers (DNS) addresses, click Get dynamically from ISP. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • ...the mask provided by the ISP or your network administrator. • Gateway IP Address. The firewall will be inactivated. The text fields will attempt to connect to additional setup and management tasks. Enter the IP address of the ISP's gateway, provided by the ISP...
SRXN3205 Reference Manual
Page 37
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring Dynamic DNS Note: Dynamic DNS enables you to employ some VPN configurations that require using Internet domain names. The firewall firmware includes ...to its domain, and restores DNS requests for a commercial DDNS service, which allows you must setup an account with a DDNS provider such. However, if your Internet account uses a dynamically ..., and register your network has a permanently assigned IP address, you have that allows routers with your IP address by others on the Internet. Note: If your convenience as ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Configuring Dynamic DNS Note: Dynamic DNS enables you to employ some VPN configurations that require using Internet domain names. The firewall firmware includes ...to its domain, and restores DNS requests for a commercial DDNS service, which allows you must setup an account with a DDNS provider such. However, if your Internet account uses a dynamically ..., and register your network has a permanently assigned IP address, you have that allows routers with your IP address by others on the Internet. Note: If your convenience as ...
SRXN3205 Reference Manual
Page 41
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of LAN IP services such as DHCP and allows you to configure a secondary or "multi-home" LAN IP setup on the LAN. Select Network Configuration > LAN Settings from the main/sub-menu. LAN Configuration 3-1 v1.0, October 2008...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of LAN IP services such as DHCP and allows you to configure a secondary or "multi-home" LAN IP setup on the LAN. Select Network Configuration > LAN Settings from the main/sub-menu. LAN Configuration 3-1 v1.0, October 2008...
SRXN3205 Reference Manual
Page 42
...Address. The LAN address of your browser to reconnect to the new IP address and log in your firewall (factory default: 192.168.1.1). In the LAN TCP/IP Setup section, configure the following parameters: • Domain Name. (Optional) The DHCP will assign the entered ... section, leave the DNCP enabled, or select Disable DHCP Server. • The firewall will manually configure all the computers connected to its DHCP clients. 3-2 LAN Configuration v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual . For example, if you change the LAN IP address of an IP...
...Address. The LAN address of your browser to reconnect to the new IP address and log in your firewall (factory default: 192.168.1.1). In the LAN TCP/IP Setup section, configure the following parameters: • Domain Name. (Optional) The DHCP will assign the entered ... section, leave the DNCP enabled, or select Disable DHCP Server. • The firewall will manually configure all the computers connected to its DHCP clients. 3-2 LAN Configuration v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual . For example, if you change the LAN IP address of an IP...
SRXN3205 Reference Manual
Page 43
... server IP address. • WINS Server. (Optional) Specifies the IP address of the firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Starting IP Address. If no address is specified, the firewall will provide its LAN IP address unless you have completed the LAN setup, all outbound traffic is allowed and all computers connected to the LAN. Specifies...
... server IP address. • WINS Server. (Optional) Specifies the IP address of the firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Starting IP Address. If no address is specified, the firewall will provide its LAN IP address unless you have completed the LAN setup, all outbound traffic is allowed and all computers connected to the LAN. Specifies...
SRXN3205 Reference Manual
Page 44
...server. Managing Groups and Hosts (LAN Groups) The Known PCs and Devices table in this , leaving the DHCP server feature (LAN Setup tab) enabled is updated by clicking the Disable DHCP Server radio box. Specify the pool of your network will be the DHCP ...assigned to the attached PCs from PCs and other means. The LAN Groups Database is strongly recommended. 3-4 LAN Configuration v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual addresses will always receive the same IP address, if you specify a reserved IP address for devices with fixed addresses.
...server. Managing Groups and Hosts (LAN Groups) The Known PCs and Devices table in this , leaving the DHCP server feature (LAN Setup tab) enabled is updated by clicking the Disable DHCP Server radio box. Specify the pool of your network will be the DHCP ...assigned to the attached PCs from PCs and other means. The LAN Groups Database is strongly recommended. 3-4 LAN Configuration v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual addresses will always receive the same IP address, if you specify a reserved IP address for devices with fixed addresses.
SRXN3205 Reference Manual
Page 45
... to that are : • Generally, you . • No need to identify each PC, users cannot avoid these steps: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Scanning the Network. Some advantages of the PC or device cannot be maintained until the PC or device is used ... Because the address allocated by changing the IP address. • A computer is scanned using the Firewall Rules screen (see "Enabling Source MAC Filtering (Address Filter)" on page 5-2). - The LAN Setup tab displays. If necessary, you don't need to Block or Allow Traffic" on page 5-20). ...
... to that are : • Generally, you . • No need to identify each PC, users cannot avoid these steps: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Scanning the Network. Some advantages of the PC or device cannot be maintained until the PC or device is used ... Because the address allocated by changing the IP address. • A computer is scanned using the Firewall Rules screen (see "Enabling Source MAC Filtering (Address Filter)" on page 5-2). - The LAN Setup tab displays. If necessary, you don't need to Block or Allow Traffic" on page 5-20). ...
SRXN3205 Reference Manual
Page 48
... editing. 3. Select Network Configuration > LAN Setup from the main/sub-menu. 3-8 LAN Configuration v1.0, October 2008 To add a secondary LAN IP address, follow these steps: 1. You can add "aliases" to the LAN port, giving computers on those networks access to additional logical subnets on your LAN. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Figure 3-3 2. Select the...
... editing. 3. Select Network Configuration > LAN Setup from the main/sub-menu. 3-8 LAN Configuration v1.0, October 2008 To add a secondary LAN IP address, follow these steps: 1. You can add "aliases" to the LAN port, giving computers on those networks access to additional logical subnets on your LAN. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Figure 3-3 2. Select the...
SRXN3205 Reference Manual
Page 55
...ProSafe Wireless-N VPN Firewall for use the following topics to set up ProSafe Wireless-N VPN Firewall for wireless access • One or more . Deploy the security features appropriate to your network from unauthorized access. You will enable computers with properly configured 802.11b/g/n or 802.11a/n wireless adapters. • A location for the SRXN3205 that conforms to a device such as a wireless firewall: • "Basic Wireless Setup... a hub, switch, router, or Cable/DSL gateway. • A correctly set up your ProSafe Wireless-N VPN Firewall SRXN3205 for others outside your ...
...ProSafe Wireless-N VPN Firewall for use the following topics to set up ProSafe Wireless-N VPN Firewall for wireless access • One or more . Deploy the security features appropriate to your network from unauthorized access. You will enable computers with properly configured 802.11b/g/n or 802.11a/n wireless adapters. • A location for the SRXN3205 that conforms to a device such as a wireless firewall: • "Basic Wireless Setup... a hub, switch, router, or Cable/DSL gateway. • A correctly set up your ProSafe Wireless-N VPN Firewall SRXN3205 for others outside your ...
SRXN3205 Reference Manual
Page 58
... this screen to the SRXN3205. 2. Click Wireless Settings in the Network Configuration of the screen. 4-4 Wireless Configuration v1.0, October 2008 Log in to setup your environment by setting up the unit without wireless security. Figure 4-2 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Basic Wireless Setup (No Security) Test wireless connectivity in your wireless connectivity requirements. To configure the SRXN3205 for basic Wireless access, follow these simple...
... this screen to the SRXN3205. 2. Click Wireless Settings in the Network Configuration of the screen. 4-4 Wireless Configuration v1.0, October 2008 Log in to setup your environment by setting up the unit without wireless security. Figure 4-2 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Basic Wireless Setup (No Security) Test wireless connectivity in your wireless connectivity requirements. To configure the SRXN3205 for basic Wireless access, follow these simple...
SRXN3205 Reference Manual
Page 59
... the data is not listed, please check with a wireless Ethernet adapter installed. Prepare a PC as is North America). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. The default is to the SRXN3205. Type your VPN firewall: Wireless Configuration 4-5 v1.0, October 2008 Verify that you disable ...nullifies the wireless network "discovery" feature of setting your wireless settings in your security settings are 802.11[a only, b only, g only, g and b, 11ng, or 11a]. 8. Completing Wireless Setup (No Security) The purpose of some products such as the Wireless Security Type...
... the data is not listed, please check with a wireless Ethernet adapter installed. Prepare a PC as is North America). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. The default is to the SRXN3205. Type your VPN firewall: Wireless Configuration 4-5 v1.0, October 2008 Verify that you disable ...nullifies the wireless network "discovery" feature of setting your wireless settings in your security settings are 802.11[a only, b only, g only, g and b, 11ng, or 11a]. 8. Completing Wireless Setup (No Security) The purpose of some products such as the Wireless Security Type...
SRXN3205 Reference Manual
Page 62
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Wireless Security Types and Settings Configure the Wireless Security Types based on the level of security you need using one of the following methods and print out the form provided to aid you in making your selections: • Print out the "SSID and WEP/WPA Settings Setup Form" on page 4-9 • To...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Wireless Security Types and Settings Configure the Wireless Security Types based on the level of security you need using one of the following methods and print out the form provided to aid you in making your selections: • Print out the "SSID and WEP/WPA Settings Setup Form" on page 4-9 • To...
SRXN3205 Reference Manual
Page 63
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual SSID and WEP/WPA Settings Setup Form 802.11b/g/n Configuration For a new wireless network, print or copy this information. Be sure to provide this form and fill in the SRXN3205. • WEP Encryption Keys. For WPA, record the following settings for more security.) ... area network. All wireless nodes in the VPN firewall is the default SRXN3205 SSID. Write your customized SSID on the line below Note: The SSID in the same network must be able to set to 32 alphanumeric characters. NETGEAR is the SSID you may customize ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual SSID and WEP/WPA Settings Setup Form 802.11b/g/n Configuration For a new wireless network, print or copy this information. Be sure to provide this form and fill in the SRXN3205. • WEP Encryption Keys. For WPA, record the following settings for more security.) ... area network. All wireless nodes in the VPN firewall is the default SRXN3205 SSID. Write your customized SSID on the line below Note: The SSID in the same network must be able to set to 32 alphanumeric characters. NETGEAR is the SSID you may customize ...
SRXN3205 Reference Manual
Page 72
...Setup Access List to make any specified stations through the firewall. Specifies the interval time between 100ms and 1000ms for each beacon transmission, which allows the access point to Send Threshold. A short transmit preamble gives better performance. When you click Apply. ProSafe Wireless-N VPN Firewall SRXN3205... Reference Manual • RTS Threshold (256 - 2346): Request to synchronize the wireless network. The default is 2346. • Beacon Interval (...
...Setup Access List to make any specified stations through the firewall. Specifies the interval time between 100ms and 1000ms for each beacon transmission, which allows the access point to Send Threshold. A short transmit preamble gives better performance. When you click Apply. ProSafe Wireless-N VPN Firewall SRXN3205... Reference Manual • RTS Threshold (256 - 2346): Request to synchronize the wireless network. The default is 2346. • Beacon Interval (...
SRXN3205 Reference Manual
Page 96
...Dropped Packets: Displays logging option for this rule. - Add IP/MAC Bind Rule - Edit IP/MAC Bind Rule: the following setup: Host1 -- MAC Address: Specify the MAC Address for this rule. - The scenario for this rule. Matching IP & MAC... -- MAC Addresses: Displays the MAC Addresses for this rule. - Log Dropped Packets: Specify Logging option for this rule. The router will be modified: - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 3. Click the Yes radio button to the entry. IP/MAC Bind Table lists the currently defined IP/MAC Bind rules...
...Dropped Packets: Displays logging option for this rule. - Add IP/MAC Bind Rule - Edit IP/MAC Bind Rule: the following setup: Host1 -- MAC Address: Specify the MAC Address for this rule. - The scenario for this rule. Matching IP & MAC... -- MAC Addresses: Displays the MAC Addresses for this rule. - Log Dropped Packets: Specify Logging option for this rule. The router will be modified: - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 3. Click the Yes radio button to the entry. IP/MAC Bind Table lists the currently defined IP/MAC Bind rules...
SRXN3205 Reference Manual
Page 103
... parameters on the recommendations of the VPN Consortium (VPNC), an organization that promotes multi-vendor VPN interoperability. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 6 Virtual Private Networking Using IPsec This chapter describes how to use the IPsec virtual private networking (VPN) features of the ProSafe Wireless-N VPN Firewall to provide secure, encrypted communications between a VPN gateway and a VPN client Virtual Private Networking Using...
... parameters on the recommendations of the VPN Consortium (VPNC), an organization that promotes multi-vendor VPN interoperability. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 6 Virtual Private Networking Using IPsec This chapter describes how to use the IPsec virtual private networking (VPN) features of the ProSafe Wireless-N VPN Firewall to provide secure, encrypted communications between a VPN gateway and a VPN client Virtual Private Networking Using...