SRXN3205 Reference Manual
Page 35
... made, NETGEAR's Web site appears. Enter the IP address of the ISP's gateway, provided by the ISP or your entries. Click Test to the previous settings.) 13. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Subnet Mask. Click Apply to save any changes to the WAN ISP Settings. (Or click Reset to discard any Domain Name Servers (DNS...
... made, NETGEAR's Web site appears. Enter the IP address of the ISP's gateway, provided by the ISP or your entries. Click Test to the previous settings.) 13. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Subnet Mask. Click Apply to save any changes to the WAN ISP Settings. (Or click Reset to discard any Domain Name Servers (DNS...
SRXN3205 Reference Manual
Page 42
... a new connection to the Web Configuration Manager. • IP Subnet Mask. You must now enter https://10.0.0.1 in again. In the DHCP section, leave the DNCP enabled, or select Disable DHCP Server. • The firewall will manually configure all the ....255.255.0 as a DHCP server (default), providing TCP/IP configuration settings for all devices, click Disable DHCP Server. Your firewall will be disconnected. Figure 3-1 2. If the DHCP server is enabled, enter the following settings: • IP Address. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual . For example, ...
... a new connection to the Web Configuration Manager. • IP Subnet Mask. You must now enter https://10.0.0.1 in again. In the DHCP section, leave the DNCP enabled, or select Disable DHCP Server. • The firewall will manually configure all the ....255.255.0 as a DHCP server (default), providing TCP/IP configuration settings for all devices, click Disable DHCP Server. Your firewall will be disconnected. Figure 3-1 2. If the DHCP server is enabled, enter the following settings: • IP Address. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual . For example, ...
SRXN3205 Reference Manual
Page 61
...of a client computer must match what you will lose your VPN firewall. Note: If you will not get a wireless connection to the SRXN3205. 11. Configure the Client PCs to save any other wireless networks within several hundred feet of your computer accordingly. 6. ..., you configured in to "Wireless Security Types and Settings" on the LAN connected to the SRXN3205. 5. From your Web browser, log in the firewall. Refer to the SRXN3205 using the internal DHCP server (DHCP is set them up. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Use the default...
...of a client computer must match what you will lose your VPN firewall. Note: If you will not get a wireless connection to the SRXN3205. 11. Configure the Client PCs to save any other wireless networks within several hundred feet of your computer accordingly. 6. ..., you configured in to "Wireless Security Types and Settings" on the LAN connected to the SRXN3205. 5. From your Web browser, log in the firewall. Refer to the SRXN3205 using the internal DHCP server (DHCP is set them up. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Use the default...
SRXN3205 Reference Manual
Page 71
To connect to the SRXN3205 after the DHCP server on the right side of the menu. 3. The default wireless LAN parameters usually work well. The Advanced Wireless Options screen displays. 4. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. Note: By default, SRXN3205 is netgearxxxxxx, where xxxxxx represents the last 6 bytes of your Wireless Settings for your Web browser. The default VPN firewall name is set with...
To connect to the SRXN3205 after the DHCP server on the right side of the menu. 3. The default wireless LAN parameters usually work well. The Advanced Wireless Options screen displays. 4. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. Note: By default, SRXN3205 is netgearxxxxxx, where xxxxxx represents the last 6 bytes of your Wireless Settings for your Web browser. The default VPN firewall name is set with...
SRXN3205 Reference Manual
Page 78
... which this rule, whether it accordingly. If the user does not make a local server (for example, a Web server or game server) visible and available to direct inbound traffic for the traffic passing through the firewall. However, by this option is selected, you must enter the start field. •...the Internet. never log traffic considered by defining an inbound rule you can change it matches or not. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-1. Outbound Rules (continued) Item LAN users WAN Users QoS Priority Log Description These settings...
... which this rule, whether it accordingly. If the user does not make a local server (for example, a Web server or game server) visible and available to direct inbound traffic for the traffic passing through the firewall. However, by this option is selected, you must enter the start field. •...the Internet. never log traffic considered by defining an inbound rule you can change it matches or not. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-1. Outbound Rules (continued) Item LAN users WAN Users QoS Priority Log Description These settings...
SRXN3205 Reference Manual
Page 80
... debugging your ISP. If you are covered by the rule, based on the server application security and invoke the user password or privilege levels, if provided. 5-6 Firewall Security and Content Filtering v1.0, October 2008 This is the public IP address that... log traffic considered by this rule, whether it matches or not. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-2. It is selected, you to incoming traffic. it discovers any server processes (such as a Web or FTP server) from your network. Only enable those ports that will map to ...
... debugging your ISP. If you are covered by the rule, based on the server application security and invoke the user password or privilege levels, if provided. 5-6 Firewall Security and Content Filtering v1.0, October 2008 This is the public IP address that... log traffic considered by this rule, whether it matches or not. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-2. It is selected, you to incoming traffic. it discovers any server processes (such as a Web or FTP server) from your network. Only enable those ports that will map to ...
SRXN3205 Reference Manual
Page 85
... Inbound Rule: Hosting A Local Public Web Server If you can be: IPsec; ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual For example, if a VPN Client or Gateway on the LAN side of this firewall wants to connect to another VPN endpoint on your local network, you host a public Web server on the WAN (placing this firewall between two VPN end points), encrypted packets are sent...
... Inbound Rule: Hosting A Local Public Web Server If you can be: IPsec; ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual For example, if a VPN Client or Gateway on the LAN side of this firewall wants to connect to another VPN endpoint on your local network, you host a public Web server on the WAN (placing this firewall between two VPN end points), encrypted packets are sent...
SRXN3205 Reference Manual
Page 87
... associate this address with the Web server on one of the Web server should appear. LAN IP address 192.168.1.1 • Web server PC on your LAN as this host: 1. To expose one WAN interface. LAN IP address: 192.168.1.11 - The home page of the PCs on the firewall's LAN - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual In the example shown...
... associate this address with the Web server on one of the Web server should appear. LAN IP address 192.168.1.1 • Web server PC on your LAN as this host: 1. To expose one WAN interface. LAN IP address: 192.168.1.11 - The home page of the PCs on the firewall's LAN - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual In the example shown...
SRXN3205 Reference Manual
Page 89
...name is identified by a service or port number. Enter the last port of the application. For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other applications are typically chosen from the range ... in both fields. Select Security > Services from user groups or newsgroups. Firewall Security and Content Filtering v1.0, October 2008 5-15 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Adding Customized Services Services are functions performed by server computers at the request of the service: TCP, UDP, or ICMP. ...
...name is identified by a service or port number. Enter the last port of the application. For example, Web servers serve Web pages, time servers serve time and date information, and game hosts serve data about other applications are typically chosen from the range ... in both fields. Select Security > Services from user groups or newsgroups. Firewall Security and Content Filtering v1.0, October 2008 5-15 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Adding Customized Services Services are functions performed by server computers at the request of the service: TCP, UDP, or ICMP. ...
SRXN3205 Reference Manual
Page 129
... Portal Options The SRXN3205's SSL VPN portal can provide two levels of a traditional IPsec VPN client. The SSL capability of encryption information is completed, the server and client can... of a VPN tunnel using the remote user's browser in the place of SSL service to the remote user: • VPN Tunnel The SRXN3205 can easily ...SSL 7-1 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 7 Virtual Private Networking Using SSL The SRXN3205 ProSafe Wireless-N VPN Firewall provides a hardware-based SSL VPN solution designed specifically to provide remote...
... Portal Options The SRXN3205's SSL VPN portal can provide two levels of a traditional IPsec VPN client. The SSL capability of encryption information is completed, the server and client can... of a VPN tunnel using the remote user's browser in the place of SSL service to the remote user: • VPN Tunnel The SRXN3205 can easily ...SSL 7-1 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 7 Virtual Private Networking Using SSL The SRXN3205 ProSafe Wireless-N VPN Firewall provides a hardware-based SSL VPN solution designed specifically to provide remote...
SRXN3205 Reference Manual
Page 130
.... • Port Forwarding Like VPN Tunnel, Port Forwarding is a web-based client that will be available to which in to the SSL firewall, they must assign a portal layout...access. Only supports TCP connections, not UDP or other IP protocols. - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual browser provides authentication and encryption, establishing a secure connection to the...VPN users. 7-2 Virtual Private Networking Using SSL v1.0, October 2008 The administrator defines individual applications and resources that will assign the PC an IP address and DNS server...
.... • Port Forwarding Like VPN Tunnel, Port Forwarding is a web-based client that will be available to which in to the SSL firewall, they must assign a portal layout...access. Only supports TCP connections, not UDP or other IP protocols. - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual browser provides authentication and encryption, establishing a secure connection to the...VPN users. 7-2 Virtual Private Networking Using SSL v1.0, October 2008 The administrator defines individual applications and resources that will assign the PC an IP address and DNS server...
SRXN3205 Reference Manual
Page 136
... lists many commonly used TCP applications and port numbers. In the TCP Port field, enter the TCP port number of an internal server or host computer. 3. Users can specify the port number together with the host name or IP address. 7-8 Virtual Private Networking ...22a Telnet 23a SMTP (send mail) 25 HTTP (web) POP3 (receive mail) NTP (network time protocol) Citrix 80 110 123 1494 Terminal Services 3389 VNC (virtual network computing) 5900 or 5800 a. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Select VPN > SSL VPN from the main/submenu, and then select the Port...
... lists many commonly used TCP applications and port numbers. In the TCP Port field, enter the TCP port number of an internal server or host computer. 3. Users can specify the port number together with the host name or IP address. 7-8 Virtual Private Networking ...22a Telnet 23a SMTP (send mail) 25 HTTP (web) POP3 (receive mail) NTP (network time protocol) Citrix 80 110 123 1494 Terminal Services 3389 VNC (virtual network computing) 5900 or 5800 a. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Select VPN > SSL VPN from the main/submenu, and then select the Port...
SRXN3205 Reference Manual
Page 149
... be automatically logged out of the Web Configuration Manager Managing Users, Authentication, and Certificates 8-3 v1.0, October 2008 Domain. For an Administrator, this domain will have different restrictions and access controls. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Authentication Type Active Directory LDAP Required Authentication Information Fields Authentication Server, Active Directory Domain Authentication Server, LDAP Base DN c. Select a portal...
... be automatically logged out of the Web Configuration Manager Managing Users, Authentication, and Certificates 8-3 v1.0, October 2008 Domain. For an Administrator, this domain will have different restrictions and access controls. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Authentication Type Active Directory LDAP Required Authentication Information Fields Authentication Server, Active Directory Domain Authentication Server, LDAP Base DN c. Select a portal...
SRXN3205 Reference Manual
Page 174
...VPN firewall before the default settings to the NETGEAR Web site at http://www.netgear.com/support and click Downloads. 2. All firewall rules, VPN... of the VPN firewall router statistics, including the firmware version. To download a firmware version: 1. The VPN firewall will be lost ! The Router Status screen ...netgear.cfg). 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • If you have located the file, click the Restore button. Warning: Once you have your browser's download location on the LAN, to the wireless clients, and act as a DHCP server...
...VPN firewall before the default settings to the NETGEAR Web site at http://www.netgear.com/support and click Downloads. 2. All firewall rules, VPN... of the VPN firewall router statistics, including the firmware version. To download a firmware version: 1. The VPN firewall will be lost ! The Router Status screen ...netgear.cfg). 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • If you have located the file, click the Restore button. Warning: Once you have your browser's download location on the LAN, to the wireless clients, and act as a DHCP server...
SRXN3205 Reference Manual
Page 193
...shown as the firewall. Troubleshooting v1.0, October 2008 12-3 This will generate and assign an IP address if the computer cannot reach a DHCP server. Look at... you are lost. • Click the Refresh or Reload button in the Web browser. These auto-generated addresses are using the recommended addressing scheme, your PC...firewall and reboot your PC. • If your firewall's IP address has been changed and you can reboot the firewall and use a sniffer to factory defaults. If you are in the range of 192.168.1.2 to 192.168.1.254. ProSafe Wireless-N VPN Firewall SRXN3205...
...shown as the firewall. Troubleshooting v1.0, October 2008 12-3 This will generate and assign an IP address if the computer cannot reach a DHCP server. Look at... you are lost. • Click the Refresh or Reload button in the Web browser. These auto-generated addresses are using the recommended addressing scheme, your PC...firewall and reboot your PC. • If your firewall's IP address has been changed and you can reboot the firewall and use a sniffer to factory defaults. If you are in the range of 192.168.1.2 to 192.168.1.254. ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 195
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - If your firewall can obtain an IP address, but your firewall is unable to load any Web pages from your PC to verify that sends an echo request packet to your PC is set up correctly. Testing the LAN Path to Your VPN Firewall You can be done in the ... 32 bytes of data If the path is a host on page 2-6. Click OK. This can ping the firewall from the Internet: • Your PC may not have one or two DNS servers for example: ping 192.168.1.1 3. In the field provided, type "ping" followed by using the Ping...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - If your firewall can obtain an IP address, but your firewall is unable to load any Web pages from your PC to verify that sends an echo request packet to your PC is set up correctly. Testing the LAN Path to Your VPN Firewall You can be done in the ... 32 bytes of data If the path is a host on page 2-6. Click OK. This can ping the firewall from the Internet: • Your PC may not have one or two DNS servers for example: ping 192.168.1.1 3. In the field provided, type "ping" followed by using the Ping...
SRXN3205 Reference Manual
Page 199
... of a Web, FTP, Mail or other Server on that interface. If you can request a DNS lookup to have become unstable or is not operating normally. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual... Table 12-1. This operation will break any existing connections either to an IP address. Troubleshooting v1.0, October 2008 12-9 Diagnostics (continued) Item Perform a DNS lookup Display the routing table Reboot the firewall Packet trace Description A DNS (Domain Name Server) converts the Internet name (for example, www.netgear...
... of a Web, FTP, Mail or other Server on that interface. If you can request a DNS lookup to have become unstable or is not operating normally. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual... Table 12-1. This operation will break any existing connections either to an IP address. Troubleshooting v1.0, October 2008 12-9 Diagnostics (continued) Item Perform a DNS lookup Display the routing table Reboot the firewall Packet trace Description A DNS (Domain Name Server) converts the Internet name (for example, www.netgear...
SRXN3205 Reference Manual
Page 211
... name resolution 7-9 Hosting A Local Public Web Server example of 5-11 hosts, managing 3-4 hotspot settings 1-4 HTTP meta tags 7-6 I IGP 3-11 IKE Policy about 5-1 firewall protection 5-1 firmware downloading 9-14 upgrade 9-14 firmware, upgrading 1-4 fixed IP address 2-5, 3-7 FQDN 2-11 Fragmentation Length default setting 4-18 fragmented IP packets 9-5 fully qualified domain name. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual enabling 4-17 E Edge...
... name resolution 7-9 Hosting A Local Public Web Server example of 5-11 hosts, managing 3-4 hotspot settings 1-4 HTTP meta tags 7-6 I IGP 3-11 IKE Policy about 5-1 firewall protection 5-1 firmware downloading 9-14 upgrade 9-14 firmware, upgrading 1-4 fixed IP address 2-5, 3-7 FQDN 2-11 Fragmentation Length default setting 4-18 fragmented IP packets 9-5 fully qualified domain name. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual enabling 4-17 E Edge...
SRXN3205 Reference Manual
Page 216
... flood 5-10, 9-5 SysLog Server IP Address 11-5 system requirements 1-5 T tab, menu 2-3 TCP flood special rule 9-5 TCP/IP network, troubleshooting 12-5 Technical Specifications A-5 Time setting 9-15 troubleshooting 12-7 time daylight savings, troubleshooting 12-7 Time Zone settings 9-15 Time Zone screen 9-15 timeout, administrator login 9-9 ToS. See SPI. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual firewall, use with 5-2 stateful...
... flood 5-10, 9-5 SysLog Server IP Address 11-5 system requirements 1-5 T tab, menu 2-3 TCP flood special rule 9-5 TCP/IP network, troubleshooting 12-5 Technical Specifications A-5 Time setting 9-15 troubleshooting 12-7 time daylight savings, troubleshooting 12-7 Time Zone settings 9-15 Time Zone screen 9-15 timeout, administrator login 9-9 ToS. See SPI. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual firewall, use with 5-2 stateful...
SRXN3205 Reference Manual
Page 217
See Wireless Multimedia. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual monitoring status 11-13 VPN tunnels about 6-1 Connection Status 6-16 increasing traffic 9-7 IPsec 5-11 L2TP 5-11 PPTP 5-11 VPN Wizard Gateway tunnel 6-2 VPN Client, configuring 6-4 VPN Wizard Default Values 6-3 VPNC 6-1 VPNs viewing VPN tunnel status 11-13 W WAN configuring Advanced options 2-12 WAN Port 1 status 2-5 WAN Ports monitoring status 11-8 WAN ports status...
See Wireless Multimedia. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual monitoring status 11-13 VPN tunnels about 6-1 Connection Status 6-16 increasing traffic 9-7 IPsec 5-11 L2TP 5-11 PPTP 5-11 VPN Wizard Gateway tunnel 6-2 VPN Client, configuring 6-4 VPN Wizard Default Values 6-3 VPNC 6-1 VPNs viewing VPN tunnel status 11-13 W WAN configuring Advanced options 2-12 WAN Port 1 status 2-5 WAN Ports monitoring status 11-8 WAN ports status...