SRXN3205 Reference Manual
Page 7
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Contents About This Manual Conventions, Formats, and Scope xiii How to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Firewall Features ...1-1 A Powerful, True Firewall with Content Filtering 1-2 Autosensing Ethernet Connections with Auto Uplink 1-2 Extensive Protocol Support 1-3 Advanced VPN Support for Both IPsec and SSL...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Contents About This Manual Conventions, Formats, and Scope xiii How to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Firewall Features ...1-1 A Powerful, True Firewall with Content Filtering 1-2 Autosensing Ethernet Connections with Auto Uplink 1-2 Extensive Protocol Support 1-3 Advanced VPN Support for Both IPsec and SSL...
SRXN3205 Reference Manual
Page 12
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Viewing Port Triggering Status 11-12 Monitoring VPN Tunnel Connection Status 11-13 Reviewing the VPN Logs 11-14 Chapter 12 Troubleshooting Basic Functions ...12-1 Power LED Not On 12-2 LEDs ...12-5 Testing the LAN Path to Your VPN Firewall 12-5 Testing the Path from Your PC to a Remote Device 12-6 Restoring the Default Configuration and Password 12-7 Problems with Date and Time 12-7 Diagnostics Functions 12-8 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Viewing Port Triggering Status 11-12 Monitoring VPN Tunnel Connection Status 11-13 Reviewing the VPN Logs 11-14 Chapter 12 Troubleshooting Basic Functions ...12-1 Power LED Not On 12-2 LEDs ...12-5 Testing the LAN Path to Your VPN Firewall 12-5 Testing the Path from Your PC to a Remote Device 12-6 Restoring the Default Configuration and Password 12-7 Problems with Date and Time 12-7 Diagnostics Functions 12-8 Appendix A Default Settings and Technical Specifications Default Settings ...A-1 Technical Specifications A-3 Appendix B ...
SRXN3205 Reference Manual
Page 17
... Name, and Password Location" • "Qualified Web Browsers" Key Firewall Features The firewall portion provides the following key features: • A single 10/100/1000 Mbps Gigabit Ethernet WAN port for your Internet connection. • Built-in four-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for secure wired and wireless connections. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual...
... Name, and Password Location" • "Qualified Web Browsers" Key Firewall Features The firewall portion provides the following key features: • A single 10/100/1000 Mbps Gigabit Ethernet WAN port for your Internet connection. • Built-in four-port 10/100/1000 Mbps Gigabit Ethernet LAN switch for secure wired and wireless connections. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual...
SRXN3205 Reference Manual
Page 23
...in 5GHz modes. Introduction 1-7 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 1-1. Writing to Flash memory (during upgrading or resetting to factory default settings, erasing all configuration settings and restores the default password. 3 LAN Ports LAN connections Four Auto MDI/...mode: The system is disabled. The system has booted successfully. Wireless data traffic in 2.4 GHz modes Reset Reboot 2 button (Press with a sharp Factory Defaults object) Press once to the firewall. Wireless data traffic in for 15 seconds (until the TEST light ...
...in 5GHz modes. Introduction 1-7 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 1-1. Writing to Flash memory (during upgrading or resetting to factory default settings, erasing all configuration settings and restores the default password. 3 LAN Ports LAN connections Four Auto MDI/...mode: The system is disabled. The system has booted successfully. Wireless data traffic in 2.4 GHz modes Reset Reboot 2 button (Press with a sharp Factory Defaults object) Press once to the firewall. Wireless data traffic in for 15 seconds (until the TEST light ...
SRXN3205 Reference Manual
Page 25
... advantage of the full suite of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe Wireless-N VPN Firewall, an administrator must use with JavaScript, cookies, and SSL enabled. Introduction 1-9 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of...
... advantage of the full suite of the following factory default information: IP Address User Name Password Figure 1-3 Qualified Web Browsers To configure the ProSafe Wireless-N VPN Firewall, an administrator must use with JavaScript, cookies, and SSL enabled. Introduction 1-9 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom of...
SRXN3205 Reference Manual
Page 28
... DHCP. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to the Internet (WAN) Enter admin in the browser. The login window displays in lower case for the User Name and password for the Password. 3. Click Login. The Web Configuration Manager appears, displaying the Router Status menu...
... DHCP. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to the Internet (WAN) Enter admin in the browser. The login window displays in lower case for the User Name and password for the Password. 3. Click Login. The Web Configuration Manager appears, displaying the Router Status menu...
SRXN3205 Reference Manual
Page 32
...skip ahead to "Manually Configuring the Internet Connection" following this is the default). • If a login is made, NETGEAR's Web site appears. Figure 2-6 3. If the configuration was successful,...in the following : 2. Click Test to manually establish an Internet connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The WAN Status window should show a valid IP address and...the Login and Password fields. If the automatic WAN ISP configurations failed, you clicked Yes, enter the ISP-provided Login and Password information. 2-6 Connecting to the NETGEAR Web site....
...skip ahead to "Manually Configuring the Internet Connection" following this is the default). • If a login is made, NETGEAR's Web site appears. Figure 2-6 3. If the configuration was successful,...in the following : 2. Click Test to manually establish an Internet connection. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The WAN Status window should show a valid IP address and...the Login and Password fields. If the automatic WAN ISP configurations failed, you clicked Yes, enter the ISP-provided Login and Password information. 2-6 Connecting to the NETGEAR Web site....
SRXN3205 Reference Manual
Page 61
... and Settings" on the LAN connected to the SRXN3205 using the internal DHCP server (DHCP is set them up. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Note: The SSID of your VPN firewall. Select Network Configuration > Wireless Settings from a wireless computer, you will not get a wireless connection to save any other wireless networks within several hundred feet of password- Click Apply to the...
... and Settings" on the LAN connected to the SRXN3205 using the internal DHCP server (DHCP is set them up. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. Note: The SSID of your VPN firewall. Select Network Configuration > Wireless Settings from a wireless computer, you will not get a wireless connection to save any other wireless networks within several hundred feet of password- Click Apply to the...
SRXN3205 Reference Manual
Page 116
...This method is not supported for RSA-Signature to work. - If the peer is the interval between the router and the RADIUS server can be configured in the User Database to the RADIUS server. 6-14 Virtual Private Networking...password based key. RADIUS server settings are : - The VPN Wizard default setting is idle. - Selecting RSA-Signature will connect to detect whether the Peer is used when exchanging keys. The DH group sets the number of DPD failures allowed before tearing down the connection. • Extended Authentication. ProSafe Wireless-N VPN Firewall SRXN3205...
...This method is not supported for RSA-Signature to work. - If the peer is the interval between the router and the RADIUS server can be configured in the User Database to the RADIUS server. 6-14 Virtual Private Networking...password based key. RADIUS server settings are : - The VPN Wizard default setting is idle. - Selecting RSA-Signature will connect to detect whether the Peer is used when exchanging keys. The DH group sets the number of DPD failures allowed before tearing down the connection. • Extended Authentication. ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 122
... remote gateway). 9. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 • SA Lifetime: 3600 seconds 7. Right-click the VPN client icon in authenticating this is disabled by the remote gateway. Enter a Username and Password to the RADIUS server. 10. Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software...
... remote gateway). 9. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 • SA Lifetime: 3600 seconds 7. Right-click the VPN client icon in authenticating this is disabled by the remote gateway. Enter a Username and Password to the RADIUS server. 10. Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software...
SRXN3205 Reference Manual
Page 147
... specify a domain. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates This chapter contains the following sections: • "Adding Authentication Domains, Groups, and Users" • "Managing Certificates" Adding Authentication Domains, Groups, and Users You must create name and password accounts for all users who will always belong to the default domain (geardomain) and...
... specify a domain. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates This chapter contains the following sections: • "Adding Authentication Domains, Groups, and Users" • "Managing Certificates" Adding Authentication Domains, Groups, and Users You must create name and password accounts for all users who will always belong to the default domain (geardomain) and...
SRXN3205 Reference Manual
Page 168
... is password. Netgear recommends that can also configure a separate password for the guest account. See "Monitoring System Performance" on page 11-1 for a discussion of Users screen displays. Figure 9-1OK 2. Changing Passwords and Administrator Settings The default administrator and guest password for the Web Configuration Manager is allowed to have. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Tools for Traffic Management The ProSafe Wireless-N VPN Firewall...
... is password. Netgear recommends that can also configure a separate password for the guest account. See "Monitoring System Performance" on page 11-1 for a discussion of Users screen displays. Figure 9-1OK 2. Changing Passwords and Administrator Settings The default administrator and guest password for the Web Configuration Manager is allowed to have. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Tools for Traffic Management The ProSafe Wireless-N VPN Firewall...
SRXN3205 Reference Manual
Page 169
... become active. 4. Note: After a factory default reset, the password and timeout value will be changed back to Edit Password checkbox. Enter the old password, then enter the new password twice. 5. (Optional) To change the idle timeout for an administrator login session, enter... settings for Administrator displayed in the Idle Timeout field. 6. Select the Check to password and 5 minutes, respectively. Firewall and Network Management 9-9 v1.0, October 2008 Figure 9-2 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The Edit User screen is too large, you may have to wait ...
... become active. 4. Note: After a factory default reset, the password and timeout value will be changed back to Edit Password checkbox. Enter the old password, then enter the new password twice. 5. (Optional) To change the idle timeout for an administrator login session, enter... settings for Administrator displayed in the Idle Timeout field. 6. Select the Check to password and 5 minutes, respectively. Firewall and Network Management 9-9 v1.0, October 2008 Figure 9-2 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The Edit User screen is too large, you may have to wait ...
SRXN3205 Reference Manual
Page 170
... the main/submenu. Be sure to a very secure password. You will be up to enable HTTPS remote management (enabled by default). Note: Be sure to change the default configuration password of your firewall from the Internet, the Secure Sockets Layer (SSL) ... enable remote management. When accessing your firewall. The Remote Management screen displays. . Note: For enhanced security, restrict access to configure, upgrade, and check the status of the firewall to use strong passwords. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Enabling Remote Management Access Using...
... the main/submenu. Be sure to a very secure password. You will be up to enable HTTPS remote management (enabled by default). Note: Be sure to change the default configuration password of your firewall from the Internet, the Secure Sockets Layer (SSL) ... enable remote management. When accessing your firewall. The Remote Management screen displays. . Note: For enhanced security, restrict access to configure, upgrade, and check the status of the firewall to use strong passwords. 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Enabling Remote Management Access Using...
SRXN3205 Reference Manual
Page 174
.... ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • If you have located the file, click the Restore button. The VPN firewall will be 192.168.1.1. Locate and select the previously saved backup file (by default, netgear.cfg). 3. After rebooting, the firewall's password will be password and... the LAN IP address will be displayed. All firewall rules, VPN policies, LAN/WAN settings and other settings will be lost . To view the current version of the VPN firewall router statistics...
.... ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • If you have located the file, click the Restore button. The VPN firewall will be 192.168.1.1. Locate and select the previously saved backup file (by default, netgear.cfg). 3. After rebooting, the firewall's password will be password and... the LAN IP address will be displayed. All firewall rules, VPN policies, LAN/WAN settings and other settings will be lost . To view the current version of the VPN firewall router statistics...
SRXN3205 Reference Manual
Page 180
In addition, if you can view the logs by default. If you don't have e-mail notification enabled, you have e-mail notification enabled to the right of the tab. The Firewall Logs & E-mail screen displays. 2. b. Send To E-mail Address. You must have set up ...password to be sent to WAN under Dropped Packets). 4. You must use the full e-mail address (for which you input on the settings you would like logs to log messages. 3. Log Identifier is appended to be generated when someone on your ISP's outgoing E-mail SMTP server. ProSafe Wireless-N VPN Firewall SRXN3205...
In addition, if you can view the logs by default. If you don't have e-mail notification enabled, you have e-mail notification enabled to the right of the tab. The Firewall Logs & E-mail screen displays. 2. b. Send To E-mail Address. You must have set up ...password to be sent to WAN under Dropped Packets). 4. You must use the full e-mail address (for which you input on the settings you would like logs to log messages. 3. Log Identifier is appended to be generated when someone on your ISP's outgoing E-mail SMTP server. ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 191
...ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 12 Troubleshooting This chapter provides troubleshooting tips and information for any of events should occur: 1. This chapter contains the following sections: • "Basic Functions" • "Troubleshooting the Web Configuration Interface" • "Troubleshooting the ISP Connection" • "Troubleshooting a TCP/IP Network Using a Ping Utility" • "Restoring the Default... Configuration and Password" • "Problems with Date and Time" • "...
...ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 12 Troubleshooting This chapter provides troubleshooting tips and information for any of events should occur: 1. This chapter contains the following sections: • "Basic Functions" • "Troubleshooting the Web Configuration Interface" • "Troubleshooting the ISP Connection" • "Troubleshooting a TCP/IP Network Using a Ping Utility" • "Restoring the Default... Configuration and Password" • "Problems with Date and Time" • "...
SRXN3205 Reference Manual
Page 192
...Troubleshooting the Web Configuration Interface If you are using the 12VDC, 1.5A power adapter supplied by NETGEAR for about 10 seconds and then turn off when your VPN firewall is turned on: • Verify the power adapter cord is properly connected to your local ...Default Configuration and Password" on page 12-7. This procedure is a fault within the firewall. LAN or WAN Port LEDs Not On If either the LAN LEDs or WAN LEDs do not light when the Ethernet connection is made, check the following : 12-2 v1.0, October 2008 Troubleshooting ProSafe Wireless-N VPN Firewall SRXN3205...
...Troubleshooting the Web Configuration Interface If you are using the 12VDC, 1.5A power adapter supplied by NETGEAR for about 10 seconds and then turn off when your VPN firewall is turned on: • Verify the power adapter cord is properly connected to your local ...Default Configuration and Password" on page 12-7. This procedure is a fault within the firewall. LAN or WAN Port LEDs Not On If either the LAN LEDs or WAN LEDs do not light when the Ethernet connection is made, check the following : 12-2 v1.0, October 2008 Troubleshooting ProSafe Wireless-N VPN Firewall SRXN3205...
SRXN3205 Reference Manual
Page 193
... Web browser. Verify CAPS LOCK is on page 12-7. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Check the Ethernet connection between the PC and the firewall as described in "Restoring the Default Configuration and Password" on the same subnet as the firewall. Look at the ARP packets to the firewall and reboot your PC. • If your PC's IP...
... Web browser. Verify CAPS LOCK is on page 12-7. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Check the Ethernet connection between the PC and the firewall as described in "Restoring the Default Configuration and Password" on the same subnet as the firewall. Look at the ARP packets to the firewall and reboot your PC. • If your PC's IP...
SRXN3205 Reference Manual
Page 210
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Classical Routing definition of 2-10 command line interface 9-11 configuration automatic by DHCP 1-3 connecting the VPN firewall 2-1 Connection Status VPN Tunnels 6-16 Content 5-18 Content Filtering 5-1 about 5-18 Block Sites 5-18 enabling 5-18 firewall... examples 2-12 DDNS providers links to 2-12 default configuration restoring 12-7 default password 2-2 default settings 4-7 denial of service attack 5-10 Index-2...proxy 9-6 enable 3-3 feature 1-3 DNS Suffix 7-11 Domain Name router 3-2 Domain Name Blocking 5-18 Domain Name Servers. See DDNS ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Classical Routing definition of 2-10 command line interface 9-11 configuration automatic by DHCP 1-3 connecting the VPN firewall 2-1 Connection Status VPN Tunnels 6-16 Content 5-18 Content Filtering 5-1 about 5-18 Block Sites 5-18 enabling 5-18 firewall... examples 2-12 DDNS providers links to 2-12 default configuration restoring 12-7 default password 2-2 default settings 4-7 denial of service attack 5-10 Index-2...proxy 9-6 enable 3-3 feature 1-3 DNS Suffix 7-11 Domain Name router 3-2 Domain Name Blocking 5-18 Domain Name Servers. See DDNS ...