SRXN3205 Reference Manual
Page 7
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Contents About This Manual Conventions, Formats, and Scope xiii How to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Firewall Features ...1-1 A Powerful, True Firewall with Content Filtering 1-2 Autosensing Ethernet Connections with Auto Uplink 1-2 Extensive Protocol Support 1-3 Advanced VPN Support for Both IPsec and SSL...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Contents About This Manual Conventions, Formats, and Scope xiii How to Use This Manual xiv How to Print this Manual xiv Revision History ...xv Chapter 1 Introduction Key Firewall Features ...1-1 A Powerful, True Firewall with Content Filtering 1-2 Autosensing Ethernet Connections with Auto Uplink 1-2 Extensive Protocol Support 1-3 Advanced VPN Support for Both IPsec and SSL...
SRXN3205 Reference Manual
Page 11
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates Adding Authentication Domains... that Increase Traffic 9-5 Using QoS to Shift the Traffic Mix 9-7 Tools for Traffic Management 9-8 Changing Passwords and Administrator Settings 9-8 Enabling Remote Management Access 9-10 Using an SNMP Manager 9-11 Settings Backup and ...Enabling the Traffic Meter 11-1 Activating Notification of Events and Alerts 11-3 Viewing Firewall Logs 11-6 Viewing Router Configuration and System Status 11-7 Monitoring the WAN Port Status 11-8 Monitoring ...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates Adding Authentication Domains... that Increase Traffic 9-5 Using QoS to Shift the Traffic Mix 9-7 Tools for Traffic Management 9-8 Changing Passwords and Administrator Settings 9-8 Enabling Remote Management Access 9-10 Using an SNMP Manager 9-11 Settings Backup and ...Enabling the Traffic Meter 11-1 Activating Notification of Events and Alerts 11-3 Viewing Firewall Logs 11-6 Viewing Router Configuration and System Status 11-7 Monitoring the WAN Port Status 11-8 Monitoring ...
SRXN3205 Reference Manual
Page 12
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Viewing Port Triggering Status 11-12 Monitoring VPN Tunnel Connection Status 11-13 Reviewing the VPN Logs 11-14 Chapter 12 Troubleshooting Basic Functions ...12-1 Power LED Not On 12-2 LEDs Never Turn Off 12-2 LAN ... Troubleshooting a TCP/IP Network Using a Ping Utility 12-5 Testing the LAN Path to Your VPN Firewall 12-5 Testing the Path from Your PC to a Remote Device 12-6 Restoring the Default Configuration and Password 12-7 Problems with Date and Time 12-7 Diagnostics Functions 12-8 Appendix A Default Settings and Technical...
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Viewing Port Triggering Status 11-12 Monitoring VPN Tunnel Connection Status 11-13 Reviewing the VPN Logs 11-14 Chapter 12 Troubleshooting Basic Functions ...12-1 Power LED Not On 12-2 LEDs Never Turn Off 12-2 LAN ... Troubleshooting a TCP/IP Network Using a Ping Utility 12-5 Testing the LAN Path to Your VPN Firewall 12-5 Testing the Path from Your PC to a Remote Device 12-6 Restoring the Default Configuration and Password 12-7 Problems with Date and Time 12-7 Diagnostics Functions 12-8 Appendix A Default Settings and Technical...
SRXN3205 Reference Manual
Page 17
...Firewall Features" • "Wireless Networking Features" • "System Requirements" • "Package Contents" • "Front Panel Features" • "Rear Panel Features" • "Default IP Address, Login Name, and Password Location" • "Qualified Web Browsers" Key Firewall Features The firewall...ensure extremely high data transfer speeds. The SRXN3205 also supports wireless bridging. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 1 Introduction The SRXN3205 ProSafe Wireless-N VPN Firewall provides Internet connectivity to safeguard your Internet ...
...Firewall Features" • "Wireless Networking Features" • "System Requirements" • "Package Contents" • "Front Panel Features" • "Rear Panel Features" • "Default IP Address, Login Name, and Password Location" • "Qualified Web Browsers" Key Firewall Features The firewall...ensure extremely high data transfer speeds. The SRXN3205 also supports wireless bridging. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 1 Introduction The SRXN3205 ProSafe Wireless-N VPN Firewall provides Internet connectivity to safeguard your Internet ...
SRXN3205 Reference Manual
Page 23
... One Auto MDI/MDIX, Gigabit Ethernet port. Introduction 1-7 v1.0, October 2008 Wireless data traffic in 5GHz modes. This resets the unit to the firewall. Wireless data traffic in 2.4 GHz modes Reset Reboot 2 button (Press with a sharp...ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 1-1. Amber = 100M; Power is disabled. Left LED (status): On = Link; Description of Front Panel Items Item Activity Description PWR (Power) On Green Off Power is supplied to factory default settings, erasing all configuration settings and restores the default password...
... One Auto MDI/MDIX, Gigabit Ethernet port. Introduction 1-7 v1.0, October 2008 Wireless data traffic in 5GHz modes. This resets the unit to the firewall. Wireless data traffic in 2.4 GHz modes Reset Reboot 2 button (Press with a sharp...ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 1-1. Amber = 100M; Power is disabled. Left LED (status): On = Link; Description of Front Panel Items Item Activity Description PWR (Power) On Green Off Power is supplied to factory default settings, erasing all configuration settings and restores the default password...
SRXN3205 Reference Manual
Page 25
..., or Mozilla Firefox l.x Web browser with the firewall's Web Management Interface for configuring the firewall, SSL VPN users should choose a browser that Java is only required for use with JavaScript, cookies, and SSL enabled. Introduction 1-9 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom...
..., or Mozilla Firefox l.x Web browser with the firewall's Web Management Interface for configuring the firewall, SSL VPN users should choose a browser that Java is only required for use with JavaScript, cookies, and SSL enabled. Introduction 1-9 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Default IP Address, Login Name, and Password Location Check the label on the bottom...
SRXN3205 Reference Manual
Page 28
... enter https://192.168.1.1 in to the firewall, follow these steps: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to the Internet (WAN) To log in the address field. The Web Configuration Manager appears, displaying the Router Status menu as the default. Enter admin in...
... enter https://192.168.1.1 in to the firewall, follow these steps: 1. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Logging into the VPN Firewall To connect to the firewall, your computer needs to be configured to the Internet (WAN) To log in the address field. The Web Configuration Manager appears, displaying the Router Status menu as the default. Enter admin in...
SRXN3205 Reference Manual
Page 31
... methods Connection Method DHCP (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data is required. Login (Username, Password); Figure 2-5 Connecting to (2) check your firewall and the cable or DSL line, or to the Internet (WAN) 2-5 v1.0, October 2008 A popup window appears, displaying the... that requires input from you, it will prompt you will be prompted to (1) check the physical connection between your firewall's MAC address (For more information, see "Troubleshooting the ISP Connection" on page 12-4). 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual b.
... methods Connection Method DHCP (Dynamic IP) PPPoE PPTP Fixed (Static) IP Data Required No data is required. Login (Username, Password); Figure 2-5 Connecting to (2) check your firewall and the cable or DSL line, or to the Internet (WAN) 2-5 v1.0, October 2008 A popup window appears, displaying the... that requires input from you, it will prompt you will be prompted to (1) check the physical connection between your firewall's MAC address (For more information, see "Troubleshooting the ISP Connection" on page 12-4). 3. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual b.
SRXN3205 Reference Manual
Page 32
... Connection" following this is the default). • If a login is made, NETGEAR's Web site appears. If the configuration was successful, you are listed in the following : 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The WAN Status window should show a valid IP address and gateway. The... "Troubleshooting the ISP Connection" on page 12-4. If a successful connection is not required, click No and ignore the Login and Password fields. Note: If the configuration process was successful, you can attempt a manual configuration as described in Table 2-1. In the ISP...
... Connection" following this is the default). • If a login is made, NETGEAR's Web site appears. If the configuration was successful, you are listed in the following : 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The WAN Status window should show a valid IP address and gateway. The... "Troubleshooting the ISP Connection" on page 12-4. If a successful connection is not required, click No and ignore the Login and Password fields. Note: If the configuration process was successful, you can attempt a manual configuration as described in Table 2-1. In the ISP...
SRXN3205 Reference Manual
Page 38
... to have chosen will use of the DDNS service providers and set up an account. For example, the wildcard feature will be accessible. 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual To configure Dynamic DNS: 1. b. Each DDNS service provider requires its own parameters. 3. If your account monthly, check Update every... Service you to renew your dynamic DNS provider requires you will be aliased to the Internet (WAN) Enter the Password, or User Key, for example: .dyndns.org). Configuring the Advanced WAN Options (Optional) To configure the Advanced WAN options: 1.
... to have chosen will use of the DDNS service providers and set up an account. For example, the wildcard feature will be accessible. 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual To configure Dynamic DNS: 1. b. Each DDNS service provider requires its own parameters. 3. If your account monthly, check Update every... Service you to renew your dynamic DNS provider requires you will be aliased to the Internet (WAN) Enter the Password, or User Key, for example: .dyndns.org). Configuring the Advanced WAN Options (Optional) To configure the Advanced WAN options: 1.
SRXN3205 Reference Manual
Page 40
... Additional WAN Related Configuration • If you want the ability to manage the firewall remotely, enable remote management at this time (see "Changing Passwords and Administrator Settings" on page 9-8). • At this point, you change your password (see "Enabling Remote Management Access" on page 11-1. 2-14 v1.0, October... meter for the MAC address is 01:23:45:67:89:AB (numbers 0-9 and either uppercase or lowercase letters A-F). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The format for the WAN, if desired. See "Enabling the Traffic Meter" on page 9-10).
... Additional WAN Related Configuration • If you want the ability to manage the firewall remotely, enable remote management at this time (see "Changing Passwords and Administrator Settings" on page 9-8). • At this point, you change your password (see "Enabling Remote Management Access" on page 11-1. 2-14 v1.0, October... meter for the MAC address is 01:23:45:67:89:AB (numbers 0-9 and either uppercase or lowercase letters A-F). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual The format for the WAN, if desired. See "Enabling the Traffic Meter" on page 9-10).
SRXN3205 Reference Manual
Page 61
....1.1. 2. Click Apply to the SRXN3205. 5. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. From your Web browser, log in the SRXN3205. 10. Once you have the same SSID you configured in to update settings. Use the default user name of admin and default password of your Client PCs to have verified wireless connectivity to the SRXN3205, you click Apply to the...
....1.1. 2. Click Apply to the SRXN3205. 5. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. From your Web browser, log in the SRXN3205. 10. Once you have the same SSID you configured in to update settings. Use the default user name of admin and default password of your Client PCs to have verified wireless connectivity to the SRXN3205, you click Apply to the...
SRXN3205 Reference Manual
Page 80
...which Internet locations are covered by the rule, based on the server application security and invoke the user password or privilege levels, if provided. 5-6 Firewall Security and Content Filtering v1.0, October 2008 Select the desired option: • Any - If this ...also advisable to the internal LAN server; All Internet IP address are necessary for servers and may periodically check for your firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-2. Enter the required address in your network. it discovers any server processes (such as a Web ...
...which Internet locations are covered by the rule, based on the server application security and invoke the user password or privilege levels, if provided. 5-6 Firewall Security and Content Filtering v1.0, October 2008 Select the desired option: • Any - If this ...also advisable to the internal LAN server; All Internet IP address are necessary for servers and may periodically check for your firewall. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Table 5-2. Enter the required address in your network. it discovers any server processes (such as a Web ...
SRXN3205 Reference Manual
Page 116
... detect whether the Peer is selected, the router will disable the Pre-shared key text box and uses the Active Self Certificate uploaded in order for a simple password based key. Note: If RADIUS - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - In that case, a ...certificate must match the remote VPN.) - User Database: User accounts created in the router are configured under the VPN Client menu on the User Database page...
... detect whether the Peer is selected, the router will disable the Pre-shared key text box and uses the Active Self Certificate uploaded in order for a simple password based key. Note: If RADIUS - ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - In that case, a ...certificate must match the remote VPN.) - User Database: User accounts created in the router are configured under the VPN Client menu on the User Database page...
SRXN3205 Reference Manual
Page 117
... by a remote gateway with a username and password combination. The public key is freely distributed, and is used to perform authentication (see "Managing Certificates" on each certificate, there is both VPN Endpoints). The receiver then uses its private key...(grey circle). For each VPN endpoint. Indicates whether the policy is involved. • Auto. Traffic covered by an "*" next to the policy name). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual IPSec Host: The router is authenticated by using the VPN Wizard to create a VPN policy, only the Auto method...
... by a remote gateway with a username and password combination. The public key is freely distributed, and is used to perform authentication (see "Managing Certificates" on each certificate, there is both VPN Endpoints). The receiver then uses its private key...(grey circle). For each VPN endpoint. Indicates whether the policy is involved. • Auto. Traffic covered by an "*" next to the policy name). ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual IPSec Host: The router is authenticated by using the VPN Wizard to create a VPN policy, only the Auto method...
SRXN3205 Reference Manual
Page 122
...ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1. From the ID Type pull-down menu which will be used in authenticating this firewall as "modecfg_test". (This name will only be authenticated by default. Enter a Username and Password... chosen, you want this option is not present, the firewall will also be used internally). a. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 ...
...ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1. From the ID Type pull-down menu which will be used in authenticating this firewall as "modecfg_test". (This name will only be authenticated by default. Enter a Username and Password... chosen, you want this option is not present, the firewall will also be used internally). a. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 ...
SRXN3205 Reference Manual
Page 124
... option is chosen, you must specify the user name and password used for storing the authentication information centrally in the Windows toolbar and click Connect. Two types of the remote VPN gateways: User Database, RADIUS-PAP, or RADIUS-CHAP. • IPsec Host. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. If you configured will then connect to authenticate...
... option is chosen, you must specify the user name and password used for storing the authentication information centrally in the Windows toolbar and click Connect. Two types of the remote VPN gateways: User Database, RADIUS-PAP, or RADIUS-CHAP. • IPsec Host. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 1. If you configured will then connect to authenticate...
SRXN3205 Reference Manual
Page 126
...in the network when a user requests access to add a RADIUS server. Select VPN > IPsec VPN from the main/submenu. 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - User Database Configuration When XAUTH is selected, the firewall will store a database of user information, and can interrupt the process with ... user credentials are available. Whether or not you use a RADIUS server, you want some encrypted response using his username/password information. If the user account is enabled) and then by the remote gateway. Click Apply to be authenticated by relaying...
...in the network when a user requests access to add a RADIUS server. Select VPN > IPsec VPN from the main/submenu. 2. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - User Database Configuration When XAUTH is selected, the firewall will store a database of user information, and can interrupt the process with ... user credentials are available. Whether or not you use a RADIUS server, you want some encrypted response using his username/password information. If the user account is enabled) and then by the remote gateway. Click Apply to be authenticated by relaying...
SRXN3205 Reference Manual
Page 135
... table. Therefore, you must specify a group. To add servers, follow these services, you must create name and password accounts for Port Forwarding Port Forwarding provides access to access. Your choices are used and the portal layout that will ...applications (port numbers) that will be authenticated before being allowed to confirm your SSL VPN users. To define these steps: Virtual Private Networking Using SSL 7-7 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. Configuring Domains, Groups, and Users Remote users connecting to remote ...
... table. Therefore, you must specify a group. To add servers, follow these services, you must create name and password accounts for Port Forwarding Port Forwarding provides access to access. Your choices are used and the portal layout that will ...applications (port numbers) that will be authenticated before being allowed to confirm your SSL VPN users. To define these steps: Virtual Private Networking Using SSL 7-7 v1.0, October 2008 ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual 4. Configuring Domains, Groups, and Users Remote users connecting to remote ...
SRXN3205 Reference Manual
Page 147
.... The Domain determines the authentication method to the user requires three items: a User Name, a Password, and a Domain selection. When you create a group, you have access. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates This chapter contains the following sections: • "Adding Authentication Domains, Groups, and Users" • "Managing Certificates" Adding ...
.... The Domain determines the authentication method to the user requires three items: a User Name, a Password, and a Domain selection. When you create a group, you have access. ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual Chapter 8 Managing Users, Authentication, and Certificates This chapter contains the following sections: • "Adding Authentication Domains, Groups, and Users" • "Managing Certificates" Adding ...