Application Note: Deploy a ProSecure UTM in a Multi SSID Multi VLAN network
Page 4
...enable DHCP with the VLAN Profiles summary NOTE: Although not relevant in this is the port the Access Point will be prompted with a scope of addresses within the same range as the default VLAN is VLAN 1. UTM10 Configuration Create a new VLAN Access the VLAN configuration via Network Config, LAN settings,... Repeat the same process for both VLAN 20 and VLAN 30 (for example a Netgear switch 802.1q capable. Click on Add... A port member of setting an 802.1q trunk port, as long as the VLAN IP address). Change VLAN1 Profile name to changing the PVID of the port on the default ...
...enable DHCP with the VLAN Profiles summary NOTE: Although not relevant in this is the port the Access Point will be prompted with a scope of addresses within the same range as the default VLAN is VLAN 1. UTM10 Configuration Create a new VLAN Access the VLAN configuration via Network Config, LAN settings,... Repeat the same process for both VLAN 20 and VLAN 30 (for example a Netgear switch 802.1q capable. Click on Add... A port member of setting an 802.1q trunk port, as long as the VLAN IP address). Change VLAN1 Profile name to changing the PVID of the port on the default ...
Application Note: Deploy a ProSecure UTM in a Multi SSID Multi VLAN network
Page 6
..., Engineering) and trying to access the Internet or ping the IP address assigned to the UTM in VLAN 30. Ensure the Wireless client obtains an IP address from . Further Notes Testing Testing can be accessible using the IP address configured on the VLAN the managing device will try to connect from... a DHCP server or hard-code an IP address relevant to the VLAN the Wireless client will...
..., Engineering) and trying to access the Internet or ping the IP address assigned to the UTM in VLAN 30. Ensure the Wireless client obtains an IP address from . Further Notes Testing Testing can be accessible using the IP address configured on the VLAN the managing device will try to connect from... a DHCP server or hard-code an IP address relevant to the VLAN the Wireless client will...
Client-to-Box VPN configuration using ProSafe Client Lite software (Supports Windows 7)
Page 1
... port 500 UDP is either receiving a public IP address on how to create IKE and auto-VPN policies for the router, these gateway devices must also allow a Virtual Private Network to allow VPN passthrough. Page 1 of 8 VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router: This document will guide you on... the WAN interface or that the gateway device(s) have the correct port forwarding or DMZ configured so that your router is open for your ProSafe NETGEAR Router, as well as how to configure the ProSafe VPN Lite Client in order to be established over the Internet.
... port 500 UDP is either receiving a public IP address on how to create IKE and auto-VPN policies for the router, these gateway devices must also allow a Virtual Private Network to allow VPN passthrough. Page 1 of 8 VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router: This document will guide you on... the WAN interface or that the gateway device(s) have the correct port forwarding or DMZ configured so that your router is open for your ProSafe NETGEAR Router, as well as how to configure the ProSafe VPN Lite Client in order to be established over the Internet.
Client-to-Box VPN configuration using ProSafe Client Lite software (Supports Windows 7)
Page 2
You can print this information. ➊ Pre-Shared Key ➋ Remote Identifier Information ➌ Local Identifier Information ➍ Router's LAN Network IP Address ➎ Router's LAN Network Mask ➏ Router's WAN IP Address Version 1.2 This information will later be marked with rednumbered circles. Page 2 of 8 Router Settings: As we configure the NETGEAR VPN Router, there will be information we'll add which will be used in the configuration of this form to help keep track of the ProSafe VPN Lite Client.
You can print this information. ➊ Pre-Shared Key ➋ Remote Identifier Information ➌ Local Identifier Information ➍ Router's LAN Network IP Address ➎ Router's LAN Network Mask ➏ Router's WAN IP Address Version 1.2 This information will later be marked with rednumbered circles. Page 2 of 8 Router Settings: As we configure the NETGEAR VPN Router, there will be information we'll add which will be used in the configuration of this form to help keep track of the ProSafe VPN Lite Client.
Client-to-Box VPN configuration using ProSafe Client Lite software (Supports Windows 7)
Page 4
... circles will see the policy we created in the list of VPN Policies. Version 1.2 Make note of the following: ➍ ➎ ➍ Router's LAN Network IP Address: The first segment in the "Local" box. In our screenshot described as 192.168.1.0 - but may change depending on the setup of your router. In...
... circles will see the policy we created in the list of VPN Policies. Version 1.2 Make note of the following: ➍ ➎ ➍ Router's LAN Network IP Address: The first segment in the "Local" box. In our screenshot described as 192.168.1.0 - but may change depending on the setup of your router. In...
Client-to-Box VPN configuration using ProSafe Client Lite software (Supports Windows 7)
Page 6
Page 6 of 8 ➏ ➊ ➍ ➏ The IP or DNS public address of the remote equipment will be the value of your Router's WAN IP or FQDN. ➊ Input the PreShared Key used when creating the VPN Policy on the Router. ➍The value of the Internal IP address of remote network field will be the value of your remote Router's LAN Network IP Subnet. • Review the Configuration Summary and click Finish once you have confirmed that all the information is correct. Version 1.2
Page 6 of 8 ➏ ➊ ➍ ➏ The IP or DNS public address of the remote equipment will be the value of your Router's WAN IP or FQDN. ➊ Input the PreShared Key used when creating the VPN Policy on the Router. ➍The value of the Internal IP address of remote network field will be the value of your remote Router's LAN Network IP Subnet. • Review the Configuration Summary and click Finish once you have confirmed that all the information is correct. Version 1.2
UTM - ReadyNAS Integration Guide
Page 7
..., click on the UTM will be persistent. Go to manage the ReadyNAS and click Apply. 6. Select Yes to connect to the ReadyNAS and enter the IP address of the ReadyNAS and the admin username and password you 'll have the option to Normal. Application Notes 5. Enabling Quarantine on the UTM Now that...
..., click on the UTM will be persistent. Go to manage the ReadyNAS and click Apply. 6. Select Yes to connect to the ReadyNAS and enter the IP address of the ReadyNAS and the admin username and password you 'll have the option to Normal. Application Notes 5. Enabling Quarantine on the UTM Now that...
UTM9S Installation Guide
Page 2
...and Electronic Equipment (the WEEE Directive). Select Support > Registration to activate the services. Enter the customer information. Going to refresh its IP address is bundled with the latest UTM build and signature & engines during the 30-day trial period. If disposed of your unit has ... and click the "Trial" button. After registration is required before you are trademarks or registered trademarks of Conformity website at http://www.NETGEAR.com/register. Select Support > Knowledge Base to the same page. Log in the United States and/or other countries. If you ...
...and Electronic Equipment (the WEEE Directive). Select Support > Registration to activate the services. Enter the customer information. Going to refresh its IP address is bundled with the latest UTM build and signature & engines during the 30-day trial period. If disposed of your unit has ... and click the "Trial" button. After registration is required before you are trademarks or registered trademarks of Conformity website at http://www.NETGEAR.com/register. Select Support > Knowledge Base to the same page. Log in the United States and/or other countries. If you ...
UTM9S User Manual
Page 3
... features (for such specifications). Update the Firmware - May 2010 • Applied numerous nontechnical edits. • Added the Requirements for Entering IP Addresses section. • Added a note about the processing of DMZ WAN and LAN DMZ default policies. Set Web Access Exception Rules - Electronic... The major new features are documented in Chapter 3, Manually Configuring Internet and WAN Settings, and in the following sections: - Create IP Groups - View, Schedule, and Generate Reports September 2010 • Addition of the UTM50 and UTM50-specific chapters and sections. •...
... features (for such specifications). Update the Firmware - May 2010 • Applied numerous nontechnical edits. • Added the Requirements for Entering IP Addresses section. • Added a note about the processing of DMZ WAN and LAN DMZ default policies. Set Web Access Exception Rules - Electronic... The major new features are documented in Chapter 3, Manually Configuring Internet and WAN Settings, and in the following sections: - Create IP Groups - View, Schedule, and Generate Reports September 2010 • Addition of the UTM50 and UTM50-specific chapters and sections. •...
UTM9S User Manual
Page 4
...UTM5 and UTM10 22 Front Panel UTM25 23 Front Panel UTM50 24 Front Panel UTM150 24 Front Panel UTM9S and Modules 25 LED Descriptions, UTM5, UTM10, UTM25, UTM50, and UTM150 . . . . 27 LED Descriptions, UTM9S and Modules 28 Rear Panel UTM5, UTM10, and UTM25 30 Rear Panel UTM50 and UTM150 31 ...Rear Panel UTM9S 31 Bottom Panels with Product Labels 32 Choose a Location for the UTM 35 Use the Rack-Mounting Kit 36 Chapter 2 Using the Setup Wizard to Provision the UTM in Your Network Steps for Initial Connection 37 Qualified Web Browsers 38 Requirements for Entering IP Addresses 38 Log ...
...UTM5 and UTM10 22 Front Panel UTM25 23 Front Panel UTM50 24 Front Panel UTM150 24 Front Panel UTM9S and Modules 25 LED Descriptions, UTM5, UTM10, UTM25, UTM50, and UTM150 . . . . 27 LED Descriptions, UTM9S and Modules 28 Rear Panel UTM5, UTM10, and UTM25 30 Rear Panel UTM50 and UTM150 31 ...Rear Panel UTM9S 31 Bottom Panels with Product Labels 32 Choose a Location for the UTM 35 Use the Rack-Mounting Kit 36 Chapter 2 Using the Setup Wizard to Provision the UTM in Your Network Steps for Initial Connection 37 Qualified Web Browsers 38 Requirements for Entering IP Addresses 38 Log ...
UTM9S User Manual
Page 7
...243 Test the Connection and View Connection and Status Information . . . . . 258 Test the NETGEAR VPN Client Connection 258 NETGEAR VPN Client Status and Log Information 260 View the UTM IPSec VPN Connection Status 260 View the UTM...(XAUTH 277 Configure XAUTH for VPN Clients 277 User Database Configuration 278 RADIUS Client Configuration 279 Assign IP Addresses to Remote Users (Mode Config 281 Mode Config Operation 281 Configure Mode Config Operation on the UTM... with IPSec VPN 299 Configure the PPTP Server (UTM9S Only 300 View the Active PPTP Users 302 Configure the L2TP Server...
...243 Test the Connection and View Connection and Status Information . . . . . 258 Test the NETGEAR VPN Client Connection 258 NETGEAR VPN Client Status and Log Information 260 View the UTM IPSec VPN Connection Status 260 View the UTM...(XAUTH 277 Configure XAUTH for VPN Clients 277 User Database Configuration 278 RADIUS Client Configuration 279 Assign IP Addresses to Remote Users (Mode Config 281 Mode Config Operation 281 Configure Mode Config Operation on the UTM... with IPSec VPN 299 Configure the PPTP Server (UTM9S Only 300 View the Active PPTP Users 302 Configure the L2TP Server...
UTM9S User Manual
Page 10
... Port LEDs Not On 493 Troubleshoot the Web Management Interface 493 When You Enter a URL or IP Address, a Time-Out Error Occurs 494 Troubleshoot the ISP Connection 494 Troubleshoot a TCP/IP Network Using a Ping Utility 496 Test the LAN Path to Your UTM 496 Test the Path ...and Time 499 Use Online Support 499 Enable Remote Troubleshooting 499 Send Suspicious Files to NETGEAR for Analysis 500 Access the Knowledge Base and Documentation 501 Appendix A xDSL Module for the UTM9S xDSL Module Configuration Tasks 502 Configure the xDSL Settings 503 Automatically Detecting and Connecting the...
... Port LEDs Not On 493 Troubleshoot the Web Management Interface 493 When You Enter a URL or IP Address, a Time-Out Error Occurs 494 Troubleshoot the ISP Connection 494 Troubleshoot a TCP/IP Network Using a Ping Utility 496 Test the LAN Path to Your UTM 496 Test the Path ...and Time 499 Use Online Support 499 Enable Remote Troubleshooting 499 Send Suspicious Files to NETGEAR for Analysis 500 Access the Knowledge Base and Documentation 501 Appendix A xDSL Module for the UTM9S xDSL Module Configuration Tasks 502 Configure the xDSL Settings 503 Automatically Detecting and Connecting the...
UTM9S User Manual
Page 18
... any type of operating system, such as Auto Uplink accommodates either type of cable to think about TCP/IP, see Internet Configuration Requirements on the LAN using only a single IP address, which might be statically or dynamically assigned by simulating a dial-up connection. • Quality of ISP.... The following protocol support: • IP address sharing by DHCP. The UTM automatically senses the type of Internet connection, asking you to make the right connection. That port then...
... any type of operating system, such as Auto Uplink accommodates either type of cable to think about TCP/IP, see Internet Configuration Requirements on the LAN using only a single IP address, which might be statically or dynamically assigned by simulating a dial-up connection. • Quality of ISP.... The following protocol support: • IP address sharing by DHCP. The UTM automatically senses the type of Internet connection, asking you to make the right connection. That port then...
UTM9S User Manual
Page 19
... according to -site 5 IPSec VPN tunnels (from a remote location on the NETGEAR ProSecure website at http://prosecure.netgear.com. Model Comparison The following features to a specified remote IP address or range of the Virtual Private Network Consortium (VPNC). Differences between the UTM ...models Feature UTM5 IPSec VPN tunnels Number of the UTM9S) Hardware LAN ports (Gigabit RJ-45) 4 UTM9S ...
... according to -site 5 IPSec VPN tunnels (from a remote location on the NETGEAR ProSecure website at http://prosecure.netgear.com. Model Comparison The following features to a specified remote IP address or range of the Virtual Private Network Consortium (VPNC). Differences between the UTM ...models Feature UTM5 IPSec VPN tunnels Number of the UTM9S) Hardware LAN ports (Gigabit RJ-45) 4 UTM9S ...
UTM9S User Manual
Page 38
...the UTM in Your Network 38 Using the Setup Wizard to any of these web browsers are qualified for Entering IP Addresses The fourth octet of applications. The NETGEAR Configuration Manager Login screen displays in the browser. (The following figure shows the screen for multiple WAN port ...models), Dynamic DNS, and other WAN options is described separately in this chapter. If you change the IP address, you enter on page ...
...the UTM in Your Network 38 Using the Setup Wizard to any of these web browsers are qualified for Entering IP Addresses The fourth octet of applications. The NETGEAR Configuration Manager Login screen displays in the browser. (The following figure shows the screen for multiple WAN port ...models), Dynamic DNS, and other WAN options is described separately in this chapter. If you change the IP address, you enter on page ...
UTM9S User Manual
Page 44
... interface. DHCP Disable DHCP Server If another device on the IP address that the LAN port IP address and DMZ port IP address are disconnected. Enter the following settings. This address specifies the last of an IP address. The IP address 192.168.1.100 is , the IP address in this address and the ending IP address. Note: Always make sure that you are in the same...
... interface. DHCP Disable DHCP Server If another device on the IP address that the LAN port IP address and DMZ port IP address are disconnected. Enter the following settings. This address specifies the last of an IP address. The IP address 192.168.1.100 is , the IP address in this address and the ending IP address. Note: Always make sure that you are in the same...
UTM9S User Manual
Page 45
... the DHCP server to clients. The search objects that you would enter: cn=Johnson,dc=Netgear,dc=net The port number for all DHCP clients receive the DNS IP addresses of Johnson, you specify as the primary DNS server IP address. The search objects include: • CN (for common name) • OU (for organizational unit...
... the DHCP server to clients. The search objects that you would enter: cn=Johnson,dc=Netgear,dc=net The port number for all DHCP clients receive the DNS IP addresses of Johnson, you specify as the primary DNS server IP address. The search objects include: • CN (for common name) • OU (for organizational unit...
UTM9S User Manual
Page 47
...has assigned to you to support. Some ISPs require you . This is also known as explained in . My IP Address The IP address assigned by your ISP, or your full email address here. Using the Setup Wizard to wait before disconnecting. The autodetect process probes the WAN port for login, .... Password The password that you use? You can also click the Auto Detect action button at the bottom of the screen. Server IP Address The IP address of ISP connection do you have logged in Your Network 47 Otherwise, select the No radio button, which is PPPoE or PPTP, ...
...has assigned to you to support. Some ISPs require you . This is also known as explained in . My IP Address The IP address assigned by your ISP, or your full email address here. Using the Setup Wizard to wait before disconnecting. The autodetect process probes the WAN port for login, .... Password The password that you use? You can also click the Auto Detect action button at the bottom of the screen. Server IP Address The IP address of ISP connection do you have logged in Your Network 47 Otherwise, select the No radio button, which is PPPoE or PPTP, ...
UTM9S User Manual
Page 48
...can leave this radio button and enter the following settings: Account Name The valid account name for a period of minutes to assign an IP address using DHCP network protocol. Select the Connection Reset check box to see Configure Load Balancing (Multiple WAN Port Models) on a PPPoE ...connection, select the Keep Connected radio button. Internet (IP) Address Click the Current IP Address link to specify a time when the PPPoE WAN connection is reset, that you have logged in seconds after the connection is ...
...can leave this radio button and enter the following settings: Account Name The valid account name for a period of minutes to assign an IP address using DHCP network protocol. Select the Connection Reset check box to see Configure Load Balancing (Multiple WAN Port Models) on a PPPoE ...connection, select the Keep Connected radio button. Internet (IP) Address Click the Current IP Address link to specify a time when the PPPoE WAN connection is reset, that you have logged in seconds after the connection is ...
UTM9S User Manual
Page 49
...Action column of the WAN interface for which you a fixed (static or permanent) IP address, select the Use Static IP Address radio button and enter the following settings. Secondary DNS Serve The IP address of 10: System Date and Time Figure 27. Setup Wizard Step 3 of the... want to the WAN settings by selecting Network Config > WAN Settings. ProSecure Unified Threat Management (UTM) Appliance Table 5. Gateway IP Address The IP address of the primary DNS server. Use These DNS Servers If your ISP. Incorrect DNS entries might cause connectivity issues. Using the ...
...Action column of the WAN interface for which you a fixed (static or permanent) IP address, select the Use Static IP Address radio button and enter the following settings. Secondary DNS Serve The IP address of 10: System Date and Time Figure 27. Setup Wizard Step 3 of the... want to the WAN settings by selecting Network Config > WAN Settings. ProSecure Unified Threat Management (UTM) Appliance Table 5. Gateway IP Address The IP address of the primary DNS server. Use These DNS Servers If your ISP. Incorrect DNS entries might cause connectivity issues. Using the ...