Application Note: Deploy a ProSecure UTM in a Multi SSID Multi VLAN network
Page 3
... 192.168.1.239 Management VLAN: 1 Membership: all ports Untagged in VLAN1 Version 2.0 Network Setup Physical setup Layer 2/Layer 3 switch Port 0/1 connected to UTM10 Port 2 Wireless AP LAN port connected to UTM10 Port 1 UTM10 WAN port connected to the Internet Logical setup UTM 10 Configuration LAN IP 192.168.1.1 VLAN1 (default) IP 192.168.1.1 Membership...
... 192.168.1.239 Management VLAN: 1 Membership: all ports Untagged in VLAN1 Version 2.0 Network Setup Physical setup Layer 2/Layer 3 switch Port 0/1 connected to UTM10 Port 2 Wireless AP LAN port connected to UTM10 Port 1 UTM10 WAN port connected to the Internet Logical setup UTM 10 Configuration LAN IP 192.168.1.1 VLAN1 (default) IP 192.168.1.1 Membership...
UTM9S User Manual
Page 4
... Threat Management (UTM) Appliance? . . 13 Key Features and Capabilities 14 Multiple WAN Port Models for Increased Reliability or Outbound Load Balancing 15 Wireless Features 15 DSL Features 15 Advanced VPN Support for Both IPSec and SSL 16 A Powerful, True Firewall 16 Stream Scanning for Content Filtering 16 ..., UTM10, and UTM25 30 Rear Panel UTM50 and UTM150 31 Rear Panel UTM9S 31 Bottom Panels with Product Labels 32 Choose a Location for the UTM 35 Use the Rack-Mounting Kit 36 Chapter 2 Using the Setup Wizard to Provision the UTM in Your Network Steps for Initial Connection 37...
... Threat Management (UTM) Appliance? . . 13 Key Features and Capabilities 14 Multiple WAN Port Models for Increased Reliability or Outbound Load Balancing 15 Wireless Features 15 DSL Features 15 Advanced VPN Support for Both IPSec and SSL 16 A Powerful, True Firewall 16 Stream Scanning for Content Filtering 16 ..., UTM10, and UTM25 30 Rear Panel UTM50 and UTM150 31 Rear Panel UTM9S 31 Bottom Panels with Product Labels 32 Choose a Location for the UTM 35 Use the Rack-Mounting Kit 36 Chapter 2 Using the Setup Wizard to Provision the UTM in Your Network Steps for Initial Connection 37...
UTM9S User Manual
Page 14
... antispam technologies to provide extensive protection against unwanted mail. • Easy, web-based wizard setup for installation and management. • SNMP manageable. • Front panel LEDs for easy ... VPN support. • Depending on the model, bundled with a one-user license of the NETGEAR ProSafe VPN Client software (VPN01L). • Advanced Stateful Packet Inspection (SPI) firewall with multi... local network resources. • Wireless module (UTM9S only) for either 2.4-GHz or 5-GHz wireless modes. • xDLS module (UTM9S only) for firmware upgrade. • Internal universal ...
... antispam technologies to provide extensive protection against unwanted mail. • Easy, web-based wizard setup for installation and management. • SNMP manageable. • Front panel LEDs for easy ... VPN support. • Depending on the model, bundled with a one-user license of the NETGEAR ProSafe VPN Client software (VPN01L). • Advanced Stateful Packet Inspection (SPI) firewall with multi... local network resources. • Wireless module (UTM9S only) for either 2.4-GHz or 5-GHz wireless modes. • xDLS module (UTM9S only) for firmware upgrade. • Internal universal ...
UTM9S User Manual
Page 20
... RJ-45) DMZ interfaces (configurable) USB ports Console ports (RS232) Flash memory RAM Modules xDSL module with RJ11 port Wireless module Deployment VLAN support Dual WAN auto-rollover mode Dual WAN load balancing mode Single WAN mode UTM5 1 1 1 ...1 2 GB 512 MB No No Yes No No Yes UTM9S 2 1 1 1 2 GB 512 MB Yes Yes Yes Yes Yes Yes UTM10 1 1 1 1 2 GB 512 MB No No Yes No ... card that came with your product during the initial setup. Introduction 20 ProSecure Unified Threat Management (UTM) Appliance Table 1.
... RJ-45) DMZ interfaces (configurable) USB ports Console ports (RS232) Flash memory RAM Modules xDSL module with RJ11 port Wireless module Deployment VLAN support Dual WAN auto-rollover mode Dual WAN load balancing mode Single WAN mode UTM5 1 1 1 ...1 2 GB 512 MB No No Yes No No Yes UTM9S 2 1 1 1 2 GB 512 MB Yes Yes Yes Yes Yes Yes UTM10 1 1 1 1 2 GB 512 MB No No Yes No ... card that came with your product during the initial setup. Introduction 20 ProSecure Unified Threat Management (UTM) Appliance Table 1.
UTM9S User Manual
Page 66
... connections (not applicable to the single WAN port models) and dynamic DNS, and to Provision the UTM in Chapter 2, Using the Setup Wizard to configure secondary WAN addresses and advanced WAN options. 3. Manually Configuring Internet and WAN Settings 3 This chapter contains the following sections... the UTM is shown on the UTM9S only, accessible under the Monitoring main navigation menu instead of the Network Config main navigation menu. 66 Note: The Wireless Settings configuration menu is described in Your Network. Note: On the UTM9S, the Email Notification configuration menu is...
... connections (not applicable to the single WAN port models) and dynamic DNS, and to Provision the UTM in Chapter 2, Using the Setup Wizard to configure secondary WAN addresses and advanced WAN options. 3. Manually Configuring Internet and WAN Settings 3 This chapter contains the following sections... the UTM is shown on the UTM9S only, accessible under the Monitoring main navigation menu instead of the Network Config main navigation menu. 66 Note: The Wireless Settings configuration menu is described in Your Network. Note: On the UTM9S, the Email Notification configuration menu is...
UTM9S User Manual
Page 93
... • Configure and Enable the DMZ Port • Manage Routing Note: The initial LAN configuration of your UTM. Note: On the UTM9S, the Email Notification configuration menu is accessible under the Network Config main navigation menu. Endpoints can generally be defined as a broadcast domain. ... • Configure Multihome LAN IPs on the UTM9S only, accessible under the Monitoring main navigation menu instead of the Network Config main navigation menu. Note: The Wireless Settings configuration menu is described in Chapter 2, Using the Setup Wizard to Provision the UTM in the same...
... • Configure and Enable the DMZ Port • Manage Routing Note: The initial LAN configuration of your UTM. Note: On the UTM9S, the Email Notification configuration menu is accessible under the Network Config main navigation menu. Endpoints can generally be defined as a broadcast domain. ... • Configure Multihome LAN IPs on the UTM9S only, accessible under the Monitoring main navigation menu instead of the Network Config main navigation menu. Note: The Wireless Settings configuration menu is described in Chapter 2, Using the Setup Wizard to Provision the UTM in the same...
UTM9S User Manual
Page 98
...routing capability. Select Network Config > LAN Settings. Note that the screens for the UTM50 with the LAN Setup screen in view. The following figure shows the LAN Setup screen for all other service information using an LDAP server. LAN Configuration 98 LDAP Server A Lightweight Directory... default WLAN with the name defaultWLAN. To add or edit a VLAN profile: 1. For each VLAN on page 94. A UTM9S in which a wireless module is , the directory tree) from which the LDAP search begins. The preconfigured default VLAN is available after a rollover has occurred. ...
...routing capability. Select Network Config > LAN Settings. Note that the screens for the UTM50 with the LAN Setup screen in view. The following figure shows the LAN Setup screen for all other service information using an LDAP server. LAN Configuration 98 LDAP Server A Lightweight Directory... default WLAN with the name defaultWLAN. To add or edit a VLAN profile: 1. For each VLAN on page 94. A UTM9S in which a wireless module is , the directory tree) from which the LDAP search begins. The preconfigured default VLAN is available after a rollover has occurred. ...
UTM9S User Manual
Page 449
...the WAN port. MAC Address The default MAC address for the wireless access point is assigned to change the default WLAN IP address, see Wireless Data Security Options on page 534 and Wireless Security Profile on the LAN Setup screen. For information about configuring the MAC address, see Configure ... screen. The MAC address for the port or the MAC address that you have specified on page 90. Wireless information in SLOT-1 Info or SLOT-2 Info Note: For the UTM9S only: Wireless information is a fixed field that states N/A. This is shown in the SLOT-1 Info or SLOT-2 Info ...
...the WAN port. MAC Address The default MAC address for the wireless access point is assigned to change the default WLAN IP address, see Wireless Data Security Options on page 534 and Wireless Security Profile on the LAN Setup screen. For information about configuring the MAC address, see Configure ... screen. The MAC address for the port or the MAC address that you have specified on page 90. Wireless information in SLOT-1 Info or SLOT-2 Info Note: For the UTM9S only: Wireless information is a fixed field that states N/A. This is shown in the SLOT-1 Info or SLOT-2 Info ...
UTM9S User Manual
Page 616
... exchange 210 NETGEAR default 215 overview 381 PKCS12 format 215 self-signed 214, 381, 384 signature key length 386 third party website 212 trusted 216, 382-383 untrusted 217 certification authority (CA) 214, 270 channel spacing, radio 533 channels and frequencies defaults 603 selecting 533 wireless spacing, radio...content filtering executable, audio, video, and compressed files 204, 226 log messages 592 logs 426, 460, 463 scheduling 58 settings, using the Setup Wizard 57 web categories 58 control side band, radio 533 cookies 200, 204 counter, WAN traffic 420 country, radio 532 CPU usage 441 ...
... exchange 210 NETGEAR default 215 overview 381 PKCS12 format 215 self-signed 214, 381, 384 signature key length 386 third party website 212 trusted 216, 382-383 untrusted 217 certification authority (CA) 214, 270 channel spacing, radio 533 channels and frequencies defaults 603 selecting 533 wireless spacing, radio...content filtering executable, audio, video, and compressed files 204, 226 log messages 592 logs 426, 460, 463 scheduling 58 settings, using the Setup Wizard 57 web categories 58 control side band, radio 533 cookies 200, 204 counter, WAN traffic 420 country, radio 532 CPU usage 441 ...
UTM9S User Manual
Page 620
... Unified Threat Management (UTM) Appliance inbound traffic, bandwidth 162 increasing traffic overview 393-396 port forwarding 127 infected clients, identifying 466 infrastructure mode, wireless access point 534 initial configuration, Setup Wizard 42 initial connection 37 Installation Guide 37 installation, verifying 61 instant messaging applications blocked applications, recent 5 and top 5 437 blocking applications...
... Unified Threat Management (UTM) Appliance inbound traffic, bandwidth 162 increasing traffic overview 393-396 port forwarding 127 infected clients, identifying 466 infrastructure mode, wireless access point 534 initial configuration, Setup Wizard 42 initial connection 37 Installation Guide 37 installation, verifying 61 instant messaging applications blocked applications, recent 5 and top 5 437 blocking applications...
UTM9S User Manual
Page 621
...504 load balancing mode multiple WAN port models bandwidth capacity 390 configuring 81-82 DDNS 87 description 76 VPN IPSec 238 UTM9S with DSL configuring 517-519 DDNS 524 description 512 local area network. local user database 311, 354, 355 location,... 108-109 network database 106-107 port status, viewing 447 secondary IP addresses 104 security checks 147 settings, using the Setup Wizard 43 testing the LAN path 496 LAN LEDs 28-29, 493 LAN ports 14, 22-25 Layer 2 Tunneling ...414 management 466 long preamble, radio 551 looking up DNS address 484, 486 losing wireless connection 546 621 See LAN.
...504 load balancing mode multiple WAN port models bandwidth capacity 390 configuring 81-82 DDNS 87 description 76 VPN IPSec 238 UTM9S with DSL configuring 517-519 DDNS 524 description 512 local area network. local user database 311, 354, 355 location,... 108-109 network database 106-107 port status, viewing 447 secondary IP addresses 104 security checks 147 settings, using the Setup Wizard 43 testing the LAN path 496 LAN LEDs 28-29, 493 LAN ports 14, 22-25 Layer 2 Tunneling ...414 management 466 long preamble, radio 551 looking up DNS address 484, 486 losing wireless connection 546 621 See LAN.
UTM9S User Manual
Page 626
...-412 Simple Mail Transfer Protocol. ProSecure Unified Threat Management (UTM) Appliance services settings, using the Setup Wizard 51 security alerts, trusted or untrusted hosts 213 security association. single sign-on (SSO) ..., 181 FTP file or object 220 web file or object 56, 199 slots front panel (UTM9S) 26 status, viewing 448-449 SMTP (Simple Mail Transfer Protocol) action, infected email 54 ...53, 197 626 security lock 30-32 Security Parameters Index (SPI) 274 security profiles, wireless creating and configuring 538-542 description 534-538 self protection and CTS packets, radio 550 ...
...-412 Simple Mail Transfer Protocol. ProSecure Unified Threat Management (UTM) Appliance services settings, using the Setup Wizard 51 security alerts, trusted or untrusted hosts 213 security association. single sign-on (SSO) ..., 181 FTP file or object 220 web file or object 56, 199 slots front panel (UTM9S) 26 status, viewing 448-449 SMTP (Simple Mail Transfer Protocol) action, infected email 54 ...53, 197 626 security lock 30-32 Security Parameters Index (SPI) 274 security profiles, wireless creating and configuring 538-542 description 534-538 self protection and CTS packets, radio 550 ...
UTM9S User Manual
Page 627
...tabs (web management interface) 41 support online 499 technical 2 suspicious files, sending to NETGEAR 500 SYN flood 147 synchronization interval, DC agent 373 syslog server 426 system date and time settings, using the Setup Wizard 49, 412 details, viewing 447 log messages 583 logs 425, 460-462 reports... and storage 601 Temporal Key Integrity Protocol (TKIP) 535, 541 Test LED 27-29, 492 testing connectivity and HTTP scanning 62 wireless connectivity 554 time settings 50, 413 troubleshooting settings 499 time-out error, troubleshooting 494 L2TP users 304 PPTP users 301 sessions 151 timer...
...tabs (web management interface) 41 support online 499 technical 2 suspicious files, sending to NETGEAR 500 SYN flood 147 synchronization interval, DC agent 373 syslog server 426 system date and time settings, using the Setup Wizard 49, 412 details, viewing 447 log messages 583 logs 425, 460-462 reports... and storage 601 Temporal Key Integrity Protocol (TKIP) 535, 541 Test LED 27-29, 492 testing connectivity and HTTP scanning 62 wireless connectivity 554 time settings 50, 413 troubleshooting settings 499 time-out error, troubleshooting 494 L2TP users 304 PPTP users 301 sessions 151 timer...
UTM9S User Manual
Page 630
... (WDS), configuring 548 wireless equipment, placement and range 530 wireless LEDs 29 wireless modes 532, 603 wireless module configuring 529 description 26 status, viewing 449 wireless network name (SSID) broadcasting 540 broadcasting and security 535 wireless radio basic settings, configuring 531 advanced settings, configuring 549 statistics 444 wireless security 534-542 wireless specifications (UTM9S) 603 Wizards Setup Wizard 42 IPSec...
... (WDS), configuring 548 wireless equipment, placement and range 530 wireless LEDs 29 wireless modes 532, 603 wireless module configuring 529 description 26 status, viewing 449 wireless network name (SSID) broadcasting 540 broadcasting and security 535 wireless radio basic settings, configuring 531 advanced settings, configuring 549 statistics 444 wireless security 534-542 wireless specifications (UTM9S) 603 Wizards Setup Wizard 42 IPSec...