NETGEAR DGFV338 manuel d'utilisation

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212

Aller à la page of

Un bon manuel d’utilisation

Les règles imposent au revendeur l'obligation de fournir à l'acheteur, avec des marchandises, le manuel d’utilisation NETGEAR DGFV338. Le manque du manuel d’utilisation ou les informations incorrectes fournies au consommateur sont à la base d'une plainte pour non-conformité du dispositif avec le contrat. Conformément à la loi, l’inclusion du manuel d’utilisation sous une forme autre que le papier est autorisée, ce qui est souvent utilisé récemment, en incluant la forme graphique ou électronique du manuel NETGEAR DGFV338 ou les vidéos d'instruction pour les utilisateurs. La condition est son caractère lisible et compréhensible.

Qu'est ce que le manuel d’utilisation?

Le mot vient du latin "Instructio", à savoir organiser. Ainsi, le manuel d’utilisation NETGEAR DGFV338 décrit les étapes de la procédure. Le but du manuel d’utilisation est d’instruire, de faciliter le démarrage, l'utilisation de l'équipement ou l'exécution des actions spécifiques. Le manuel d’utilisation est une collection d'informations sur l'objet/service, une indice.

Malheureusement, peu d'utilisateurs prennent le temps de lire le manuel d’utilisation, et un bon manuel permet non seulement d’apprendre à connaître un certain nombre de fonctionnalités supplémentaires du dispositif acheté, mais aussi éviter la majorité des défaillances.

Donc, ce qui devrait contenir le manuel parfait?

Tout d'abord, le manuel d’utilisation NETGEAR DGFV338 devrait contenir:
- informations sur les caractéristiques techniques du dispositif NETGEAR DGFV338
- nom du fabricant et année de fabrication NETGEAR DGFV338
- instructions d'utilisation, de réglage et d’entretien de l'équipement NETGEAR DGFV338
- signes de sécurité et attestations confirmant la conformité avec les normes pertinentes

Pourquoi nous ne lisons pas les manuels d’utilisation?

Habituellement, cela est dû au manque de temps et de certitude quant à la fonctionnalité spécifique de l'équipement acheté. Malheureusement, la connexion et le démarrage NETGEAR DGFV338 ne suffisent pas. Le manuel d’utilisation contient un certain nombre de lignes directrices concernant les fonctionnalités spécifiques, la sécurité, les méthodes d'entretien (même les moyens qui doivent être utilisés), les défauts possibles NETGEAR DGFV338 et les moyens de résoudre des problèmes communs lors de l'utilisation. Enfin, le manuel contient les coordonnées du service NETGEAR en l'absence de l'efficacité des solutions proposées. Actuellement, les manuels d’utilisation sous la forme d'animations intéressantes et de vidéos pédagogiques qui sont meilleurs que la brochure, sont très populaires. Ce type de manuel permet à l'utilisateur de voir toute la vidéo d'instruction sans sauter les spécifications et les descriptions techniques compliquées NETGEAR DGFV338, comme c’est le cas pour la version papier.

Pourquoi lire le manuel d’utilisation?

Tout d'abord, il contient la réponse sur la structure, les possibilités du dispositif NETGEAR DGFV338, l'utilisation de divers accessoires et une gamme d'informations pour profiter pleinement de toutes les fonctionnalités et commodités.

Après un achat réussi de l’équipement/dispositif, prenez un moment pour vous familiariser avec toutes les parties du manuel d'utilisation NETGEAR DGFV338. À l'heure actuelle, ils sont soigneusement préparés et traduits pour qu'ils soient non seulement compréhensibles pour les utilisateurs, mais pour qu’ils remplissent leur fonction de base de l'information et d’aide.

Table des matières du manuel d’utilisation

  • Page 1

    April 2007 202-10161-01 v1.0 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual[...]

  • Page 2

    v1.0, April 2007 ii DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al T echnical Support Please register to obtain technical support. Please retain your proof of purchase and warranty information. T o register your product, get product support or obtai n product information and product documentation, go to http://www .NETGE[...]

  • Page 3

    v1.0, April 2007 iii DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • A way from potential sources of interfere nce, such as PCs, large metal surfaces, microwaves, and 2.4 GHz cordless phones. • In an elevated location such as a high shelf that is near t he center of the wire less c overage area fo r all mobile devices[...]

  • Page 4

    v1.0, April 2007 iv DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Europe – EU Declaration of Conformity Marking by the above symbol indicates compliance with th e Essential Requirements of the R&TTE Directive of the European Union (1999/5/EC). This equipment meets the following conformance standards: EN300 328, EN[...]

  • Page 5

    v1.0, April 2007 v DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Countries of Operation & Conditions of Use in the European Community This device is intended to be operated in all countries of the European Comm unity . Requirements for indoor vs. outdoor operation, license requirements and allowed channels of operatio[...]

  • Page 6

    v1.0, April 2007 vi DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß da s ProSafe Wireless ADSL Modem VPN Fi rewall Router ge mäß der im BMP T - AmtsblVfg 243/1991 und Vfg 46/19 92 aufgeführten Bestimmunge n entstört ist. Das vorsc hriftsmäßige [...]

  • Page 7

    v1.0, April 2007 vii DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Additional Copyright s AES Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester , UK. All rights reserved. TERMS Redistribution and use in source and bin ary forms, with or without m odification, are permitted subject to the following[...]

  • Page 8

    v1.0, April 2007 viii DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Open SSL Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the follo wing conditions * are met: 1. Redistributions of source cod[...]

  • Page 9

    v1.0, April 2007 ix DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual MD5 Copyright (C) 1990, RSA Data Se curity , Inc. All rights reserved. License to copy and u se this software is granted provide d that it is identified as the "RSA D ata Security , I nc. MD5 Message-Digest Algorith m" in all material mentioning o[...]

  • Page 10

    v1.0, April 2007 x DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Product and Publication Det ails Model Number: DGFV338 Publication Date: April 2007 Product Family: Wireless Fire wall Product Name: ProSafe Wireless ADSL Modem VPN Firewall Router Home or Business Prod uc t: Business Language: Engl ish Publication Part Nu[...]

  • Page 11

    xi v1.0, March 2007 Content s About This Manual Conventions, Format and Scope .............. .................... ................... ....................... ........ xvii How to Use This Manual ................. ................... ................... .................... ................... . xviii How to Print this Manual ..... .................[...]

  • Page 12

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al xii v1.0, March 2007 Selecting Advanced Options fo r your Ethernet or ADSL Connec tion . ................... 2-10 Configuring the WAN Mode ......... .................... ................ ................... ................ .......... 2-14 Configuring Dynamic DNS (If N eeded[...]

  • Page 13

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual xiii v1.0, March 2007 Setting up Port Tr iggering .. ... ................. ................... ................ ................... .......... 4-28 Setting a Schedule to Block or Allow S pecific Traf fic ...... .................... ................... 4-31 Event Logs and Alert[...]

  • Page 14

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al xiv v1.0, March 2007 Wireless Firewall Features That Reduce Traf fic ............. ................. ................... ..... 6-1 Wireless Firewall Features That Increase Tr affic ......................... .................... ........ 6-4 Using QoS to Shift the Traf fic Mi[...]

  • Page 15

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual xv v1.0, March 2007 Chapter 8 T roubleshooting Basic Functions ........... ................ .................... ................... .................... ................ ........ 8 -1 Power LED Not On .................... ................... ................ .................[...]

  • Page 16

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al xvi v1.0, March 2007[...]

  • Page 17

    xvii v1.0, April 20 07 About This Manual The DGFV338 Pr oSafe™ W ir e less ADSL Modem VPN Fir ewall Router Reference M anual describes how to install, configure and trou bleshoot the ProSafe W irele ss ADSL Modem VPN Firewall Router. The information is this manual is intended for readers with intermediate computer and Internet skills. Conventions[...]

  • Page 18

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al xviii v1.0, April 2007 • Scope. This manual is written for the Wirel ess ADSL Router according to these specifications: For more information about networ k, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix B, “Related Doc uments?[...]

  • Page 19

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual xix v1.0, April 20 07 – Click the PDF of This Chapter link at the top right of any pa ge in the chapter you want to print. The PDF version of the chap ter you were viewing opens in a browser window . – Click the print icon in the upper left of the window . • Printing the[...]

  • Page 20

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al xx v1.0, April 2007[...]

  • Page 21

    Introduction 1-1 v1.0, April 20 07 Chapter 1 Introduction This chapter describes the features of the ProSafe™ W ireless ADSL Modem VPN Firewall Router. It also includes the mini mum prerequisites for installation ( “System Requirements” on page 1-5 .), what’ s in the box ( “Package Contents” on page 1-6 ) and a description of the front [...]

  • Page 22

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 1-2 Introduction v1.0, April 2007 • Extensive Protocol Support. • SNMP for manageability . • Front panel LEDs for easy monito ring of status and activ ity . • Flash memory for firmware upgrade. • Auto Sensing and Auto Uplink™ Full Routing on Both th e ADSL and 10[...]

  • Page 23

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Introduction 1-3 v1.0, April 20 07 Security The NETGEAR ProSafe DGFV338 is equipped w ith several features de signed to maintain security , as described in this section. • PCs Hidden by NA T . NA T opens a temporary path to th e Internet for requests originating from the loc[...]

  • Page 24

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 1-4 Introduction v1.0, April 2007 The firewall incorporates Auto Uplink technology . Each Ethernet po rt will automatically sense whether the Ethernet cable plug ged into the port should have a “normal” connection such as to a PC or an “uplink” connec tion such as to[...]

  • Page 25

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Introduction 1-5 v1.0, April 20 07 • Smart W izard. The NET GEAR ProSafe DGFV338 automatic ally senses the type of Internet connection, asking you o nly fo r the information required fo r your type of ISP account. • VPN Wizard . The NETGEAR ProSafe DGFV338 incl udes the NE[...]

  • Page 26

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 1-6 Introduction v1.0, April 2007 • A W eb browser for configuration such as Mozilla Firefox, Microsoft Internet Explorer 5.0 or above, or Netscape Navigator 7.2 or above. • Network card for each connected PC. • Network Software (for example, W indows). Package Content[...]

  • Page 27

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Introduction 1-7 v1.0, April 20 07 The table below describes each item on the front panel and its operation. Figure 1-1 T able 0-1. Object Descriptions Nos. LEDs Activity Description 1 Power - 1 On (Green) Off Power is supplied to the gateway Power is not supplied to the gatew[...]

  • Page 28

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 1-8 Introduction v1.0, April 2007 Router Rear Panel The rear panel of the ProSafe W ireless ADSL Modem VPN Fire wall Router ( Figure 1-2 ) contains the AC power connection; LAN, Ethern et and DSL port; and the reset button. V iewed from left to right, the rear panel contains[...]

  • Page 29

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Introduction 1-9 v1.0, April 20 07 Router Login Factory Default s Check the label on the bottom of the DGFV338’ s enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the W eb-based GUI from the LAN •U s e r n a m e[...]

  • Page 30

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 1-10 Introduction v1.0, April 2007 . For a complete list of the factory default se ttings of your NETGE AR ProSafe DGFV338, see Appendix A, “Default Settings an d T echnical Specifications ” Placement of your NETGEAR ProSafe DGFV338 The operating distance or range of yo [...]

  • Page 31

    Basic Installation and Configuration 2-1 v1.0, April 20 07 Chapter 2 Basic Inst allation and Configuration This section provides instructio ns for connecting the DGFV338. T ypically , it ta ke s approximately seven steps to complete connecting all facets of your gateway: 1. Connect the gateway physi cally to yo ur network. If connecting through a m[...]

  • Page 32

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-2 Basic Installation and Configuration v1.0, April 2007 7. Set up your VPN connections using Auto Detect . If you do not know your ISP connection, Auto Detect will attempt to auto matically detect your connection type by probing for dif ferent connection methods. If y ou k[...]

  • Page 33

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-3 v1.0, April 20 07 . Logging in and Configuring your Internet Connection T o log in to the wireless firewall: 1. Connect to the gateway by typing http://192.168.1.1 in the address field of Internet Explorer , Netscape Navigator , or Moz[...]

  • Page 34

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-4 Basic Installation and Configuration v1.0, April 2007 3. Click Login . The ProSafe W ireless ADSL Modem VP N Firewall Router user interface will display . Configuring Y our Internet Co nnection using Auto Detect Depending on how you co nnected your gateway to the Interne[...]

  • Page 35

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-5 v1.0, April 20 07 When Auto Detect succes sfully detects an active Internet service, it repo rts which connection type it discovered. The options are described in the T able 2-1., “Internet Service Connections” . Figure 2-4[...]

  • Page 36

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-6 Basic Installation and Configuration v1.0, April 2007 Manually Configuring your ADSL Connection Unless your ISP assigns your configuration automatically via DHCP , you will need the configuration parameters from your ISP . For exam pl e, if your router detected a PPPoE o[...]

  • Page 37

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-7 v1.0, April 20 07 ISP . If your ISP requires a S tatic IP address, then you must provide the fixed addresses for Static IP . The types of data you will need are highlighted in Ta b l e 2 - 1 by connection metho d, and explained in more[...]

  • Page 38

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-8 Basic Installation and Configuration v1.0, April 2007 • IP Address : S tatic IP address assigned to you. This will identify the router to your ISP . • IP Subnet Mask : This is usually provided by the ISP or your network ad ministrator . • Gateway IP Address : IP ad[...]

  • Page 39

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-9 v1.0, April 20 07 – Login. This is often the name that you use in your e-mail address (for example, if your main mail ac count is jdoe @aol.com, en ter jdoe). – Password . Enter the password you use to log in to your ISP . • Ente[...]

  • Page 40

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-10 Basic Installation and Configuration v1.0, April 2007 – BigPond Cable : If your ISP is T elstra BigPond Cable, select this option and fill in the Log In Server and Idle T imeout fiel ds. The Log In Server is the IP address of the BigPond Log In Server local t o your a[...]

  • Page 41

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-11 v1.0, April 20 07 • MTU Size. The normal MTU value for most networ ks is 1500 Bytes, or 1492 for PPPoE connections. For some ISPs, you may need to re duce the MTU size. However , this is rarely required and should not be attempted u[...]

  • Page 42

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-12 Basic Installation and Configuration v1.0, April 2007 b. VPI (V irtual Path Identifier) value: This is provided by yo ur ISP to identify the A TM network (in conjuncti on with the VCI value). c. VCI (V irtual Channel Identifier) value: This is provided by you r ISP (in [...]

  • Page 43

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-13 v1.0, April 20 07 The format for the MAC address is XX:XX:X X :XX:XX:XX where X is a number from 0 to 9 (inclusive) or an alphabetical letter between A and F (inclusive). 4. Click Apply to save the settings. Click Reset to revert to t[...]

  • Page 44

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-14 Basic Installation and Configuration v1.0, April 2007 5. Click Apply to save your settings. Configuring the W AN Mode The W AN ports of the ProSafe W ireless ADSL Mode m VPN Firewall Ro uter can be configured for NA T or Classical Routing. Y ou must selec t one of them?[...]

  • Page 45

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-15 v1.0, April 20 07 • Use Dedicated W AN port. – Dedicated ADSL . If you have config ured only the ADSL ISP , then select this interface. In this mode the ADSL interface will always be active and all tr af fic will be sent over this[...]

  • Page 46

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-16 Basic Installation and Configuration v1.0, April 2007 3. Select your W AN port configu ration: • Select the Auto-Rollover radio button and de signate the rollover po rt from the pull-down menu. Auto-Rollover is available o nly if you have connected and confi gured bot[...]

  • Page 47

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-17 v1.0, April 20 07 The default time to roll over after the primary W AN interface fails is 2 minutes (e.g., a 30- second minimum test period, times a minimum of fo ur tests). Configuring Dynamic DNS (If Needed) If your network has a pe[...]

  • Page 48

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-18 Basic Installation and Configuration v1.0, April 2007 T o configure Dynamic DNS: 1. Select Network Configuration from the main menu and Dynamic DNS from the submenu. The Dynamic DNS Configuration screen will display with the default None selected. Each DNS service provi[...]

  • Page 49

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-19 v1.0, April 20 07 2. Access the W eb site of the Dynamic DNS service pr ovider you have chosen and register for an account (for example, fo r dy ndns.org, go to http://www .dyndns.or g ). 3. Complete en tering the Dy na mic DNS screen[...]

  • Page 50

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-20 Basic Installation and Configuration v1.0, April 2007 Programming the T raffic Meter The traffic meter is useful when an ISP charges by t raf fic volume over a given perio d o f time or if you want to look at traffic types over a pe riod of time. The fields are describe[...]

  • Page 51

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Basic Installation and Configura tion 2-21 v1.0, April 20 07 T able 2-2. T raffic Meter Parameters Parameter Description Enable T raffic Meter Check this if you wish to record the volume of In ternet traf fic passing through the Router's WAN1 or W AN2 port.WAN1 or W AN2 c[...]

  • Page 52

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 2-22 Basic Installation and Configuration v1.0, April 2007 T o Program the T raffic Meter (if desired): 1. Select Monitoring from the ma in menu and T raffic Meter from the submenu. The default ADSL screen shown in Figure 2-12 will display . 2. Fill in the fields from the de[...]

  • Page 53

    Wireless Configuration 3-1 v1.0, April 20 07 Chapter 3 Wireless Configuration This chapter describes how to configure the wireless features of your ProSafe DGFV338. In planning your wire less network, you should c onsider the level of security re qu ired. Y ou should also select the physical placem ent of your DGFV338 in order to maximize the netwo[...]

  • Page 54

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-2 Wireless Configuration v1.0, April 2007 Unlike wired network data, your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapte r . For this reason, use the security features of your wireless equipment. The wireless[...]

  • Page 55

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3-3 v1.0, April 20 07 Underst anding Wireless Settings Before configuring your wireless settings, you may want to review the W i reless Settings choices to determine what type of security is required for your wireless LAN network and to gather any securi[...]

  • Page 56

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-4 Wireless Configuration v1.0, April 2007 Wireless LANs Configuring the W ireless settin gs for your LAN consists of the following categories: • Wir eless Ne twork. Wireless Network Name (SSID). The SSID is also known as the wireless network name. Enter a value of up to [...]

  • Page 57

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3-5 v1.0, April 20 07 • Wir eless Sec u rity T ype. A number of security options are available to use on your W ireless Network: – None. No data encryption is used. – WEP . Enables WEP (W ired Equivalent Privacy) da ta encry ption (64-, or 128-, or[...]

  • Page 58

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-6 Wireless Configuration v1.0, April 2007 Access Control List The Access Control List enables the restriction of wireless PCs by their MAC address es. Click the Setup Access List link at the top of the W ireless Settings screen to configure your trusted wireless stations. [...]

  • Page 59

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3-7 v1.0, April 20 07 Wireless Advanced Options Advanced Wireless Router Settings The Wir eless Advanced Options settings are intended for administ rator use—and should be used with caution and only as dire cted by NETGEAR. The Advanced Settings menu c[...]

  • Page 60

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-8 Wireless Configuration v1.0, April 2007 – If you Enable eXtended Range (XR) Featur e, significantly long er ran ge connections than basic 802.1 1 are maintained through dense barriers (walls, floors, etc.). Faint connections will maintain co nnectivity due to improved [...]

  • Page 61

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3-9 v1.0, April 20 07 Port: ________ ___________ ___________ _____ Shared Key: ____ ___________ ___________ _________ Configuring Y our Wireless Settings First configure your wireless network connecti on, the n configure your W ireless Access Point setti[...]

  • Page 62

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-10 Wireless Configur ation v1.0, April 2007 1. Select the W ireless Security T y pe option you wish to use for your W ire less Network. The options are described in “W ireless LANs” on pa ge 3-4 . • None : No data encryption is used. • WEP . This enables WEP and re[...]

  • Page 63

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3 -11 v1.0, April 20 07 • Select which encryption strength you want to u se from the Encryption dro p-down menu (64 bits, 128 bits, or 1 52 bits). • Enter a WEP Passphrase (a word or group of printable characters) in the Passphrase box and click Gene[...]

  • Page 64

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-12 Wireless Configur ation v1.0, April 2007 Configuring WP A-PSK Not all wireless adapters support WP A. Furthermore, client softwa re is required on the client. W indows XP and W indows 2000 with Service Pack 3 or above include the client software that supports WP A. Neve[...]

  • Page 65

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3 -13 v1.0, April 20 07 Configuring WP A2-PSK Not all wireless adapters support WP A2. Furthermo re, client softwa re is required on the cl ient. Make sure your client card supports WP A2. Consult the prod uct document for your wireless adapter and WP A2[...]

  • Page 66

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-14 Wireless Configur ation v1.0, April 2007 Configuring WP A-PSK and WP A2-PSK Not all wireless adapters suppor t WP A and WP A2. Client software is required on the client: • W indows XP and Windows 2000 with Service Pack 3 or above do include the client software that su[...]

  • Page 67

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3 -15 v1.0, April 20 07 4. Click Apply to save your settings. Configuring WP A with RADIUS Not all wireless adapters support WP A. Furthermore, client softwa re is required on the client. W indows XP and W indows 2000 with Service Pack 3 or above do incl[...]

  • Page 68

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-16 Wireless Configur ation v1.0, April 2007 4. Click Apply to save your settings. Configuring WP A2 with RADIUS Not all wireless adapters support WP A2. Furthermo re, client softwa re is required on the cl ient. Make sure your client card supports WP A2. Consult the prod u[...]

  • Page 69

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3 -17 v1.0, April 20 07 Configuring WP A and WP A2 with RADIUS Not all wireless adapters suppor t WP A and WP A2. Client software is required on the client: • W ind ows XP and W indows 2000 with Service Pack 3, or above, do in clude the clien t softwar[...]

  • Page 70

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-18 Wireless Configur ation v1.0, April 2007 b. Enter the RADIUS port number for connectin g to the RADI US Server . c. Enter the Shared Key . The value must matc h the value used on the RADIUS Server . 4. Click Apply to save your settings. Restricting Wireless Ac cess by M[...]

  • Page 71

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Wireless Configuration 3 -19 v1.0, April 20 07 T o restrict acce ss ba sed on MAC addresses: 1. Log in to the DGFV338 using the default address of http://192.168.1.1, user name admin and default password password , or whatever LAN address an d passw ord you have set up. 2. Sel[...]

  • Page 72

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 3-20 Wireless Configur ation v1.0, April 2007 6. Select the A vailable Wir eless S tations tab to populate the A vai l able Wireless S tation s list with the MAC addresses of wireless stations foun d within range of this wireless gateway . 7. Click the Add to T rusted List i[...]

  • Page 73

    Security and Firewall Protection 4-1 v1.0, April 20 07 Chapter 4 Security and Firewall Protection This chapter describes how to u se the Security features of th e ProSafe W ireless ADSL Modem VPN Firewall Router to protect your netwo rk. These features can be found by selec ting Security from the main menu of the browser interface. Firewall Protect[...]

  • Page 74

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-2 Security and Firewall Protection v1.0, April 2007 About Service Based Rules The rules to block traffic are based on the traffic’ s category of service. • Inbound rules (allow port forwarding). Inbound traffi c is normally blocked by the firewall unless the traffic is[...]

  • Page 75

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-3 v1.0, April 20 07 Y ou may define additional rules that will specify ex ceptions to the default ru les. By adding custom rules, you can block or allow access based on the ser vice or application, source or destination IP addresses, and time[...]

  • Page 76

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-4 Security and Firewall Protection v1.0, April 2007 • Filter : Defines an action to be taken on the enabled rule. It can be: – Block Always: Block selected service at all times. – Enable Always : Allow selected service to p ass through at all times. – Block by sche[...]

  • Page 77

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-5 v1.0, April 20 07 – Maximize-Reliability : Used when data needs to travel to the destination over a reliable link and with little or no retransmission. The IP packets for services with this priority are marked with a T oS value of 2. – [...]

  • Page 78

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-6 Security and Firewall Protection v1.0, April 2007 T o add a new Outbound Service: 1. Click the Add icon under the Ou tbo und Services table. The Add LAN-W AN Outbound Service screen will display . 2. Fill out the Outbound Service fields for this policy (based on the fiel[...]

  • Page 79

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-7 v1.0, April 20 07 Outbound Rule Example: Blocking Inst ant Messenger Outbound rules let you prev ent users from using applications such as In stant Messenger . If you want to block Instant Messenger usage by employ ees during working hours,[...]

  • Page 80

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-8 Security and Firewall Protection v1.0, April 2007 However , by defining an inbound rule you can make a local server (for example, a W eb server or game server) vis ible and av ailable to the Intern et . The rule tells the fire wall to direct inbound traffic for a particu[...]

  • Page 81

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-9 v1.0, April 20 07 – Address Range : A range of IP addresses on the LA N will be affected by the rule. – Group : Computers that are part of the Group defined in t he Network Database will be affected b y the rule (groups are defined unde[...]

  • Page 82

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-10 Security and F irewall Protection v1.0, April 2007 For example, if an inbound rule for a schedule is selected as Block Always, then for every packet that tries to make a n outbound connecti on for that service, a message w ith the packet’ s source and destination addr[...]

  • Page 83

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-11 v1.0, April 20 07 2. Complete the Inbound Service screen and click Apply . The new rule will be listed in the Inbound Services table. T o make changes to an existing in bound service rule: 1. Select the radio button next to an row in the t[...]

  • Page 84

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-12 Security and F irewall Protection v1.0, April 2007 Inbound Rule Example: A Local Public W eb Server If you host a public W eb server on your local network, you can define a rule to allow inbound W eb (HTTP) requests from any outside IP address to the IP address of your [...]

  • Page 85

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-13 v1.0, April 20 07 Inbound Rule Example: One-to-One NA T Mapping This application note describes how to configure multi-NA T to support multiple public IP addresses on one W AN interface of a NETGEAR ProSafe W i reles s ADSL Modem VPN Firew[...]

  • Page 86

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-14 Security and F irewall Protection v1.0, April 2007 3. From the Device pull-down men u, (see Figure 4-9 ), select the HTTP service for a W eb server . 4. From the Action pull-down menu, select ALLOW always. 5. For Send to LAN Server , enter the local IP address of your W[...]

  • Page 87

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-15 v1.0, April 20 07 Y our rule will now appear in the Inboun d Services table of the Rules menu (see Figure 4-10 ). This rule is diff erent from a normal inbound port forwardi ng rule in that the Des tination box contains an IP Address other[...]

  • Page 88

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-16 Security and F irewall Protection v1.0, April 2007 Considerations for Inbound Rules The DHCP setup and how the PCs access the serve r ’ s LAN address impact the Inbound Rules. • If your external IP address is assigned dynamically by your ISP , the IP address may cha[...]

  • Page 89

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-17 v1.0, April 20 07 Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu, as shown in Figure 4-12 : For any traffic attempting to pass through the fire wall, the packet informa tion is subject[...]

  • Page 90

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-18 Security and F irewall Protection v1.0, April 2007 Although the DGFV338 already holds a list of many service port numbers, you are not limited to these choices. Use the Services menu to add additional services and applications to the list for use in defining firewall ru[...]

  • Page 91

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-19 v1.0, April 20 07 Quality of Service (QoS) Priorities This setting determines the priority of a service, which in turn, determin es the quality of that service for the traffic passing through the firewall. The user can change this priority[...]

  • Page 92

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-20 Security and F irewall Protection v1.0, April 2007 • Minimize-Delay : Used when the time requir ed for the packet to reac h the destination must be fast (low link latency). The IP packets for this service priority are mark ed with a T OS value of 8. Att ack Checks Thi[...]

  • Page 93

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-21 v1.0, April 20 07 T o enable Attack Checks: 1. Select Security from the main menu and Fir e wall Ru les from the submenu. Then click the Attack Checks tab. 2. Check the radio box for the types of sec urity measures you want to enab le. (Se[...]

  • Page 94

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-22 Security and F irewall Protection v1.0, April 2007 • No need to reserve an IP ad dress for a PC in the DHCP Server . All IP address assignments made by the DHCP Server will be maintained until the PC or devi ce is removed from the database, either by expiry (in active[...]

  • Page 95

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-23 v1.0, April 20 07 Figure 4-16[...]

  • Page 96

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-24 Security and F irewall Protection v1.0, April 2007 Blocking Internet Sites If you want to redu ce incoming traffic b y preventi ng access to certain sites on the Internet, you can use the wireless firewall W eb Compon ents filtering and Key W ord Blocking. By default, b[...]

  • Page 97

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-25 v1.0, April 20 07 connections to a specific IP address are bl ocked by a firewall rule, the requests can be routed throug h a proxy that is not blocked b y the rule, rendering the re striction inef fective. Enabling this feature bloc ks pr[...]

  • Page 98

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-26 Security and F irewall Protection v1.0, April 2007 The following screen ( Figure 4-17 ) illustrates the use of Keyword Blocking and adding T rusted Domains. Figure 4-17[...]

  • Page 99

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-27 v1.0, April 20 07 T o block keywo rds or Internet domains: 1. Check the Y es radio box in the T urn keyword blocking on? section and click Apply . (The default is No. ) 2. Select the We b C o m p o n e n t s you want to enable and click Ap[...]

  • Page 100

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-28 Security and F irewall Protection v1.0, April 2007 A valid MAC address is 12 fiel ds; 0 to 9 and a to f. For example: 00:e0:4c:69:0a :1 1. 4. Click Apply . The outbound traf fic from the spec ified MAC addresses will be dropped T o delete a MAC Address or all MAC addres[...]

  • Page 101

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-29 v1.0, April 20 07 was made. When the application ceases to transmit data over the port, the router waits for a timeout interval and then closes the port or rang e of ports, making them available to other computers on the private network. O[...]

  • Page 102

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-30 Security and F irewall Protection v1.0, April 2007 3. Figure 4-19 T able 4.2 Port triggering Item Description Port T r iggering Rules • Enable - Indicates if the rule is enabled or disabled. Generally , there is no need to disabl e a rule unless it interf eres with so[...]

  • Page 103

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-31 v1.0, April 20 07 Setting a Schedule to Block or Allow Specific T r affic If you enabled Content Filtering in the Security/Blo ck Si tes menu, or if you de fined an outbound rule to use a schedule, you can set up a schedu le for when block[...]

  • Page 104

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-32 Security and F irewall Protection v1.0, April 2007 Event Logs and Alert s Y our router will log security-related events such as denied incoming service requests, hacker probes, and administrator logins, according to your settings on th is screen in the Routing Logs sect[...]

  • Page 105

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-33 v1.0, April 20 07 T o view the Log s and E-mail scree n: 1. Select Monitoring from the main menu and Firewall Logs and E-mail from the submenu. The Fir ewall Logs and E-mail screen will display . The Log Options section will display the Lo[...]

  • Page 106

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-34 Security and F irewall Protection v1.0, April 2007 3. From the System Logs section, check the radio boxes of th e System Log events you want to track and record: • Change of Time by NTP : Logs a message when the system time changes after a request from a Network T ime[...]

  • Page 107

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security and Firewall Protection 4-35 v1.0, April 20 07 6. SysLog Facility : Select the appropriate syslog facility (Local0 to Local7). 7. Click Apply to save your settings. Security and Administrator Management Consider the following operational items: 1. As an option, you ca[...]

  • Page 108

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 4-36 Security and F irewall Protection v1.0, April 2007[...]

  • Page 109

    Virtual Private Networking 5-1 v1.0, April 20 07 Chapter 5 V irtual Private Networking This chapter describes how to u se the virtual private networking (VPN) features of the ProSafe DGFV338. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer . Dual W AN Port Systems The ADSL port and th[...]

  • Page 110

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-2 Virtual Private Networking v1.0, April 2007 Setting up a VPN Connect ion using the VPN Wizard Setting up a VPN tunnel connection requires that al l settings and parameters on both sides of the VPN tunnel match or mirror each other pre cisely , which ca n be a daunting ta[...]

  • Page 111

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Networking 5-3 v1.0, April 20 07 7. Enter the Remote LAN IP Address and Subnet Mask of the remote gateway . The information entered here mu st match the Local LAN IP and Subnet Mask of the remote gateway; otherwise the secure tunnel will fail to connect.The IP [...]

  • Page 112

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-4 Virtual Private Networking v1.0, April 2007 Y ou can also view the status of your IKE Policies by click i ng the IKE Policies tab. The IKE Policies screen will di splay . Then view or edit the parameters of the “Offsite” policy by clicking Edit in the Action column a[...]

  • Page 113

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Networking 5-5 v1.0, April 20 07 VPN T unnel Policies When you use the VPN W izard to set up a VPN t unnel, both a VPN Policy and an IKE Policy are established and populated in both Policy T ables. The name you selected as the VPN T unnel connection name during[...]

  • Page 114

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-6 Virtual Private Networking v1.0, April 2007 Managing IKE Policies IKE Policies are activated when: 1. The VPN Policy Selector dete rmines that some traf fic matche s an existing VPN Policy . If the VPN policy is of type “Auto”, then the Auto Policy Parameters def ine[...]

  • Page 115

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Networking 5-7 v1.0, April 20 07 • Encr . Encryption Algorithm used for the IKE SA. The default setting using the VPN W izard is 3DES. (This setting must match the Remote VPN.) • Auth . Authentication Algorithm used for the IKE SA. The default setting using[...]

  • Page 116

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-8 Virtual Private Networking v1.0, April 2007 4. The remote VPN Endpoint must have a matc hing SA, or it will refuse the connection. VPN Policy T able Only one Client Policy may configured at a time (noted by an “*” next to the policy name). The Policy T able contains [...]

  • Page 117

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Networking 5-9 v1.0, April 20 07 • Tx (Packets). The number of packets transmitted over this SA. • St a t e . The current state of the SA. Phase 1 is “Authentic ation phase” and Phase 2 is “Key Exchange phase”. • Action . Allows you to terminate o[...]

  • Page 118

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-10 Virtual Private Ne tworking v1.0, April 2007 7. Enter the W AN IP address of the remote FVX538 and then enter the W AN IP address of the local DGFV338. (Both local and remote ends must define the address as either an IP address or a FQDN. A combination of IP ad dress an[...]

  • Page 119

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-11 v1.0, April 20 07 T o view the VP N Policy parameters: 1. Click Edit in the Action column adjacent to the “to_fvx” policy . The Edit VPN Policy scre en will display . (It should not be necessary to make any changes. 2. V iew the IKE Policy [...]

  • Page 120

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-12 Virtual Private Ne tworking v1.0, April 2007 . T o view the IKE Policy Con figu rati on parameters: 1. Select the IKE Policies tab. The IKE Policies table will display . Figure 5-6[...]

  • Page 121

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-13 v1.0, April 20 07 2. Select “to_FVX” and click Edit . It should not be necessa ry to make any changes) Figure 5-7 Note: When XAUTH i s enabled as an Edge Device , incoming VP N connections are authenticated against the DG FV338 User Databas[...]

  • Page 122

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-14 Virtual Private Ne tworking v1.0, April 2007 Configuring the FVX538 T o configure the FVX538 VPN W izard: 1. Select VPN from the main menu and VPN W i z ard from the submenu. The VPN W izard screen will display . 2. Check the Gateway radio box for the type of VPN tunnel[...]

  • Page 123

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-15 v1.0, April 20 07 T esting th e Connection T o test the VPN gateway tunnel: 1. From a PC on either LAN firewall, try to pi ng a PC on the LAN of the other firewall. Establishing the VPN connectio n may take several seconds. 2. For additional st[...]

  • Page 124

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-16 Virtual Private Ne tworking v1.0, April 2007 . 6. Enter he remote W AN’ s IP Address or Intern et Name and then enter the local W AN’ s IP Address or Internet Name. In this example, we are using their FQDNs. (Both the local and remote addresses must be of the sa me [...]

  • Page 125

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-17 v1.0, April 20 07 Configuring the VPN Client From a PC with the Netgear Prosafe VPN Client in stalled, you can configure a VPN client policy to connect to the DGFV338. T o configure your VPN client: 1. Right-click on the VPN client icon in your[...]

  • Page 126

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-18 Virtual Private Ne tworking v1.0, April 2007 . 7. In the left frame, click My Identity . 8. From the Select Certificate pull-down menu, select None . 9. From the ID T ype pull-down menu, select Domain Name. The value entered under Domain Name is “.dv fg_remote.co m”[...]

  • Page 127

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-19 v1.0, April 20 07 . 5. Before leaving the My Identity menu, click Pr e-Shared Key . 6. Click Enter Key and then en ter your p reshared key , and click OK . This key will be shared by all users of the DGFV338 pol ic y “home”. 7. In the left [...]

  • Page 128

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-20 Virtual Private Ne tworking v1.0, April 2007 8. For the Phase 1 Negotiation Mode , check the Aggressive Mode radio box. 9. PFS should be enabled, and Enable Replay Detection should be enabled. 10. In the left frame, expand Authentication (Phase 1) and select Pr op osal [...]

  • Page 129

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-21 v1.0, April 20 07 1 1. In the left frame, expand Key Exchange (Phase 2) and select Pr oposal 1 . The fields in this proposal should also mirror those in the following figure. No changes should be necessary . 12. In the upper left of th e win do[...]

  • Page 130

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-22 Virtual Private Ne tworking v1.0, April 2007 2. For additional status and troubleshooting info rma tion, right-click on the VPN client icon Logs and Connection Status sc reens in the DGFV338. Certificate Authorities Digital Self Certificates are used to authenticate t h[...]

  • Page 131

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-23 v1.0, April 20 07 The Active Self Certificates table shows the Cer tificates issued to you by the various CAs (Certification Authorities), and availa ble for use. For each Certificate, the following data is listed: • Name . The name you used [...]

  • Page 132

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-24 Virtual Private Ne tworking v1.0, April 2007 . • Domain Name – If you have a Domain name, you can enter it here. Otherwise , you should leave this field blank. • E-mail Addr ess – Enter your e-mail address in this field. 4. Click Generate . A new certificate req[...]

  • Page 133

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-25 v1.0, April 20 07 6. Copy the contents of the Data to supply to CA text box into a file, in cluding all of the data contained in “----BEGIN CER TIFICA TE REQUEST ---” and “---END CER TIFICA TE REQUEST ---”Click Done. Y ou will return to[...]

  • Page 134

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-26 Virtual Private Ne tworking v1.0, April 2007 • CA Identify – Th e offi cial name of the CA which issued this CRL. • Last Update – The date when this CRL was released. • Next Update – The date when the next CRL will be released. T o upload a Certificate Ident[...]

  • Page 135

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-27 v1.0, April 20 07 • IPSec Host. If you want authentication by the remo te gateway , ente r a User Name and Password to be associated with this IKE policy . If this option is chosen, the remote gateway must specify the user name and password u[...]

  • Page 136

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-28 Virtual Private Ne tworking v1.0, April 2007 – RADIUS–CHAP or RADIUS–P AP (depending on the authentication mode accepted by the RADIUS server) to add a RADIUS server . If RADIUS–P AP is selected, the router will first check in the User Database to see if the use[...]

  • Page 137

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-29 v1.0, April 20 07 User Dat abase Configuration The User Database screen is used to configure an d administer users when Extended Authentication is enabled as an Edge Device. Whet her or not you use an externa l RADIUS server , you may w ant som[...]

  • Page 138

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-30 Virtual Private Ne tworking v1.0, April 2007 T o edit the user name or password: 1. Click Edit opposite the user ’ s name. The Edit User screen will display . 2. Make the required changes to the User Name or Password and click Apply to save your settings or Reset to c[...]

  • Page 139

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-31 v1.0, April 20 07 . 3. Enter the Primary RADIUS Server IP address . 4. Enter a Secr et Phrase . T ransactions between the client and the RADIUS server are authenticated using a shared secret phrase, so the same Secret Phrase mu st be configured[...]

  • Page 140

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-32 Virtual Private Ne tworking v1.0, April 2007 9. Click Reset to cancel any chan ges and revert to the previous settings. 10. Click Apply to save the settings. Manually Assigning IP Addresses to Remote Users (ModeConfig) T o simply the process of connecting remote VPN cli[...]

  • Page 141

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-33 v1.0, April 20 07 Configuring the ProSafe DGFV338 T wo menus must be configured—the Mode Config menu and the IKE Policies menu. T o configure the Mode Config menu: 1. From the main menu, select VPN , and then select Mode Config from the subme[...]

  • Page 142

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-34 Virtual Private Ne tworking v1.0, April 2007 T o configure an IKE Policy: 1. From the main menu, select VPN . The IKE Policies screen will display showing the curr ent policies in the List of IKE Policies Ta b l e . 2. Click Add to configure a new IKE Policy . The Add I[...]

  • Page 143

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-35 v1.0, April 20 07 4. In the General section: a. Enter a description name in the Policy Name Field such as “salesperson”. This name will be used as part of the remote identif ier in the VPN client configuration. b. Set Direction/T ype to Res[...]

  • Page 144

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-36 Virtual Private Ne tworking v1.0, April 2007 10. Click Apply . The new policy will appear in the IKE Pol icies T able (a sample policy is shown below) Configuring the ProSafe VP N Client for ModeConfig From a client PC running NETGEAR ProSafe VP N Client software, confi[...]

  • Page 145

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-37 v1.0, April 20 07 b. From the ID T ype pull-down menu, select IP Subnet. c. Enter the IP Subnet and Mask of the ProS afe DGFV338 (this is the LAN network IP address of the gateway). d. Check the Connect using radio button and sel ect Secure Gat[...]

  • Page 146

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-38 Virtual Private Ne tworking v1.0, April 2007 d. Under V irtual Adapter pull-down menu, sel ect Preferred. The Internal Network IP Address should be 0.0 .0.0. e. Select your Internet Interface ad apter from the Name pull-down menu. 3. On the left-side of the menu, select[...]

  • Page 147

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Virtual Private Ne tworking 5-39 v1.0, April 20 07 5. Click on Key Exchange (Phase 2) on the left-sid e of the menu and select Proposal 1. Enter the values to match your configuration of the Pr oSafe DGFV338 ModeCon fig Record menu. (The SA Lifetime can be longer , su ch as 8 [...]

  • Page 148

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 5-40 Virtual Private Ne tworking v1.0, April 2007 T o test the connection: 1. Right-click on the VPN client icon in th e W indows toolbar and select Connect. The connection policy you configured will appear; in this case “M y Connectionsm odecfg_test”. 2. Click on the c[...]

  • Page 149

    Router and Network Mana gement 6-1 v1.0, April 20 07 Chapter 6 Router and Network Management This chapter describes how to u se the network man agement features of your ProSa fe W ireless ADSL Modem VPN Firewall Router. These features can be found by clicking on the a ppropriate heading in the Main Menu of the browser interface. The ProSafe W irele[...]

  • Page 150

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-2 Router and Ne twork Managem ent v1.0, April 2007 Service Blocking Y ou can control specific outbound traffic (i .e., from LAN to W AN and from DMZ to W AN ). Outbound Services lists all existin g rules for outbound traf fic. If yo u have not defined any rules, only the d[...]

  • Page 151

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-3 v1.0, April 20 07 See “Using Rules to Block or Allo w Specific Kinds of T raffic” on page 4 - 1 for the procedure on how to use this feature. Services. The Rules menu contains a list of predefined Services for creating firewall rules. If [...]

  • Page 152

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-4 Router and Ne twork Managem ent v1.0, April 2007 Y ou can bypass keyword block ing for trusted domains b y adding the exact match ing domain to the list of T rusted Domains. Access to the doma ins on this list by PCs even in the groups for which keyword blocking has been[...]

  • Page 153

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-5 v1.0, April 20 07 Each rule lets you specify the desired actio n for the connections covered by the ru le: •B L O C K a l w a y s • BLOCK by schedule, otherwise Allow • ALLOW always • ALLOW by schedule, otherwise Block Y ou can also e[...]

  • Page 154

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-6 Router and Ne twork Managem ent v1.0, April 2007 See “Using Rules to Block or Allo w Specific Kinds of T raffic” on page 4 - 1 for the procedure on how to use this feature. Port T riggering Port triggering allows some app lications to function correctly th at wou ld [...]

  • Page 155

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-7 v1.0, April 20 07 • Y ou can change the priority to a higher or lo wer value than its default sett ing to give the service higher or lower priority than it otherwise would have. The QoS priority settings conform to the IEEE 802 .1D-1998 (fo[...]

  • Page 156

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-8 Router and Ne twork Managem ent v1.0, April 2007 3. First enter the old password, and then enter the new password—twice. Click Apply . 4. Change the logi n idle time-out by chan ging the number of minutes. Click Apply . The password and time-out values y ou entered wil[...]

  • Page 157

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-9 v1.0, April 20 07 Figure 7.2 shows the Remote Manage ment screen that is invok ed wh en you select Remote Management unde r Management on the main menu. T o configure your firewall for Remote Management: 1. Select Administration from the main[...]

  • Page 158

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-10 Router and Networ k Management v1.0, April 2007 5. Click Apply to h ave your changes take ef fect. When accessing your firewall from the Internet , the Secure Sockets Layer (SSL) will be enabled. Enter https:// and type your firewall W AN IP addre ss into your browser ,[...]

  • Page 159

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-11 v1.0, April 20 07 2. Enter admin and password when prompted for the login an d password information (or enter guest and password to log in as a read-only guest). Any configuration changes made via the CLI are not preserved after a reboot or [...]

  • Page 160

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-12 Router and Networ k Management v1.0, April 2007 Monitoring Y ou can view status information about the firewa ll, W AN ports, LAN port s, and VPN tunnels a nd program SNMP conn ections. Router St atus The Router S tatus menu provides status and usage information on the L[...]

  • Page 161

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-13 v1.0, April 20 07 Figure 6-4 T able 6-1. Router S tatus Item Description System Name This is the Account Name that you entered in the Basic Settings page. Firmware V ersion This is the current software the rout er is using. This will change [...]

  • Page 162

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-14 Router and Networ k Management v1.0, April 2007 WA N P o r t s Y ou can monitor the status of the ADSL and W A N Ethernet connections, Dynamic DNS servic es, and Internet traffic information. T o monitor each W AN Port connection status: 1. Select Network Configuration [...]

  • Page 163

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-15 v1.0, April 20 07 T o check Dynamic DNS status: 1. Select Network Configuration from the main menu and Dynamic DNS from the submenu. The Dynamic DNS Configuration screen will display . 2. Check the DNS provider radio box o n the W AN port fo[...]

  • Page 164

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-16 Router and Networ k Management v1.0, April 2007 Figure 6-6[...]

  • Page 165

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-17 v1.0, April 20 07 LAN Port s and Att a ch ed Devices Known PCs and Devices The Known PCs and Devices table contains a table of all IP devices that the firewall has discovered on the local network. This screen is accessible from the Administr[...]

  • Page 166

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-18 Router and Networ k Management v1.0, April 2007 The Known PCs and Devices table lists all current entries in the Network Da tabase. For each PC or device, the following data is displayed. DHCP Log The DHCP Log is accessible from the DHCP Log link on the LAN Setup screen[...]

  • Page 167

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-19 v1.0, April 20 07 Port T riggering St atus The Port T riggering S tatus screen is av ail able from the Port T r iggering screen accessible under Security on the main menu. Only one PC can use a Po rt T riggering applica tion at any time. Whe[...]

  • Page 168

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-20 Router and Networ k Management v1.0, April 2007 Figure 6-10 Select the types Enable emailing Enable Syslogs server . Set a schedule to send email. logs. of logs to email. of logs. Click to view logs[...]

  • Page 169

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-21 v1.0, April 20 07 T o invoke the Log screen, click the Vi e w L o g link on the Logs and E-mail screen. VPN T unnels Y ou can view the VPN Logs by selecting Monitoring on the main menu and VPN Logs on the submenu. The VPN Logs screen display[...]

  • Page 170

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-22 Router and Networ k Management v1.0, April 2007 Select VPN from the main m enu and Connection S tatus from th e submenu to disp lay the status of IPSec connections. Y ou can change the status of a connection; to either establish or drop the Security Association (SA). Cl[...]

  • Page 171

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-23 v1.0, April 20 07 • IP Address : The IP address of the SNMP manager . • Port : The trap port of the configuration. • Community : The trap community stri ng of the configuration. T o create a new SNMP configuration entry: 1. Select Admi[...]

  • Page 172

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-24 Router and Networ k Management v1.0, April 2007 The SNMP System Info link displays the wireless firewall id entification information available to the SNMP Manager: System Contact, System Location, and System name. T o modify the SNMP Syst em contact i nformation: 1. Cli[...]

  • Page 173

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-25 v1.0, April 20 07 Select Monitoring from the main menu and Diagnostics from the subme nu. The Diagnostics screen will display . .The functionality of the each diagnostic tool is described in the following Ta b l e 6 - 5 . Figure 6-15 T able [...]

  • Page 174

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-26 Router and Networ k Management v1.0, April 2007 Configuration File Management The configuration settings of the ProSafe DGFV338 are stored within the firewall in a configuration file. This file can be saved (backed up) to a user ’ s PC, retrieved (restored) from the u[...]

  • Page 175

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-27 v1.0, April 20 07 If your browser isn’t set up to save downloaded files automatically , locate where you want to save the file, specify file name, and click Save . If you have your browser set up to sav e downloaded files automatically , t[...]

  • Page 176

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-28 Router and Networ k Management v1.0, April 2007 Router Upgrade Y ou can install a different version of the wireless firewall firmware from the Settin gs Backup and Firmwar e Upgrade screen. T o view the current version of the firmware that your wireless firewall is runn[...]

  • Page 177

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router and Network Mana gement 6-29 v1.0, April 20 07 T o upgrade router software: 1. Select Administration from the main menu and Settings Backup and Firmwar e Upgrade from the submenu. The Settings Backup and Firmwar e Upgrade screen will display . 2. Click Br owse in the Ro[...]

  • Page 178

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 6-30 Router and Networ k Management v1.0, April 2007 • Use Custom NTP Ser v ers : If you prefer to use a particular NTP server , enable this instead and enter the name or IP address of an NTP Server in the Server 1 Nam e/IP Address field. If required, you can also enter th[...]

  • Page 179

    LAN Configuration 7-1 v1.0, April 20 07 Chapter 7 LAN Configuration This chapter describes how to configure the adva nced LAN features of your ProSafe W ireless ADSL Modem VPN Firewall Router. These featur e s can be found by selecting Network Configuration from the primar y menu and LAN Se tup from the submenu of the browser interface. Using the F[...]

  • Page 180

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-2 LAN Configuration v1.0, April 2007 Configuring the LAN Setup Options The LAN IP Setup menu allows configur ation o f LAN IP se rvices such as DHCP and allows you to configure a secondary or “multi-home” LAN IP setup in the LAN. The default values are suitable for mos[...]

  • Page 181

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Configuration 7-3 v1.0, April 20 07 4. DHCP Server . By default, the router will fu nction as a DHCP server , providing TCP/IP configuration for all computers connected to the router's LAN. If another device on your network will be the DHCP server , or if you w ill ma[...]

  • Page 182

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-4 LAN Configuration v1.0, April 2007 T o reserve an IP address: 1. Select Network Configuration from the main menu and LAN Groups from th e submenu. THe Groups and Hosts screen will display . 2. From the IP Address T ype pull-down menu, select Reserve as the address type. [...]

  • Page 183

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Configuration 7-5 v1.0, April 20 07 T o add a secondary LAN IP address: 1. Enter the IP Address and the Subnet Mask in the respective fields of the Add Secondar y LAN IP Address section. 2. Click Add. The new Secondary LAN IP address will appear in the A vailable Secondary[...]

  • Page 184

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-6 LAN Configuration v1.0, April 2007 . Figure 7-3 Note: Additional IP addresses cannot be configur ed in the DHCP se rver . The hosts on the secondary subnets must be manually configured with IP addre sses , gateway IP and DNS server IPs.[...]

  • Page 185

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Configuration 7-7 v1.0, April 20 07 Configuring S t atic Routes Stat ic Routes provide additional routing info rmation to your firewall. Under normal circumstances, the firewall has adequate routing info rmation after it has be en configured for Internet access, and you do[...]

  • Page 186

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-8 LAN Configuration v1.0, April 2007 5. Select Private if you want to limit access to the LAN only . The private static route will not be advertised in RIP . 6. Enter the Destination IP Address to the host or network to which the route leads. 7. Enter the IP Subnet Mask fo[...]

  • Page 187

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Configuration 7-9 v1.0, April 20 07 • In Only – The router accepts RIP information fro m other routers, but does not broadcast its routing table. 3. From the RIP V e rsion pull-down menu, select the version: • RIP-1 – A classful routing that does not includ e subne[...]

  • Page 188

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-10 LAN Configuration v1.0, April 2007 5. Click Reset to discard any changes and reve rt to the previous settings. 6. Click Save to save your settings. S t atic Route Example For example, you may require a static route if: • Y our primary In terne t access is through a ca[...]

  • Page 189

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Configuration 7-11 v1.0, April 20 07 By default, UPnP is disabled. Wh en disabled, t he router will not a llow any device to automatically control the resources of the router ; for example, port forwarding. When enabled, you must set the Advertisement Period and the Advert[...]

  • Page 190

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 7-12 LAN Configuration v1.0, April 2007 T o turn on and set up UPnP: 1. Select Security from the main menu and UPnP from the submenu. The UPnP screen will display . 2. Enable the UPnP radio by selecting the Y es radio box. 3. Modify the default Advertisement Period and Adver[...]

  • Page 191

    Troubleshooting 8-1 v1.0, April 20 07 Chapter 8 T roubleshooting This chapter gives informatio n about troubleshootin g your ProSafe W ireless ADSL Modem VPN Firewall Router. After each problem description, in structio ns are provided to help you diagnose and solve the problem. Basic Functions After you turn on power to th e firewall, the following[...]

  • Page 192

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 8-2 Troubleshooting v1.0, April 2007 LEDs Never T urn Off When the firewall is turned on, the LEDs turns on for about 10 sec onds and then turn off. If all the LEDs stay on, there is a fault within the firewall. If all LEDs are still on one minute after power up: • Cycle t[...]

  • Page 193

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Troubleshooting 8-3 v1.0, April 20 07 • Make sure your PC’ s IP address is on the sam e subnet as the firewall. If you are using the recommended addressing sch eme, yo ur PC’ s ad dress should be in the rang e of 192.168.1.2 to 192.168.1. 254. • If your firewall’ s I[...]

  • Page 194

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 8-4 Troubleshooting v1.0, April 2007 2. Access the Main Menu of the firewall’ s configuration at http://192.168.1.1 3. Under the Management hea ding, select Router Status 4. Check that an IP address is shown for the ADSL or Ethernet W AN Port (whichev er port you configure[...]

  • Page 195

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Troubleshooting 8-5 v1.0, April 20 07 Configure your firewall to sp oof your PC’ s MAC address. This can be do ne in the Basic Settings menu. Refer to “Manually Configuring yo ur ADSL Connection” on page 2 -6 or “Manually Configuring y our Ethernet Connection” on p a[...]

  • Page 196

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 8-6 Troubleshooting v1.0, April 2007 Request timed out If the path is not functioning correctly , you could have one of the following problems: • W rong phys ical connections – Make sure the LAN port LED is on. If the LED is of f, follow the instruct ions in “LAN or In[...]

  • Page 197

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Troubleshooting 8-7 v1.0, April 20 07 • Y our ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many broadband ISPs restrict access by only allo wing traffic from the MAC address of your broadband modem, but some ISPs additionally restrict ac ces [...]

  • Page 198

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al 8-8 Troubleshooting v1.0, April 2007 • T ime is off by one hour . Cause: The fire wa ll does not automatically sense Daylight Savings T ime. In the E-Mail menu, check or uncheck the box marked “Adj ust for Daylight Savings T ime”.[...]

  • Page 199

    Default Settings and Technical Specifications A-1 v1.0, April 20 07 Appendix A Default Settings and T echnical S pecifications Default Factory Settings Y ou can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • T o perform a hard reset, push and hold the re set[...]

  • Page 200

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al A-2 Default Settings and Technical Specifications v1.0, April 2007 DHCP Server Enabled DHCP S tarting IP Addres s 192.168.1.2 DHCP Ending IP Address 192.168.1.254 UPnP Disabled T ime Zone GMT T ime Zone Adjusted for Daylight Saving Ti m e Disabled SNMP Disabled Firewall Inbo[...]

  • Page 201

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Default Settings and Technical Specifications A-3 v1.0, April 20 07 T echnical Specifications This appendix provides techni cal specifications for the ProSafe W ireless ADSL Modem VPN Firewall Router. Output Power Full Access Point Disabled Authentication T ype Open System Wir[...]

  • Page 202

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al A-4 Default Settings and Technical Specifications v1.0, April 2007 Electromagnetic Emissions Meets requirements of: FCC Part 15 Cla ss B VCCI Class B EN 55 022 (CISPR 22), Class B Interface Specifications LAN: 10BASE-T or 100BASE-Tx, RJ-45 W AN: 10BASE-T or 100BASE-Tx or ADS[...]

  • Page 203

    Related Documents B-1 v1.0, April 20 07 Appendix B Related Document s This appendix provides links to reference documents you c an use to gain a more complete understanding of the technolog ies used in your NET GEAR product. Document Link Internet Netw orking and TCP/IP Addressing: http://documentation.netgear .com/ r efer ence/enu/tcpip/index.htm [...]

  • Page 204

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al B-2 Related Documents v1.0, April 2007[...]

  • Page 205

    Index-1 v1.0, April 20 07 Index Numerics 802.1 1a 3-4 802.1 1b 3-4 802.1 1g 3-4 A access adminstrator and guest 6-7 remote management 6-8 Access Control List 3-6 Access Control screens 3-20 Active Self Certificates 5-22 Add Mode Config Record screen 5-33 Add New Stations 3-6 address reservation 7-3 ADSL gateway connecting 2-3, 2-4 logging in 2-3 pl[...]

  • Page 206

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Index-2 v1.0, April 2007 TKIP 3-15 Date setting 6-29 date troubleshooting 8-7 Daylight Savings T ime adjusting for 6-29 Dedicated ADSL 2-15 Dedicated Ethernet 2-15 default factory settings A-1 default login 1-9, 2-3 default password 1-9, 2-3 default user name 1-9, 2-3 Delive[...]

  • Page 207

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Index-3 v1.0, April 20 07 H hosts, managing 4-21 I IGP 7-8 IKE Policies management of 5-6 IKE Policy about 5-5 ModeConfig, configuring with 5-34 XAUTH, adding to 5-27 Inbound Rules 4-2 inbound rules 4-7 example 4-12, 4-13, 4-15 installation 1-4 Interior Gateway Protocol. See I[...]

  • Page 208

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Index-4 v1.0, April 2007 Network T i me Protocol 4-31, 8-7 Network T i me Protocol. See NTP . newsgroup 4-25 NTP 4-31, 6-29, 8-7 NTP Servers custom 6-30 default 6-29 NTP servers setting 6-29 O Open System 3-10 Open Systems 3-10 Operating Channel 3-4 Operating Mode 802.1 1a 3[...]

  • Page 209

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Index-5 v1.0, April 20 07 versions of 7-9 RIP Configuration screen 7-8 rollover 5-1 router upgrade software 6-29 router broadcast RIP , use with 7-8 Router MAC Address 2-11 router management 6-1 route r rear pa nel 1-8 Router Upgrade about 6-28 Routing Information Protocol 1-4[...]

  • Page 210

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Index-6 v1.0, April 2007 daylight savings 8-8 troubleshooting 8-7 T i me Zone setting of 6-29 T i me Zone screen 6-29 TKIP 3-12, 3-15 TKIP+AES 3-5 traffic increasing 6-4 reducing 6-1 traffic management 6-7 Tr a ff i c M e t e r field descriptions 2-21 programming 2-20 traffi[...]

  • Page 211

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Index-7 v1.0, April 20 07 Network Authenticat ion 3-10 Network Authenticat ion screen 3-1 1 WEP configuring 3-10 W ireless Network Name. See SSID. W ireless Security 3-1 wireless security options 3-2 MAC Address restricting 3-2 SSID off 3-2 WEP 3-2 WP A/WP A2 with RADIUS 3-2 W[...]

  • Page 212

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewa ll Router Reference Manu al Index-8 v1.0, April 2007[...]