Vai alla pagina of
Manuali d’uso simili
-
Network Router
NETGEAR RT338 RT338 RT338
11 pagine 0.49 mb -
Network Router
NETGEAR WGR614
2 pagine 1.08 mb -
Network Router
NETGEAR RM356 RM356 RM356
11 pagine 0.47 mb -
Network Router
NETGEAR NR3000
2 pagine 0.89 mb -
Network Router
NETGEAR N150
41 pagine 0.63 mb -
Network Router
NETGEAR WNHDE111 5GHz
82 pagine 2.02 mb -
Network Router
NETGEAR WNR3500L
133 pagine 1.9 mb -
Network Router
NETGEAR RT314
146 pagine 1 mb
Un buon manuale d’uso
Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso NETGEAR FVG318NA. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica NETGEAR FVG318NA o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.
Che cosa è il manuale d’uso?
La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso NETGEAR FVG318NA descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.
Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.
Quindi cosa dovrebbe contenere il manuale perfetto?
Innanzitutto, il manuale d’uso NETGEAR FVG318NA dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo NETGEAR FVG318NA
- nome del fabbricante e anno di fabbricazione NETGEAR FVG318NA
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature NETGEAR FVG318NA
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti
Perché non leggiamo i manuali d’uso?
Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio NETGEAR FVG318NA non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti NETGEAR FVG318NA e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio NETGEAR in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche NETGEAR FVG318NA, come nel caso della versione cartacea.
Perché leggere il manuale d’uso?
Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo NETGEAR FVG318NA, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.
Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso NETGEAR FVG318NA. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.
Sommario del manuale d’uso
-
Pagina 1
202-10318-01 September 2007 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA ProSafe 802.1 1g Wireless VPN Firewall FVG318 Reference Manual[...]
-
Pagina 2
ii v1.0, September 2007 © 2007 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR and the NETGEAR l ogo are registered trademarks and ProSaf e is a trademark of NETGEAR, Inc. Microsoft, W indows, and W indows NT ar e registered trademarks of Microsof t Corporation. Other brand and pr oduct names are registered trad emarks or tradema rks of [...]
-
Pagina 3
v1.0, September 2007 iii Europe – Declaration of Conf ormity in Languages of the European Community Cesky [Czech] NETGEAR Inc. tímto prohlašuje, že tento Radiol an je ve shod e se základními požadavky a dalšími príslušnými ustanoveními smernice 1999/5 /ES.. Dansk [Danish] Undertegnede NETGEAR Inc. erklærer herved, at følgende udstyr[...]
-
Pagina 4
v1.0, Septembe r 2007 iv FCC Requirement s for Operation in the United St ates FCC Information to User This product does not contain an y user serviceable co mponents and is to be us ed with approved an tenn as only . Any product changes or modifications wi ll invalidate all applicable regul atory certifications and approvals FCC Guidelines for Hum[...]
-
Pagina 5
v1.0, September 2007 v interference will not occur in a pa rtic ula r installation. If this equipment does cause harm ful interference to radio or television reception, which ca n be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following methods: • Reorient or relo[...]
-
Pagina 6
v1.0, Septembe r 2007 vi Product and Publication Det ails Model Number: FVG318 Publication Date: September 2007 Product Family: Wireless Router Product Name: ProSafe 802.1 1g Wireless VPN Firewall Home or Business Prod uc t: Business Language: Engl ish Publication Part Number: 202-10318-01 Publication V ersion Number: 1.0[...]
-
Pagina 7
vii v1.0, September 2007 Content s About This Manual Conventions, Formats, and Scope ............... ................ ................ ................ ................ ... xiii How to Use This Manual ................. ................ ................ ............. ................ ................ ...xiv How to Print this Manual . ............. .[...]
-
Pagina 8
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual viii Contents v1.0, September 2007 Chapter 3 Configuring Wirele ss Connectivity Observing Performance, Placem ent, and Range Guidelines ............. ................ ............ 3-1 Implementing Appropriate Wirele ss Security ... ............. ................ ................ .......[...]
-
Pagina 9
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Contents ix v1.0, September 2007 Setting Up a Client-to-Gateway VPN Configurat ion ..... ................ ................ ............. ..... 5-5 S tep 1: Configuring the Client-to-Gateway VPN Tu nnel on the FVG318 ................. 5-5 S tep 2: Configuring the NETGEAR ProSafe VPN Clie[...]
-
Pagina 10
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual x Contents v1.0, September 2007 Configuring S tatic Routes ................ ................ ................ ................ ............. ................ .. 8-5 Configuring RIP ............... ................ ............. ................ ................ ............. ...........[...]
-
Pagina 11
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Contents xi v1.0, September 2007 The FVG318-to-FVS318v2 Case ................. ................ ............. ................ ................ .... C-7 Configuring the VPN T u nnel ........... ... .... ... ... ... ... .... ... ... ... .... ... ... ............. ... ... .... ... ... . C[...]
-
Pagina 12
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual xii Contents v1.0, September 2007[...]
-
Pagina 13
xiii v1.0, September 2007 About This Manual The NETGEAR ® Pr oSafe™ 802.1 1g W ir eless VPN Fir ewall FVG318 Refer ence Manual describes how to install, configure and troubleshoot th e ProSafe 802.1 1g W ireless VPN Firewall. The information in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Forma[...]
-
Pagina 14
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual xiv About This Manual v1.0, September 2007 • Scope. This manual is written for the VPN fir ewall according to these specifications: For more information about networ k, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix B, “Related Documents .[...]
-
Pagina 15
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual About This Manual xv v1.0, September 2007 • Printing from PDF . Y our computer must have the free Adobe Acrobat reader installed in order to view and print PDF files. The Acrobat reader is available on the Adobe W eb site at http://www .adobe .com . – Printing a PDF Chapter . Use th[...]
-
Pagina 16
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual xvi About This Manual v1.0, September 2007[...]
-
Pagina 17
1-1 v1.0, September 2007 Chapter 1 Introduction This chapter describes the features of the NETG EAR® ProSafe 802.11g W ireless VPN Firewall, Model FVG318. Key Features of the VPN Firewall Router The ProSafe 802.1 1g W ireless VPN Firewa ll with eight-port switch connects your local area network (LAN) to the Internet through an extern al access dev[...]
-
Pagina 18
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 1-2 Introduction v1.0, September 2007 802.1 1g and 802.1 1b Wireless Networking The VPN firewall includes an 802.1 1g-compliant wireless access point. The access point provides: • 802.1 1b standards-based wireless networking at up to 11 Mbps. • 802.1 1g wireless network i ng at up t[...]
-
Pagina 19
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Introduction 1-3 v1.0, September 2007 The FVG318 logs security events such as blocke d incoming traf fic, port scans, attacks, and administrator logins. Y ou can configure the fi rewall to email the log to you at specified intervals. Y ou can also configure the firewall to send immediat[...]
-
Pagina 20
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 1-4 Introduction v1.0, September 2007 • IP Address Sharing by NA T . The VPN firewall allows severa l networked PCs to share an Internet account using only a single IP addr ess, which may be statically or dynamically assigned by your Internet service pro vider (ISP). This technique, k[...]
-
Pagina 21
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Introduction 1-5 v1.0, September 2007 Maintenance and Support NETGEAR offers the following features to help you maximize yo ur use of the VPN firewall: • Flash memory for firmware upgrade. • Free technical support seven days a week, 24 hours a day . Package Content s The product pac[...]
-
Pagina 22
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 1-6 Introduction v1.0, September 2007 Y ou can use some of the LEDs to verify connections. V iewed fro m left to right, Ta b l e 1 - 1 describes the LEDs on the front panel of th e firewall. These LEDs are green when lit. The FVG318 Rear Panel The rear panel of the VPN firewal l cont ai[...]
-
Pagina 23
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Introduction 1-7 v1.0, September 2007 V iewed from left to right, the rear panel contains the following features: • Detachable wireless antenna • Factory default reset p ush button • Eight Ethernet L AN ports • Internet Ethernet W AN port for connecti ng the firewall to a ca ble[...]
-
Pagina 24
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 1-8 Introduction v1.0, September 2007[...]
-
Pagina 25
Connecting the Fire wa ll to the Internet 2-1 v1.0, September 2007 Chapter 2 Connecting the Firewall to the Internet This chapter describes how to set up the firewall on your LAN, connect to the In ternet, perform basic configuration of yo ur ProSafe 802.1 1g W irele ss VPN Fire wall using the Setup W izard, or how to manually configure your Intern[...]
-
Pagina 26
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-2 Connecting the Firewall to the In ternet v1.0, September 2007 d. Securely insert the Ethernet cable from your mo dem into the FVG318 Internet port (point B in the illustration). e. Securely insert one end of the NETGEAR cable that came with your FVG318 into a Local port on the route[...]
-
Pagina 27
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to the Int ernet 2 -3 v1.0, September 2007 2. Restart your network in the co rre ct se qu ence a. First, plug in and turn o n the cable or DSL modem.W ait about 2 min utes. b. Now , plug in the power cord to yo ur FVG318 and wait about 30 secon ds. c. Last, tu[...]
-
Pagina 28
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-4 Connecting the Firewall to the In ternet v1.0, September 2007 • Power: The power light should be lit. If after 2 minutes the power light turns solid amber, see the T roubleshooting T ips in this guide. • Te s t : The test light blinks when the FVG318 is first turned on. If after[...]
-
Pagina 29
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to the Int ernet 2 -5 v1.0, September 2007 2. When prompted, en ter admin for the firewall User Name and password for the firewall Password. Both fields are case-sensitive. (For sec urity reasons , the firewall has its own User Name and Password.) 3. Click Log[...]
-
Pagina 30
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-6 Connecting the Firewall to the In ternet v1.0, September 2007 4. Select Network Configuration. The W AN ISP Settings screen will display . Click Auto Detect at the bottom of the W AN ISP Settings screen. The router will automatica lly attempt to detect your connection t ype. A messa[...]
-
Pagina 31
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to the Int ernet 2 -7 v1.0, September 2007 Manually Configuring your Internet Connection Unless your ISP assigns your configuration automatically via DHCP , you will need the configuration parameters from your ISP . For exam ple, if your router detected a PPPo[...]
-
Pagina 32
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-8 Connecting the Firewall to the In ternet v1.0, September 2007 – Password . Enter the password you use to log in to your ISP . • Enter your ISP T ype information: – Austria (PP TP ): If your ISP is Austria T elecom or any other ISP that uses PP TP to log in, fill in the followi[...]
-
Pagina 33
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to the Int ernet 2 -9 v1.0, September 2007 • IP Subnet Mask : This is usually provided by the ISP o r your network administrator . • Gateway IP Address : IP address of your ISP’ s gatewa y . This is usually provided by the ISP or your network administrat[...]
-
Pagina 34
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-10 Connecting the Firewall to th e Internet v1.0, September 2007 The gateway conta in s a clie n t that ca n co nn ect to a dynamic DNS service provider . T o use this feature, you must select a service provider and obtain an account with them. After you have configured your acco un t[...]
-
Pagina 35
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to th e Int er n et 2-11 v1.0, September 2007 5. Click Apply to save y our configuration. Configuring Y our T ime Zone The VPN firewall uses the Network T ime Protocol (NTP) to obtain the cu rrent time and date from one of several Network T ime Servers on the [...]
-
Pagina 36
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-12 Connecting the Firewall to th e Internet v1.0, September 2007 • Select the Use Custom NTP Servers if you prefer to use a particular NTP server . – Enter the name or IP address of an NTP Server in the Server 1 Name/IP Address field. – If required, you can also enter the addres[...]
-
Pagina 37
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Connecting th e Fir ew all to th e Int er n et 2-13 v1.0, September 2007 • Some cable modem ISPs require you to use the MAC address of the computer registere d on the account. If so, in the Router MAC Addre ss section of the Basic Settings menu, select, “Use this Computer ’ s MAC [...]
-
Pagina 38
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 2-14 Connecting the Firewall to th e Internet v1.0, September 2007 Configuration Settings Have Been Applied Enter the standard URL to access the VPN firewall router Connect to the VPN firewall ro uter by typing the d efault router IP address in the address field of your brow ser , then [...]
-
Pagina 39
Configuring Wireless Connectivity 3-1 v1.0, September 2007 Chapter 3 Configuring Wireless Connectivity This chapter describes how to configure the wire less features of your FVG318 VPN firewall. Observing Performance, Placem ent, and Range Guidelines In planning your wire less network, you sh ou ld consider the level of se curity required. Y ou sho[...]
-
Pagina 40
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-2 Configuring Wireless Con nectivity v1.0, September 2007 Implementing Appropriate Wireless Security Unlike wired network data, your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapte r . For this reason, use the security fe[...]
-
Pagina 41
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-3 v1.0, September 2007 • Wi- Fi Protected Access (WP A and WP A2) . The very strong auth entication along with dynamic per frame rekeyin g o f WP A and WP A2 make it virtually im po ssible to compromise. Because this is a new standard, wireless de v[...]
-
Pagina 42
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-4 Configuring Wireless Con nectivity v1.0, September 2007 • Wir eless Ne twork. The station name of the FVG318. – Wir eless Network Name (SSID). The SSID is also kn own as the wireless network name. Enter a value of up to 32 alphanumeric characters. In a se tting where there is mo[...]
-
Pagina 43
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-5 v1.0, September 2007 – Region. This field identifies the region where the FVG318 can be used. It may no t be legal to operate the wireless features of the VPN fi rewall router in a region other than one of those identified in this field. Unless yo[...]
-
Pagina 44
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-6 Configuring Wireless Con nectivity v1.0, September 2007 – WP A2-PSK : WP A2 is a later version of WP A. Only select this if all clients support WP A2. If selected, you must use AES encryption – WP A-PSK and WP A2-PSK : This selection allows clients to use either WP A (with TKIP [...]
-
Pagina 45
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-7 v1.0, September 2007 Security Check List for SSID and WEP Settings For a new wireless network, print or copy this form and fill in the configuration parameters. For an existing wireless network, the person who set up or is responsible for the networ[...]
-
Pagina 46
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-8 Configuring Wireless Con nectivity v1.0, September 2007 Setting Up and T esting Basic Wireless Connectivity Follow the instructions below to set up and te st basic wireless conne ctivity . Once you have established basic wireless connectivity , you can enable security settin gs appr[...]
-
Pagina 47
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-9 v1.0, September 2007 7. For initial configuration and test, leave the W i reless Card Access List set to “All W ireless Stat ions” and the Encryption St rength set to “Disable.” 8. Click Apply to save your changes. 9. Configure and test your[...]
-
Pagina 48
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-10 Configuring Wireless Connectivity v1.0, September 2007 3. Check the Y es radio box to enable MAC filtering and tu rn on the Access Control List. Then click Apply . An “Operation Succeed” m essage will display . Only T rusted W ireless Stations will be able to connect to the VPN[...]
-
Pagina 49
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-11 v1.0, September 2007 3. In the W ireless Security T ype section, select the WEP radio bo x. The WEP fields section will be highlight ed. 4. Choose the Authentication T ype (Automatic, Open System or Shared Key) and Encryption St re n g t h options.[...]
-
Pagina 50
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-12 Configuring Wireless Connectivity v1.0, September 2007 • Manual Entry Mode : Enter ten hexadecimal digits (any combin ation of 0-9, a-f, or A-F). These hex values are not case sensitive. Select which of the four keys will be used and enter the matching WEP key inform ation for yo[...]
-
Pagina 51
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-13 v1.0, September 2007 3. Select the WP A radio box and then select RADIUS from the WP A with: pull-down menu in the W ireless Security T ype section. The RADIUS settings fields in the Radius Server Settings section will be highlighted. 4. Enter the [...]
-
Pagina 52
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-14 Configuring Wireless Connectivity v1.0, September 2007 Configuring WP A2 with RADIUS T o configure WP A2 with RADIUS: 1. Log in at the default LAN address of http://192.168.0.1 with the default user name of admin and default password of password , or using whatever LAN addr ess and[...]
-
Pagina 53
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-15 v1.0, September 2007 4. Enter the Radius Server Settings. • Primary Server Name/IP Addr ess : This field is required. Enter the name or IP address of the primary Radius Serve r on your LAN. • Radius Port : Enter the port number used for connect[...]
-
Pagina 54
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-16 Configuring Wireless Connectivity v1.0, September 2007 3. Select the WP A and WP A2 radio box and then select RADIUS from the WP A with: pull- down menu in the W ireless Security T ype section. The RADIUS settings fields in the Radius Server Settings sectio n will be highlighted. 4[...]
-
Pagina 55
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-17 v1.0, September 2007 Configuring WP A-PSK T o configure WP A-PSK: 1. Log in at the default LAN address of http://192.168.0.1 , with the default user name of admin and default password of password , or using whatever LAN addr ess and password you ha[...]
-
Pagina 56
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-18 Configuring Wireless Connectivity v1.0, September 2007 4. In the PSK Settings section: • Enter the pre-shared key in the Passphrase field. Ent er a word or group of printable characters in the Passphrase b ox. The Passphra se must be 8 to 63 characters in length. The 256 Bit key [...]
-
Pagina 57
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-19 v1.0, September 2007 3. Select the WP A2 radio box and then select PSK from the WP A with: pull-down menu in the W ireless Security T ype section. The PSK settings fields in th e PSK Settings section will be highlighted. 4. In the PSK Settings sect[...]
-
Pagina 58
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-20 Configuring Wireless Connectivity v1.0, September 2007 Configuring WP A-PSK and WP A2-PSK T o configure WP A-PSK and WP A2-PSK: 1. Log in at the default LAN address of http://192.168.0.1 , with the default user name of admin and default password of password , or using whatever LAN [...]
-
Pagina 59
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Configuring Wireless Connectivity 3-21 v1.0, September 2007 4. In the PSK Settings section: • Enter the pre-shared key in the Passphrase field. Ent er a word or group of printable characters in the Passphrase b ox. The Passphra se must be 8 to 63 characters in length. The 256 Bit key [...]
-
Pagina 60
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 3-22 Configuring Wireless Connectivity v1.0, September 2007[...]
-
Pagina 61
Firewall Protection and Conten t Filtering 4-1 v1.0, September 2007 Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe 802.11g W ireless VPN Firewall to protect your n etwork. These features can be found by clicking on the Security heading in the main menu of the brows[...]
-
Pagina 62
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-2 Firewall Protection and Content Filtering v1.0, September 2007 Certain commonly used web compon ents can also be blocked for inc reased security . Some of these components can be used by malic ious websites to infect computers that access them. For example: • Proxy . A proxy serve[...]
-
Pagina 63
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4- 3 v1.0, September 2007 2. Check the Y es radio box in the Content Filtering section and click Apply . This will enable content filtering an d allow you to specify W eb Compon ents to be blocked. 3. Check the radio box for each W eb Component [...]
-
Pagina 64
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-4 Firewall Protection and Content Filtering v1.0, September 2007 1. In the appropriate field add the IP Address or Domain Name. 2. Click Add. The IP Address or Domain Name will appear in the appropriate table. 3. Click Edit adjacent to th e entry to modify or change the selected IP Ad[...]
-
Pagina 65
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4- 5 v1.0, September 2007 A firewall has two default rules, one for inbound traf fic and one for outbound. The default rules of the FVG318 are: • Inbound : Block all access from outside except re sponses to requests from the LAN side. • Outb[...]
-
Pagina 66
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-6 Firewall Protection and Content Filtering v1.0, September 2007 An example of th e menu for defining or edi ting a rule is shown in Figure 4-3 . The parameters are: • Service . From this list, select the application or service to be allowed or blocked. The list already displays man[...]
-
Pagina 67
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4- 7 v1.0, September 2007 Inbound Rule Example: A Local Public W eb Server If you host a public W eb server on your local network, you can define a rule to allow inbound W eb (HTTP) requests from any outside IP address to the IP address of your [...]
-
Pagina 68
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-8 Firewall Protection and Content Filtering v1.0, September 2007 Considerations for Inbound Rules • If your external IP address is assigned dynamically by your ISP , the IP address may change periodically as the DHCP lease expires. Cons ider using the Dynamic DNS feature in the Adva[...]
-
Pagina 69
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4- 9 v1.0, September 2007 . Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules table, as shown below: For any traffic attempting to pass through the fire wall, the packet informa tion is subjected to[...]
-
Pagina 70
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-10 Firewall Protection and Content Filtering v1.0, September 2007 Default DMZ Server Incoming traf fic from the Internet is normally discarded by th e firewall unless the traffic is a response to one of your local computers or a service for which you h ave configured an inboun d rule.[...]
-
Pagina 71
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4 -11 v1.0, September 2007 . Att ack Checks The Attack Check screen allows you to specify if the router should be protected against common attacks from the LAN an d W A N networks. The various types o f attack checks are defi ned below . T o acc[...]
-
Pagina 72
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-12 Firewall Protection and Content Filtering v1.0, September 2007 Services Services are functions performed by server computers at the request of client computers. For example, W eb servers serve W eb page s, time serve rs serve time and date information, and game hosts serve data abo[...]
-
Pagina 73
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4 -13 v1.0, September 2007 b. From the Ty p e pull-down menu, select whether the se rvice uses TCP , UDP or ICMP as its transport protocol. c. Enter the lowest port number used by the service in the St a r t P o r t field. a. Enter the highest p[...]
-
Pagina 74
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-14 Firewall Protection and Content Filtering v1.0, September 2007 . T o bloc k keywords or Internet d omains based on a sche dule: 1. Select Security > Schedule from the menu . The Schedule 1 scre en will display . 2. In the Scheduled Days section, select the All Days or Specific D[...]
-
Pagina 75
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4 -15 v1.0, September 2007 2. Enter the Log Identifier in the Log Options sections. Every logged message will contain a prefix for easier identification of the source of the message. The Log Identifier w ill be prefixed to both e- mail and Syslo[...]
-
Pagina 76
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-16 Firewall Protection and Content Filtering v1.0, September 2007 5. Enable E-Mail Logs. Check the Ye s radio box if you wish to receive e-mail lo gs fro m the firewall. 6. Enter your E-Mail Address information. If you enabled e-mail notificat ion, these boxes cannot be blank. • Ent[...]
-
Pagina 77
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Firewall Protection and Content Filtering 4 -17 v1.0, September 2007 • Enter the Return E-Mail Addr ess to which logs and alerts are sent. This e-mail address will also be used as the Send T o E-mail addre ss. If you leave this box blank, log and alert messages will not be sent via e-[...]
-
Pagina 78
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 4-18 Firewall Protection and Content Filtering v1.0, September 2007 Log entries are described in T able 4-1 Log action buttons are described in Ta b l e 4 - 2 T able 4-1. Log entry descrip tions Field Description Date and T ime The date and time the log entry was recorded. Description o[...]
-
Pagina 79
Basic Virtual Private Ne tworking 5-1 v1.0, September 2007 Chapter 5 Basic V irtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the VPN firewall. VPN communications paths are called tu nnels. VPN tunnels provide secure, encrypted communications betwee n your local network and a remote networ[...]
-
Pagina 80
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-2 Basic Virtual Private Networking v1.0, September 2007 Overview of VPN Configuration T wo common scena rios for config uring VPN tunnels are between a remote personal computer and a network gateway and between two or more netw ork gateways. The FVG318 supports b oth of these types of[...]
-
Pagina 81
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Private Networking 5- 3 v1.0, September 2007 A VPN between two or more NETGEAR VPN-enabled firewalls is a good way to connect branch or home offices and business partners over the In ternet. VPN tunnels also enable ac cess to network resources across the Internet. In this [...]
-
Pagina 82
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-4 Basic Virtual Private Networking v1.0, September 2007 • What level of IPSec VPN encryption will you use? – DE – The Data Encryption Standard (DES) pr ocesses input data that is 64 bits wide, encrypting these values using a 56 bit key . Faster but less secure than 3DES. – 3DE[...]
-
Pagina 83
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Private Networking 5- 5 v1.0, September 2007 Setting Up a Client-to-Gateway VPN Configuration Setting up a VPN between a remote PC runn ing the NETGEAR ProSafe VPN Client and a network gateway (see Figure 5-3 ) involves the following two steps: • “Step 1: Configuring t[...]
-
Pagina 84
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-6 Basic Virtual Private Networking v1.0, September 2007 2. Select VPN > VPN Wizard from the menu. The WPN W izard screen will display . 3. Check the VPN Client radio b utton and enter th e Connection Name and the pre-shared key . The End Point Information will be populated au tomat[...]
-
Pagina 85
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Private Networking 5- 7 v1.0, September 2007 4. Click the VPN W izard Default V alues link on the VPN W izard scree n to display the VPN default values shown below . The W izard sets most parameters to defaults as proposed by the VPN Consortium. 5. Click Apply on the VPN W[...]
-
Pagina 86
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-8 Basic Virtual Private Networking v1.0, September 2007 The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go to the NETGEAR W eb site ( http://www .netgear . com ) and select VPN01L_VPN05L in the Product Quick Find drop-down menu for information on[...]
-
Pagina 87
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Private Networking 5- 9 v1.0, September 2007 3. Enter the connection settin gs for the new connection: a. Select Secure in the Conn ection Security check box b. Select IP Subnet in the ID T ype menu. In this example, typ e 192 .168.0.0 in the Subnet field as the network ad[...]
-
Pagina 88
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-10 Basic Virtual Priva te Networking v1.0, September 2007 f. Select Domain Name in the ID T ype menu below the check bo x. g. Enter the public W AN IP Domain Name of the FVG318 in the field di rectly below the ID T ype menu. In this example, fvg_local.com would be used. The resulting [...]
-
Pagina 89
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-11 v1.0, September 2007 5. Configure the VPN Client Identity . Provide info rmation about the remote VPN client PC. Y ou will need to provide: – The Pre-Shared Key that you co nfigured in the FVG318. – Either a fixed IP address or a “fixed vi r[...]
-
Pagina 90
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-12 Basic Virtual Priva te Networking v1.0, September 2007 b. Choose None in the Select Certificate box. c. Select IP Address in the ID T ype box. If you are using a virtual fixed IP a ddress, enter this address in the Internal Network IP Addres s box. Otherwise , leave this box empty [...]
-
Pagina 91
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-13 v1.0, September 2007 c. In the Authentication Method menu, select Pre-Shared key . d. In the Encrypt Alg menu, select the type of en cryption. In this example, use T riple DES. e. In the Hash Alg menu, select SHA-1. f. In the SA Life menu, select [...]
-
Pagina 92
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-14 Basic Virtual Priva te Networking v1.0, September 2007 8. Save the VPN Client Settings. From the File me nu at the top of the Security Policy Editor window , click Save . After you have configured and saved th e VPN client information, your PC will automatically open the VPN conn e[...]
-
Pagina 93
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-15 v1.0, September 2007 This will cause a continuous ping to be sent to the first FVG318. After between several seconds and two minutes, the ping response should change from “timed out” to “reply”, as shown below . Once the connection is esta[...]
-
Pagina 94
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-16 Basic Virtual Priva te Networking v1.0, September 2007 2. The Connection Monitor sc reen for a similar connection is shown below: In this example you can see the following: • The FVG3 18 has a public IP W AN address of 22.23.24.25. • The FVG318 has a LAN IP address of 192.168.3[...]
-
Pagina 95
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-17 v1.0, September 2007 T ransferring a Security Policy to Another Client This section explains how t o export and import a security policy as an .spd file so that an existing NETGEAR ProSafe VPN Client configuration can be copied to other PCs ru nni[...]
-
Pagina 96
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-18 Basic Virtual Priva te Networking v1.0, September 2007 T o import an existing Security Policy: 1. Invoke the NETGEAR ProSafe VPN Client and select Import Security Policy from the File pull-down menu. 2. Select the security policy to import. In this example, the security policy file[...]
-
Pagina 97
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-19 v1.0, September 2007 Setting Up a Gateway-to-G ateway VPN Configuration The following procedure will show how to set the LAN IPs on each FVG318 to dif ferent subnets and configure each properly for the Internet. • The LAN IP address ranges of ea[...]
-
Pagina 98
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-20 Basic Virtual Priva te Networking v1.0, September 2007 5. In the End Point Information s ection, enter the Remote W ANs IP Address or Internet Name and the Local W AN’ s IP Addres s or Internet Name. Both local and re mote ends must be defined as either IP addresses or Internet N[...]
-
Pagina 99
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-21 v1.0, September 2007 7. Click Apply to complete the configuration procedure. The IKE Policies menu will display the local and remote W AN connection points as shown below . 8. Click the VPN Policy to displa y the VPN Policies showing that the new [...]
-
Pagina 100
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-22 Basic Virtual Priva te Networking v1.0, September 2007 T o configure a gate way-to-gatew ay VPN tu nnel using the VPN W iz ard on LAN B:. 1. Log in to the FVG318 on LAN B at its default LAN address of http://192.168.0.1 with its default user name of ad min and password of pa s s w [...]
-
Pagina 101
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-23 v1.0, September 2007 Activating a VPN T unnel There are three ways to activate a VPN tunnel: • S tart using the VPN tunnel. • Use the IPSec Connection S tatus screen. • Activate the VPN t unnel by pinging the remo te endpoint. T o use a VPN [...]
-
Pagina 102
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-24 Basic Virtual Priva te Networking v1.0, September 2007 T o activate the VPN tunnel by pinging the remote endpoint, select your configuration (either client-to-gateway or gateway-to-gateway): • Client-to-Gateway Configuration – to check the VPN Connection, you can initiate a req[...]
-
Pagina 103
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-25 v1.0, September 2007 Once the connection is establish ed, yo u can op en the browser of the PC and enter the LAN IP address of the remote FVG318. Afte r a short wa it, you should see the login screen of the VPN Firewall Router (unless another PC a[...]
-
Pagina 104
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-26 Basic Virtual Priva te Networking v1.0, September 2007 T o Use the IPSec Connec tion Status screen to change the status of a VPN connection: 3. Click VPN > Connecti on S tatus ( Figure 5-26 ) to get the IPSec Connection S tatus screen ( Figure 5-27 ). This page lists the followi[...]
-
Pagina 105
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Basic Virtual Priv ate Networkin g 5-27 v1.0, September 2007 3. Select the checkbox adjace nt to the policy you want t o disable and click disable. The VPN Policy will be disabled. Using the VPN St atus Page to Deactivate a VPN T unnel T o use the VPN Connection Status screen to deactiv[...]
-
Pagina 106
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 5-28 Basic Virtual Priva te Networking v1.0, September 2007[...]
-
Pagina 107
Advanced Virtual Private Networking 6-1 v1.0, September 2007 Chapter 6 Advanced V irtual Private Networking This chapter describes how to use the advanced virtual private networking (VPN) features of the VPN firewall. See Chapter 5, “Basic V irtual Private Networking ” for a description on ho w to use the basic VP N fea t u res. The FVG318 uses[...]
-
Pagina 108
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-2 Advanced Virtual Private Networking v1.0, September 2007 • VPN Policies . Apply the IKE policy to specific traffic that requires a VPN tunnel. Or , you can create a VPN policy that does not use an IKE policy but in which you manually enter all the authentication and key parameters[...]
-
Pagina 109
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-3 v1.0, September 2007 The IKE Policy Configuration fields are defined in the following tabl e. VPN Policy Configuration for Auto Key and Manual Negotiation Click the Add New VPN Policy link on the Add IKE Policy screen or select VPN > Policies a[...]
-
Pagina 110
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-4 Advanced Virtual Private Networking v1.0, September 2007 The VPN Manual and Auto Po licy f ields are defined in the following table. Figure 6-3 T able 6-1. VPN Manual and Auto Policy Configuration Fields Field Description General These se ttings identify this policy and determine it[...]
-
Pagina 111
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-5 v1.0, September 2007 Policy Name The descri ptive name of the VPN policy . Each policy should have a unique policy name. This name is not supplied to the remote VPN endpoint. It is only used to h elp you identify VPN policie s. Policy T ype: A pol[...]
-
Pagina 112
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-6 Advanced Virtual Private Networking v1.0, September 2007 Manual Policy Parameters The Manual Policy creates an SA (Sec urity Association) based on static inputs SPI-Incoming; SPI-Ou tg o ing T akes a hexadec imal va lue between 3 and 8 characters; for example: 0x1234 Encryption Algo[...]
-
Pagina 113
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-7 v1.0, September 2007 Using Digit al Certificates for IKE Auto-Policy Authentication Digital certificates are strings gene rated using encryption and authenticatio n sche mes that cannot be duplicated by anyone without access to the diff erent valu[...]
-
Pagina 114
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-8 Advanced Virtual Private Networking v1.0, September 2007 Whenever an IKE policy receives the certificate from a peer, it checks for this certificate in the CRL on the FVG318 obtained fro m the corre sponding CA. If the certificate is not present in the CRL it means that the certific[...]
-
Pagina 115
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-9 v1.0, September 2007 VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secret s The following is a typical gateway-to-gateway VPN that uses a preshared secret for authentication. Gateway A connects the internal LAN 10.5.6.0/24 to the In[...]
-
Pagina 116
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-10 Advanced Virtual Private Networking v1.0, September 2007 FVG318 Gateway A to FVG318 Gateway B ( IKE and VPN Policies) Note : Use this scenario illustration and configuration scr een s as a model to build your configuration. 1. Log in to the FVG318 labeled Ga teway A as in the illus[...]
-
Pagina 117
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-11 v1.0, September 2007 b. Configure the W AN Internet Address acco rding to the settings above and click Ap ply to save your settings. For more information on configuring the W AN IP settings, please see “Manually Configuring y our Internet Conne[...]
-
Pagina 118
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-12 Advanced Virtual Private Networking v1.0, September 2007 d. Configure the LAN IP address according to the settings above and click Apply to save your settings. For more information on LAN TCP/IP setup topics, please see “Configuring LAN TCP/IP Setup Parameters” on page 8-2 . 3.[...]
-
Pagina 119
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-13 v1.0, September 2007 a. Select VPN > Policies and click the VPN Policies tab. The VPN Policies screen will display . Click Add to display the Add VPN Policy screen. b. Configure the VPN Policy according to the se ttings in the illustration abo[...]
-
Pagina 120
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-14 Advanced Virtual Private Networking v1.0, September 2007 T o test the Gateway A FVG318 L AN and the Gateway B LAN connection: 1. Using our example, from a PC attached to the FVG318 on LAN A, on a W indows PC click t he Star t button on the task bar and then click Run. 2. Ty p e pin[...]
-
Pagina 121
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-15 v1.0, September 2007 VPN Consortium Scenar io 2: FVG318 Gateway to Gateway with Digit al Certificates The following is a typical gate way-to-gateway VPN that uses Public Key Infrastructure x.509 (PKIX) certificates for authentication. The netw or[...]
-
Pagina 122
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-16 Advanced Virtual Private Networking v1.0, September 2007 • Hash Algorithm. Select the desired option : MD5 or SHA1. • Signature Algorit hm. Select the desired option: DSS or RSA. • Signatu re Key Length. Select the desired option: 512 , 1024, or 2048. f. Fill in any opti onal[...]
-
Pagina 123
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Virtual Private Networking 6-17 v1.0, September 2007 g. Click Generate The FVG318 generates a pending Self Certificate Request as shown below . Click view to display the data. 4. T ransmit the Self Certificate Request data to the T rusted Root CA. a. Highlight the text in the D[...]
-
Pagina 124
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 6-18 Advanced Virtual Private Networking v1.0, September 2007 f. The “FVG318” certific ate will display in the Active Self Cer tificates table and the pending “FVG318” Self Certificate Request will be deleted. 7. Associate the new certificate and the Trus ted Root CA certificate[...]
-
Pagina 125
Maintenance 7-1 v1.0, September 2007 Chapter 7 Maintenance This chapter describes how to use the maintenance features of your ProSafe 802.1 1g W ireless VPN Firewall. These features can be found by selec ting Monitoring > Router Status from the main menu of the browser interface. V iewing VPN Firewall Router St atus Information The Router S tatu[...]
-
Pagina 126
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 7-2 Maintenance v1.0, September 2007 This screen shows the following parameters: T able 7-1. FVG318 St atus fields Field Description System Name The System Name assign ed to the firewall. Firmware V ersion The firewall firmware version. Wireless Configuration The wireless setti ngs of t[...]
-
Pagina 127
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Maintenanc e 7-3 v1.0, September 2007 Click Show S tatistics to display the W AN connection status, This screen shows the data transfer statistics for the W AN and LAN ports, including the duration they were enable d. The foll owing data is displayed:. IP Address The IP address used b y[...]
-
Pagina 128
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 7-4 Maintenance v1.0, September 2007 Upgrading the Firewall Sof tware The routing software of the FVG318 VPN firewa ll is stored in FL ASH memory , and can be upgraded as new software is released by NETG EAR. Upgrade files ca n be downloaded from NETGEAR's W eb site. If the upgrade[...]
-
Pagina 129
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Maintenanc e 7-5 v1.0, September 2007 3. Highlight the file and click Upload . In some cases, you may need to reco nfigure the firewall after upgrading. Backing Up and Restoring Settings The configuration settings of the VPN firewall are st ored within the firewall in a configuration fi[...]
-
Pagina 130
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 7-6 Maintenance v1.0, September 2007 Changing the Administrator Password The default password for the firewa ll’ s W e b Configuration Manager is password . NETGEAR recommends that you ch ange this password to a more secure password. Select Administration > Set Password to display [...]
-
Pagina 131
Advanced Configuration 8-1 v1.0, September 2007 Chapter 8 Advanced Configuration This chapter describes how to configure the advan ced features of your ProSafe 802.1 1g W ireless VPN Firewall FVG318. Configuring Dynamic DNS If your network has a pe rman ently assigned IP addr ess, you ca n register a domain name and have that name linked with y our[...]
-
Pagina 132
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-2 Advanced Configuration v1.0, September 2007 8. If your dynamic DNS provider allows the use of wildcards in resolving your URL, you may select the Use wildcards check box to activate this feature. For example, the wildcard feature will cause *.yourhost.dyndns.or g to be aliased to th[...]
-
Pagina 133
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Configuration 8-3 v1.0, September 2007 These addresses are part of the IETF-designated private address range for use in private networks, and should be suitabl e in most applications. If yo ur network has a requirement to use a different IP addressing scheme, you can make those[...]
-
Pagina 134
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-4 Advanced Configuration v1.0, September 2007 • Primary DNS server (if you entered a primar y DNS address in the W AN Settings menu; otherwise, the firewall’ s LAN IP address) • Secondary DNS server (if you entered a seco ndary DNS address in the W AN Settings menu Using Address[...]
-
Pagina 135
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Configuration 8-5 v1.0, September 2007 Configuring S t atic Routes Stat ic Routes provide additional routing info rmation to your firewall. Under normal circumstances, the firewall has adequate routing info rmation after it has be en configured for Internet access, and you do n[...]
-
Pagina 136
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-6 Advanced Configuration v1.0, September 2007 5. T ype the Destination IP Address of the final destination. 6. T ype the IP Subnet Mask for this destination. If the destination is a single host, type 255.255.255.2 55 . 7. T ype the Gateway IP Address, which must be a firewall on the s[...]
-
Pagina 137
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Configuration 8-7 v1.0, September 2007 – When set to Both or In Only , it incorpor ates the RIP information that it receives. – When set to None, it will not send any RIP packets and ignores any RIP packets rece ived. 3. Enable the RIP V ersion. This controls the fo rmat an[...]
-
Pagina 138
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-8 Advanced Configuration v1.0, September 2007 • Y ou have an ISDN firewall on your home network for connecti ng to the company where you are employed. This firewall’ s address on your LAN is 192.168.0.100. • Y ou r company’ s network is 13 4.177.0.0. When you first con figured[...]
-
Pagina 139
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Configuration 8-9 v1.0, September 2007 2. Select the Y es radio box for Allow Remote Ma nagement. • Specify what external addresses will be allowed to access the firewall’ s remote management. • T o allow access from any IP address on the Internet, select Everyone . • T[...]
-
Pagina 140
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-10 Advanced C onfiguration v1.0, September 2007 SNMP Administration Simple Network Manage ment Protocol (SNMP) lets you monito r and manage you r router from an SNMP Manager . SNMP provides a remote means to monitor and control network de vices, and to manage configurations, statisti [...]
-
Pagina 141
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Advanced Configuration 8-11 v1.0, September 2007 T o create a new SNMP configuration entry: 1. Enter the IP address of an SNMP trap agent. 2. Enter the Subnet Mask. The network mask used to determine the list of allowed SNMP managers. • T o allow any IP on the n etwork to manager the [...]
-
Pagina 142
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 8-12 Advanced C onfiguration v1.0, September 2007 Enabling Universal Plug and Play (UPnP) UPnP (Universal Plug and Play) allows for auto matic d iscovery of de vices that ca n communicate with this router . This feature should be used with caution as it breaches firewall security . Sele[...]
-
Pagina 143
Troubleshooting 9-1 v1.0, September 2007 Chapter 9 T roubleshooting This chapter gives informatio n about troubleshootin g your ProSafe 802.1 1g W ireless VPN Firewall. After each problem description, instructio ns are provided to help you dia gnose and solve the problem. Basic Functioning After you turn on power to th e firewall, the following seq[...]
-
Pagina 144
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 9-2 Troubleshooting v1.0, September 2007 LEDs Never T urn Off When the firewall is turned on, the LEDs turn on brief ly and th en turn of f. If all the LEDs stay on, there is a fault within the firewall. If all LEDs are still on one minute after power up: • Cycle the power to see if t[...]
-
Pagina 145
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Troubleshooting 9-3 v1.0, September 2007 Note: If your PC’ s IP address is sh own as 169.254.x.x: Recent versions of Windows and MacOS will generate and assign an IP address if the computer cannot reach a DHCP server . These auto-generated addresses are in the range of 169.254.x.x. If[...]
-
Pagina 146
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 9-4 Troubleshooting v1.0, September 2007 If your firewall is unable to obtain an IP address from the ISP , you may need to force your cable o r DSL modem to recognize your new firewall by performing the fo llowing procedure: 1. T urn off power to th e cable or DSL modem. 2. T urn off po[...]
-
Pagina 147
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Troubleshooting 9-5 v1.0, September 2007 T roubleshooting a TCP/IP Ne twork Using a Ping Utility Most TCP/IP terminal devices and firewalls contain a ping utility th at sends an echo request packet to the designated device. The device then respond s with an echo reply . T roubleshooting[...]
-
Pagina 148
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 9-6 Troubleshooting v1.0, September 2007 – V erify that the IP addres s for your firewa ll and your workstation are correct and that the addresses are on the same subnet. T esting the Path from Y our PC to a Remote Device After verifying that the LAN path works correctly , test the pa[...]
-
Pagina 149
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Troubleshooting 9-7 v1.0, September 2007 • Use the Reset button on the rear panel of the firewa ll. Use this method for cases when the administration password or IP address are not known. a. Press and hold the Reset button until the T est LED turns on and begins blinking (about 10 sec[...]
-
Pagina 150
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual 9-8 Troubleshooting v1.0, September 2007[...]
-
Pagina 151
Default Settings and Technical Specifications A-1 v1.0, September 2007 Appendix A Default Settings and T echnical Specifications Default Settings Y ou can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • T o perform a hard reset, push and hold the reset button[...]
-
Pagina 152
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual A-2 Default Settings and Technical Specifications v1.0, September 2007 DHCP S tarting IP Addre s s 192.168.0.2 DHCP Ending IP Address 192.168.0.100 DMZ Disabled T ime Zone GMT T ime Zone Adj usted for Daylight Saving Ti m e Disabled SNMP Disabled Firewall Inbound (communications coming [...]
-
Pagina 153
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual Default Settings and Technical Specifications A-3 v1.0, September 2007 T echnical S pecifications This appendix provides techni cal specifications for the ProSafe 802.1 1g W ireless VPN Firewall. Network Protocol and Standards Compatibility Data and Routing Protocols: TCP/IP , RIP-1, RI[...]
-
Pagina 154
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual A-4 Default Settings and Technical Specifications v1.0, September 2007[...]
-
Pagina 155
Related Documents B-1 v1.0, September 2007 Appendix B Related Document s This appendix provides links to reference documents you c an use to gain a more comple te understanding of the technolog ies used in your NETGEAR prod uct. Document Link Windows XP and Vista Wireless Configuration Utilities http://documentation.netgear .com/refer ence/enu/winz[...]
-
Pagina 156
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual B-2 Related Documents v1.0, September 2007[...]
-
Pagina 157
VPN Configuration of NETGEAR FVG318 C-1 v1.0, September 2007 Appendix C VPN Configuration of NETGEAR FVG318 This is a case study on how to configure a s ecure IPSec VPN tunnel on a NETGEAR FVS318v3. This case study follows the VP N Consortium interoperability profile guidelines (found at http://www .vpnc.or g/Inter opPr ofiles/Inter op-01.html ). T[...]
-
Pagina 158
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-2 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 Configuring the Gateways Configure each gateway: 1. Configure Gate A. a. Log in to the r outer at Gateway A. b. Use the VPN Wizard to configur e this router . Enter the requested information as prompted by the VPN W izard: •[...]
-
Pagina 159
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG3 18 C-3 v1.0, September 2007 Activating the VPN T unnel Y ou can activate the VPN tunnel by testing co nnectivity and viewing the VPN tunnel stat us information as described in the following flowchart: Figure C-2 All traffic from the range of LAN IP addr[...]
-
Pagina 160
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-4 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 Configuring the VPN T unnel This scenario assumes all ports are open on the FVG318. Use this scenario illustration and configuration scr een s as a model to build your configuration. 1. Log in to the FVG318 labeled Gateway A. [...]
-
Pagina 161
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG3 18 C-5 v1.0, September 2007 – Subnet Mask: 255.255.255.0 (in this example) 3. Log in to the FVG318 labeled Gateway B. Log in at the default address of http://192.168.0.1 with the default user name of admin and default password of password (or using wh[...]
-
Pagina 162
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-6 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 Initiating and Checki ng the VPN Connections Y ou can test connectivity and view VPN status information on the FVG3 18 according to the testing flowchart shown in Figure C-2 . T o test the VPN tunnel from the Gateway A LAN, do[...]
-
Pagina 163
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG3 18 C-7 v1.0, September 2007 The FVG318-to-FVS318v2 Case Configuring the VPN T unnel This scenario assumes all ports ar e open on the FVG318 an d FVS318v2. Use this scenario illustration and configuration scr een s as a model to build your configuration.[...]
-
Pagina 164
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-8 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 • Connection Name: Scenario_1 (in this example) • Pre-Shared Key: 123456 78 (in this example), must be the same at both VPN tunnel endpoints • Remote W AN IP address: 22.23.24.25 (in this example), must be un ique at eac[...]
-
Pagina 165
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG3 18 C-9 v1.0, September 2007 • The remote W AN and LAN IP addresse s for one VPN tunnel endpoint will be the local W AN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN W izard ensures the other VPN parameters are the sa me at both V[...]
-
Pagina 166
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-10 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 The FVG318-to-FVL328 Case Configuring the VPN T unnel This scenario assumes all ports ar e open on the FVG318 an d FVL328. Use this scenario illustration and configuration scr een s as a model to build your configuration. 1. [...]
-
Pagina 167
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG318 C-11 v1.0, September 2007 • Pre-Shared Key: 123456 78 (in this example), must be the same at both VPN tunnel endpoints • Remote W AN IP address: 22.23.24.25 (in this example), must be un ique at each VP N tunnel endpoin t • Remote LAN IP Subnet [...]
-
Pagina 168
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-12 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 • The remote W AN and LAN IP addresse s for one VPN tunnel endpoint will be the local W AN and LAN IP addresses for the other VPN tunnel endpoint. • The VPN W izard ensures the other VPN parameters are the sa me at both V[...]
-
Pagina 169
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG318 C-13 v1.0, September 2007 The FVG318-to-VPN Client Case Client-to-Gateway VPN T unnel Overview The operational differences between gateway-to-g atew ay and client-to-gateway VPN tunnels are summarized as follows: T able C-4. Policy Summary VPN Consort[...]
-
Pagina 170
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-14 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 Configuring the VPN T unnel This scenario assumes all ports are open on the FVG318. Use this scenario illustration and configuration scr een s as a model to build your configuration. 1. Log in to the FVG318 labeled Gateway A [...]
-
Pagina 171
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG318 C-15 v1.0, September 2007 b. Add a new connection using the Edit /Add/Connection menu and rename it Scenario_1 . ( Scenario_1 is used in this example to reflect the fact that the co nnection uses the Pre- Shared Key security scheme and encryption para[...]
-
Pagina 172
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-16 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 d. Select Security Policy on the left hierarchy menu and then select Aggressive Mode under Select Phase 1 Negotiation Mode (see Figure C-9 ). (The Select Phas e 1 Negotiation Mode choice must match the Exchange Mode setting f[...]
-
Pagina 173
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG318 C-17 v1.0, September 2007 •U n d e r My Identity , select Domain Name for the ID T ype and then enter fvs_remote . ( Domain Name must match the Remote Identity Data parameter of the IKE Policy Configuration screen shown in Figure C-10 for the gatewa[...]
-
Pagina 174
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-18 VPN Configuration of NETGEAR FVG318 v1.0, September 2007 Y ou are new ready to activate the tunnel, but you must do it from the client endpoint (see “Initiating and Checking the VP N Conn ections” on pa ge C-18 ). In the client-to-gateway scenario, the gateway router will not k[...]
-
Pagina 175
ProSafe 802.11g Wireless VPN Firewall FVG31 8 Reference Manual VPN Configuration of NETGEAR FVG318 C-19 v1.0, September 2007 2. T est 2: Ping Remote W AN IP Address (if T est 1 fails): T o test co nnectivity between the Gateway A and Gateway B W AN ports, follow these steps: a. From a W indows Client PC, click the St a r t button on the task bar an[...]
-
Pagina 176
ProSafe 802.11g Wireless VPN Fi rewall FVG318 Reference Manual C-20 VPN Configuration of NETGEAR FVG318 v1.0, September 2007[...]