Vai alla pagina of
Manuali d’uso simili
-
Modem
NETGEAR NETGEAR 341U
110 pagine 3.19 mb -
Modem
NETGEAR WN3100RP
20 pagine 1.95 mb -
Modem
NETGEAR FVS318G
222 pagine 13.14 mb -
Modem
NETGEAR DM602
66 pagine 2.17 mb -
Modem
NETGEAR DG834 V3
6 pagine 0.09 mb -
Modem
NETGEAR GS116NA
5 pagine 0.17 mb -
Modem
NETGEAR AC327U
64 pagine 3.91 mb -
Modem
NETGEAR RM356
11 pagine 0.6 mb
Un buon manuale d’uso
Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso NETGEAR FVS318G. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica NETGEAR FVS318G o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.
Che cosa è il manuale d’uso?
La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso NETGEAR FVS318G descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.
Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.
Quindi cosa dovrebbe contenere il manuale perfetto?
Innanzitutto, il manuale d’uso NETGEAR FVS318G dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo NETGEAR FVS318G
- nome del fabbricante e anno di fabbricazione NETGEAR FVS318G
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature NETGEAR FVS318G
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti
Perché non leggiamo i manuali d’uso?
Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio NETGEAR FVS318G non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti NETGEAR FVS318G e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio NETGEAR in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche NETGEAR FVS318G, come nel caso della versione cartacea.
Perché leggere il manuale d’uso?
Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo NETGEAR FVS318G, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.
Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso NETGEAR FVS318G. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.
Sommario del manuale d’uso
-
Pagina 1
202-10521-02 v1.1 August 2010 NETGEAR , Inc. 350 East Plumeria Drive San Jose, CA 95134 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual[...]
-
Pagina 2
ii v1.1, August 2010 © 2009–2010 by NETGEAR, Inc. All rights reserved. Technical Support Please refer to the support information card that shipped with your product. By registering your product at http://www.netgear.com/register , we can provide you with faster expert technical support and timely notices of product and software upgrades. NETGEAR[...]
-
Pagina 3
v1.1, August 2010 iii Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Gigabit 8 Port VPN Firewall FVS318G gemäß der im BMPT-AmtsblVfg 243/ 1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unte[...]
-
Pagina 4
v1.1, August 2010 iv Open SSL Copyright (c) 1998–2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions, and the fo[...]
-
Pagina 5
v1.1, August 2010 v Product and Publication Details PPP Copyright (c) 1989 Carnegie Mellon University. All rights reserved. Redistribution and use in source and binary forms are permitted provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other material[...]
-
Pagina 6
v1.1, August 2010 vi[...]
-
Pagina 7
vii v1.1, August 2010 Contents ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual Conventions, Formats and Scope ................................................................................... xiii How to Print This Manual ...............................................................................................[...]
-
Pagina 8
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual viii Contents v1.1, August 2010 Chapter 3 LAN Configuration Choosing the VPN Firewall DHCP Options .................................................................... 3-1 Configuring the LAN Setup Options ............................................................................... 3-2[...]
-
Pagina 9
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents ix v1.1, August 2010 Blocking Internet Sites (Content Filtering) .................................................................... 4-30 Configuring Source MAC Filtering ................................................................................ 4-33 Configuring IP/MAC Add[...]
-
Pagina 10
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual x Contents v1.1, August 2010 Configuring NetBIOS Bridging with VPN ...................................................................... 5-55 Chapter 6 VPN Firewall and Network Management Performance Management .............................................................................[...]
-
Pagina 11
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents xi v1.1, August 2010 Troubleshooting the Web Configuration Interface .......................................................... 7-3 Troubleshooting the ISP Connection .............................................................................. 7-4 Troubleshooting a TCP/IP Netwo[...]
-
Pagina 12
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xii Contents v1.1, August 2010[...]
-
Pagina 13
xiii v1.1, August 2010 About This Manual The NETGEAR ® ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual describes how to install, configure and troubleshoot the ProSafe Gigabit 8 Port VPN Firewall FVS318G. The information in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Formats and Sco[...]
-
Pagina 14
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xiv About This Manual v1.1, August 2010 • Scope . This manual is written for the VPN firewall according to these specifications. For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix C, “Related Documents .” Ho[...]
-
Pagina 15
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual xv v1.1, August 2010 202-10521-02 1.0 April 2010 Added the following new features for the April 2010 firmware maintenance release: • Connection reset and delay options on the Broadband ISP Settings screen (see “Manually Configuring Your Internet Connection ”). • [...]
-
Pagina 16
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xvi About This Manual v1.1, August 2010[...]
-
Pagina 17
1-1 v1.1, August 2010 Chapter 1 Introduction The ProSafe Gigabit 8 Port VPN Firewall FVS318G with eight 10/100/1000 Mbps Gigabit Ethernet LAN ports and one 10/100/1000 Mbps Gigabit Ethernet WAN port connects your local area network (LAN) to the Internet through an external access device such as a cable modem or DSL modem. The FVS318G is a complete [...]
-
Pagina 18
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-2 Introduction v1.1, August 2010 • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, Web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability.[...]
-
Pagina 19
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-3 v1.1, August 2010 • Keyword Filtering. With its URL keyword filtering feature, the FVS318G prevents objectionable content from reaching your PCs. The VPN firewall allows you to control access to Internet content by screening for keywords within Web addresses. You can co[...]
-
Pagina 20
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-4 Introduction v1.1, August 2010 Extensive Protocol Support The FVS318G supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protoco l (RIP). For further information about TCP/IP, see the “TCP/IP Networking Basics ” document that you can acce[...]
-
Pagina 21
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-5 v1.1, August 2010 • SNMP . The VPN firewall supports the Simple Network Management Protocol (SNMP) to let you monitor and manage log resources from an SNMP-compliant system manager. The SNMP system configuration lets you change the system variables for MIB2. • Diagnos[...]
-
Pagina 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-6 Introduction v1.1, August 2010 VPN Firewall Front and Rear Panels The FVS318G front panel includes eight LAN ports, one WAN port, and four groups of status indicator light-emitting diodes (LEDs), including Power and Test, LAN, and WAN LEDs. Table 1-1 describes each item on the front p[...]
-
Pagina 23
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-7 v1.1, August 2010 The rear panel of the FVS318G includes a cable lock receptacle, a Factory Defaults button, and a DC power connection. Viewed from left to right, the rear panel contains the following elements: 1. Cable security lock receptacle. 2. Factory Defaults button[...]
-
Pagina 24
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-8 Introduction v1.1, August 2010 Default IP Address, Login Name, and Password Check the label on the bottom of the FVS318G’s enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 • User name: admin • Password: password When FVS318G i[...]
-
Pagina 25
2-1 v1.1, August 2010 Chapter 2 Connecting the VPN Firewall to the Internet This section provides instructions for connecting the ProSafe Gigabit 8 Port VPN Firewall FVS318G, including these topics: • “Understanding the Connection Steps ” on this page • “Logging into the VPN Firewall” on page 2-2 • “Navigating the Menus” on page 2[...]
-
Pagina 26
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-2 Connecting the VPN Firewall to the Internet v1.1, August 2010 6. Configure the WAN options (optional) . As an option, change the VPN firewall’s Media Access Control (MAC) address, the factory default MTU size, and the port speed. However, these are advanced features and changing the[...]
-
Pagina 27
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-3 v1.1, August 2010 3. Click Login . The Router Status screen displays. For more information about this screen, see “Viewing the VPN Firewall Configuration and System Status” on page 6-30 . Navigating the Menus The Web Configuration Manage[...]
-
Pagina 28
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-4 Connecting the VPN Firewall to the Internet v1.1, August 2010 Configuring the Internet Connection to Your ISP To automatically configure the broadband port and connect to the Internet: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The [...]
-
Pagina 29
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-5 v1.1, August 2010 When Auto Detect successfully detects an active Internet service, it reports which connection type it discovered. The options are described in Table 2-1 . If Auto Detect does not find a connection, you will be prompted to c[...]
-
Pagina 30
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-6 Connecting the VPN Firewall to the Internet v1.1, August 2010 The Connection Status window should show a valid IP address and gateway. If the configuration was not successful, skip ahead to “Manually Configuring Your Internet Connection following this section, or see “Troubleshoot[...]
-
Pagina 31
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-7 v1.1, August 2010 4. In the ISP Type section, select the type of ISP connection you use from the two listed options. (By default, “Other (PPPoE)” is selected.) • Other (PPPoE) . If you have installed login software such as WinPoET or E[...]
-
Pagina 32
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-8 Connecting the VPN Firewall to the Internet v1.1, August 2010 – Idle Timeout . Check the Keep Connected radio box to keep the connection always on. To logout after the connection is idle for a period of time, click Idle Time and enter the number of minutes to wait before disconnecti[...]
-
Pagina 33
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-9 v1.1, August 2010 6. Review the Domain Name Server (DNS) server options. • If your ISP has not assigned any Domain Name Servers (DNS) addresses, click Get Dynamically from ISP . • If your ISP (or your IT department) has assigned DNS addr[...]
-
Pagina 34
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-10 Connecting the VPN Firewall to the Internet v1.1, August 2010 The WAN Mode screen allows you to configure how the VPN firewalll uses the external Internet connection. This screen gives you two choices for accessing the external Internet connection. • Network Address Translation (NA[...]
-
Pagina 35
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-11 v1.1, August 2010 Configuring Dynamic DNS Dynamic DNS (DDNS) is an Internet service that allows routers with varying public IP addresses to be located using Internet domain names. To use DDNS, you must setup an account with a DDNS provider [...]
-
Pagina 36
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-12 Connecting the VPN Firewall to the Internet v1.1, August 2010 2. Click the tab of the DNS service you want to enable. Each DNS service provider requires registration. After registration you can configure the required settings on the corresponding screen for the DNS service. 3. Access[...]
-
Pagina 37
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-13 v1.1, August 2010 Configuring the Advanced Broadband Options To configure the advanced broadband options: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The Broadband ISP Settings screen disp[...]
-
Pagina 38
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-14 Connecting the VPN Firewall to the Internet v1.1, August 2010 • Router's MAC Address . Each computer or router on your network has a unique 32-bit local Ethernet address. This is also referred to as the computer's MAC (Media Access Control) address. The default is Use Def[...]
-
Pagina 39
3-1 v1.1, August 2010 Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G, including the following sections: • “Choosing the VPN Firewall DHCP Options ” on this page • “Configuring the LAN Setup Options” on page 3-2 • “Managing Groups and H[...]
-
Pagina 40
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-2 LAN Configuration v1.1, August 2010 The VPN firewall will deliver the following settings to any LAN device that requests DHCP: • An IP address from the range that you have defined. • Subnet mask. • Gateway IP address (the VPN firewall’s LAN IP address). • Primary DNS server [...]
-
Pagina 41
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-3 v1.1, August 2010 To configure the LAN Setup options: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. In the LAN TCP/IP Setup section, configure the following settings: • IP Address . The LAN a[...]
-
Pagina 42
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-4 LAN Configuration v1.1, August 2010 • IP Subnet Mask . The subnet mask specifies the network number portion of an IP address. Your VPN firewall will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use 255.255.2[...]
-
Pagina 43
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-5 v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following [...]
-
Pagina 44
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-6 LAN Configuration v1.1, August 2010 The Network Database is updated by these methods: • DHCP Client Requests . By default, the DHCP server in this VPN firewall is enabled, and will accept and respond to DHCP client requests from PCs and other network devices. These requests also gen[...]
-
Pagina 45
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-7 v1.1, August 2010 Viewing the Network Database To view the Network Database, follow these steps: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the LAN Groups tab. The LAN Groups screen di[...]
-
Pagina 46
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-8 LAN Configuration v1.1, August 2010 Adding Devices to the Network Database To add devices manually to the network database: 1. To add computers to the network database manually, make the following selections: • Name : The name of the PC or device. • IP Address Type . From the pull[...]
-
Pagina 47
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-9 v1.1, August 2010 Changing Group Names in the LAN Groups Database By default, the LAN Groups are named Group1 through Group8. You can rename these group names to be more descriptive, such as Engineering or Marketing. To edit the names of any of the eight available gr[...]
-
Pagina 48
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-10 LAN Configuration v1.1, August 2010 Configuring Multi Home LAN IP Addresses If you have computers on your LAN using different IP address ranges (for example, 172.16.2.0 or 10.0.0.0), you can add “aliases” to the LAN port, giving computers on those networks access to the Internet [...]
-
Pagina 49
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-11 v1.1, August 2010 3. In the Add Secondary LAN IP Address section, enter the additional IP address and subnet mask to be assigned to the LAN port of the VPN firewall. 4. Click Add . The secondary LAN IP address will be added to the Available Secondary LAN IPs table. [...]
-
Pagina 50
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-12 LAN Configuration v1.1, August 2010 The DMZ Setup screen allows you to set up the DMZ port. It permits you to enable or disable the hardware DMZ port (LAN port 8, see “VPN Firewall Front and Rear Panels” on page 1-6 ) and configure an IP address and Mask for the DMZ port. To enab[...]
-
Pagina 51
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-13 v1.1, August 2010 4. In the DHCP for DMZ Connected Computers section, select one of the following three radio buttons: • Disable DHCP Server . The DHCP server is disabled, which is the default setting. Select this radio button if another device on your DMZ network[...]
-
Pagina 52
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-14 LAN Configuration v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following[...]
-
Pagina 53
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-15 v1.1, August 2010 To add a static route: 1. Select Network Configuration from the main menu and Routing from the submenu. The Routing screen displays. 2. Click Add . The Add Static Route screen displays. 3. Enter a route name for this static route in the Route Name [...]
-
Pagina 54
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-16 LAN Configuration v1.1, August 2010 6. In the Destination IP Address field, enter the destination IP address to the host or network to which the route leads. 7. In the IP Subnet Mask field, enter the IP subnet mask for this destination. If the destination is a single host, enter 255.[...]
-
Pagina 55
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-17 v1.1, August 2010 • The Gateway IP Address fields specifies that all traffic for these addresses should be forwarded to the ISDN firewall at 192.168.1.100. • A Metric value of 1 will work since the ISDN firewall is on the LAN. • Private is selected only as a p[...]
-
Pagina 56
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-18 LAN Configuration v1.1, August 2010 3. From the RIP Direction pull-down menu, select the direction in which the VPN firewall will send and receives RIP packets. The choices are: • None . The VPN firewall neither broadcasts its routing table nor does it accept any RIP packets from o[...]
-
Pagina 57
4-1 v1.1, August 2010 Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G to protect your network. This chapter includes the following sections: • “About Firewall Protection and Content Filtering ” on this page • “Using Rule[...]
-
Pagina 58
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-2 Firewall Protection and Content Filtering v1.1, August 2010 A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for controlling the types of traffic that can flow between the two [...]
-
Pagina 59
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-3 v1.1, August 2010 Services-Based Rules The rules to block traffic are based on the traffic’s category of service. • Outbound Rules (service blocking) . Outbound traffic is normally allowed unless the VPN firewall is configured to disallow [...]
-
Pagina 60
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-4 Firewall Protection and Content Filtering v1.1, August 2010 Select Schedule Select the desired time schedule (Schedule1, Schedule2, or Schedule3) that will be used by this rule. • This pull-down menu gets activated only when “BLOCK by schedule, otherwise Allow” or “ALLOW by sc[...]
-
Pagina 61
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-5 v1.1, August 2010 Inbound Rules (Port Forwarding) Because the VPN firewall uses Network Address Translation (NAT), your network presents only one IP address to the Internet and outside users cannot directly address any of your local computers.[...]
-
Pagina 62
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-6 Firewall Protection and Content Filtering v1.1, August 2010 Table 4-2. Inbound Rules Item Description Services Select the desired service or application to be covered by this rule. If the desired service or application does not appear in the list, you must define it using the Services[...]
-
Pagina 63
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-7 v1.1, August 2010 Remember that allowing inbound services opens holes in your VPN firewall. Only enable those ports that are necessary for your network. It is also advisable to turn on the server application security and invoke the user passwo[...]
-
Pagina 64
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-8 Firewall Protection and Content Filtering v1.1, August 2010 Viewing Rules and Order of Precedence for Rules To view the firewall rules, select Security from the main menu and Firewall from the submenu. The LAN WAN Rules screen appears ( Figure 4-1 shows some examples). As you define n[...]
-
Pagina 65
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-9 v1.1, August 2010 To make changes to an existing outbound or inbound service rule on the the LAN WAN Rules, DMZ WAN Rules, or LAN DMZ Rules screen, in the Action column to the right of to the rule, click on of the following table buttons: • [...]
-
Pagina 66
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-10 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Outbound Services Rules You may define rules that will specify exceptions to the default rules. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addr[...]
-
Pagina 67
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-11 v1.1, August 2010 LAN WAN Inbound Services Rules This Inbound Services table lists all existing rules for inbound traffic. If you have not defined any rules, no rules will be listed. By default, all inbound traffic is blocked. Remember that a[...]
-
Pagina 68
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-12 Firewall Protection and Content Filtering v1.1, August 2010 Configuring DMZ WAN Rules The firewall rules for traffic between the DMZ and the WAN/Internet are configured on the DMZ WAN Rules screen. The Default Outbound Policy is to allow all traffic from and to the Internet to pass t[...]
-
Pagina 69
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-13 v1.1, August 2010 4. Configure the settings based on the descriptions in Table 4-1 on page 4-3 . 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new DMZ WAN in[...]
-
Pagina 70
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-14 Firewall Protection and Content Filtering v1.1, August 2010 To create a new LAN DMZ outbound service policy: 1. Select Security from the main menu and Firewall Rules from the submenu. The LAN WAN Rules screen displays. 2. Select the LAN DMZ Rules tab. The LAN DMZ Rules screen display[...]
-
Pagina 71
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-15 v1.1, August 2010 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new LAN DMZ inbound service policy is similar to the procedure described above with the excep[...]
-
Pagina 72
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-16 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Inbound Rule: Allowing Videoconference from Restricted Addresses If you want to allow incoming videoconferencing to be initiated from a restricted range of outside IP addresses, such as from a branch office, you can [...]
-
Pagina 73
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-17 v1.1, August 2010 The following addressing scheme is used in this example: • VPN firewall FVS318G – WAN primary public IP address: 10.1.0.1 – WAN additional public IP address: 10.1.0.5 – LAN IP address 192.168.1.1 • Web server PC on[...]
-
Pagina 74
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-18 Firewall Protection and Content Filtering v1.1, August 2010 To expose one of the PCs on your LAN or DMZ as this host: 1. Create an inbound rule that allows all protocols. 2. Place the rule below all other inbound rules. Note: For security, NETGEAR strongly recommends that you avoid c[...]
-
Pagina 75
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-19 v1.1, August 2010 Outbound Rules Example Outbound rules let you prevent users from using applications such as Instant Messenger, Real Audio or other non-essential sites. LAN WAN Outbound Rule: Blocking Instant Messenger If you want to block I[...]
-
Pagina 76
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-20 Firewall Protection and Content Filtering v1.1, August 2010 Attack Checks The Attack Checks screen allows you to specify whether or not the VPN firewall should be protected against common attacks in the DMZ, LAN and WAN networks. To enable the appropriate attack checks for your envir[...]
-
Pagina 77
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-21 v1.1, August 2010 – Block TCP Flood . A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker does not complete the connection, thu[...]
-
Pagina 78
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-22 Firewall Protection and Content Filtering v1.1, August 2010 Setting Session Limits Session Limit allows you to specify the total number of sessions allowed, per user, over an IP (Internet Protocol) connection across the VPN firewall. This feature is enabled on the Session Limit scree[...]
-
Pagina 79
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-23 v1.1, August 2010 The Total Number of Packets Dropped due to Session Limit field shows total number of packets dropped when session limit is reached. 6. In the Session Timeout section, modify the TCP, UDP and ICMP timeout values as you requir[...]
-
Pagina 80
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-24 Firewall Protection and Content Filtering v1.1, August 2010 Creating Services, QoS Profiles, and Bandwidth Profiles When you create inbound and outbound firewall rules, you use firewall objects such as services, QoS profiles, bandwidth profiles, and schedules to narrow down the firew[...]
-
Pagina 81
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-25 v1.1, August 2010 To define a new service, first you must determine which port number or range of numbers is used by the application. This information can usually be determined by contacting the publisher of the application or from user group[...]
-
Pagina 82
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-26 Firewall Protection and Content Filtering v1.1, August 2010 Modifying a Service To edit the settings of a service: 1. In the Custom Services Table , click the Edit icon adjacent to the service you want to edit. The Edit Service screen displays. 2. Modify the settings you wish to chan[...]
-
Pagina 83
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-27 v1.1, August 2010 A ToS priority for traffic passing through the VPN firewall is one of the following: • Normal-Service . No special priority given to the traffic. The IP packets for services with this priority are marked with a ToS value o[...]
-
Pagina 84
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-28 Firewall Protection and Content Filtering v1.1, August 2010 To add a bandwidth profile: 1. Select Security from the main menu and Bandwidth Profile from the submenu. The Bandwidth Profile screen displays. 2. Click Add to add a new bandwidth profile. The Add New Bandwidth Profile scre[...]
-
Pagina 85
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-29 v1.1, August 2010 c. Depending on the direction that you selected, enter the minimum and maximum bandwidths to be allowed: • Enter the Outbound Minimum Bandwidth and Outbound Maximum Bandwidth in Kbps. • Enter the Inbound Minimum Bandwidt[...]
-
Pagina 86
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-30 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the radio button for All Days or Specific Days . If you chose Specific Days , check the radio button for each day you want the schedule to be in effect. 3. Check the radio button to schedule the time of day: All Day[...]
-
Pagina 87
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-31 v1.1, August 2010 – Proxy . A proxy server (or simply, proxy) allows computers to route connections to other computers through the proxy, thus circumventing certain firewall rules. For example, if connections to a specific IP address are bl[...]
-
Pagina 88
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-32 Firewall Protection and Content Filtering v1.1, August 2010 To enable Content Filtering: 1. Select Security from the main menu and Block Sites from the submenu. The Block Sites screen displays. Figure 4-21[...]
-
Pagina 89
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-33 v1.1, August 2010 2. Check the Yes radio button to enable content filtering. 3. Click Apply to activate the screen controls. 4. Check the radio boxes of any Web components you wish to block. 5. Check the radio buttons of the groups to which y[...]
-
Pagina 90
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-34 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the Yes radio box in the MAC Filtering Enable section. 3. Select the action to be taken on outbound traffic from the listed MAC addresses: • Block this list and permit all other MAC addresses. • Permit this list[...]
-
Pagina 91
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-35 v1.1, August 2010 Configuring IP/MAC Address Binding IP/MAC binding allows you to bind an IP address to a MAC address and the other way around. Some devices are configured with static addresses. To prevent users from changing their static IP [...]
-
Pagina 92
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-36 Firewall Protection and Content Filtering v1.1, August 2010 3. Select the Yes radio box and click Apply . Make sure that you have enabled the e-maling of logs (see “Activating Notification of Events and Alerts” on page 6-23 ). 4. Add an IP/MAC Bind rule by entering: a. Name . Spe[...]
-
Pagina 93
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-37 v1.1, August 2010 To edit an IP/MAC binding rule, click Edit adjacent to the entry. The following fields of an existing IP/MAC binding rule can be modified: • MAC Address . Specify the MAC Address for this rule. • IP Addresses . Specify t[...]
-
Pagina 94
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-38 Firewall Protection and Content Filtering v1.1, August 2010 Without port triggering, this response would be treated as a new connection request rather than a response. As such, it would be handled in accordance with the port forwarding rules. Note these restrictions with port trigger[...]
-
Pagina 95
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-39 v1.1, August 2010 a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 6. In the Incoming (Response) Port Range fields: a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 7. Clic[...]
-
Pagina 96
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-40 Firewall Protection and Content Filtering v1.1, August 2010 To check the status of the port triggering rules, click the Status option arrow on the Port Triggering screen. Configuring UPnP (Universal Plug and Play) The UPnP (Universal Plug and Play) feature allows the VPN Firewall to [...]
-
Pagina 97
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-41 v1.1, August 2010 3. Configure the following fields: – Advertisement Period . Enter the period in minutes that specified how often the VPN firewall should broadcast its UPnP information to all devices within its range. – Advertisement Tim[...]
-
Pagina 98
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-42 Firewall Protection and Content Filtering v1.1, August 2010 Administrator Tips Consider the following operational items: • As an option, you can enable remote management if you have to manage distant sites from a central location (see “Configuring an External Server for Authentic[...]
-
Pagina 99
5-1 v1.1, August 2010 Chapter 5 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Using the VPN Wizard for Client and Gateway Configurations ” on this page • “Testing the Connections[...]
-
Pagina 100
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-2 Virtual Private Networking v1.1, August 2010 Creating Gateway to Gateway VPN Tunnels with the Wizard Follow these steps to set up a gateway VPN tunnel using the VPN Wizard. 1. Select VPN from the main menu and VPN Wizard from the submenu. The VPN Wizard screen displays. Figure 5-1 Fig[...]
-
Pagina 101
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-3 v1.1, August 2010 To view the wizard default settings, click the VPN Wizard Default Values option arrow. You can modify these settings after completing the wizard. 2. Select Gateway as your connection type. 3. Create a Connection Name . Enter a descriptive n[...]
-
Pagina 102
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-4 Virtual Private Networking v1.1, August 2010 8. Click Apply to save your settings. The VPN Policies screen shows that the policy is now enabled. 9. If you are connecting to another NETGEAR VPN firewall, use the VPN Wizard to configure the second VPN firewall to connect to the one you [...]
-
Pagina 103
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-5 v1.1, August 2010 Creating a Client to Gateway VPN Tunnel Follow these steps to configure the a VPN client tunnel: • Configure the client policies on the gateway. • Configure the VPN client to connect to the gateway. Use the VPN Wizard Configure the Gate[...]
-
Pagina 104
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-6 Virtual Private Networking v1.1, August 2010 7. Click Apply to save your settings. The VPN Policies screen (see Figure 5-7 on page 5-7 ) shows that the policy is now enabled. To view or modify the VPN policy, see “Managing VPN Policies” on page 5-15 . Tip: To assure tunnels stay a[...]
-
Pagina 105
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-7 v1.1, August 2010 Use the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection From a PC with the NETGEAR ProSafe VPN Client installed, configure a VPN client policy to connect to the VPN firewall. Follow these steps to configure your VPN [...]
-
Pagina 106
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-8 Virtual Private Networking v1.1, August 2010 2. In the upper left of the Policy Editor window, click the New Document icon (the first on the left) to open a New Connection. Give the New Connection a name; in this example, we are using gw1 . Fill in the other options according to the i[...]
-
Pagina 107
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-9 v1.1, August 2010 3. In the left frame, click My Identity . Fill in the options according to the instructions below. • From the Select Certificate pull-down menu, choose None . • Click Pre-Shared Key to enter the key you provided in the VPN Wizard; in th[...]
-
Pagina 108
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-10 Virtual Private Networking v1.1, August 2010 Figure 5-11[...]
-
Pagina 109
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-11 v1.1, August 2010 • In the left frame, click Security Policy to view the settings: no changes are needed. • In the left frame, expand Authentication (Phase 1) and click Proposal 1 : no changes are needed. • In the left frame, expand Key Exchange (Phas[...]
-
Pagina 110
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-12 Virtual Private Networking v1.1, August 2010 Within 30 seconds you should receive the message “Successfully connected to My Connectionsgw1”. The VPN client icon in the system tray should state On: 2. To view more detailed additional status and troubleshooting information from th[...]
-
Pagina 111
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-13 v1.1, August 2010 • Right-click the VPN Client icon in the system tray and select Connection Monitor. The VPN client system tray icon provides a variety of status indications, which are listed below. Figure 5-15 Note: The information in the Connection Mon[...]
-
Pagina 112
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-14 Virtual Private Networking v1.1, August 2010 VPN Firewall VPN Connection Status and Logs To view VPN firewall VPN connection status, select VPN from the main menu and Connection Status from the submenu. The VPN Connection Status screen displays. You can set a Poll Interval (in second[...]
-
Pagina 113
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-15 v1.1, August 2010 To view VPN firewall VPN logs, select Monitoring from the main menu and VPN Logs from the submenu. The VPN Logs screen displays. Managing VPN Policies When you use the VPN Wizard to set up a VPN tunnel, both a VPN policy and an IKE policy [...]
-
Pagina 114
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-16 Virtual Private Networking v1.1, August 2010 IKE policies are activated when: 1. The VPN Policy Selector determines that some traffic matches an existing VPN policy. If the VPN policy is of type “Auto”, then the auto policy settings that are defined in the VPN policy are accessed[...]
-
Pagina 115
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-17 v1.1, August 2010 Each policy that is listed in the List of IKE Policies table contains the following data: • Name . Uniquely identifies each IKE policy. The name is chosen by you and used for the purpose of managing your policies; it is not supplied to t[...]
-
Pagina 116
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-18 Virtual Private Networking v1.1, August 2010 Manually Adding or Editing an IKE Policy To manually add an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure 5-18 on page 5-16 ). [...]
-
Pagina 117
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-19 v1.1, August 2010 3. Complete the fields, select the radio buttons, and make your selections from the pull-down menus as explained Table 5-2 . Table 5-2. Add IKE Policy Settings Item Description (or Subfield and Description) Mode Config Record Do you want t[...]
-
Pagina 118
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-20 Virtual Private Networking v1.1, August 2010 Local Identifier Type From the pull-down menu, select one of the following ISAKMP identifiers to be used by the VPN firewall, and then specify the identifier in the field below: • Local Wan IP . The WAN IP address of the VPN firewall. Wh[...]
-
Pagina 119
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-21 v1.1, August 2010 Authentication Method Select one of the following radio buttons to specify the authentication method: • Pre-shared key . A secret that is shared between the VPN firewall and the remote endpoint. • RSA-Signature . Uses the active Self C[...]
-
Pagina 120
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-22 Virtual Private Networking v1.1, August 2010 4. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table. To edit an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies [...]
-
Pagina 121
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-23 v1.1, August 2010 4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE Policies table. Configuring VPN Policies You can create two types of VPN policies. When using the VPN Wizard to create a VPN policy, only the Auto[...]
-
Pagina 122
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-24 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen is displayed. Only one client policy may configured at a time (noted by an “*” next to the policy name). The List of VPN Policies contains the following fields: • ! (Status) . In[...]
-
Pagina 123
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-25 v1.1, August 2010 To delete one or more VPN polices: 1. Select the checkbox to the left of the policy that you want to delete or click the select all table button to select all VPN policies. 2. Click the delete table button. To enable or disable one ore mor[...]
-
Pagina 124
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-26 Virtual Private Networking v1.1, August 2010 4. Complete the fields, select the radio buttons and checkboxes, and make your selections from the pull-down menus as explained Table 5-3 on page 5-27 . Figure 5-21[...]
-
Pagina 125
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-27 v1.1, August 2010 Table 5-3. Add VPN Policy Settings Item Description (or Subfield and Description) General Policy Name A descriptive name of the VPN policy for identification and management purposes. Note : The name is not supplied to the remote VPN endpoi[...]
-
Pagina 126
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-28 Virtual Private Networking v1.1, August 2010 Traffic Selection Local IP From the pull-down menu, select the address or addresses that are part of the VPN tunnel on the VPN firewall: • Any . All PCs and devices on the network. Note : You cannot select Any for both the VPN firewall a[...]
-
Pagina 127
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-29 v1.1, August 2010 Integrity Algorithm From the pull-down menu, select one of the following two algorithms to be used in the VPN header for the authentication process: • SHA-1 . Hash algorithm that produces a 160-bit digest. This is the default setting. ?[...]
-
Pagina 128
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-30 Virtual Private Networking v1.1, August 2010 5. Click Apply to save your settings. The VPN policy is added to the List of VPN Policies table. To edit a VPN policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies s[...]
-
Pagina 129
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-31 v1.1, August 2010 Digital Certificates can be either self signed or can be issued by Certification Authorities (CA) such as via an in-house Windows server, or by an external organization such as Verisign or Thawte. However, if the Digital Certificates conta[...]
-
Pagina 130
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-32 Virtual Private Networking v1.1, August 2010 Understanding the Certificates Screen To display the Certificates screen, select VPN form the main menu and Certificates from the submenu. Because of the large size of this screen, and because of the way the information is presented, the C[...]
-
Pagina 131
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-33 v1.1, August 2010 To view the VPN certificates: Select VPN from the main menu and Certificates from the submenu. The Certificates screen displays. The top section of the Certificates screen displays the Trusted Certificates (CACertificates) section. When yo[...]
-
Pagina 132
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-34 Virtual Private Networking v1.1, August 2010 There can be three reasons why a security alert is generated for a security certificate: • The security certificate was issued by a company you have not chosen to trust. • The date of the security certificate is invalid. • The name o[...]
-
Pagina 133
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-35 v1.1, August 2010 • Issuer Name . The name of the CA that issued the certificate. • Expiry Time . The date on which the certificate expires. You should renew the certificate before it expires. Obtaining a Self Certificate from a Certificate Authority To[...]
-
Pagina 134
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-36 Virtual Private Networking v1.1, August 2010 2. Configure the following fields: • Name . Enter a descriptive name that will identify this certificate. • Subject . This is the name which other organizations will see as the holder (owner) of the certificate. Since this name will be[...]
-
Pagina 135
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-37 v1.1, August 2010 6. In the Self Certificate Requests table, click view in the Action column to view the request. 7. Copy the contents of the Data to supply to CA text box into a text file, including all of the data contained from “----BEGIN CERTIFICATE R[...]
-
Pagina 136
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-38 Virtual Private Networking v1.1, August 2010 If you have not already uploaded the CA certificate, do so now, as described in “Viewing and Loading CA Certificates” on page 5-32 . You should also periodically check the Certificate Revocation Lists (CRL) table, as described in the f[...]
-
Pagina 137
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-39 v1.1, August 2010 Configuring Extended Authentication (XAUTH) When connecting many VPN clients to a VPN gateway router, an administrator may want a unique user authentication method beyond relying on a single common preshared key for all clients. Although t[...]
-
Pagina 138
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-40 Virtual Private Networking v1.1, August 2010 2. You can add XAUTH to an existing IKE policy by clicking the edit button adjacent to the policy to be modified or you can create a new IKE policy incorporating XAUTH by clicking add . ( Figure 5-29 shows the Add IKE Policy screen.) 3. In[...]
-
Pagina 139
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-41 v1.1, August 2010 – User Database to verify against the VPN firewall’s user database. Users must be added through the User Database screen (see “Configuring the User Database for XAUTH” on page 5-41 ). – RADIUS–CHAP or RADIUS–PAP (depending on[...]
-
Pagina 140
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-42 Virtual Private Networking v1.1, August 2010 2. Enter a User Name . This is the unique ID of a user which will be added to the User Name database. 3. Enter a Password for the user, and reenter the password in the Confirm Password field. 4. Click add. The user name will be added to th[...]
-
Pagina 141
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-43 v1.1, August 2010 3. Enable the primary RADIUS server by checking the Yes radio box. 4. Enter the primary RADIUS Server IP Address . 5. Enter a Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phr[...]
-
Pagina 142
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-44 Virtual Private Networking v1.1, August 2010 8. Set the Time Out Period , in seconds, that the VPN firewall should wait for a response from the RADIUS server. 9. Set the Maximum Retry Count. This is the number of attempts that the VPN firewall will make to contact the RADIUS server b[...]
-
Pagina 143
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-45 v1.1, August 2010 Configuring Mode Config Operation on the VPN Firewall You need to configure two screens: the ModeConfig screen and the IKE Policies screen. Configuring the Mode Config Screen To configure the Mode Config screen: 1. Select VPN from the main[...]
-
Pagina 144
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-46 Virtual Private Networking v1.1, August 2010 3. Enter a descriptive Record Name such as “Sales”. 4. Assign at least one range of IP pool addresses in the First IP Pool field to give to remote VPN clients. 5. If you have a WINS server on your local network, enter its IP address. 6[...]
-
Pagina 145
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-47 v1.1, August 2010 9. Specify the VPN policy settings. These settings must match the configuration of the remote VPN client. Recommended settings are: • SA Lifetime: 3600 seconds • Authentication Algorithm: SHA-1 • Encryption Algorithm: 3DES 10. Click [...]
-
Pagina 146
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-48 Virtual Private Networking v1.1, August 2010 Recommended settings are: • Encryption Algorithm: 3DES • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 • SA Lifetime: 3600 seconds Figure 5-34[...]
-
Pagina 147
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-49 v1.1, August 2010 9. Enter a Pre-Shared Key that will also be configured in the VPN client. 10. XAUTH is disabled by default. To enable XAUTH, in the Extended Authentication section, select one of the following:: • Edge Device to use the VPN firewall as a[...]
-
Pagina 148
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-50 Virtual Private Networking v1.1, August 2010 Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1. Right-click the VPN client icon in the Windows toolb[...]
-
Pagina 149
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-51 v1.1, August 2010 2. From the left side of the menu, click My Identity. Enter the following information: a. Click Pre-Shared Key and enter the key you configured in the VPN firewall’s Add IKE Policy screen b. From the Select Certificate pull-down menu, se[...]
-
Pagina 150
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-52 Virtual Private Networking v1.1, August 2010 b. Check the Enable Perfect Forward Secrecy (PFS) radio button, and select the Diffie- Hellman Group 2 from the PFS Key Group pull-down menu. c. Enable Replay Detection should be checked. 4. Click on Authentication (Phase 1) on the left-si[...]
-
Pagina 151
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-53 v1.1, August 2010 Enter the values to match your configuration of the VPN firewall ModeConfig Record menu. (The SA Lifetime can be longer, such as 8 hours (28800 seconds). 6. Click the Save icon to save the Security Policy and close the VPN ProSafe VPN clie[...]
-
Pagina 152
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-54 Virtual Private Networking v1.1, August 2010 4. In the General section of the Edit VPN Policy screen, locate the keepalive configuration settings. 5. Click the Yes radio button to enable keepalive. 6. In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be t[...]
-
Pagina 153
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-55 v1.1, August 2010 3. In the IKE SA Parameters section of the Edit IKE Policy screen, locate the Dead Peer Detection configuration settings. 4. Click the Yes radio button to Enable Dead Peer Detection . 5. Enter the Detection Period to set the interval betwe[...]
-
Pagina 154
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-56 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen displays (see Figure 5-20 on page 5-24 ). 3. In the List of VPN Policies table, click the edit button to the right of the VPN policy that you want to edit. The Edit VPN Policy screen d[...]
-
Pagina 155
6-1 v1.1, August 2010 Chapter 6 VPN Firewall and Network Management This chapter describes how to use the network management features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Performance Management ” on this page • “Configuring Users, Administrative Settings, and Remote Manageme[...]
-
Pagina 156
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-2 VPN Firewall and Network Management v1.1, August 2010 VPN Firewall Features That Reduce Traffic You can adjust the following features of the VPN firewall in such a way that the traffic load on the WAN side decreases: • LAN WAN outbound rules (also referred to as service blocking) ?[...]
-
Pagina 157
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-3 v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]
-
Pagina 158
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-4 VPN Firewall and Network Management v1.1, August 2010 • Keyword (and Domain Name) Blocking . You can specify up to 32 words that, should they appear in the website name (that is, URL) or in a newsgroup name, will cause that site or newsgroup to be blocked by the VPN firewall. You ca[...]
-
Pagina 159
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-5 v1.1, August 2010 Port Forwarding The VPN firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you can not use it (that is, the service is u[...]
-
Pagina 160
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-6 VPN Firewall and Network Management v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]
-
Pagina 161
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-7 v1.1, August 2010 – After a PC has finished using a port triggering application, there is a time-out period before the application can be used by another PC. This is required because the firewall cannot be sure when the application has terminated.[...]
-
Pagina 162
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-8 VPN Firewall and Network Management v1.1, August 2010 See “Specifying Quality of Service (QoS) Priorities” on page 4-26 for the procedure on how to use this feature. Tools for Traffic Management The VPN firewall includes several tools that can be used to monitor the traffic condit[...]
-
Pagina 163
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-9 v1.1, August 2010 3. In the User Selection section of the screen, select either the Edit Admin Settings or Edit Guest Settings radio box. 4. In either the Admin Settings or the Guest Settings section of the screen: a. change the password by first en[...]
-
Pagina 164
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-10 VPN Firewall and Network Management v1.1, August 2010 Adding External Users You can add external users for which you then can configure an authentication method (see “Configuring an External Server for Authentication” on page 6-11 ). To add an external users: 1. Select Users from[...]
-
Pagina 165
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-11 v1.1, August 2010 3. Configure the following fields: a. User Name . Enter a unique identifier, using any alphanumeric characters. b. User Type . Select either Admin or Guest . c. Idle Timeout . This is the period after which an idle user will be au[...]
-
Pagina 166
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-12 VPN Firewall and Network Management v1.1, August 2010 To configure external authentication: 1. Select Users from the main menu and External Authentication from the submenu. The External Users screen displays. 2. Select the External Authentication tab. The External Authentication scre[...]
-
Pagina 167
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-13 v1.1, August 2010 • Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phrase, so the same secret phrase must be configured on both client and server. • Primary Server NAS Identifier . [...]
-
Pagina 168
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-14 VPN Firewall and Network Management v1.1, August 2010 Enabling Remote Management Access Using the Remote Management screen, you can allow an administrator on the Internet to configure, upgrade, and check the status of your VPN firewall. You must be logged in locally to enable remote [...]
-
Pagina 169
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-15 v1.1, August 2010 2. Check Allow Remote Management radio box. 3. Click the Yes radio button to enable secure HTTP management (enabled by default), and configure the external IP addresses that will be allowed to connect. a. To allow access from any [...]
-
Pagina 170
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-16 VPN Firewall and Network Management v1.1, August 2010 . Using an SNMP Manager Simple Network Management Protocol (SNMP) lets you monitor and manage your VPN firewall from an SNMP Manager. It provides a remote means to monitor and control network devices, and to manage configurations,[...]
-
Pagina 171
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-17 v1.1, August 2010 To create a new SNMP configuration entry: 1. Select Administration from the main menu and SNMP from the submenu. The SNMP screen displays. 2. Under Create New SNMP Configuration Entry , enter the IP address of the SNMP manager in [...]
-
Pagina 172
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-18 VPN Firewall and Network Management v1.1, August 2010 When you click on the SNMP System Info option arrow on the SNMP screen, the VPN firewall’s identification information is displayed. This following identification information is available to the SNMP Manager: system contact, syst[...]
-
Pagina 173
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-19 v1.1, August 2010 Backing Up Settings To back up settings: 1. Select Administration from the main menu and Settings Backup & Upgrade from the submenu. The Settings Backup and Firmware Upgrade screen displays. 2. Click backup to save a copy of y[...]
-
Pagina 174
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-20 VPN Firewall and Network Management v1.1, August 2010 Restoring Settings To restore settings from a backup file: 1. On the Settings Backup and Firmware Upgrade screen, next to Restore save settings from file , click Browse . 2. Locate and select the previously saved backup file (by d[...]
-
Pagina 175
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-21 v1.1, August 2010 After downloading an upgrade file, you may need to unzip (uncompress) it before upgrading the VPN firewall. If Release Notes are included in the download, read them before continuing. 4. Select Administration from the main menu an[...]
-
Pagina 176
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-22 VPN Firewall and Network Management v1.1, August 2010 2. From the Date/Time pull-down menu, select the local time zone. This is required in order for scheduling to work correctly. The VPN firewall includes a Real-Time Clock (RTC), which it uses for scheduling. 3. If supported in your[...]
-
Pagina 177
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-23 v1.1, August 2010 Monitoring System Performance You can be alerted to important events such as WAN traffic limits reached, login failures, and attacks. You can also view status information about the VPN firewall, broadband port, LAN ports, and VPN [...]
-
Pagina 178
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-24 VPN Firewall and Network Management v1.1, August 2010 Figure 6-10[...]
-
Pagina 179
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-25 v1.1, August 2010 2. In the Log Options section, enter the name of the log in the Log Identifier field. The Log Identifier is a mandatory field used to identify which device sent the log messages. The identifier is appended to log messages. 3. In t[...]
-
Pagina 180
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-26 VPN Firewall and Network Management v1.1, August 2010 • LOG_ERROR (Error conditions) • LOG_WARNING (Warning conditions) • LOG_NOTICE (Normal but significant conditions) • LOG_INFO (Informational messages) • LOG_DEBUG (Debug level messages) 10. Click Reset to cancel your cha[...]
-
Pagina 181
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-27 v1.1, August 2010 Enabling the Traffic Meter If your ISP charges by traffic volume over a given period of time, or if you want to study traffic types over a period of time, you can activate the traffic meter for the broadband port. To monitor traff[...]
-
Pagina 182
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-28 VPN Firewall and Network Management v1.1, August 2010 • Increase this month limit by . Temporarily increase the traffic limit if you have reached the monthly limit, but need to continue accessing the Internet. Select the checkbox and enter the desired increase. (The checkbox will a[...]
-
Pagina 183
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-29 v1.1, August 2010 • Restart Traffic Counter at a Specific Time . Restart the traffic counter at a specific time and day of the month. Fill in the time fields and choose AM or PM and the day of the month from the pull-down menus. • Send e-mail r[...]
-
Pagina 184
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-30 VPN Firewall and Network Management v1.1, August 2010 Viewing the VPN Firewall Configuration and System Status The Router Status screen provides status and usage information. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays. T[...]
-
Pagina 185
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-31 v1.1, August 2010 Monitoring VPN Firewall Statistics To display the VPN firewall statistics: 1. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays (see Figure 6-14 on page 6-30 ). 2. Click the[...]
-
Pagina 186
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-32 VPN Firewall and Network Management v1.1, August 2010 For each interface (Broadband, LAN, and DMZ), the number of transmitted (Tx Pkts) and received (Rx Pkts) packets, the number of collided packets, the transmitted (Tx B/s) and received (Rx B/s) bytes per second, and the interface u[...]
-
Pagina 187
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-33 v1.1, August 2010 Monitoring Attached Devices The LAN Groups screen contains a table of all IP devices that the VPN firewall has discovered on the local network. To view the LAN Groups screen: 1. Select Network Configuration from the main menu and [...]
-
Pagina 188
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-34 VPN Firewall and Network Management v1.1, August 2010 The Known PCs and Devices table lists all current entries in the LAN Groups database. For each PC or device, the following data is displayed Monitoring VPN Tunnel Connection Status You can view the status of the VPN tunnels by sel[...]
-
Pagina 189
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-35 v1.1, August 2010 The Active IPsec (SA)s table lists each active connection with the following information Viewing the VPN Logs The VPN Logs screen gives log details for recent VPN activity. Select Monitoring from the main menu and VPN Logs from th[...]
-
Pagina 190
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-36 VPN Firewall and Network Management v1.1, August 2010 Viewing the DHCP Log To display the DHCP log: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the DHCP Log option arrow in the upper right-hand section [...]
-
Pagina 191
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-37 v1.1, August 2010 To view the most recent entries, click refresh . Table 6-6. Port Triggering Status Data Item Description Rule The name of the rule. LAN IP Address The IP address of the PC currently using this rule. Open Ports The Incoming ports w[...]
-
Pagina 192
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-38 VPN Firewall and Network Management v1.1, August 2010[...]
-
Pagina 193
7-1 v1.1, August 2010 Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Basic Functions ” on this page • “Troubleshooting the Web Configuration Interface” on page 7-3 • “Troubleshooting the ISP Co[...]
-
Pagina 194
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-2 Troubleshooting v1.1, August 2010 Power LED Not On If the Power and other LEDs are off when your VPN firewall is turned on: • Make sure that the power cord is properly connected to your VPN firewall and that the power supply adapter is properly connected to a functioning power outle[...]
-
Pagina 195
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-3 v1.1, August 2010 Troubleshooting the Web Configuration Interface If you are unable to access the VPN firewall’s Web Configuration interface from a PC on your local network, check the following: • Check the Ethernet connection between the PC and the VPN firewall as[...]
-
Pagina 196
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-4 Troubleshooting v1.1, August 2010 If the VPN firewall does not save changes you have made in the Web Configuration Interface, check the following: • When entering configuration settings, be sure to click the Apply button before moving to another menu or tab, or your changes are lost[...]
-
Pagina 197
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-5 v1.1, August 2010 • Your ISP may check for your PC's host name. Assign the PC Host Name of your ISP account as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). • Your ISP only allows one Ethernet MAC address to connect to th[...]
-
Pagina 198
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-6 Troubleshooting v1.1, August 2010 Pinging < IP address > with 32 bytes of data If the path is working, you will see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you will see this message: Request timed out If the path is [...]
-
Pagina 199
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-7 v1.1, August 2010 – If your ISP assigned a host name to your PC, enter that host name as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). – Your ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many b[...]
-
Pagina 200
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-8 Troubleshooting v1.1, August 2010 Problems with the date and time function can include: • Date and time shown is Thu Jan 01 00:01:52 GMT 1970. Cause: The VPN firewall has not yet successfully reached a Network Time Server. Check that your Internet access settings are configured corr[...]
-
Pagina 201
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-9 v1.1, August 2010 Table 7-1. Diagnostics Item Description Ping or Trace an IP Address Ping. Used to send a ping packet request to a specified IP address—most often, to test a connection. If the request times out (no reply is received), it usually means that the desti[...]
-
Pagina 202
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-10 Troubleshooting v1.1, August 2010[...]
-
Pagina 203
Default Settings and Technical Specifications A-1 v1.1, August 2010 Appendix A Default Settings and Technical Specifications Y ou can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • To perform a hard reset, push and hold the reset button for approximately 5 s[...]
-
Pagina 204
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-2 Default Settings and Technical Specifications v1.1, August 2010 Technical specifications for the ProSafe Gigabit 8 Port VPN Firewall FVS318G are listed in the following table. Management Time Zone GMT Time Zone Adjusted for Daylight Saving Time Disabled SNMP Disabled Remote Management[...]
-
Pagina 205
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default Settings and Technical Specifications A-3 v1.1, August 2010 Environmental Specifications Operating temperature: 0 to 40 C (32º to 104º F) Operating humidity: 90% maximum relative humidity, noncondensing Electromagnetic Emissions Meets requirements of: FCC Part 15 Class B[...]
-
Pagina 206
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-4 Default Settings and Technical Specifications v1.1, August 2010[...]
-
Pagina 207
Two Factor Authentication B-1 v1.1, August 2010 Appendix B Two Factor Authentication This appendix provides an overview of Two-Factor Authentication, and an example of how to implement the WiKID solution. This appendix contains the following sections: • “Why do I need Two-Factor Authentication? ” on this page. • “NETGEAR Two-Factor Authen[...]
-
Pagina 208
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-2 Two Factor Authentication v1.1, August 2010 • Quick to deploy and manage . The WiKID solution integrates seamlessly with the NETGEAR SSL and VPN firewall products. • Proven regulatory compliance . Two-Factor Authentication has been used as a mandatory authentication process for ma[...]
-
Pagina 209
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Two Factor Authentication B-3 v1.1, August 2010 The request-response architecture is capable of self-service initialization by end-users, dramatically reducing implementation and maintenance costs. Here is an example of how WiKID works. 1. The user launches the WiKID token software, enter[...]
-
Pagina 210
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-4 Two Factor Authentication v1.1, August 2010 3. The user then proceeds to the Two-Factor Authentication login page and enters the generated one-time passcode as the login password. Note: The one-time passcode is time synchronized to the authentication server so that the OTP can only be[...]
-
Pagina 211
Related Documents C-1 v1.1, August 2010 Appendix C Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link TCP/IP Networking Basics http://documentation.netgear.com/reference/enu/tcpip/index.htm Wireless Networking Basics [...]
-
Pagina 212
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual C-2 Related Documents v1.1, August 2010[...]
-
Pagina 213
Index-1 v1.1, August 2010 Index Numerics 3322.org 2-11 A access remote management 6-14 Add DMZ WAN Outbound Services screen 4-12 Add LAN DMZ Outbound Service screen 4-14 Add LAN WAN Inbound Service 4-11 Add LAN WAN Outbound Service screen 4-10 Add Mode Config Record screen 5-45 address reservation 3-9 Advanced Encryption Standard. See AES. Advanced[...]
-
Pagina 214
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-2 v1.1, August 2010 certificates CRL 5-32 management of 5-35 trusted (CA certificates) 5-32 Classical Routing definition of 2-10 command line interface 6-16 configuration automatic by DHCP 1-4 Connecting the VPN firewall 2-1 Content Filtering 4-1 about 1-2 , 4-30 Block Sites 4-30 en[...]
-
Pagina 215
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-3 v1.1, August 2010 Domain Name router 3-4 , 3-13 Domain Name Blocking 4-31 Domain Name Servers. See DNS. DoS about protection 1-2 attack 4-21 DPD 5-21 Dynamic DNS Configuration screen 2-11 Dynamic DNS. See DDNS DynDNS.org 2-11 E Edge Device 5-40 RADIUS Server 5-39 User Database 5-3[...]
-
Pagina 216
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-4 v1.1, August 2010 default definition 4-2 example 4-16 field descriptions 4-6 order of precedence 4-8 Port Forwarding 4-3 , 4-5 rules for use 4-5 Inbound Services field descriptions 4-6 increasing traffic 6-4 DMZ port 6-7 Port Forwarding 6-5 Port Triggering 6-6 VPN tunnels 6-7 inst[...]
-
Pagina 217
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-5 v1.1, August 2010 M MAC address 7-7 blocked, adding 4-33 configuring 2-5 format of 2-14 spoofing 7-5 main menu 2-3 MD5 IKE polices 5-20 VPN policies 5-29 ModeConfig 5-44 about 5-44 assigning remote addresses, example 5-44 Client Configuration 5-50 IKE Policies menu, configuring 5-[...]
-
Pagina 218
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-6 v1.1, August 2010 service blocking 4-3 Port Forwarding Inbound Rules 4-3 , 4-5 increasing traffic 6-5 rules, about 4-5 port numbers 4-24 Port Speed 2-13 Port Triggering about 4-37 adding a rule 4-38 increasing traffic 6-6 modifying a rule 4-39 rules of use 4-38 status 6-36 Port Tr[...]
-
Pagina 219
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-7 v1.1, August 2010 Routing Information Protocol. See RIP. Routing screen 3-15 RSA signatures 5-21 rules blocking traffic 4-2 inbound example 4-16 order of precedence 4-24 service blocking 4-3 services-based 4-3 running tracert 6-16 S SA IKE policies 5-20 VPN policies 5-28 , 5-29 sa[...]
-
Pagina 220
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-8 v1.1, August 2010 TCP/IP network, troubleshooting 7-5 technical specifications A-1 Time daylight savings, troubleshooting 7-8 setting 6-21 troubleshooting 7-7 Time Zone setting of 6-21 Time Zone screen 6-21 ToS. See QoS. tracert use with DDNS 6-16 traffic increasing 6-4 management[...]
-
Pagina 221
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-9 v1.1, August 2010 Web Components 4-30 blocking 4-33 filtering, about 4-30 Web configuration troubleshooting 7-3 WiKID 6-11 authentication, overview B-1 WinPoET 2-7 WINS server 3-4 , 3-13 X XAUTH IKE policies 5-22 IPSec Host 5-39 types of 5-39[...]
-
Pagina 222
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-10 v1.1, August 2010[...]