Ir para a página of
Manuais similares
-
Modem
NETGEAR CM212
19 páginas 3.78 mb -
Modem
NETGEAR XM128S
34 páginas 0.48 mb -
Modem
NETGEAR CG814WG V3
64 páginas 1.12 mb -
Modem
NETGEAR FVS318G
222 páginas 13.14 mb -
Modem
NETGEAR AC327U
64 páginas 3.91 mb -
Modem
NETGEAR FVS318N
425 páginas 22.33 mb -
Modem
NETGEAR N300
120 páginas 3.03 mb -
Modem
NETGEAR PTV1000
34 páginas 0.35 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto NETGEAR FVS318G. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoNETGEAR FVS318G vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual NETGEAR FVS318G você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual NETGEAR FVS318G, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual NETGEAR FVS318G deve conte:
- dados técnicos do dispositivo NETGEAR FVS318G
- nome do fabricante e ano de fabricação do dispositivo NETGEAR FVS318G
- instruções de utilização, regulação e manutenção do dispositivo NETGEAR FVS318G
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque NETGEAR FVS318G não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos NETGEAR FVS318G e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço NETGEAR na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas NETGEAR FVS318G, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo NETGEAR FVS318G, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual NETGEAR FVS318G. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
202-10521-02 v1.1 August 2010 NETGEAR , Inc. 350 East Plumeria Drive San Jose, CA 95134 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual[...]
-
Página 2
ii v1.1, August 2010 © 2009–2010 by NETGEAR, Inc. All rights reserved. Technical Support Please refer to the support information card that shipped with your product. By registering your product at http://www.netgear.com/register , we can provide you with faster expert technical support and timely notices of product and software upgrades. NETGEAR[...]
-
Página 3
v1.1, August 2010 iii Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Gigabit 8 Port VPN Firewall FVS318G gemäß der im BMPT-AmtsblVfg 243/ 1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unte[...]
-
Página 4
v1.1, August 2010 iv Open SSL Copyright (c) 1998–2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions, and the fo[...]
-
Página 5
v1.1, August 2010 v Product and Publication Details PPP Copyright (c) 1989 Carnegie Mellon University. All rights reserved. Redistribution and use in source and binary forms are permitted provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other material[...]
-
Página 6
v1.1, August 2010 vi[...]
-
Página 7
vii v1.1, August 2010 Contents ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual Conventions, Formats and Scope ................................................................................... xiii How to Print This Manual ...............................................................................................[...]
-
Página 8
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual viii Contents v1.1, August 2010 Chapter 3 LAN Configuration Choosing the VPN Firewall DHCP Options .................................................................... 3-1 Configuring the LAN Setup Options ............................................................................... 3-2[...]
-
Página 9
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents ix v1.1, August 2010 Blocking Internet Sites (Content Filtering) .................................................................... 4-30 Configuring Source MAC Filtering ................................................................................ 4-33 Configuring IP/MAC Add[...]
-
Página 10
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual x Contents v1.1, August 2010 Configuring NetBIOS Bridging with VPN ...................................................................... 5-55 Chapter 6 VPN Firewall and Network Management Performance Management .............................................................................[...]
-
Página 11
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents xi v1.1, August 2010 Troubleshooting the Web Configuration Interface .......................................................... 7-3 Troubleshooting the ISP Connection .............................................................................. 7-4 Troubleshooting a TCP/IP Netwo[...]
-
Página 12
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xii Contents v1.1, August 2010[...]
-
Página 13
xiii v1.1, August 2010 About This Manual The NETGEAR ® ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual describes how to install, configure and troubleshoot the ProSafe Gigabit 8 Port VPN Firewall FVS318G. The information in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Formats and Sco[...]
-
Página 14
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xiv About This Manual v1.1, August 2010 • Scope . This manual is written for the VPN firewall according to these specifications. For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix C, “Related Documents .” Ho[...]
-
Página 15
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual xv v1.1, August 2010 202-10521-02 1.0 April 2010 Added the following new features for the April 2010 firmware maintenance release: • Connection reset and delay options on the Broadband ISP Settings screen (see “Manually Configuring Your Internet Connection ”). • [...]
-
Página 16
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xvi About This Manual v1.1, August 2010[...]
-
Página 17
1-1 v1.1, August 2010 Chapter 1 Introduction The ProSafe Gigabit 8 Port VPN Firewall FVS318G with eight 10/100/1000 Mbps Gigabit Ethernet LAN ports and one 10/100/1000 Mbps Gigabit Ethernet WAN port connects your local area network (LAN) to the Internet through an external access device such as a cable modem or DSL modem. The FVS318G is a complete [...]
-
Página 18
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-2 Introduction v1.1, August 2010 • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, Web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability.[...]
-
Página 19
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-3 v1.1, August 2010 • Keyword Filtering. With its URL keyword filtering feature, the FVS318G prevents objectionable content from reaching your PCs. The VPN firewall allows you to control access to Internet content by screening for keywords within Web addresses. You can co[...]
-
Página 20
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-4 Introduction v1.1, August 2010 Extensive Protocol Support The FVS318G supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protoco l (RIP). For further information about TCP/IP, see the “TCP/IP Networking Basics ” document that you can acce[...]
-
Página 21
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-5 v1.1, August 2010 • SNMP . The VPN firewall supports the Simple Network Management Protocol (SNMP) to let you monitor and manage log resources from an SNMP-compliant system manager. The SNMP system configuration lets you change the system variables for MIB2. • Diagnos[...]
-
Página 22
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-6 Introduction v1.1, August 2010 VPN Firewall Front and Rear Panels The FVS318G front panel includes eight LAN ports, one WAN port, and four groups of status indicator light-emitting diodes (LEDs), including Power and Test, LAN, and WAN LEDs. Table 1-1 describes each item on the front p[...]
-
Página 23
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-7 v1.1, August 2010 The rear panel of the FVS318G includes a cable lock receptacle, a Factory Defaults button, and a DC power connection. Viewed from left to right, the rear panel contains the following elements: 1. Cable security lock receptacle. 2. Factory Defaults button[...]
-
Página 24
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-8 Introduction v1.1, August 2010 Default IP Address, Login Name, and Password Check the label on the bottom of the FVS318G’s enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 • User name: admin • Password: password When FVS318G i[...]
-
Página 25
2-1 v1.1, August 2010 Chapter 2 Connecting the VPN Firewall to the Internet This section provides instructions for connecting the ProSafe Gigabit 8 Port VPN Firewall FVS318G, including these topics: • “Understanding the Connection Steps ” on this page • “Logging into the VPN Firewall” on page 2-2 • “Navigating the Menus” on page 2[...]
-
Página 26
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-2 Connecting the VPN Firewall to the Internet v1.1, August 2010 6. Configure the WAN options (optional) . As an option, change the VPN firewall’s Media Access Control (MAC) address, the factory default MTU size, and the port speed. However, these are advanced features and changing the[...]
-
Página 27
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-3 v1.1, August 2010 3. Click Login . The Router Status screen displays. For more information about this screen, see “Viewing the VPN Firewall Configuration and System Status” on page 6-30 . Navigating the Menus The Web Configuration Manage[...]
-
Página 28
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-4 Connecting the VPN Firewall to the Internet v1.1, August 2010 Configuring the Internet Connection to Your ISP To automatically configure the broadband port and connect to the Internet: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The [...]
-
Página 29
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-5 v1.1, August 2010 When Auto Detect successfully detects an active Internet service, it reports which connection type it discovered. The options are described in Table 2-1 . If Auto Detect does not find a connection, you will be prompted to c[...]
-
Página 30
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-6 Connecting the VPN Firewall to the Internet v1.1, August 2010 The Connection Status window should show a valid IP address and gateway. If the configuration was not successful, skip ahead to “Manually Configuring Your Internet Connection following this section, or see “Troubleshoot[...]
-
Página 31
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-7 v1.1, August 2010 4. In the ISP Type section, select the type of ISP connection you use from the two listed options. (By default, “Other (PPPoE)” is selected.) • Other (PPPoE) . If you have installed login software such as WinPoET or E[...]
-
Página 32
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-8 Connecting the VPN Firewall to the Internet v1.1, August 2010 – Idle Timeout . Check the Keep Connected radio box to keep the connection always on. To logout after the connection is idle for a period of time, click Idle Time and enter the number of minutes to wait before disconnecti[...]
-
Página 33
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-9 v1.1, August 2010 6. Review the Domain Name Server (DNS) server options. • If your ISP has not assigned any Domain Name Servers (DNS) addresses, click Get Dynamically from ISP . • If your ISP (or your IT department) has assigned DNS addr[...]
-
Página 34
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-10 Connecting the VPN Firewall to the Internet v1.1, August 2010 The WAN Mode screen allows you to configure how the VPN firewalll uses the external Internet connection. This screen gives you two choices for accessing the external Internet connection. • Network Address Translation (NA[...]
-
Página 35
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-11 v1.1, August 2010 Configuring Dynamic DNS Dynamic DNS (DDNS) is an Internet service that allows routers with varying public IP addresses to be located using Internet domain names. To use DDNS, you must setup an account with a DDNS provider [...]
-
Página 36
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-12 Connecting the VPN Firewall to the Internet v1.1, August 2010 2. Click the tab of the DNS service you want to enable. Each DNS service provider requires registration. After registration you can configure the required settings on the corresponding screen for the DNS service. 3. Access[...]
-
Página 37
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-13 v1.1, August 2010 Configuring the Advanced Broadband Options To configure the advanced broadband options: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The Broadband ISP Settings screen disp[...]
-
Página 38
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-14 Connecting the VPN Firewall to the Internet v1.1, August 2010 • Router's MAC Address . Each computer or router on your network has a unique 32-bit local Ethernet address. This is also referred to as the computer's MAC (Media Access Control) address. The default is Use Def[...]
-
Página 39
3-1 v1.1, August 2010 Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G, including the following sections: • “Choosing the VPN Firewall DHCP Options ” on this page • “Configuring the LAN Setup Options” on page 3-2 • “Managing Groups and H[...]
-
Página 40
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-2 LAN Configuration v1.1, August 2010 The VPN firewall will deliver the following settings to any LAN device that requests DHCP: • An IP address from the range that you have defined. • Subnet mask. • Gateway IP address (the VPN firewall’s LAN IP address). • Primary DNS server [...]
-
Página 41
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-3 v1.1, August 2010 To configure the LAN Setup options: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. In the LAN TCP/IP Setup section, configure the following settings: • IP Address . The LAN a[...]
-
Página 42
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-4 LAN Configuration v1.1, August 2010 • IP Subnet Mask . The subnet mask specifies the network number portion of an IP address. Your VPN firewall will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use 255.255.2[...]
-
Página 43
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-5 v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following [...]
-
Página 44
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-6 LAN Configuration v1.1, August 2010 The Network Database is updated by these methods: • DHCP Client Requests . By default, the DHCP server in this VPN firewall is enabled, and will accept and respond to DHCP client requests from PCs and other network devices. These requests also gen[...]
-
Página 45
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-7 v1.1, August 2010 Viewing the Network Database To view the Network Database, follow these steps: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the LAN Groups tab. The LAN Groups screen di[...]
-
Página 46
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-8 LAN Configuration v1.1, August 2010 Adding Devices to the Network Database To add devices manually to the network database: 1. To add computers to the network database manually, make the following selections: • Name : The name of the PC or device. • IP Address Type . From the pull[...]
-
Página 47
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-9 v1.1, August 2010 Changing Group Names in the LAN Groups Database By default, the LAN Groups are named Group1 through Group8. You can rename these group names to be more descriptive, such as Engineering or Marketing. To edit the names of any of the eight available gr[...]
-
Página 48
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-10 LAN Configuration v1.1, August 2010 Configuring Multi Home LAN IP Addresses If you have computers on your LAN using different IP address ranges (for example, 172.16.2.0 or 10.0.0.0), you can add “aliases” to the LAN port, giving computers on those networks access to the Internet [...]
-
Página 49
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-11 v1.1, August 2010 3. In the Add Secondary LAN IP Address section, enter the additional IP address and subnet mask to be assigned to the LAN port of the VPN firewall. 4. Click Add . The secondary LAN IP address will be added to the Available Secondary LAN IPs table. [...]
-
Página 50
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-12 LAN Configuration v1.1, August 2010 The DMZ Setup screen allows you to set up the DMZ port. It permits you to enable or disable the hardware DMZ port (LAN port 8, see “VPN Firewall Front and Rear Panels” on page 1-6 ) and configure an IP address and Mask for the DMZ port. To enab[...]
-
Página 51
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-13 v1.1, August 2010 4. In the DHCP for DMZ Connected Computers section, select one of the following three radio buttons: • Disable DHCP Server . The DHCP server is disabled, which is the default setting. Select this radio button if another device on your DMZ network[...]
-
Página 52
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-14 LAN Configuration v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following[...]
-
Página 53
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-15 v1.1, August 2010 To add a static route: 1. Select Network Configuration from the main menu and Routing from the submenu. The Routing screen displays. 2. Click Add . The Add Static Route screen displays. 3. Enter a route name for this static route in the Route Name [...]
-
Página 54
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-16 LAN Configuration v1.1, August 2010 6. In the Destination IP Address field, enter the destination IP address to the host or network to which the route leads. 7. In the IP Subnet Mask field, enter the IP subnet mask for this destination. If the destination is a single host, enter 255.[...]
-
Página 55
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-17 v1.1, August 2010 • The Gateway IP Address fields specifies that all traffic for these addresses should be forwarded to the ISDN firewall at 192.168.1.100. • A Metric value of 1 will work since the ISDN firewall is on the LAN. • Private is selected only as a p[...]
-
Página 56
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-18 LAN Configuration v1.1, August 2010 3. From the RIP Direction pull-down menu, select the direction in which the VPN firewall will send and receives RIP packets. The choices are: • None . The VPN firewall neither broadcasts its routing table nor does it accept any RIP packets from o[...]
-
Página 57
4-1 v1.1, August 2010 Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G to protect your network. This chapter includes the following sections: • “About Firewall Protection and Content Filtering ” on this page • “Using Rule[...]
-
Página 58
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-2 Firewall Protection and Content Filtering v1.1, August 2010 A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for controlling the types of traffic that can flow between the two [...]
-
Página 59
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-3 v1.1, August 2010 Services-Based Rules The rules to block traffic are based on the traffic’s category of service. • Outbound Rules (service blocking) . Outbound traffic is normally allowed unless the VPN firewall is configured to disallow [...]
-
Página 60
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-4 Firewall Protection and Content Filtering v1.1, August 2010 Select Schedule Select the desired time schedule (Schedule1, Schedule2, or Schedule3) that will be used by this rule. • This pull-down menu gets activated only when “BLOCK by schedule, otherwise Allow” or “ALLOW by sc[...]
-
Página 61
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-5 v1.1, August 2010 Inbound Rules (Port Forwarding) Because the VPN firewall uses Network Address Translation (NAT), your network presents only one IP address to the Internet and outside users cannot directly address any of your local computers.[...]
-
Página 62
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-6 Firewall Protection and Content Filtering v1.1, August 2010 Table 4-2. Inbound Rules Item Description Services Select the desired service or application to be covered by this rule. If the desired service or application does not appear in the list, you must define it using the Services[...]
-
Página 63
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-7 v1.1, August 2010 Remember that allowing inbound services opens holes in your VPN firewall. Only enable those ports that are necessary for your network. It is also advisable to turn on the server application security and invoke the user passwo[...]
-
Página 64
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-8 Firewall Protection and Content Filtering v1.1, August 2010 Viewing Rules and Order of Precedence for Rules To view the firewall rules, select Security from the main menu and Firewall from the submenu. The LAN WAN Rules screen appears ( Figure 4-1 shows some examples). As you define n[...]
-
Página 65
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-9 v1.1, August 2010 To make changes to an existing outbound or inbound service rule on the the LAN WAN Rules, DMZ WAN Rules, or LAN DMZ Rules screen, in the Action column to the right of to the rule, click on of the following table buttons: • [...]
-
Página 66
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-10 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Outbound Services Rules You may define rules that will specify exceptions to the default rules. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addr[...]
-
Página 67
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-11 v1.1, August 2010 LAN WAN Inbound Services Rules This Inbound Services table lists all existing rules for inbound traffic. If you have not defined any rules, no rules will be listed. By default, all inbound traffic is blocked. Remember that a[...]
-
Página 68
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-12 Firewall Protection and Content Filtering v1.1, August 2010 Configuring DMZ WAN Rules The firewall rules for traffic between the DMZ and the WAN/Internet are configured on the DMZ WAN Rules screen. The Default Outbound Policy is to allow all traffic from and to the Internet to pass t[...]
-
Página 69
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-13 v1.1, August 2010 4. Configure the settings based on the descriptions in Table 4-1 on page 4-3 . 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new DMZ WAN in[...]
-
Página 70
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-14 Firewall Protection and Content Filtering v1.1, August 2010 To create a new LAN DMZ outbound service policy: 1. Select Security from the main menu and Firewall Rules from the submenu. The LAN WAN Rules screen displays. 2. Select the LAN DMZ Rules tab. The LAN DMZ Rules screen display[...]
-
Página 71
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-15 v1.1, August 2010 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new LAN DMZ inbound service policy is similar to the procedure described above with the excep[...]
-
Página 72
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-16 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Inbound Rule: Allowing Videoconference from Restricted Addresses If you want to allow incoming videoconferencing to be initiated from a restricted range of outside IP addresses, such as from a branch office, you can [...]
-
Página 73
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-17 v1.1, August 2010 The following addressing scheme is used in this example: • VPN firewall FVS318G – WAN primary public IP address: 10.1.0.1 – WAN additional public IP address: 10.1.0.5 – LAN IP address 192.168.1.1 • Web server PC on[...]
-
Página 74
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-18 Firewall Protection and Content Filtering v1.1, August 2010 To expose one of the PCs on your LAN or DMZ as this host: 1. Create an inbound rule that allows all protocols. 2. Place the rule below all other inbound rules. Note: For security, NETGEAR strongly recommends that you avoid c[...]
-
Página 75
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-19 v1.1, August 2010 Outbound Rules Example Outbound rules let you prevent users from using applications such as Instant Messenger, Real Audio or other non-essential sites. LAN WAN Outbound Rule: Blocking Instant Messenger If you want to block I[...]
-
Página 76
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-20 Firewall Protection and Content Filtering v1.1, August 2010 Attack Checks The Attack Checks screen allows you to specify whether or not the VPN firewall should be protected against common attacks in the DMZ, LAN and WAN networks. To enable the appropriate attack checks for your envir[...]
-
Página 77
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-21 v1.1, August 2010 – Block TCP Flood . A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker does not complete the connection, thu[...]
-
Página 78
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-22 Firewall Protection and Content Filtering v1.1, August 2010 Setting Session Limits Session Limit allows you to specify the total number of sessions allowed, per user, over an IP (Internet Protocol) connection across the VPN firewall. This feature is enabled on the Session Limit scree[...]
-
Página 79
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-23 v1.1, August 2010 The Total Number of Packets Dropped due to Session Limit field shows total number of packets dropped when session limit is reached. 6. In the Session Timeout section, modify the TCP, UDP and ICMP timeout values as you requir[...]
-
Página 80
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-24 Firewall Protection and Content Filtering v1.1, August 2010 Creating Services, QoS Profiles, and Bandwidth Profiles When you create inbound and outbound firewall rules, you use firewall objects such as services, QoS profiles, bandwidth profiles, and schedules to narrow down the firew[...]
-
Página 81
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-25 v1.1, August 2010 To define a new service, first you must determine which port number or range of numbers is used by the application. This information can usually be determined by contacting the publisher of the application or from user group[...]
-
Página 82
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-26 Firewall Protection and Content Filtering v1.1, August 2010 Modifying a Service To edit the settings of a service: 1. In the Custom Services Table , click the Edit icon adjacent to the service you want to edit. The Edit Service screen displays. 2. Modify the settings you wish to chan[...]
-
Página 83
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-27 v1.1, August 2010 A ToS priority for traffic passing through the VPN firewall is one of the following: • Normal-Service . No special priority given to the traffic. The IP packets for services with this priority are marked with a ToS value o[...]
-
Página 84
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-28 Firewall Protection and Content Filtering v1.1, August 2010 To add a bandwidth profile: 1. Select Security from the main menu and Bandwidth Profile from the submenu. The Bandwidth Profile screen displays. 2. Click Add to add a new bandwidth profile. The Add New Bandwidth Profile scre[...]
-
Página 85
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-29 v1.1, August 2010 c. Depending on the direction that you selected, enter the minimum and maximum bandwidths to be allowed: • Enter the Outbound Minimum Bandwidth and Outbound Maximum Bandwidth in Kbps. • Enter the Inbound Minimum Bandwidt[...]
-
Página 86
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-30 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the radio button for All Days or Specific Days . If you chose Specific Days , check the radio button for each day you want the schedule to be in effect. 3. Check the radio button to schedule the time of day: All Day[...]
-
Página 87
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-31 v1.1, August 2010 – Proxy . A proxy server (or simply, proxy) allows computers to route connections to other computers through the proxy, thus circumventing certain firewall rules. For example, if connections to a specific IP address are bl[...]
-
Página 88
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-32 Firewall Protection and Content Filtering v1.1, August 2010 To enable Content Filtering: 1. Select Security from the main menu and Block Sites from the submenu. The Block Sites screen displays. Figure 4-21[...]
-
Página 89
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-33 v1.1, August 2010 2. Check the Yes radio button to enable content filtering. 3. Click Apply to activate the screen controls. 4. Check the radio boxes of any Web components you wish to block. 5. Check the radio buttons of the groups to which y[...]
-
Página 90
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-34 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the Yes radio box in the MAC Filtering Enable section. 3. Select the action to be taken on outbound traffic from the listed MAC addresses: • Block this list and permit all other MAC addresses. • Permit this list[...]
-
Página 91
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-35 v1.1, August 2010 Configuring IP/MAC Address Binding IP/MAC binding allows you to bind an IP address to a MAC address and the other way around. Some devices are configured with static addresses. To prevent users from changing their static IP [...]
-
Página 92
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-36 Firewall Protection and Content Filtering v1.1, August 2010 3. Select the Yes radio box and click Apply . Make sure that you have enabled the e-maling of logs (see “Activating Notification of Events and Alerts” on page 6-23 ). 4. Add an IP/MAC Bind rule by entering: a. Name . Spe[...]
-
Página 93
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-37 v1.1, August 2010 To edit an IP/MAC binding rule, click Edit adjacent to the entry. The following fields of an existing IP/MAC binding rule can be modified: • MAC Address . Specify the MAC Address for this rule. • IP Addresses . Specify t[...]
-
Página 94
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-38 Firewall Protection and Content Filtering v1.1, August 2010 Without port triggering, this response would be treated as a new connection request rather than a response. As such, it would be handled in accordance with the port forwarding rules. Note these restrictions with port trigger[...]
-
Página 95
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-39 v1.1, August 2010 a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 6. In the Incoming (Response) Port Range fields: a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 7. Clic[...]
-
Página 96
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-40 Firewall Protection and Content Filtering v1.1, August 2010 To check the status of the port triggering rules, click the Status option arrow on the Port Triggering screen. Configuring UPnP (Universal Plug and Play) The UPnP (Universal Plug and Play) feature allows the VPN Firewall to [...]
-
Página 97
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-41 v1.1, August 2010 3. Configure the following fields: – Advertisement Period . Enter the period in minutes that specified how often the VPN firewall should broadcast its UPnP information to all devices within its range. – Advertisement Tim[...]
-
Página 98
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-42 Firewall Protection and Content Filtering v1.1, August 2010 Administrator Tips Consider the following operational items: • As an option, you can enable remote management if you have to manage distant sites from a central location (see “Configuring an External Server for Authentic[...]
-
Página 99
5-1 v1.1, August 2010 Chapter 5 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Using the VPN Wizard for Client and Gateway Configurations ” on this page • “Testing the Connections[...]
-
Página 100
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-2 Virtual Private Networking v1.1, August 2010 Creating Gateway to Gateway VPN Tunnels with the Wizard Follow these steps to set up a gateway VPN tunnel using the VPN Wizard. 1. Select VPN from the main menu and VPN Wizard from the submenu. The VPN Wizard screen displays. Figure 5-1 Fig[...]
-
Página 101
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-3 v1.1, August 2010 To view the wizard default settings, click the VPN Wizard Default Values option arrow. You can modify these settings after completing the wizard. 2. Select Gateway as your connection type. 3. Create a Connection Name . Enter a descriptive n[...]
-
Página 102
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-4 Virtual Private Networking v1.1, August 2010 8. Click Apply to save your settings. The VPN Policies screen shows that the policy is now enabled. 9. If you are connecting to another NETGEAR VPN firewall, use the VPN Wizard to configure the second VPN firewall to connect to the one you [...]
-
Página 103
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-5 v1.1, August 2010 Creating a Client to Gateway VPN Tunnel Follow these steps to configure the a VPN client tunnel: • Configure the client policies on the gateway. • Configure the VPN client to connect to the gateway. Use the VPN Wizard Configure the Gate[...]
-
Página 104
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-6 Virtual Private Networking v1.1, August 2010 7. Click Apply to save your settings. The VPN Policies screen (see Figure 5-7 on page 5-7 ) shows that the policy is now enabled. To view or modify the VPN policy, see “Managing VPN Policies” on page 5-15 . Tip: To assure tunnels stay a[...]
-
Página 105
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-7 v1.1, August 2010 Use the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection From a PC with the NETGEAR ProSafe VPN Client installed, configure a VPN client policy to connect to the VPN firewall. Follow these steps to configure your VPN [...]
-
Página 106
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-8 Virtual Private Networking v1.1, August 2010 2. In the upper left of the Policy Editor window, click the New Document icon (the first on the left) to open a New Connection. Give the New Connection a name; in this example, we are using gw1 . Fill in the other options according to the i[...]
-
Página 107
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-9 v1.1, August 2010 3. In the left frame, click My Identity . Fill in the options according to the instructions below. • From the Select Certificate pull-down menu, choose None . • Click Pre-Shared Key to enter the key you provided in the VPN Wizard; in th[...]
-
Página 108
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-10 Virtual Private Networking v1.1, August 2010 Figure 5-11[...]
-
Página 109
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-11 v1.1, August 2010 • In the left frame, click Security Policy to view the settings: no changes are needed. • In the left frame, expand Authentication (Phase 1) and click Proposal 1 : no changes are needed. • In the left frame, expand Key Exchange (Phas[...]
-
Página 110
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-12 Virtual Private Networking v1.1, August 2010 Within 30 seconds you should receive the message “Successfully connected to My Connectionsgw1”. The VPN client icon in the system tray should state On: 2. To view more detailed additional status and troubleshooting information from th[...]
-
Página 111
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-13 v1.1, August 2010 • Right-click the VPN Client icon in the system tray and select Connection Monitor. The VPN client system tray icon provides a variety of status indications, which are listed below. Figure 5-15 Note: The information in the Connection Mon[...]
-
Página 112
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-14 Virtual Private Networking v1.1, August 2010 VPN Firewall VPN Connection Status and Logs To view VPN firewall VPN connection status, select VPN from the main menu and Connection Status from the submenu. The VPN Connection Status screen displays. You can set a Poll Interval (in second[...]
-
Página 113
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-15 v1.1, August 2010 To view VPN firewall VPN logs, select Monitoring from the main menu and VPN Logs from the submenu. The VPN Logs screen displays. Managing VPN Policies When you use the VPN Wizard to set up a VPN tunnel, both a VPN policy and an IKE policy [...]
-
Página 114
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-16 Virtual Private Networking v1.1, August 2010 IKE policies are activated when: 1. The VPN Policy Selector determines that some traffic matches an existing VPN policy. If the VPN policy is of type “Auto”, then the auto policy settings that are defined in the VPN policy are accessed[...]
-
Página 115
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-17 v1.1, August 2010 Each policy that is listed in the List of IKE Policies table contains the following data: • Name . Uniquely identifies each IKE policy. The name is chosen by you and used for the purpose of managing your policies; it is not supplied to t[...]
-
Página 116
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-18 Virtual Private Networking v1.1, August 2010 Manually Adding or Editing an IKE Policy To manually add an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure 5-18 on page 5-16 ). [...]
-
Página 117
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-19 v1.1, August 2010 3. Complete the fields, select the radio buttons, and make your selections from the pull-down menus as explained Table 5-2 . Table 5-2. Add IKE Policy Settings Item Description (or Subfield and Description) Mode Config Record Do you want t[...]
-
Página 118
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-20 Virtual Private Networking v1.1, August 2010 Local Identifier Type From the pull-down menu, select one of the following ISAKMP identifiers to be used by the VPN firewall, and then specify the identifier in the field below: • Local Wan IP . The WAN IP address of the VPN firewall. Wh[...]
-
Página 119
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-21 v1.1, August 2010 Authentication Method Select one of the following radio buttons to specify the authentication method: • Pre-shared key . A secret that is shared between the VPN firewall and the remote endpoint. • RSA-Signature . Uses the active Self C[...]
-
Página 120
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-22 Virtual Private Networking v1.1, August 2010 4. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table. To edit an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies [...]
-
Página 121
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-23 v1.1, August 2010 4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE Policies table. Configuring VPN Policies You can create two types of VPN policies. When using the VPN Wizard to create a VPN policy, only the Auto[...]
-
Página 122
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-24 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen is displayed. Only one client policy may configured at a time (noted by an “*” next to the policy name). The List of VPN Policies contains the following fields: • ! (Status) . In[...]
-
Página 123
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-25 v1.1, August 2010 To delete one or more VPN polices: 1. Select the checkbox to the left of the policy that you want to delete or click the select all table button to select all VPN policies. 2. Click the delete table button. To enable or disable one ore mor[...]
-
Página 124
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-26 Virtual Private Networking v1.1, August 2010 4. Complete the fields, select the radio buttons and checkboxes, and make your selections from the pull-down menus as explained Table 5-3 on page 5-27 . Figure 5-21[...]
-
Página 125
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-27 v1.1, August 2010 Table 5-3. Add VPN Policy Settings Item Description (or Subfield and Description) General Policy Name A descriptive name of the VPN policy for identification and management purposes. Note : The name is not supplied to the remote VPN endpoi[...]
-
Página 126
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-28 Virtual Private Networking v1.1, August 2010 Traffic Selection Local IP From the pull-down menu, select the address or addresses that are part of the VPN tunnel on the VPN firewall: • Any . All PCs and devices on the network. Note : You cannot select Any for both the VPN firewall a[...]
-
Página 127
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-29 v1.1, August 2010 Integrity Algorithm From the pull-down menu, select one of the following two algorithms to be used in the VPN header for the authentication process: • SHA-1 . Hash algorithm that produces a 160-bit digest. This is the default setting. ?[...]
-
Página 128
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-30 Virtual Private Networking v1.1, August 2010 5. Click Apply to save your settings. The VPN policy is added to the List of VPN Policies table. To edit a VPN policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies s[...]
-
Página 129
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-31 v1.1, August 2010 Digital Certificates can be either self signed or can be issued by Certification Authorities (CA) such as via an in-house Windows server, or by an external organization such as Verisign or Thawte. However, if the Digital Certificates conta[...]
-
Página 130
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-32 Virtual Private Networking v1.1, August 2010 Understanding the Certificates Screen To display the Certificates screen, select VPN form the main menu and Certificates from the submenu. Because of the large size of this screen, and because of the way the information is presented, the C[...]
-
Página 131
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-33 v1.1, August 2010 To view the VPN certificates: Select VPN from the main menu and Certificates from the submenu. The Certificates screen displays. The top section of the Certificates screen displays the Trusted Certificates (CACertificates) section. When yo[...]
-
Página 132
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-34 Virtual Private Networking v1.1, August 2010 There can be three reasons why a security alert is generated for a security certificate: • The security certificate was issued by a company you have not chosen to trust. • The date of the security certificate is invalid. • The name o[...]
-
Página 133
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-35 v1.1, August 2010 • Issuer Name . The name of the CA that issued the certificate. • Expiry Time . The date on which the certificate expires. You should renew the certificate before it expires. Obtaining a Self Certificate from a Certificate Authority To[...]
-
Página 134
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-36 Virtual Private Networking v1.1, August 2010 2. Configure the following fields: • Name . Enter a descriptive name that will identify this certificate. • Subject . This is the name which other organizations will see as the holder (owner) of the certificate. Since this name will be[...]
-
Página 135
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-37 v1.1, August 2010 6. In the Self Certificate Requests table, click view in the Action column to view the request. 7. Copy the contents of the Data to supply to CA text box into a text file, including all of the data contained from “----BEGIN CERTIFICATE R[...]
-
Página 136
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-38 Virtual Private Networking v1.1, August 2010 If you have not already uploaded the CA certificate, do so now, as described in “Viewing and Loading CA Certificates” on page 5-32 . You should also periodically check the Certificate Revocation Lists (CRL) table, as described in the f[...]
-
Página 137
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-39 v1.1, August 2010 Configuring Extended Authentication (XAUTH) When connecting many VPN clients to a VPN gateway router, an administrator may want a unique user authentication method beyond relying on a single common preshared key for all clients. Although t[...]
-
Página 138
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-40 Virtual Private Networking v1.1, August 2010 2. You can add XAUTH to an existing IKE policy by clicking the edit button adjacent to the policy to be modified or you can create a new IKE policy incorporating XAUTH by clicking add . ( Figure 5-29 shows the Add IKE Policy screen.) 3. In[...]
-
Página 139
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-41 v1.1, August 2010 – User Database to verify against the VPN firewall’s user database. Users must be added through the User Database screen (see “Configuring the User Database for XAUTH” on page 5-41 ). – RADIUS–CHAP or RADIUS–PAP (depending on[...]
-
Página 140
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-42 Virtual Private Networking v1.1, August 2010 2. Enter a User Name . This is the unique ID of a user which will be added to the User Name database. 3. Enter a Password for the user, and reenter the password in the Confirm Password field. 4. Click add. The user name will be added to th[...]
-
Página 141
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-43 v1.1, August 2010 3. Enable the primary RADIUS server by checking the Yes radio box. 4. Enter the primary RADIUS Server IP Address . 5. Enter a Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phr[...]
-
Página 142
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-44 Virtual Private Networking v1.1, August 2010 8. Set the Time Out Period , in seconds, that the VPN firewall should wait for a response from the RADIUS server. 9. Set the Maximum Retry Count. This is the number of attempts that the VPN firewall will make to contact the RADIUS server b[...]
-
Página 143
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-45 v1.1, August 2010 Configuring Mode Config Operation on the VPN Firewall You need to configure two screens: the ModeConfig screen and the IKE Policies screen. Configuring the Mode Config Screen To configure the Mode Config screen: 1. Select VPN from the main[...]
-
Página 144
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-46 Virtual Private Networking v1.1, August 2010 3. Enter a descriptive Record Name such as “Sales”. 4. Assign at least one range of IP pool addresses in the First IP Pool field to give to remote VPN clients. 5. If you have a WINS server on your local network, enter its IP address. 6[...]
-
Página 145
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-47 v1.1, August 2010 9. Specify the VPN policy settings. These settings must match the configuration of the remote VPN client. Recommended settings are: • SA Lifetime: 3600 seconds • Authentication Algorithm: SHA-1 • Encryption Algorithm: 3DES 10. Click [...]
-
Página 146
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-48 Virtual Private Networking v1.1, August 2010 Recommended settings are: • Encryption Algorithm: 3DES • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 • SA Lifetime: 3600 seconds Figure 5-34[...]
-
Página 147
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-49 v1.1, August 2010 9. Enter a Pre-Shared Key that will also be configured in the VPN client. 10. XAUTH is disabled by default. To enable XAUTH, in the Extended Authentication section, select one of the following:: • Edge Device to use the VPN firewall as a[...]
-
Página 148
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-50 Virtual Private Networking v1.1, August 2010 Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1. Right-click the VPN client icon in the Windows toolb[...]
-
Página 149
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-51 v1.1, August 2010 2. From the left side of the menu, click My Identity. Enter the following information: a. Click Pre-Shared Key and enter the key you configured in the VPN firewall’s Add IKE Policy screen b. From the Select Certificate pull-down menu, se[...]
-
Página 150
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-52 Virtual Private Networking v1.1, August 2010 b. Check the Enable Perfect Forward Secrecy (PFS) radio button, and select the Diffie- Hellman Group 2 from the PFS Key Group pull-down menu. c. Enable Replay Detection should be checked. 4. Click on Authentication (Phase 1) on the left-si[...]
-
Página 151
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-53 v1.1, August 2010 Enter the values to match your configuration of the VPN firewall ModeConfig Record menu. (The SA Lifetime can be longer, such as 8 hours (28800 seconds). 6. Click the Save icon to save the Security Policy and close the VPN ProSafe VPN clie[...]
-
Página 152
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-54 Virtual Private Networking v1.1, August 2010 4. In the General section of the Edit VPN Policy screen, locate the keepalive configuration settings. 5. Click the Yes radio button to enable keepalive. 6. In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be t[...]
-
Página 153
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-55 v1.1, August 2010 3. In the IKE SA Parameters section of the Edit IKE Policy screen, locate the Dead Peer Detection configuration settings. 4. Click the Yes radio button to Enable Dead Peer Detection . 5. Enter the Detection Period to set the interval betwe[...]
-
Página 154
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-56 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen displays (see Figure 5-20 on page 5-24 ). 3. In the List of VPN Policies table, click the edit button to the right of the VPN policy that you want to edit. The Edit VPN Policy screen d[...]
-
Página 155
6-1 v1.1, August 2010 Chapter 6 VPN Firewall and Network Management This chapter describes how to use the network management features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Performance Management ” on this page • “Configuring Users, Administrative Settings, and Remote Manageme[...]
-
Página 156
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-2 VPN Firewall and Network Management v1.1, August 2010 VPN Firewall Features That Reduce Traffic You can adjust the following features of the VPN firewall in such a way that the traffic load on the WAN side decreases: • LAN WAN outbound rules (also referred to as service blocking) ?[...]
-
Página 157
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-3 v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]
-
Página 158
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-4 VPN Firewall and Network Management v1.1, August 2010 • Keyword (and Domain Name) Blocking . You can specify up to 32 words that, should they appear in the website name (that is, URL) or in a newsgroup name, will cause that site or newsgroup to be blocked by the VPN firewall. You ca[...]
-
Página 159
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-5 v1.1, August 2010 Port Forwarding The VPN firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you can not use it (that is, the service is u[...]
-
Página 160
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-6 VPN Firewall and Network Management v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]
-
Página 161
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-7 v1.1, August 2010 – After a PC has finished using a port triggering application, there is a time-out period before the application can be used by another PC. This is required because the firewall cannot be sure when the application has terminated.[...]
-
Página 162
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-8 VPN Firewall and Network Management v1.1, August 2010 See “Specifying Quality of Service (QoS) Priorities” on page 4-26 for the procedure on how to use this feature. Tools for Traffic Management The VPN firewall includes several tools that can be used to monitor the traffic condit[...]
-
Página 163
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-9 v1.1, August 2010 3. In the User Selection section of the screen, select either the Edit Admin Settings or Edit Guest Settings radio box. 4. In either the Admin Settings or the Guest Settings section of the screen: a. change the password by first en[...]
-
Página 164
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-10 VPN Firewall and Network Management v1.1, August 2010 Adding External Users You can add external users for which you then can configure an authentication method (see “Configuring an External Server for Authentication” on page 6-11 ). To add an external users: 1. Select Users from[...]
-
Página 165
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-11 v1.1, August 2010 3. Configure the following fields: a. User Name . Enter a unique identifier, using any alphanumeric characters. b. User Type . Select either Admin or Guest . c. Idle Timeout . This is the period after which an idle user will be au[...]
-
Página 166
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-12 VPN Firewall and Network Management v1.1, August 2010 To configure external authentication: 1. Select Users from the main menu and External Authentication from the submenu. The External Users screen displays. 2. Select the External Authentication tab. The External Authentication scre[...]
-
Página 167
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-13 v1.1, August 2010 • Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phrase, so the same secret phrase must be configured on both client and server. • Primary Server NAS Identifier . [...]
-
Página 168
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-14 VPN Firewall and Network Management v1.1, August 2010 Enabling Remote Management Access Using the Remote Management screen, you can allow an administrator on the Internet to configure, upgrade, and check the status of your VPN firewall. You must be logged in locally to enable remote [...]
-
Página 169
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-15 v1.1, August 2010 2. Check Allow Remote Management radio box. 3. Click the Yes radio button to enable secure HTTP management (enabled by default), and configure the external IP addresses that will be allowed to connect. a. To allow access from any [...]
-
Página 170
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-16 VPN Firewall and Network Management v1.1, August 2010 . Using an SNMP Manager Simple Network Management Protocol (SNMP) lets you monitor and manage your VPN firewall from an SNMP Manager. It provides a remote means to monitor and control network devices, and to manage configurations,[...]
-
Página 171
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-17 v1.1, August 2010 To create a new SNMP configuration entry: 1. Select Administration from the main menu and SNMP from the submenu. The SNMP screen displays. 2. Under Create New SNMP Configuration Entry , enter the IP address of the SNMP manager in [...]
-
Página 172
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-18 VPN Firewall and Network Management v1.1, August 2010 When you click on the SNMP System Info option arrow on the SNMP screen, the VPN firewall’s identification information is displayed. This following identification information is available to the SNMP Manager: system contact, syst[...]
-
Página 173
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-19 v1.1, August 2010 Backing Up Settings To back up settings: 1. Select Administration from the main menu and Settings Backup & Upgrade from the submenu. The Settings Backup and Firmware Upgrade screen displays. 2. Click backup to save a copy of y[...]
-
Página 174
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-20 VPN Firewall and Network Management v1.1, August 2010 Restoring Settings To restore settings from a backup file: 1. On the Settings Backup and Firmware Upgrade screen, next to Restore save settings from file , click Browse . 2. Locate and select the previously saved backup file (by d[...]
-
Página 175
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-21 v1.1, August 2010 After downloading an upgrade file, you may need to unzip (uncompress) it before upgrading the VPN firewall. If Release Notes are included in the download, read them before continuing. 4. Select Administration from the main menu an[...]
-
Página 176
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-22 VPN Firewall and Network Management v1.1, August 2010 2. From the Date/Time pull-down menu, select the local time zone. This is required in order for scheduling to work correctly. The VPN firewall includes a Real-Time Clock (RTC), which it uses for scheduling. 3. If supported in your[...]
-
Página 177
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-23 v1.1, August 2010 Monitoring System Performance You can be alerted to important events such as WAN traffic limits reached, login failures, and attacks. You can also view status information about the VPN firewall, broadband port, LAN ports, and VPN [...]
-
Página 178
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-24 VPN Firewall and Network Management v1.1, August 2010 Figure 6-10[...]
-
Página 179
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-25 v1.1, August 2010 2. In the Log Options section, enter the name of the log in the Log Identifier field. The Log Identifier is a mandatory field used to identify which device sent the log messages. The identifier is appended to log messages. 3. In t[...]
-
Página 180
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-26 VPN Firewall and Network Management v1.1, August 2010 • LOG_ERROR (Error conditions) • LOG_WARNING (Warning conditions) • LOG_NOTICE (Normal but significant conditions) • LOG_INFO (Informational messages) • LOG_DEBUG (Debug level messages) 10. Click Reset to cancel your cha[...]
-
Página 181
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-27 v1.1, August 2010 Enabling the Traffic Meter If your ISP charges by traffic volume over a given period of time, or if you want to study traffic types over a period of time, you can activate the traffic meter for the broadband port. To monitor traff[...]
-
Página 182
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-28 VPN Firewall and Network Management v1.1, August 2010 • Increase this month limit by . Temporarily increase the traffic limit if you have reached the monthly limit, but need to continue accessing the Internet. Select the checkbox and enter the desired increase. (The checkbox will a[...]
-
Página 183
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-29 v1.1, August 2010 • Restart Traffic Counter at a Specific Time . Restart the traffic counter at a specific time and day of the month. Fill in the time fields and choose AM or PM and the day of the month from the pull-down menus. • Send e-mail r[...]
-
Página 184
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-30 VPN Firewall and Network Management v1.1, August 2010 Viewing the VPN Firewall Configuration and System Status The Router Status screen provides status and usage information. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays. T[...]
-
Página 185
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-31 v1.1, August 2010 Monitoring VPN Firewall Statistics To display the VPN firewall statistics: 1. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays (see Figure 6-14 on page 6-30 ). 2. Click the[...]
-
Página 186
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-32 VPN Firewall and Network Management v1.1, August 2010 For each interface (Broadband, LAN, and DMZ), the number of transmitted (Tx Pkts) and received (Rx Pkts) packets, the number of collided packets, the transmitted (Tx B/s) and received (Rx B/s) bytes per second, and the interface u[...]
-
Página 187
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-33 v1.1, August 2010 Monitoring Attached Devices The LAN Groups screen contains a table of all IP devices that the VPN firewall has discovered on the local network. To view the LAN Groups screen: 1. Select Network Configuration from the main menu and [...]
-
Página 188
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-34 VPN Firewall and Network Management v1.1, August 2010 The Known PCs and Devices table lists all current entries in the LAN Groups database. For each PC or device, the following data is displayed Monitoring VPN Tunnel Connection Status You can view the status of the VPN tunnels by sel[...]
-
Página 189
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-35 v1.1, August 2010 The Active IPsec (SA)s table lists each active connection with the following information Viewing the VPN Logs The VPN Logs screen gives log details for recent VPN activity. Select Monitoring from the main menu and VPN Logs from th[...]
-
Página 190
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-36 VPN Firewall and Network Management v1.1, August 2010 Viewing the DHCP Log To display the DHCP log: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the DHCP Log option arrow in the upper right-hand section [...]
-
Página 191
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-37 v1.1, August 2010 To view the most recent entries, click refresh . Table 6-6. Port Triggering Status Data Item Description Rule The name of the rule. LAN IP Address The IP address of the PC currently using this rule. Open Ports The Incoming ports w[...]
-
Página 192
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-38 VPN Firewall and Network Management v1.1, August 2010[...]
-
Página 193
7-1 v1.1, August 2010 Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Basic Functions ” on this page • “Troubleshooting the Web Configuration Interface” on page 7-3 • “Troubleshooting the ISP Co[...]
-
Página 194
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-2 Troubleshooting v1.1, August 2010 Power LED Not On If the Power and other LEDs are off when your VPN firewall is turned on: • Make sure that the power cord is properly connected to your VPN firewall and that the power supply adapter is properly connected to a functioning power outle[...]
-
Página 195
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-3 v1.1, August 2010 Troubleshooting the Web Configuration Interface If you are unable to access the VPN firewall’s Web Configuration interface from a PC on your local network, check the following: • Check the Ethernet connection between the PC and the VPN firewall as[...]
-
Página 196
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-4 Troubleshooting v1.1, August 2010 If the VPN firewall does not save changes you have made in the Web Configuration Interface, check the following: • When entering configuration settings, be sure to click the Apply button before moving to another menu or tab, or your changes are lost[...]
-
Página 197
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-5 v1.1, August 2010 • Your ISP may check for your PC's host name. Assign the PC Host Name of your ISP account as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). • Your ISP only allows one Ethernet MAC address to connect to th[...]
-
Página 198
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-6 Troubleshooting v1.1, August 2010 Pinging < IP address > with 32 bytes of data If the path is working, you will see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you will see this message: Request timed out If the path is [...]
-
Página 199
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-7 v1.1, August 2010 – If your ISP assigned a host name to your PC, enter that host name as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). – Your ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many b[...]
-
Página 200
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-8 Troubleshooting v1.1, August 2010 Problems with the date and time function can include: • Date and time shown is Thu Jan 01 00:01:52 GMT 1970. Cause: The VPN firewall has not yet successfully reached a Network Time Server. Check that your Internet access settings are configured corr[...]
-
Página 201
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-9 v1.1, August 2010 Table 7-1. Diagnostics Item Description Ping or Trace an IP Address Ping. Used to send a ping packet request to a specified IP address—most often, to test a connection. If the request times out (no reply is received), it usually means that the desti[...]
-
Página 202
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-10 Troubleshooting v1.1, August 2010[...]
-
Página 203
Default Settings and Technical Specifications A-1 v1.1, August 2010 Appendix A Default Settings and Technical Specifications Y ou can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • To perform a hard reset, push and hold the reset button for approximately 5 s[...]
-
Página 204
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-2 Default Settings and Technical Specifications v1.1, August 2010 Technical specifications for the ProSafe Gigabit 8 Port VPN Firewall FVS318G are listed in the following table. Management Time Zone GMT Time Zone Adjusted for Daylight Saving Time Disabled SNMP Disabled Remote Management[...]
-
Página 205
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default Settings and Technical Specifications A-3 v1.1, August 2010 Environmental Specifications Operating temperature: 0 to 40 C (32º to 104º F) Operating humidity: 90% maximum relative humidity, noncondensing Electromagnetic Emissions Meets requirements of: FCC Part 15 Class B[...]
-
Página 206
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-4 Default Settings and Technical Specifications v1.1, August 2010[...]
-
Página 207
Two Factor Authentication B-1 v1.1, August 2010 Appendix B Two Factor Authentication This appendix provides an overview of Two-Factor Authentication, and an example of how to implement the WiKID solution. This appendix contains the following sections: • “Why do I need Two-Factor Authentication? ” on this page. • “NETGEAR Two-Factor Authen[...]
-
Página 208
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-2 Two Factor Authentication v1.1, August 2010 • Quick to deploy and manage . The WiKID solution integrates seamlessly with the NETGEAR SSL and VPN firewall products. • Proven regulatory compliance . Two-Factor Authentication has been used as a mandatory authentication process for ma[...]
-
Página 209
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Two Factor Authentication B-3 v1.1, August 2010 The request-response architecture is capable of self-service initialization by end-users, dramatically reducing implementation and maintenance costs. Here is an example of how WiKID works. 1. The user launches the WiKID token software, enter[...]
-
Página 210
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-4 Two Factor Authentication v1.1, August 2010 3. The user then proceeds to the Two-Factor Authentication login page and enters the generated one-time passcode as the login password. Note: The one-time passcode is time synchronized to the authentication server so that the OTP can only be[...]
-
Página 211
Related Documents C-1 v1.1, August 2010 Appendix C Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link TCP/IP Networking Basics http://documentation.netgear.com/reference/enu/tcpip/index.htm Wireless Networking Basics [...]
-
Página 212
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual C-2 Related Documents v1.1, August 2010[...]
-
Página 213
Index-1 v1.1, August 2010 Index Numerics 3322.org 2-11 A access remote management 6-14 Add DMZ WAN Outbound Services screen 4-12 Add LAN DMZ Outbound Service screen 4-14 Add LAN WAN Inbound Service 4-11 Add LAN WAN Outbound Service screen 4-10 Add Mode Config Record screen 5-45 address reservation 3-9 Advanced Encryption Standard. See AES. Advanced[...]
-
Página 214
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-2 v1.1, August 2010 certificates CRL 5-32 management of 5-35 trusted (CA certificates) 5-32 Classical Routing definition of 2-10 command line interface 6-16 configuration automatic by DHCP 1-4 Connecting the VPN firewall 2-1 Content Filtering 4-1 about 1-2 , 4-30 Block Sites 4-30 en[...]
-
Página 215
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-3 v1.1, August 2010 Domain Name router 3-4 , 3-13 Domain Name Blocking 4-31 Domain Name Servers. See DNS. DoS about protection 1-2 attack 4-21 DPD 5-21 Dynamic DNS Configuration screen 2-11 Dynamic DNS. See DDNS DynDNS.org 2-11 E Edge Device 5-40 RADIUS Server 5-39 User Database 5-3[...]
-
Página 216
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-4 v1.1, August 2010 default definition 4-2 example 4-16 field descriptions 4-6 order of precedence 4-8 Port Forwarding 4-3 , 4-5 rules for use 4-5 Inbound Services field descriptions 4-6 increasing traffic 6-4 DMZ port 6-7 Port Forwarding 6-5 Port Triggering 6-6 VPN tunnels 6-7 inst[...]
-
Página 217
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-5 v1.1, August 2010 M MAC address 7-7 blocked, adding 4-33 configuring 2-5 format of 2-14 spoofing 7-5 main menu 2-3 MD5 IKE polices 5-20 VPN policies 5-29 ModeConfig 5-44 about 5-44 assigning remote addresses, example 5-44 Client Configuration 5-50 IKE Policies menu, configuring 5-[...]
-
Página 218
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-6 v1.1, August 2010 service blocking 4-3 Port Forwarding Inbound Rules 4-3 , 4-5 increasing traffic 6-5 rules, about 4-5 port numbers 4-24 Port Speed 2-13 Port Triggering about 4-37 adding a rule 4-38 increasing traffic 6-6 modifying a rule 4-39 rules of use 4-38 status 6-36 Port Tr[...]
-
Página 219
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-7 v1.1, August 2010 Routing Information Protocol. See RIP. Routing screen 3-15 RSA signatures 5-21 rules blocking traffic 4-2 inbound example 4-16 order of precedence 4-24 service blocking 4-3 services-based 4-3 running tracert 6-16 S SA IKE policies 5-20 VPN policies 5-28 , 5-29 sa[...]
-
Página 220
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-8 v1.1, August 2010 TCP/IP network, troubleshooting 7-5 technical specifications A-1 Time daylight savings, troubleshooting 7-8 setting 6-21 troubleshooting 7-7 Time Zone setting of 6-21 Time Zone screen 6-21 ToS. See QoS. tracert use with DDNS 6-16 traffic increasing 6-4 management[...]
-
Página 221
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-9 v1.1, August 2010 Web Components 4-30 blocking 4-33 filtering, about 4-30 Web configuration troubleshooting 7-3 WiKID 6-11 authentication, overview B-1 WinPoET 2-7 WINS server 3-4 , 3-13 X XAUTH IKE policies 5-22 IPSec Host 5-39 types of 5-39[...]
-
Página 222
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-10 v1.1, August 2010[...]