NETGEAR FWG114P v2 инструкция обслуживания
- Просмотреть online или скачать инструкцию
- 296 страниц
- 8.05 mb
Идти на страницу of
Хорошее руководство по эксплуатации
Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации NETGEAR FWG114P v2. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции NETGEAR FWG114P v2 или обучающее видео для пользователей. Условием остается четкая и понятная форма.
Что такое руководство?
Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции NETGEAR FWG114P v2 можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.
К сожалению немного пользователей находит время для чтения инструкций NETGEAR FWG114P v2, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.
Из чего должно состоять идеальное руководство по эксплуатации?
Прежде всего в инструкции NETGEAR FWG114P v2 должна находится:
- информация относительно технических данных устройства NETGEAR FWG114P v2
- название производителя и год производства оборудования NETGEAR FWG114P v2
- правила обслуживания, настройки и ухода за оборудованием NETGEAR FWG114P v2
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам
Почему мы не читаем инструкций?
Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск NETGEAR FWG114P v2 это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок NETGEAR FWG114P v2 и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта NETGEAR, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания NETGEAR FWG114P v2, как это часто бывает в случае бумажной версии.
Почему стоит читать инструкции?
Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства NETGEAR FWG114P v2, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.
После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции NETGEAR FWG114P v2. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.
Содержание руководства
-
Страница 1
201-10301-02 , May 200 5 201-10301-02 May 2005 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95 054 USA Reference Manual for the ProSafe Wireless 802.1 1g Firewall/Print Server Model FWG1 14P v2[...]
-
Страница 2
ii 201-10301-02 , May 200 5 © 2005 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR is a trademark of Netge ar , Inc. Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation. Other brand and product names are registered tradem arks or trad emarks of their respective holders. St atement of Conditions In th[...]
-
Страница 3
201-10301-02 , May 200 5 iii Bestätigung des Hers tellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe W ireless 802.11 g Firewall/Print Server Mo del FWG1 14P v2 gemäß der im BMP T -AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimm ungen entstört ist. Das vor schriftsmäßige Betreiben einiger Geräte (z.B. T estsender) kann [...]
-
Страница 4
201-10301- 02, May 2005 iv[...]
-
Страница 5
Contents v 201-10301-02, May 2005 Content s Chapter 1 About This Manual Audience, Scope, Conventions, and Formats . ......... ................. ................ ............. ........ 1-1 How to Use This Manual ................. ................ ................ ................ ................ ............. .. 1-2 How to Print this Manual . .....[...]
-
Страница 6
201-10301-02, May 200 5 vi Contents Connecting the FWG1 14P v2 Wireless Firewall/ Print Server ................. ................ ........ 3-4 V erify That Basic Requirements Are Met .. ...................... ............. ................ ............ 3-4 Basic Setup T roubleshooting T ips ... ................ ................ ................ ...[...]
-
Страница 7
Contents vii 201-10301-02, May 2005 Configuring Dial-in on the Serial Port ........... ................ ................ ................ ................ .. 5-4 Basic Requirements for Dial-in .. ................... ................ ................ ................ ............ 5-5 How to Configure Dial-in .............. ................ .........[...]
-
Страница 8
201-10301-02, May 200 5 viii Contents T roubles hooting the Print Server ..... ............. ... ............. ................ ................ ............. ... 7-12 Chapter 8 Virt ual Private Ne tworking Overview of FWG1 14P v2 Policy-Based VPN Co nfiguration .... ................ ................ ..... 8-1 Using Policies to Manage VPN Traf f ic[...]
-
Страница 9
Contents ix 201-10301-02, May 2005 Changing the Administrator Pa ssword ..... ............. ................ ................. ................ ........ 9-9 Chapter 10 Advanced Configurat ion Using the W AN Set up Opti ons ........... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ............. ... .... ... ... 10-1 How to Configure[...]
-
Страница 10
201-10301-02, May 200 5 x Contents Subnet Addressing ................ ............. ................ ................. ............. ................ ....... B-4 Private IP Addresses .......... ... .... ............. ... ... ... ... .... ... ... ... ............. .... ... ... ... ... .... ... ... . B-7 Single IP Address Operation Using NA T .......[...]
-
Страница 11
Contents xi 201-10301-02, May 2005 Restarting the Network ....... ................ ................ ................ ................ ................ ......... C-12 Appendix D Firewall Log Format s Action List . ................ ............. ................ ................ ............. ................ ................ ........ ... D-1 Field L[...]
-
Страница 12
201-10301-02, May 200 5 xii Contents Is WP A Perfect? ........... ... ............. ... ... .... ... ... ... ... .... ... ............. ... ... .... ... ... ... ... .... ..... E-16 Product Support for WP A ............. ................ ................ ................ ................ ......... E-16 Supporting a Mixtur e of WP A and WEP Wi reless[...]
-
Страница 13
Contents xiii 201-10301-02, May 2005 Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 Configuration T emplate ... .... ... ............. ............. ................ ............. ................ ............. .... H-1 Using DDNS and Fully Qualified Domain Name s (FQDN) ....... ................ ............. . H-2 S tep-[...]
-
Страница 14
201-10301-02, May 200 5 xiv Contents[...]
-
Страница 15
About This Manual 1-1 201-10301-02, May 20 05 Chapter 1 About This Manual This chapter describes the intended audience, sc ope, conventions, and formats of this manual. Audience, Scope, Conventions, and Format s This reference manual assumes that the reader h as basic to interme diate computer and Internet skills. However , basic comp uter network,[...]
-
Страница 16
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 1-2 About This Manual 201-10301-02, May 2005 How to Use This Manual The HTML version of this ma nual includes the following: • Buttons, and , for browsing forwards or backwards through the manual one pag e at a time • A button that displays the table of co[...]
-
Страница 17
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 About This Manual 1-3 201-10301-02, May 20 05 How to Print this Manual T o print this manual you can choose one of the fo llowing several options, a ccording to your needs. • Printing a Page in the HTML V iew . Each page in the HTML version of the manu al i[...]
-
Страница 18
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 1-4 About This Manual 201-10301-02, May 2005[...]
-
Страница 19
Introduction 2-1 201-10301-02, May 2005 Chapter 2 Introduction This chapter describes the features of the NETG EAR ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Key Features of the FWG1 14P v2 The ProSafe W ireless 802.1 1g Firewall/Print Serv er Model FWG1 14P v2, w ith a 4-port switch, connects your LAN to the Internet throu[...]
-
Страница 20
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-2 Introduction 201-10301-02, May 2005 • Flash memory for firmware upgrade. • NA T off (classical routing). Full Routing on Both the Broadband and Serial Port s Y ou can install, configure, and ope rate the FWG1 14P v2 to take full advantage of a variety [...]
-
Страница 21
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-3 201-10301-02, May 2005 • W ireless n etwork name broadc ast can be turned off so that only devices that have the network name (SSID) can connect. V irtual Private Networking The FWG1 14P v2 W ireless Firewall/Print Server provides a secure [...]
-
Страница 22
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-4 Introduction 201-10301-02, May 2005 • Logs security incidents. The FWG1 14P v2 will log security events, such as blocked incoming traffic, port scans, attacks, and administrator logins. Y ou can conf igure the router to e-mail the log to you at specified[...]
-
Страница 23
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-5 201-10301-02, May 2005 Extensive Protocol Support The FWG1 14P v2 W ireless Firewall/Print Server supports the T ransmission Control Protocol/ Internet Protocol (TCP/IP) and Ro uting Information Protocol (RIP). • The ability to enable or di[...]
-
Страница 24
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-6 Introduction 201-10301-02, May 2005 Easy Inst allation and Management Y ou can install, configure, and operate the ProSaf e W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 within minutes after connecting it to the network. The following features[...]
-
Страница 25
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-7 201-10301-02, May 2005 • 54 Mbps W ireless PC Card Model WG51 1 • 54 Mbps W ireless PCI Card Model WG31 1 • 54 Mbps W ireless USB 2.0 Adapter Model WG121 • ProSafe™ Indoor 5 dBi Omni-directional Antenna Model ANT2 4O5 • ProSafe™[...]
-
Страница 26
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-8 Introduction 201-10301-02, May 2005 The FWG1 14P v2 Rear Panel The rear panel of the FWG1 14P v2 W ireless Fire wall/Print Server contains the port connections listed below . T able 2-1. LED Descriptions Label Activity Description POWER On Power is supplie[...]
-
Страница 27
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-9 201-10301-02, May 2005 Figure 1-2: FWG1 14P v2 Rear Panel V iewed from left to right, the rear panel contains the following features: • W ireless antenna. • DB-9 serial port for modem connection. • USB 2.0 Printer Port. • Factory Defa[...]
-
Страница 28
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-10 Introduction 201-10301-02, May 2005[...]
-
Страница 29
Connecting the FWG114P v2 to the Internet 3-1 201-10301-02, May 20 05 Chapter 3 Connecting the FWG1 14P v2 to the Internet This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. Y ou will find out how to configure your ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 for In te[...]
-
Страница 30
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-2 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 For the initial connection to the In ternet and configuration of your router , you will need to connect a computer to the router that is set to automatically get its TCP/IP configuration fro[...]
-
Страница 31
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-3 201-10301-02, May 20 05 Record Y our Internet Co nnection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and passwor[...]
-
Страница 32
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-4 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 Connecting the FWG1 14P v2 Wireless Firewall/Print Server This section provides instructio ns for connecting the FWG1 14P v2 W ireless Firewall/Print Server. Also, the Resour ce CD for the P[...]
-
Страница 33
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-5 201-10301-02, May 20 05 c. Securely insert the Ethernet cable from your broadban d modem into the Internet po rt ( B) on the FWG1 14P v2. Figure 3-2: Connect the broadb and modem to the router d. Securely inse[...]
-
Страница 34
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-6 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 2. R ESTART YOUR NETWORK IN THE CORRECT SEQUENCE Wa r n i n g : Failure to restart your network in the correct sequence could prevent you from connecting to the Internet. a. First, turn on t[...]
-
Страница 35
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-7 201-10301-02, May 20 05 3. L OG IN TO THE WIRELESS FIREWALL / PRINT SERVER a. From your PC, launch your Internet browser . Because you are not yet connected to the Internet, your browser will disp lay a page n[...]
-
Страница 36
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-8 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 d. After logging in to the router , y ou will see the login result page. Figure 3-7: Login Result p age[...]
-
Страница 37
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-9 201-10301-02, May 20 05 4. R UN THE S ETUP W IZARD TO CONNECT TO THE I NTERNET Figure 3-8: Se tup Wizard a. Y ou are now connec ted to the router . If you do not see the menu above, click the Setup W izard lin[...]
-
Страница 38
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-10 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Basic Setup T roubleshooting Tip s Here are some tips for correcting simple problem s that prevent with yo u from connecting to the Internet or connectin g to the wireless fi rewall/print s[...]
-
Страница 39
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-11 201-10301-02, May 20 05 • Fixed IP address assignment Next, the Setup W izard will repo rt which connection type it h as discovered, and then display the appropriate configuration menu. If the Setu p W izard f[...]
-
Страница 40
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-12 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Note: Y ou will no longer need to launch the ISP’ s lo gin program on your computer in order to access the Internet. When you start an Internet application, your firewa ll will automatica[...]
-
Страница 41
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-13 201-10301-02, May 20 05 Wizard-Detected Dynamic IP Account Setup If the Setup W izard determines that your Intern et service account uses Dynamic IP assignme nt, you will be directed to the menu shown in Figure [...]
-
Страница 42
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-14 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 If your ISP allows access from only one specific computer ’ s Ethernet MAC address, select “Use this MAC address.” The firewall will then capture and use the MAC address of the comput[...]
-
Страница 43
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-15 201-10301-02, May 20 05 1. Enter your assigned IP Address, Subnet Mask , and the IP Address of your ISP’ s gateway router . This information should have been provided to you by your ISP . Y ou will need the co[...]
-
Страница 44
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-16 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Figure 3-12: Serial Inter net Connection configuration menu c. Fill in the ISDN or analog ISP Internet configuration parameters as appropriate: • For a Dial-up Account, ente r the Account[...]
-
Страница 45
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-17 201-10301-02, May 20 05 Note: Y ou can validate modem string se ttings by first connecting the modem directly to a computer , establishing a connection to yo ur ISP , and then copy ing the modem string settings [...]
-
Страница 46
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-18 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Manually Configuring Y our Internet Connection Y ou can manually configure your firewall using the menu b elow , or you can allo w the Setup W izard to determine your configuration as descr[...]
-
Страница 47
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-19 201-10301-02, May 20 05 How to Manually Configure th e Primary Intern et Connection Use these steps to manually configure the primary Internet connection in th e Basic Settings menu. 1. Select your Internet conn[...]
-
Страница 48
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-20 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 7. Router ’ s MAC Address: This section determines the Ethernet MAC address that will be used by the firewall on the Internet po rt. Some ISPs will register th e Ethernet MAC address of t[...]
-
Страница 49
Wireless Configuration 4-1 201-10301-02, May 20 05 Chapter 4 Wireless Configuration This chapter describes how to configure the wire less features of your FWG114P v2 W ireles s Firewall/Print Server. Observing Performance, Placem ent, and Range Guidelines In planning your wire less network, you sh ou ld consider the level of se curity required. Y o[...]
-
Страница 50
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-2 Wireless Configuration 201-10301-02, May 2005 Implementing Appropriate Wireless Security Unlike wired network data, your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapte r . For this reason, us[...]
-
Страница 51
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-3 201-10301-02, May 20 05 • WP A/WP A2 with Radius or WP A/WP A2-PSK. W i-Fi Protected Access (WP A and WP A2) data encryption provides data security . The very strong authentication along with dynamic per frame rekeying of WP A and[...]
-
Страница 52
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-4 Wireless Configuration 201-10301-02, May 2005 • Wir eless Ne twork. The station name of the FWG1 14P v2. — Wir eless Network Name (SSID). The SSID is also kn own as the wireless network name. Enter a value of up to 32 alphanumeric characters. In a se t[...]
-
Страница 53
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-5 201-10301-02, May 20 05 T o restrict access based on MAC addresses, c lick the Set up Access List button and update the MAC access control list . • Security Options – Disable : No data encryption is used. – WEP (Wir ed Equival[...]
-
Страница 54
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-6 Wireless Configuration 201-10301-02, May 2005 Default Factory Settings The FWG1 14P v2 default factory settings shown be low . Y ou can restore these defaults with the Factory Default Restore button on the re ar panel as seen in the illustration “FWG1 14[...]
-
Страница 55
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-7 201-10301-02, May 20 05 Before Y ou Change the SSID and WEP Settings T ake the following steps: For a new wireless network, print or copy this form and fill in the configuration parameters. For an existing wireless network, the pers[...]
-
Страница 56
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-8 Wireless Configuration 201-10301-02, May 2005 How to Set Up and T est B asic Wireless Connectivity Follow the instructions below to set up and te st basic wireless conne ctivity . Once you have established basic wireless connectivity , you can enable secur[...]
-
Страница 57
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-9 201-10301-02, May 20 05 7. Click Apply to save your changes. 8. Configure and test your PCs for wireless connectivity . Program the wireless adapter of your PCs to ha ve the same SSID that you configured in the FWG1 14P v2. Check th[...]
-
Страница 58
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-10 Wireless Configur ation 201-10301-02, May 2005 4. Click Add to open the W ireless Card Access Setup menu. Y ou can select a de vice from the list of available wireless cards the FWG114P v2 has discovered in your area, or you can manually enter the MAC add[...]
-
Страница 59
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -11 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-5: Wire le ss Settings menu (WEP) 3. Select WEP on the pulldown menu. The WEP options menu will open. 4. Choose the Authentication [...]
-
Страница 60
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-12 Wireless Configur ation 201-10301-02, May 2005 – WEP Keys : If using WEP , you can manually or automatically progra m the four data encryption keys. These values must be identi cal on all PCs and A ccess Points in your network. • Automatic Key Generat[...]
-
Страница 61
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -13 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-6: Wire le ss Settings menu (WP A with Radius) 3. Select WP A with Radius on the pulldown menu. The WP A with Radius menu will open[...]
-
Страница 62
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-14 Wireless Configur ation 201-10301-02, May 2005 • Radius Port : Enter the port number used for conn ecting to the Radius S erver . • Shar ed Key : Enter the desired value for the Shared Key . This must match the value used on the Radius server . • Ra[...]
-
Страница 63
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -15 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-7: Wirele ss Settings menu (WP A2 with Radius) 3. Select WP A2 with Radius on the pulldown menu. The WP A2 with Radius menu will op[...]
-
Страница 64
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-16 Wireless Configur ation 201-10301-02, May 2005 • Secondary Radius Server Name/IP Addr ess : This field is optional. If you have a Secondary Radius Server on yo ur LAN, enter its name or IP address here. • Radius Port : Enter the port number used for c[...]
-
Страница 65
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -17 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-8: Wirele ss Settings menu (WP A and WP A2 with Radius) 3. Select WP A and WP A2 with Radius on the pulldown menu. The WP A and WP [...]
-
Страница 66
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-18 Wireless Configur ation 201-10301-02, May 2005 • Secondary Radius Server Name/IP Addr ess : This field is optional. If you have a Secondary Radius Server on yo ur LAN, enter its name or IP address here. • Radius Port : Enter the port number used for c[...]
-
Страница 67
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -19 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-9: Wire less Settings menu (WP A-PSK) 3. Select WP A-PSK on the pulldown menu. The WP A-PSK menu will open. 4. Select the desired E[...]
-
Страница 68
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-20 Wireless Configur ation 201-10301-02, May 2005 How to Configure WP A2-PSK Note : Not all wireless adapters support WP A2. Furthermore, client software is required on the client. W indows XP and W indows 2000 with Servi ce Pack 3 do include the client soft[...]
-
Страница 69
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -21 201-10301-02, May 20 05 4. Select the desired Encryption method. Fo r WP A2-PSK, the only option is AES. 5. Enter the pre-shared key in the Passphra se field. Enter a w ord or group of printable characters in the Passphrase box. T[...]
-
Страница 70
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-22 Wireless Configur ation 201-10301-02, May 2005 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-1 1: Wireless Sett ings menu (WP A-PSK and WP A2-PSK) 3. Select WP A-PSK and WP A2-PSK on the pulldown menu. The WP A-PSK and WP A2-P[...]
-
Страница 71
Serial Port Configuration 5-1 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Chapter 5 Serial Port Configuration This chapter describes how to configure th e serial port options of y our ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. The FWG1 14P v2 serial port lets you share the broadband co nnection of another FWG1 14[...]
-
Страница 72
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-2 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Configuring a Serial Port Modem Y ou can configure a se rial port modem for any of the features described above. Be sure you have prepared the basic re quirements listed belo[...]
-
Страница 73
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-3 201-10301-02, May 2005M-10 207-01, Reference Manual v2 — For dial-up, “Standard Modem” should work in most cases. Otherwise, select your modem from the list. — If your modem is not on the list, select “U ser Defined”[...]
-
Страница 74
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-4 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Figure 5-2: Auto-Rollover config uration menu 3. Configure the Auto-Rollover settings. 4. Click Apply for the changes to take effect . Configuring Dial-in on the Serial Port [...]
-
Страница 75
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-5 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Basic Requirement s for Dial-in Dial-in requires these elements: 1. A broadband co nnection to the F WG1 14P v2. 2. An analog phone line. 3. A serial modem properly configur[...]
-
Страница 76
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-6 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Configuring LAN-to-LAN Settings LAN-to-LAN e nables dire ct communic ations be tween two FWG1 14P v2 wireless firewall/print servers. Figure 5-4: LAN-to-LAN ne twork configur[...]
-
Страница 77
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-7 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Figure 5-5: LAN-to-LAN configur ation menu 3. Configure the LAN-to-LAN settings. Note: The LAN subnet address of each FWG1 14P v2 must be dif ferent. 4. Click Apply for the [...]
-
Страница 78
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-8 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2[...]
-
Страница 79
Firewall Protection and Conten t Filtering 6-1 201-10301-02, May 20 05 Chapter 6 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 to protect your network. These f eatures can be found by clicking on the Content Filteri[...]
-
Страница 80
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-2 Firewall Protection and Content Filtering 201-10301-02, May 2005 • W eb addresses • W eb address keywords These options are discussed below . The Keyword Blockin g menu is shown here. Figure 6-1: Block Sites menu T o enable filtering, click the checkb [...]
-
Страница 81
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-3 201-10301-02, May 20 05 T o delete a keyword or domain, select it from th e list, click Delete Keyword, then click Apply . Keyword application examples: • If the keyword "XXX" is specified, the URL <[...]
-
Страница 82
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-4 Firewall Protection and Content Filtering 201-10301-02, May 2005 The service numbers for man y co mmon protocols are defined by the Internet Engineering T ask Force (IETF) and published in RFC1700, “Assi gned Numbers.” Servic e numbers for other applic[...]
-
Страница 83
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-5 201-10301-02, May 20 05 These default rules are shown in the Rules table of th e Rules menu in Figure 6-2 : Figure 6-2: Rules menu Y ou can define additional rules that will specify exce ptions to the default ru l[...]
-
Страница 84
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-6 Firewall Protection and Content Filtering 201-10301-02, May 2005 • Service. From this list, sel ect the application or service to be allowed or blocked. The list already displays many common services, but yo u are not limited to these choices. Use the Se[...]
-
Страница 85
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-7 201-10301-02, May 20 05 Follow these guidelines when setting up port forwarding inbound rules: • If your external IP address is assigned dynamically by your ISP , the IP address may change periodically as the DH[...]
-
Страница 86
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-8 Firewall Protection and Content Filtering 201-10301-02, May 2005 This rule is shown in Figure 6-3 . Example: Port Forwarding for Vide oconferencing If you want to allow incoming vi deoconferencing to be initiated from a restricted range of outside IP addre[...]
-
Страница 87
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-9 201-10301-02, May 20 05 Figure 6-5: Service example: port forwarding for VPN when NA T is Off In the example shown in Figure 6-5 , UDP port 500 connection s are de fined as the IPSec se rv ice. Figure 6-6: Inbound[...]
-
Страница 88
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-10 Firewall Protection and Content Filtering 201-10301-02, May 2005 • IP address of the Internet site being contacted (destination address) •T i m e o f d a y • T ype of service be ing requested (service port number) Outbound Rule Example: Blocking Ins[...]
-
Страница 89
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -11 201-10301-02, May 20 05 Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu. For any traffic attempting to pass through the firewall, the packet informatio n is [...]
-
Страница 90
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-12 Firewall Protection and Content Filtering 201-10301-02, May 2005 Using a Schedule to Block or Allow Content or T raffic If you enabled content filtering in the Block Sites me nu, or if you d efined an outbound rule to use a schedule, you can set up a sche[...]
-
Страница 91
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -13 201-10301-02, May 20 05 Note: Enter the values in 24-hour time format. For ex ample, 10:30 am would b e 10 hours and 30 minutes and 10:3 0 pm would be 22 hours and 30 minutes. Be sure to click Apply when you h a[...]
-
Страница 92
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-14 Firewall Protection and Content Filtering 201-10301-02, May 2005 Figure 6-9: E-mail menu • T urn e-mail notification on. Select this check box if you want to receive e-mail logs and alerts from the router . • Send alerts and logs by e-mail. If you ena[...]
-
Страница 93
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -15 201-10301-02, May 20 05 – If a Denial of Service attack is detected. – If a Port Scan is detected. – If a user on your LAN attemp ts to access a website that you blocked using Keyword blocking. • Send lo[...]
-
Страница 94
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-16 Firewall Protection and Content Filtering 201-10301-02, May 2005 V iewing Logs of W eb Access or Attempted W eb Access The router will log security-related events, such as denied incomi ng and outgoing service requests, hacker probes, and administrator lo[...]
-
Страница 95
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -17 201-10301-02, May 20 05 Log action buttons are described in Ta b l e 6 - 1 . What to Include in the Event Log Use these ch eckbox es t o determine which ev ents a r e included in the log. Checking all options wi[...]
-
Страница 96
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-18 Firewall Protection and Content Filtering 201-10301-02, May 2005 Enable one of these three options, as required: • Disable - select this if you do not have a Syslog server . • Broadcast on LAN - the Sysl og data is broadcast, rather than sent to a spe[...]
-
Страница 97
Print Server 7-1 201-10301-02, May 20 05 Chapter 7 Print Server This chapter describes how to in stall and configure the print ser ver in your ProSafe W ireless 802.1 1g Firewall/Print Se rver Model FWG1 14P v2. Printing Options The FWG1 14P v2 supports these methods for printing: • For Windows XP and 2000 Only: TCP/IP Line Printer Remote (LPR) P[...]
-
Страница 98
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-2 Print Server 201-10301-02, May 2005 For Windows XP and 2000, U se TCP/IP LPR Printing Follow these instructions to set up TCP/IP printing on your W indows XP and 2000 PCs. Install the FWG1 14P v2, connect your printer to the USB port on the FWG1 14P v2, an[...]
-
Страница 99
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-3 201-10301-02, May 20 05 Complete the Add S tandard TCP/IP Printer Port Wizard. a. Click Next to proceed with the Add Standard TCP/IP Printer Port W izard. The Add Port screen will display . b. From the Add Port screen, enter 192.168.0.1 , the[...]
-
Страница 100
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-4 Print Server 201-10301-02, May 2005 Identify the printer connected to FWG1 14P v2 USB printer port. a. From the Install Printer Software screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the FWG1 14P v2[...]
-
Страница 101
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-5 201-10301-02, May 20 05 Note: If two long files are sent to the printer at once, W indows will pop up a print failure error message. This message ca n be ignored. The file will pr int once the printer finishes printing the first file.[...]
-
Страница 102
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-6 Print Server 201-10301-02, May 2005 For Windows 95/98/Me, Use the Ne tgear Printer Port Driver Follow these instructions to set up the Netg ear Printer Port Drive on W indows 9x PCs. Install the Netgear Printer Port Driver and configuration utility softwar[...]
-
Страница 103
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-7 201-10301-02, May 20 05 Set up the Netgear printer port driver . a. Click Finish when the Installation W izard is done. The Printer Port Setup utility displays, and queries the network to locate the print server in the FWG1 14P v2. After a sh[...]
-
Страница 104
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-8 Print Server 201-10301-02, May 2005 Identify the printer connected to the FWG1 14P v2 USB printer port. a. From the Add Printer W izard screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the FWG1 14P v2.[...]
-
Страница 105
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-9 201-10301-02, May 20 05 Printing from the Macintosh Macintosh computers can connect to a TCP/IP network printer using the Line Printer Remote (LPR) protocol. LPR printi ng can be set up on any Macinto sh that has Desktop Printi ng installed o[...]
-
Страница 106
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-10 Print Server 201-10301-02, May 2005 6. In the LPR Printer Selec tion box, click Change... 7. In the Printer Address field, type the name or IP address of the FWG1 14P v2 W ire less Firewall/Print Server. The IP address will us ually be 192.168.0.1. Y ou c[...]
-
Страница 107
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-11 201-10301-02, May 20 05 Figure 7-1: Print Port Configu ration menu Items shown on this screen are as follows: •P o r t If desired, click Browse Device to select a diff erent device. The Select Device Port button supports multi-port models,[...]
-
Страница 108
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-12 Print Server 201-10301-02, May 2005 T roubleshooting the Print Server Question: When I tried to install the Printer Driver for Peer -to-Peer printin g, I received an error message and the installation was aborted. Answer: This may be caused by an existing[...]
-
Страница 109
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-13 201-10301-02, May 20 05 c. For Network Path or Queue, enter a dummy value, such as 123, as shown below . Select NO for “Do you print from MS-DOS-based programs?”. d. Click Next. Figure 7-2: Windows Add Printe r Wizard e. The printer wi[...]
-
Страница 110
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-14 Print Server 201-10301-02, May 2005 g. Right-click the new printer and select Properti es. Then select the De tails tab, as shown below . Figure 7-3: Windows Print er Properties h. Click the Add Port button. On the resultin g screen, select Ot her , then [...]
-
Страница 111
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-15 201-10301-02, May 20 05 k. Click OK to return to the Prin ters folders, and right-cl ick on the new printer . Make sure that the W ork Offline option is NOT checked. l. From the printer Properties page, General tab, pr int a test page to con[...]
-
Страница 112
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-16 Print Server 201-10301-02, May 2005[...]
-
Страница 113
Virtual Private Networking 8-1 201-10301-02, May 20 05 Chapter 8 V irtual Private Networking This chapter describes how to u se the virtual private networking (VPN) features of the FWG1 14P v2 W ireless Firewall/Print Server. VPN tunnel s provide secure, encr ypted communications between your local network and a remote network or computer . The FWG[...]
-
Страница 114
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-2 Virtual Private Networking 201-10301-02, May 2005 Using Policies to Manage VPN T r affic Y ou create policy definitions to manage VPN traffic on the FWG1 14P v2. There are two kinds of policies: • IKE Policies : Define the authenticatio n scheme and auto[...]
-
Страница 115
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-3 201-10301-02, May 20 05 IKE Policies’ Automatic Key and Authentication Management Click the IKE Policies link from the VPN section of the main menu , and then click the Add button of the IKE Policies screen to display th e IKE[...]
-
Страница 116
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-4 Virtual Private Networking 201-10301-02, May 2005 The IKE Policy Configuration fields are defined in the following tabl e. T able 8-1. IKE Policy Configuration Fields Field Description General These setti ngs identify this polic y an d determine its major [...]
-
Страница 117
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-5 201-10301-02, May 20 05 Remote These parameters apply to the target remote FWG1 14P v2, VPN gateway , or VPN client. Remote Identity T ype Use this field to identi fy th e remote FWG1 14P v2. Y ou can choose one of the following[...]
-
Страница 118
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-6 Virtual Private Networking 201-10301-02, May 2005 VPN Policy Configuration for Auto Key Negotiation An already defined IKE policy is required for VP N - Auto Policy config uration. From the VPN Policies section of the main menu, you can navigate to the VPN[...]
-
Страница 119
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-7 201-10301-02, May 20 05 The VPN Auto Poli cy fields ar e defined in the following tabl e. T able 8-1. VPN Auto Policy Configuration Field s Field Description General These setti ngs identify this polic y an d determine its major[...]
-
Страница 120
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-8 Virtual Private Networking 201-10301-02, May 2005 T raffic Selector These settings determine if and when a VPN tunnel will be established. If network tr affic me ets all criteria, then a VPN tunnel will be created. Local IP The drop-down menu allows yo u t[...]
-
Страница 121
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-9 201-10301-02, May 20 05 VPN Policy Configuration for Manual Key Exchange W ith Manual Key Management, you w ill not use an IKE poli cy . Y ou mu st manually type in all the required key information. Clic k the VPN Policies link [...]
-
Страница 122
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-10 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-4: VPN - Manual Policy Menu[...]
-
Страница 123
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-11 201-10301-02, May 20 05 The VPN Manual Policy fields are defined in t he following table. T able 8-1. VPN Manual Poli cy Configuration Fields Field Description General These setti ngs identify this polic y an d determine its m[...]
-
Страница 124
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-12 Virtual Private Ne tworking 201-10301-02, May 2005 SPI - Incoming Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN end point has the sam e val u e in it s "Outgoin g SPI" fi el d . SPI - Outgoing Enter a Hex valu[...]
-
Страница 125
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-13 201-10301-02, May 20 05 Encryption Algorithm If you enable ESP Encryption, then select the Encr yption Algorithm: • DES is the default. • 3DES is more secure. Key - In Enter the key in the fie ld s pro vi d ed . • For DE[...]
-
Страница 126
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-14 Virtual Private Ne tworking 201-10301-02, May 2005 Using Digit al Certificates for IKE Auto-Policy Authentication Digital certificates are strings gene rated us ing encryption and authe n tication schemes which cannot be duplicated by anyone w ithout acce[...]
-
Страница 127
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-15 201-10301-02, May 20 05 W alk-Through of Configurati on Scenarios on the FWG1 14P v2 There are a variety of configurations yo u migh t implement with the FWG1 14P v2. The scenarios listed below illustrate typical configura tio[...]
-
Страница 128
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-16 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-5: VPN Wizard S t art Screen 2. Fill in the Connection Name, pre- shared key , and select the type of target end point, and click Next to proceed. Figure 8-6: Connection Na me and Remote IP T ype[...]
-
Страница 129
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-17 201-10301-02, May 20 05 3. Fill in the IP Address or F QDN for the ta rget VPN endpoint W AN connectio n and click Next . Figure 8-7: Remote IP 4. Identify the IP addresses at the target endp oint which can use th is tunnel, a[...]
-
Страница 130
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-18 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-9: VPN Wizard Summary T o view the VPNC recommended authenticatio n and encryption Phase 1 and Phase 2 se ttings the VPN W izard used, click the “ her e ” link. 5. Click Done to complete the [...]
-
Страница 131
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-19 201-10301-02, May 20 05 VPNC Scenario 1: Gate way to Gateway with Preshared Secret s The following is a typical gateway-to-gateway VPN that uses a preshared secret for authentication. Figure 8-10: VPN Consortium Sc ena rio 1 G[...]
-
Страница 132
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-20 Virtual Private Ne tworking 201-10301-02, May 2005 Scenario 1: FWG1 14P v2 to FW G1 14P v2 with Preshared Secrets Note : This scenario assumes all ports are open on the FWG1 14P v2. Y ou can verify this by reviewing the security settings as seen in the ?[...]
-
Страница 133
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-21 201-10301-02, May 20 05 c. From the main menu Advanced secti on, click on the LAN IP Setup link. Figure 8-13: LAN IP configurat ion menu d. Configure the LAN IP address according to th e settings above and click Apply to save [...]
-
Страница 134
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-22 Virtual Private Ne tworking 201-10301-02, May 2005 3. Set up the IKE Policy illustrated below on th e FWG1 14P v2. a. From the main menu VPN sectio n, click on the IKE Policies link, and then click the Add button to display the screen below . Figure 8-14:[...]
-
Страница 135
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-23 201-10301-02, May 20 05 4. Set up the FWG1 14P v2 VPN -Auto Policy illustrated below . a. From the main menu VPN sectio n, click on the VPN Policies link, and then click on the Add Auto Policy button. Figure 8-15: Scenario 1 V[...]
-
Страница 136
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-24 Virtual Private Ne tworking 201-10301-02, May 2005 How to Check VPN Connections Y ou can te st connectivity and view VPN status information on the FWG1 14P v2. 1. T o test connectivity betwee n the Gateway A FWG1 14P v2 LAN and the Gateway B LAN, follow t[...]
-
Страница 137
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-25 201-10301-02, May 20 05 VPNC Scenario 2: Gateway-to -Gateway with Certificates The following is a typical gatewa y-to-gateway VPN that uses PKIX certificates for authentication. Figure 8-16: VPN Consortium Sc ena rio 2 Gateway[...]
-
Страница 138
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-26 Virtual Private Ne tworking 201-10301-02, May 2005 • Selectors for all IP protocols, all ports, between 10.5.6.0/24 an d 172.23.9.0/24, using IPv4 subnets Scenario 2: FWG1 14P v2 to FWG1 14P v2 with Certificates The following is a typical gate way-to-ga[...]
-
Страница 139
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-27 201-10301-02, May 20 05 b. Click the Generate Request button to display the screen illustrated in Figure 8-17 below . . Figure 8-17: Generate Se lf Certificat e Request menu c. Fill in the fields on the Add Self Certificate sc[...]
-
Страница 140
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-28 Virtual Private Ne tworking 201-10301-02, May 2005 – E-mail Address. Y ou can enter your e-mail address here. d. Click the Next button to continue. The FWG1 14 P v2 generates a Self Certificate Request as shown below . Figure 8-18: Self Ce rtificate Req[...]
-
Страница 141
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-29 201-10301-02, May 20 05 c. When you have finished gathering the Self Ce rtificate Request data, click the Done button. Y ou will return to the Certificates screen where your pending “FWG1 14P v2” Self Certificate Request w[...]
-
Страница 142
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-30 Virtual Private Ne tworking 201-10301-02, May 2005 f. Y ou will now see the “FWG1 14P v2” entry in the Active Self Certificates table and the pending “FWG1 14P v2” Self Certificate Request is gone, as illustrated bel ow . Figure 8-20: Self Certif [...]
-
Страница 143
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-31 201-10301-02, May 20 05 Now , the traf fic from devices within the range of the LAN subnet addresses on FWG1 14P v2 A and Gateway B will be authenticated using the certificates rather tha n via a shared key . 8. Set up Certifi[...]
-
Страница 144
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-32 Virtual Private Ne tworking 201-10301-02, May 2005 Netgear VPN Client to FWG1 14P v2 Follow these procedure s to configure a VPN tunn el from a NETGEAR ProSafe VPN Client to an FWG1 14P v2. This case study follows the V i rtual Private Network Consortium [...]
-
Страница 145
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-33 201-10301-02, May 20 05 Figure 8-22: Addressing and Subnet Used for Examples S tep-By-Step Configuratio n of FWG1 14P v2 Gateway 1. Log in to the FWG1 14P v2 ga teway as in the illustration. Out of the box, the FW G1 14P v2 is[...]
-
Страница 146
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-34 Virtual Private Ne tworking 201-10301-02, May 2005 2. Click IKE Policies under the VPN menu and click Add on the IKE Policies Menu. Figure 8-23: NETGEAR FWG1 14P v2 IKE Policy Configuration – Enter a descriptive name for the policy in the Policy Name fi[...]
-
Страница 147
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-35 201-10301-02, May 20 05 – From the Remote Identit y drop-down box, select Fully Qualified Domain Name . –T y p e VPNclien t in the Remote Identity Data. This will also be entered in the VPN Client My Identity ID T ype fiel[...]
-
Страница 148
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-36 Virtual Private Ne tworking 201-10301-02, May 2005 3. Click the VPN Policies link under the VPN category on the le ft side of the main menu. This will take you to the VPN Policies Menu page. Click Add Auto Policy . This will open a new screen titled VPN ?[...]
-
Страница 149
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-37 201-10301-02, May 20 05 – From the Remote VP N Endpoint Address T ype drop -down box, select IP Address . –T y p e 0.0.0.0 as the Address Data of the client beca use we are assuming the remote PC will have a dynamically as[...]
-
Страница 150
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-38 Virtual Private Ne tworking 201-10301-02, May 2005 – Select Enable Authentication in the ESP Configuration Enable Authentication check box. Note : Do not confuse this with the Authentication Protocol (AH) option. Using the AH option will prevent clients[...]
-
Страница 151
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-39 201-10301-02, May 20 05 1. Install the Netgear VPN Client Software on the PC. • Y ou may need to insert your W indow s CD to complete the installation. • Reboot your PC after installing the client software. 2. Configur e t[...]
-
Страница 152
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-40 Virtual Private Ne tworking 201-10301-02, May 2005 Note : If the configuration settings on this scree n are not available for editing, go to the Options menu, select Secure, and Specified Options to enable editing these se ttings. From the Edit menu of th[...]
-
Страница 153
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-41 201-10301-02, May 20 05 b. Click Pr e-Shar ed Key . Figure 8-29: Connection Identi ty Pre-Shared Key c. Enter hr5xb84l6aa9r6 , which is the same Pre-Shared Key entered in the FWG1 14P v2. d. Click OK . 4. Configur e the Connec[...]
-
Страница 154
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-42 Virtual Private Ne tworking 201-10301-02, May 2005 5. Configur e the Connection Security Policy In this step, you will provid e the authentication (IKE Phase 1) settings, and th e key exchange (Phase 2) settings. The setting choices in this procedure foll[...]
-
Страница 155
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-43 201-10301-02, May 20 05 Figure 8-32: Connection Security Policy Key Exchange (Phase 2) b. Configure the Key Exchange (Phase 2). • Expand the Key Exchange (Phase 2) he ading, and click on Proposal 1. • For this example, ens[...]
-
Страница 156
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-44 Virtual Private Ne tworking 201-10301-02, May 2005 6. Configur e the Global Policy Setti ngs. a. From the Options menu at the top of th e Security Policy Editor window , select Global Policy Settings . Figure 8-33: Security Policy Editor Global Policy Opt[...]
-
Страница 157
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-45 201-10301-02, May 20 05 T esting the VPN Connection Y ou can test the VPN connection in several ways: • From the client PC to the FWG1 14P v2 • From the FWG1 14P v2 to the client PC These procedures are explained below . F[...]
-
Страница 158
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-46 Virtual Private Ne tworking 201-10301-02, May 2005 T o test the connection to a co mputer connected to the FWG1 14P v2, simply ping the IP address of that computer . Once connected, you can open a brows er on the remote PC and enter the LAN IP Address of [...]
-
Страница 159
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-47 201-10301-02, May 20 05 A sample Connection Monitor screen for a dif f erent conn ectio n is sh own below: Figure 8-35: Connection Monit or screen In this example the follo wing connection op tions apply: • The FWG1 1 4P v2 [...]
-
Страница 160
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-48 Virtual Private Ne tworking 201-10301-02, May 2005 The FWG1 14P v2 VPN Status screen for a successful connection is shown below : Figure 8-36: FWG1 14P v 2 VPN St atus screen[...]
-
Страница 161
Maintenance 9-1 201-10301-02, May 20 05 Chapter 9 Maintenance This chapter describes how to use the maintenan ce features of your ProSafe Wireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Thes e features are accessed via the Main Menu Maintenance heading. V iewing Wireless Firewall/Print Server S t atus Information The Router S tatus menu [...]
-
Страница 162
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-2 Maintenance 201-10301-02, May 2005 Figure 9-1: Router S t atus screen The Router S tatus screen shows the following parameters: T able 9-1. St atus Fields Field Description System Name The System Name assigne d to the router . Firmware V ersion The ro uter[...]
-
Страница 163
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-3 201-10301-02, May 20 05 Printer S tatus The printer status. W AN Port These parameters apply to the Internet (WAN) port of the router . MAC Address This field displays the MAC addr ess being used by the Internet (WAN) port of the router . IP [...]
-
Страница 164
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-4 Maintenance 201-10301-02, May 2005 Click “W AN Status” to displa y the W AN connection status. Figure 9-2: Connectio n S tatus screen This screen shows the following statistics:. Modem The status of the modem port. Dial-In The status of the Dial-In por[...]
-
Страница 165
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-5 201-10301-02, May 20 05 Log action buttons are described in Ta b l e 9 - 2 . Click “Show S tatistics” to di splay router usage statistics. Figure 9-3: Router S t atistics screen This screen shows the following statistics: T able 9-2. Conn[...]
-
Страница 166
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-6 Maintenance 201-10301-02, May 2005 W AN Status action buttons are described in T able 9-2 . V iewing a List of Att ached Devices The Attached Devices menu contains a table of all IP devices that the router has discovered on the local network. From the Main[...]
-
Страница 167
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-7 201-10301-02, May 20 05 Upgrading the Router Sof tware The routing software of the FWG1 14P v2 W irele ss Firewall/Print Server is stored in FLASH memory , and can be upgraded as new software is released by NETGEAR. Upgrade files can be downl[...]
-
Страница 168
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-8 Maintenance 201-10301-02, May 2005 From the Main Menu of the brow ser interface, under the Maintenan ce heading, select the Settings Backup heading to b ring up the menu sho wn below . Figure 9-5: Settings Ba cku p menu Three options are available, and are[...]
-
Страница 169
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-9 201-10301-02, May 20 05 Erasing the Configuration It is sometimes desirable to restore the router to a known blank condition. This can be done by using the Erase function, which will restore al l factory settings. After an erase, the router&a[...]
-
Страница 170
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-10 Maintenance 201-10301-02, May 2005[...]
-
Страница 171
Advanced Configuration 10-1 201-10301-02, May 20 05 Chapter 10 Advanced Configuration This chapter describes how to configure the advan ced features of your ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Thes e features can be found under the Advanced heading in the Main Menu of the browser interface. Using the W AN Setup Optio[...]
-
Страница 172
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-2 Advanced Configuration 201-10301-02, May 2005 Normally , this option is Enabled, so that an Internet connection will be made automatically whenever Internet-bound traffic is detected. In locations where Internet access is billed by the minute, if this cau[...]
-
Страница 173
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-3 201-10301-02, May 20 05 • Setting the MTU Size The default MTU size is usually fine. The no rmal MTU (Maximum T ransmit Unit) value for most Ethernet networks is 1500 Bytes. For some ISPs, particularly those using PPPoE, you may[...]
-
Страница 174
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-4 Advanced Configuration 201-10301-02, May 2005 3. Access the website of one of the dynamic DNS service providers whose names appear in the ‘Select Service Provider ’ box, and register for an account. For example, for dyndns.o rg, go to www .dyndns.or g[...]
-
Страница 175
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-5 201-10301-02, May 20 05 Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services, such as DHCP and RIP . From the Main Menu of the bro[...]
-
Страница 176
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-6 Advanced Configuration 201-10301-02, May 2005 These addresses are part of the IETF-designated private address range for use in private networks, and should be suitabl e in most applications. If yo ur network has a requirement to use a different IP address[...]
-
Страница 177
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-7 201-10301-02, May 20 05 Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server , allowing it to assign IP , DNS server , and default gateway addresses to all c[...]
-
Страница 178
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-8 Advanced Configuration 201-10301-02, May 2005 3. T ype the MA C Address of the computer or server . (T ip: If the computer is already present on your network, you can copy its MAC address from the Attached Devices menu and paste it here.) 4. Click Apply t[...]
-
Страница 179
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-9 201-10301-02, May 20 05 Figure 10-3. St atic Route Entry and Edit Menu 2. T ype a route name for this static route in the Route Name box. (This is for identification purpose only .) 3. Select Active to make this route ef fective. [...]
-
Страница 180
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-10 Advanced Configuration 201-10301-02, May 2005 • Y our company’ s network is 13 4.1 77.0.0. When you first configure d your router , two implic it static routes were crea ted. A default route was created with your ISP as the gateway , and a second sta[...]
-
Страница 181
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-11 201-10301-02, May 20 05 b. T o a llow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and end ing IP address to defi ne the allowed range. c. T o a llow access from a single IP addr[...]
-
Страница 182
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-12 Advanced Configuration 201-10301-02, May 2005 T urn UPnP On: UPnP can be enab led or disabled for automatic devic e configuration. The default setting for UPnP is enabled. If disabled, the rout er will not allow any device to automatically control the re[...]
-
Страница 183
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-13 201-10301-02, May 20 05 These settings normally do not need to be changed. • WMM support WMM (W ireless Multimedia) is a subset of th e 802.1 1e standard. WM M allows wireless traffic to have a range of priorities, depending on[...]
-
Страница 184
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-14 Advanced Configuration 201-10301-02, May 2005[...]
-
Страница 185
Troubleshooting 11-1 201-10301-02 , May 2005 Chapter 11 T roubleshooting This chapter gives information about troubleshooting your ProSafe Wireless 802.1 1g Firewall/ Print Server Model FWG1 14P v2. After each prob lem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the[...]
-
Страница 186
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-2 Troubleshooting 201-10301-02 , May 2005 LEDs Never T urn Off When the router is turned on, th e LEDs turns on for about 10 seconds and then turns off. If all the LEDs stay on, there is a fault within the router . If all LEDs are still on one minute after [...]
-
Страница 187
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-3 201-10301-02 , May 2005 T roubleshooting the Web Configuration Interface If you are unable to acce ss the router ’ s W eb Config uration interface from a computer on your local network, check the following : • Check the Ethernet conne[...]
-
Страница 188
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-4 Troubleshooting 201-10301-02 , May 2005 T roubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a W AN IP address from the ISP . Unless yo u have been assigned a [...]
-
Страница 189
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-5 201-10301-02 , May 2005 OR Configure your router to spoof your computer ’ s MAC address. This can be done in the Basic Settings menu. Refer to “Manually Configuring Y our Internet Conn ectio n” on page 3-18 . If your router can obta[...]
-
Страница 190
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-6 Troubleshooting 201-10301-02 , May 2005 Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly , you could have one of t he following proble[...]
-
Страница 191
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-7 201-10301-02 , May 2005 — Y ou r ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many broadband ISPs restrict access by only allo wing traffic from the MAC address of your broadband modem, but some IS Ps ad[...]
-
Страница 192
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-8 Troubleshooting 201-10301-02 , May 2005[...]
-
Страница 193
Technical Specifications A-1 201-10301-02, May 20 05 Appendix A T echnical S pecifications This appendix provides technica l specifications for the ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Network Protocol and St andards Compatibility Data and Routing Protocols: TCP/IP , RIP-1, RIP-2, DHCP PPP over Ethernet (PPPoE) VPN Pr[...]
-
Страница 194
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 A-2 Technical Specifications 201-10301-02, May 2005 Electromagnetic Emissions For North America and Australia FCC Part 15 Class B For Japan VCCI Class B For Europe EN 300 328, EN 301 489-17, E N 301 489-1, EN 60950 Interface S p ecifications LAN: 10BASE-T or 1[...]
-
Страница 195
Networks, Routing, and Firewall Basics B-1 201-10301-02, May 20 05 Appendix B Networks, Routing, and Firewall Basics This appendix provides an ov erview of IP networks, routing, and firewalls. Related Publications As you read this document, you may be dire cted to various RF C documents for further information. An RFC is a Request For Comment (RFC)[...]
-
Страница 196
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-2 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 Routing Information Protocol One of the protocol s used b y a rout er to b uild an d maintain a picture of the network is the Routing Information Protocol (RIP). Us ing RIP , routers periodicall[...]
-
Страница 197
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-3 201-10301-02, May 20 05 Figure 1 1- 1: Three Main Address Classes The five address classes are: • Class A Class A addresses can have up to 16,777,2 14 hosts on a single network. They use an eight-bit network number[...]
-
Страница 198
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-4 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 This addressing structure allows IP addresses to uniquely identify each phys ical network and each node on each ph ysical network. For each unique value of the network portion of the address, th[...]
-
Страница 199
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-5 201-10301-02, May 20 05 Subnet addressing al lows us to split one IP network ad dress into smaller multiple physical networks known as sub networks. Some of the node numbers are used as a su bn et number instead. A C[...]
-
Страница 200
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-6 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 The following table lists the additional subnet mask bits in dotted-decimal notation. T o use the table, write down the original class netmask and replace the 0 value octets with the dotted-deci[...]
-
Страница 201
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-7 201-10301-02, May 20 05 NETGEAR strongly recommends that you configur e all hosts on a LAN se gment to use the same netmask for the following reasons: • So that hosts recognize lo cal IP broadcast packets. When a d[...]
-
Страница 202
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-8 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 The router accomplishes this address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Inte rnet. The inte rnal LAN IP addresses can be eith[...]
-
Страница 203
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-9 201-10301-02, May 20 05 MAC Addresses an d Address Re solution Protocol An IP address alone cannot be used to deliver da ta from one LAN device to another . T o send data between LAN devices, you must convert the IP [...]
-
Страница 204
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-10 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 When a PC accesses a resource by its descriptive name, it first contacts a DN S server to obtain the IP address of the resource. The PC sends the d esired message using the IP address. Ma ny l[...]
-
Страница 205
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-11 201-10301-02, May 20 05 What is a Firewall? A firewall is a device that protects one netw ork from another , while allowing communication between the two. A firewall incorporates the functi ons of the NA T router , [...]
-
Страница 206
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-12 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 . Category 5 Cable Quality Category 5 distributed cable that me ets ANSI/EIA/ TIA-568-A building wiring stan dards can be a maximum of 328 feet (ft.) or 10 0 meters (m) in length, div ided as [...]
-
Страница 207
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-13 201-10301-02, May 20 05 Inside T wisted Pair Cables For two devices to communicate, th e transmitter of each device must be connected to the receiver of the other device. The cro sso ver function is usually implemen[...]
-
Страница 208
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-14 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 Figure B-3: Category 5 UTP Cable with Male RJ -4 5 Plug at Each End Note : Flat “silver satin” tele phone cable may have the same RJ-45 plug . However , using tele phone cable results in e[...]
-
Страница 209
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-15 201-10301-02, May 20 05 The FWG1 14P v2 W ireless Firewall/Print Server incorporates Auto Uplink TM technology (als o called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable pl[...]
-
Страница 210
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-16 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005[...]
-
Страница 211
Preparing Your Netwo rk C-1 201-10301-02, May 20 05 Appendix C Prep aring Y our Network This appendix describes how to prepare your ne twork to connect to the Internet through the ProSafe W ireless 802.11g Firewall/Print Serv er Model FWG1 14P v2 and how to verify the readiness of broadband Internet service from an Internet serv ice provider (ISP).[...]
-
Страница 212
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-2 Preparing Yo ur Network 201-10301-02, May 2005 In your IP network, each PC and the firewall must be assigned unique IP addresses. Each PC must also have certain other IP configuratio n informa tion, such as a subnet ma sk (netmask), a domain name server (D[...]
-
Страница 213
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-3 201-10301-02, May 20 05 Y ou must have an Ethernet adapter , the TCP/IP protocol, and Client for M icrosoft Networks. If you need to install a ne w adapter , follow these steps: a. Click the Add button. b. Select Adapter , and then[...]
-
Страница 214
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-4 Preparing Yo ur Network 201-10301-02, May 2005 If you need Client for Micro soft Networks: a. Click the Add button. b. Select Client, and then click Ad d. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. 3. Restart your PC f[...]
-
Страница 215
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-5 201-10301-02, May 20 05 5. Uncheck all boxes in the LAN Internet Configuration screen and click Next. 6. Proceed to the end of th e W izard. V erifying TCP/IP Properties After your PC is configured and has rebooted, you can check t[...]
-
Страница 216
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-6 Preparing Yo ur Network 201-10301-02, May 2005 5. V erify that ‘Client for Microsoft Networks’ and ‘Internet Protocol (TCP/IP)’ are present. If not, select Install and add them. 6. Select ‘Internet Protocol (TCP/IP)’, click Prop erties, and ver[...]
-
Страница 217
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-7 201-10301-02, May 20 05 The TCP/IP Control Panel opens: 2. From the “Connect via” box, select your Macintosh’ s Ethernet interface. 3. From the “Configure” box, select Using DHCP Server . Y ou can leave the DHCP Client ID[...]
-
Страница 218
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-8 Preparing Yo ur Network 201-10301-02, May 2005 V erifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebo oted, you can check the TC P/IP configuration by returning to the TCP/IP Control Panel. From th e Apple menu[...]
-
Страница 219
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-9 201-10301-02, May 20 05 V erifying the Readiness of Y our Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable m[...]
-
Страница 220
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-10 Preparing Your Network 201-10301-02, May 2005 • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’ s router • One or more domain name server (DNS) IP addresses • Host name and domain suf fix For example, your [...]
-
Страница 221
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-11 201-10301-02, May 20 05 If an IP address appears under Installed Gatewa ys, write down the address. This is the ISP’ s gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS Co[...]
-
Страница 222
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-12 Preparing Your Network 201-10301-02, May 2005 Rest arting the Network Once you have set up your com puters to work with the firewall, you must reset the network for the devices to be able to communicat e correctly . Restart any computer that is connected [...]
-
Страница 223
Firewall Log Formats D-1 201-10301-02, May 20 05 Appendix D Firewall Log Format s Action List Drop: Packet dropped by Firewall current inbound or outbound rules. Reset: TCP session reset by Firewa ll. Forward: Packet forwarded by Firewall to the ne xt hop based on matching the criteria in the rules table. Receive: Packet was pe rmitted by the firew[...]
-
Страница 224
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-2 Firewall Log Formats 201-10301-02, May 2005 The format is: <DATE> <TIME> <PKT_TYPE> <SRC_IP> <S RC_INF> <DST_IP > <DST_INF> <ACTION><DESCRIPTION> [Fri, 2003-12-05 22:19:42] - UDP Pac ket - Source:172.31[...]
-
Страница 225
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-3 201-10301-02, May 20 05 The format is: <DATE><TIME><PKT_TYPE>< SRC_IP><SRC_ PORT ><SRC_INF>< DST_IP><DST_POR T ><DST_PORT><ACTION><DESCRIPTION> <DATE><TIME>[...]
-
Страница 226
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-4 Firewall Log Formats 201-10301-02, May 2005 Other Connections and T r affic to this Router The format is: <DATE><TIME>< PKT_TYPE ><SRC_IP><DST _IP><ACTION> [Fri, 2003-12-05 22:31:27] - ICMP Pa cket[Echo Request] - Source[...]
-
Страница 227
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-5 201-10301-02, May 20 05 The format is: <DATE><TIME><PKT_TYPE>< SRC_IP><SRC_ PORT ><SRC_INF>< DST_IP><DST_POR T ><DST_PORT><ACTION><DESCRIPTION> <DATE> <TIME>[...]
-
Страница 228
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-6 Firewall Log Formats 201-10301-02, May 2005 Access Block Site If keyword blocking is enabled and a keyword is specified, attempts to access a site whose URL contains a specified keyword are logged. The format is <DATE> <TIME> <EVENT> <[...]
-
Страница 229
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-7 201-10301-02, May 20 05 The format is: <DATE><TIME><EVENT ><SRC_IP> <DATE><TIME><EVENT ><SRC_IP><SRC_PORT><DST_I P><DST_P ORT><ACT ION> [Fri, 2003-12-05 21:07:43][...]
-
Страница 230
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-8 Firewall Log Formats 201-10301-02, May 2005[...]
-
Страница 231
Wireless Networking Basics E-1 201-10301-02, May 20 05 Appendix E Wireless Networking Basics This chapter provides an overview of W ireless networking. Wireless Networking Overview The FWG1 14P v2 W ireless Firewall/Print Server conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.1 1b and 802.1 1g standards for wireless LAN[...]
-
Страница 232
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-2 Wireless Networking B asics 201-10301-02, May 2005 Ad Hoc Mode (Peer- to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can g enerally communicate with [...]
-
Страница 233
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-3 201-10301-02, May 20 05 • Shar ed Key . With Shared Key authentication, on ly those PCs that possess the correct authentication key can join the ne twork. By default, IEEE 802. 1 1 wireless devices operate in an Open System ne[...]
-
Страница 234
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-4 Wireless Networking B asics 201-10301-02, May 2005 2. The access point auth enticates the station. 3. The station associates with the access point and joins the network. This process is illustrated below . Figure E-1: O pen syst em authen tication Shared K[...]
-
Страница 235
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-5 201-10301-02, May 20 05 Figure E-2: Shared key authentication Overview of WEP Parameters Before enabling WEP on an 80 2.1 1 network, you must first consider what type of encryption you require and the key size you wa nt to use. [...]
-
Страница 236
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-6 Wireless Networking B asics 201-10301-02, May 2005 Key Size The IEEE 802.1 1 standard su pports two types of WEP en cryption: 40-bit and 128-bit. The 64-bit WEP data encryption meth od allows for a five-character (40-bit) input. Additionally , 24 factory-s[...]
-
Страница 237
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-7 201-10301-02, May 20 05 WEP Configuration Options The WEP settings must match on a ll 802.1 1 devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between acce[...]
-
Страница 238
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-8 Wireless Networking B asics 201-10301-02, May 2005 Note: The availab le channels supported by the wireless products in va rious countries are dif ferent. For example, Channels 1 to 1 1 are supported in the U.S. and Canada, and Channels 1 to 13 are supporte[...]
-
Страница 239
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-9 201-10301-02, May 20 05 WP A offers the following benefits: • Enhanced data privacy • Robust key management • Data origin authentication • Data integrity protection The W i-Fi Alliance is now perform ing interoperability[...]
-
Страница 240
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-10 Wirele ss Network ing Basi cs 201-10301-02, May 2005 How Does WP A Comp are to IEEE 802.1 1i? WP A will be forward compatible with the IEEE 802.1 1i security specification currently under development. WP A is a subset of the current 8 02.11i draft and use[...]
-
Страница 241
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-11 201-10301-02, May 20 05 The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods in clude 802.1X an d Pr e-s h are d ke y . Pre-shared key is an au[...]
-
Страница 242
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-12 Wirele ss Network ing Basi cs 201-10301-02, May 2005 WP A Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Figure E-3: W P A Overview IEEE 802.1x offers an ef fective framework for authenticating and controlling user traffic [...]
-
Страница 243
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-13 201-10301-02, May 20 05 Figure E-4: 802.1x Authent ication Sequence The AP sends Beacon Frames with WP A informatio n element to the stations in the service set. Information ele ments include the required au thentication method[...]
-
Страница 244
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-14 Wirele ss Network ing Basi cs 201-10301-02, May 2005 3. The client sends an EAP-response packet containing the identity to the authentication server . The access point responds by enabling a port fo r passing only EAP packets from the client to an authent[...]
-
Страница 245
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-15 201-10301-02, May 20 05 T emporal Key Integrity Protocol (TKIP) WP A uses TKIP to provide important data encr yption en hancements including a per -packet key mixing function, a message integrity check (M IC) named Michael , an[...]
-
Страница 246
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-16 Wirele ss Network ing Basi cs 201-10301-02, May 2005 Is WP A Perfect? WP A is not without its vulnerabiliti es. Specifically , it is susceptible to denial of service (DoS) attacks. If the access point receives two da ta pa ckets that fail the mes sag e in[...]
-
Страница 247
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-17 201-10301-02, May 20 05 Changes to Wireless Access Point s W irele ss access points must have their firm ware upda ted to support the following: • The new WP A information element T o advertise their support of WP A, wireless[...]
-
Страница 248
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-18 Wirele ss Network ing Basi cs 201-10301-02, May 2005 Microsoft has worked with many wireless vend ors to embed the WP A fi rmware update in the wireless adapter driver . So, to update yo ur Microsoft W indows wireless client, all you have to do is obtain [...]
-
Страница 249
Virtual Private Networking F-1 201-10301-02, May 20 05 Appendix F V irtual Private Networking There have been many improvements in the Internet, includin g Quality of S ervice, network performance, and inexpensive technologies, such as DSL. But one of the most important advances has been in V irtual Private Networking (VPN) Inte rnet Protocol secur[...]
-
Страница 250
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-2 Virtual Private Networking 201-10301-02, May 2005 • Remote Access: Remote access enables telecommuters and mobile workers to access e-ma il and business applications. A dia l-up connection to an organization’ s modem pool is one method of access for re[...]
-
Страница 251
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-3 201-10301-02, May 20 05 • Encapsulating Security Payload (ESP) : Provides confidentiality , authentication, and integrity . • Authentication Header (AH) : Provides authentication and integrity . • Internet Key Exchange (IK[...]
-
Страница 252
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-4 Virtual Private Networking 201-10301-02, May 2005 The ESP header is inserted into the packet betw een the IP header and any subsequent packet contents. However , because ESP encrypts the data, the payload is changed. ESP does not encrypt the ESP header , n[...]
-
Страница 253
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-5 201-10301-02, May 20 05 Mode SAs operate using modes. A mode is the method in which the IPSec protocol is applied to the packet. IPSec can be used in tunne l mode or tran sport mode. T ypically , the tunnel mode is used for gate[...]
-
Страница 254
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-6 Virtual Private Networking 201-10301-02, May 2005 Key Management IPSec uses the Internet Key Exchange (IKE) protoc ol to facilitate and automate the SA setup and the exchange of keys between parties transferring data. Using keys ensures that only the sende[...]
-
Страница 255
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-7 201-10301-02, May 20 05 VPN Process Overview Even though IPSec is standards-based, e ach vendo r has its own set of terms and procedures for implementing the standard. Because of these differences, it may be a good idea to revie[...]
-
Страница 256
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-8 Virtual Private Networking 201-10301-02, May 2005 It will also be importan t to kn ow the su bnet mask of both gateway LAN Connections. Firewalls It is important to understand tha t many gateways are also firewalls. VPN tunn els c annot function properly i[...]
-
Страница 257
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-9 201-10301-02, May 20 05 Figure F-5: VPN T unnel SA The SA contains all the information necessary for gateway A to negotiate a secure and encrypted communication stream with gateway B. This comm unication is often referred to as [...]
-
Страница 258
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-10 Virtual Private Networking 201-10301-02, May 2005 2. IKE Phase I. a. The two parties negotiate the en cryption and au thentication algorithms to use in the IKE SAs. b. The two parties authenticate each other us ing a predetermined mechanism, such as presh[...]
-
Страница 259
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-11 201-10301-02, May 20 05 VPNC IKE Phase II Parameters The IKE Phase 2 parameters used in Scenario 1 are: •T r i p l e D E S • SHA-1 • ESP tunnel mode • MODP group 1 • Perfect forward secrecy for rekeying • SA lifetim[...]
-
Страница 260
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-12 Virtual Private Networking 201-10301-02, May 2005 • [RFC 791] Internet Pr otocol DARP A Internet Pr ogram Pr otocol Specification , Information Sciences Institute, US C, September 1981. • [RFC 1058] Routing Information Pr otocol , C Hedrick, Rutgers U[...]
-
Страница 261
NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-1 201-10301-02, May 20 05 Appendix G NETGEAR VPN Configuration FVS318 or FVM318 to FWG1 14P v2 This appendix provides a case study on how to configure a secure IPSec VPN tunnel between a NETGEAR FVS318 or FVM318 to a FWG1 14P v2. The configuratio n options and screens for the FVS318 and FVM[...]
-
Страница 262
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-2 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 Figure G-1: Addressing and Subne t Used for Examples S tep-By-Step Configuration of FVS318 or FVM318 Gateway A 1. Log in to the FVS318 or FVM318 la beled Gateway A as in the i[...]
-
Страница 263
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-3 201-10301-02, May 20 05 2. Click the VPN Settings link on the left side of the Settings management GUI. Click the radio button of the first available VPN leg (all 8 links are available in the exampl[...]
-
Страница 264
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-4 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 – Choose a subnet from local address from the “T unnel ca n access” pull-down menu. – T ype the starting LAN IP Address of Gateway B ( 172.23.9.1 in our example) in th[...]
-
Страница 265
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-5 201-10301-02, May 20 05 S tep-By-Step Configuratio n of FWG1 14P Gateway B 1. Log in to the NETGEAR FVS328 labe led Gateway B as in the illustration. Out of the box, the FVS328 is se t for its defau[...]
-
Страница 266
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-6 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 Figure G-6: NETGEAR FVS328 IKE Policy Configuration – Part 2 – From the Encryption Al go rithm drop-down bo x, sele ct 3DES. – From the Authentication Algorith m drop-do[...]
-
Страница 267
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-7 201-10301-02, May 20 05 Figure G-8: NETGEAR FVS328 VPN – Auto Policy (p art 1) – Enter a unique name to identify this policy . This name is not supplied to the remote VPN endpoint. In ou r exa m[...]
-
Страница 268
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-8 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 – T ype the LAN Subnet Mask of Gateway B ( 255.255.25 5.0 in our example) in the Local IP Subnet Mask field. Figure G-9: NETGEAR FWG1 14P v2 VPN – Auto Policy (par t 2) ?[...]
-
Страница 269
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-9 201-10301-02, May 20 05 Figure G-10: NETGEAR FWG1 14P v2 VPN Policies Menu (Post Configurat ion) 6. When the sc reen returns to the VPN Policies , make sure the Enable check box is selected. Click t[...]
-
Страница 270
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-10 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 201-10301-02, May 2005[...]
-
Страница 271
NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-1 201-10301-02, May 20 05 Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 This appendix provides a case study on how to configure a VPN tunnel between a NETGEAR FVS318 or FVM318 to a FWG1 14P v2 using a Fu lly Qualified Domain Name (FQDN) to resolve the publi[...]
-
Страница 272
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-1: Addressing and Subnet Used for Examples Using DDNS and Fully Qualif ied Domain Names (FQDN) Many ISPs (Internet Service Pr oviders) provide connectivity to th[...]
-
Страница 273
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-3 201-10301-02, May 20 05 DynDNS service. Gateway B w ill use the DDNS Service Provider when establishing a VPN tunnel. In order to establish VPN conn ectivity Gateway A must be conf igured to u[...]
-
Страница 274
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-4 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 4. Select the Use a dynamic DNS service radio button for the servic e you are using. In this example we are using www .DynDNS .org as the service provider . – T ype the[...]
-
Страница 275
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-5 201-10301-02, May 20 05 Figure H-4: NETGEAR FVS318 VPN Settings (p art 1) – Main Mode – In the Connection Name box, enter in a unique nam e for the VPN tunnel to be configured between the [...]
-
Страница 276
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-6 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 – T ype the finishing LAN IP Addres s of Gateway B ( 0.0.0.0 in our example) in the Local IP Remote LAN Finish IP Address field. – T ype the LAN Subnet Mask of Gatewa[...]
-
Страница 277
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-7 201-10301-02, May 20 05 S tep-By-Step Configurat ion of FVS328 Gateway B 1. Log in to the NETGEAR FVS328, labeled Gateway B in the illustration. Out of the box, the FVS328 is se t for its defa[...]
-
Страница 278
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-8 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-7: NETGEAR FVS328 IKE Policy Configuration – Part 2 – From the Encryption Al go rithm drop-down bo x, sele ct 3DES. – From the Authentication Algorith m dr[...]
-
Страница 279
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-9 201-10301-02, May 20 05 Figure H-9: NETGEAR FVS328 VPN – Auto Policy (p art 1) – Enter a unique name to identify this policy . This name is not supplied to the remote VPN endpoint. In our [...]
-
Страница 280
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-10 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-10: NETGEAR FVS328 VPN – Auto Po licy (p art 2) – From the T raffic Selector Remote IP drop-down box, select Subnet address. – T ype the starting LAN IP A[...]
-
Страница 281
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-1 1 201-10301-02, May 20 05 Figure H-1 1: NETGEAR FVS328 VPN Policies Menu (Post Configuration) 6. When the sc reen return s to the VPN Policies, make sure the Enable check box is selected. Clic[...]
-
Страница 282
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-12 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005[...]
-
Страница 283
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -1 201-10301-02, May 20 05 Glossary Use the list below to find definitions for technical terms used in this manual. 802.1 1 S t andard 802.1 1, or IEEE 802.1 1, is a type of radio technology used for wireless local area networks (WLANs). It is a stan[...]
-
Страница 284
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -2 Glossary 201-10301-02, May 2005 802.1 1e Standard 802.1 1e is a proposed IEEE standard to define quality of service (QoS) mechanis ms for wireless gear that gives support to bandwidth-sen sitiv e applications such as voice and video. 802.1 1g Standard Simil[...]
-
Страница 285
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -3 201-10301-02, May 20 05 A bridge connects devices that all use the same kind of pro tocol. A router can connect networks that use differing protocols. It also reads th e addresses included in the packets and routes them to the appropriate computer[...]
-
Страница 286
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -4 Glossary 201-10301-02, May 2005 ISA bus W i-Fi radi os. Client devices usually co mmunicate with hub devi ces li ke access points and gateways. Collision av oidance A network node characteristic for pr oactively detecting that it can transm it a si gnal wit[...]
-
Страница 287
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -5 201-10301-02, May 20 05 DNS (Domai n Name Sy stem) A program that translates URLs to IP addresses by accessing a database maintained on a collection of Internet servers. The prog ram w ork s behind the scenes to facilitate su rfing the W eb with a[...]
-
Страница 288
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -6 Glossary 201-10301-02, May 2005 Gateway In the wireless world, a gateway is an access point wi th additional software capab ilities such as providing NA T and DHCP . Gateways may also pro vide VPN support, roaming, firewalls, various levels of security , et[...]
-
Страница 289
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -7 201-10301-02, May 20 05 IP (Internet Protocol) address A 32-bit number that identifies each se nder or receiver of information that is sent across the Internet. An IP address has two parts: an identifier of a particular netw ork on the Internet an[...]
-
Страница 290
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -8 Glossary 201-10301-02, May 2005 In a wireless mesh example, each of the spheres be low represent a mesh router . Corporate servers and printers may be shared by attach ing to each mesh router . For wirele ss access to the mesh, an access point must be attac[...]
-
Страница 291
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -9 201-10301-02, May 20 05 PHY defines parameters such as data rates, modula tion method, signaling para meters, transmitter/receiver synchronization, etc. W ithin an actual radio i mplementa tion, the PH Y corresponds to the radio fro nt end and bas[...]
-
Страница 292
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -10 Glossary 201-10301-02, May 2005 Satellite broadb and A wireless high-speed Internet connection provided by satellit es. Som e sat e lli te broadband connections are two-way—up and down. Others are one-way , wit h the satell ite providing a high-speed dow[...]
-
Страница 293
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -11 201-10301-02, May 20 05 For example, when a web page is downloaded fro m a web server, the TCP program layer in that server divides the file into packets, numb ers the packet s, and th en forwards them individually to th e IP program layer . Alth[...]
-
Страница 294
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -12 Glossary 201-10301-02, May 2005 node equipped with WEP . W archalkers also draw identi fiers above the symbols to indicate the password that can be used to access the node, which can eas ily be obtained with snif fer software. As a recent development, the [...]
-
Страница 295
Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -13 201-10301-02, May 20 05 with the benefit of easier administration and use. This is similar to 802.1x support and requires a RADIUS server in order to implement. The W i-Fi Alliance will call this, 'WP A-Enterprise.' One variation of WP [...]
-
Страница 296
Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -14 Glossary 201-10301-02, May 2005 Wi-Fi Protected Access in "Mixed Mode" Deployment In a large network with many clients, a likely scenario is that access points will be upgraded before all the W i-Fi clients. Some access points may operate in a &q[...]