NETGEAR FWG114P v2 manuale d’uso

201-10301-02 , May 200 5 201-10301-02 May 2005 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95 054 USA Reference Manual for the ProSafe Wireless 802.1 1g Firewall/Print Server Model FWG1 14P v2[...]

ii 201-10301-02 , May 200 5 © 2005 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR is a trademark of Netge ar , Inc. Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation. Other brand and product names are registered tradem arks or trad emarks of their respective holders. St atement of Conditions In th[...]

201-10301-02 , May 200 5 iii Bestätigung des Hers tellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe W ireless 802.11 g Firewall/Print Server Mo del FWG1 14P v2 gemäß der im BMP T -AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimm ungen entstört ist. Das vor schriftsmäßige Betreiben einiger Geräte (z.B. T estsender) kann [...]

201-10301- 02, May 2005 iv[...]

Contents v 201-10301-02, May 2005 Content s Chapter 1 About This Manual Audience, Scope, Conventions, and Formats . ......... ................. ................ ............. ........ 1-1 How to Use This Manual ................. ................ ................ ................ ................ ............. .. 1-2 How to Print this Manual . .....[...]

201-10301-02, May 200 5 vi Contents Connecting the FWG1 14P v2 Wireless Firewall/ Print Server ................. ................ ........ 3-4 V erify That Basic Requirements Are Met .. ...................... ............. ................ ............ 3-4 Basic Setup T roubleshooting T ips ... ................ ................ ................ ...[...]

Contents vii 201-10301-02, May 2005 Configuring Dial-in on the Serial Port ........... ................ ................ ................ ................ .. 5-4 Basic Requirements for Dial-in .. ................... ................ ................ ................ ............ 5-5 How to Configure Dial-in .............. ................ .........[...]

201-10301-02, May 200 5 viii Contents T roubles hooting the Print Server ..... ............. ... ............. ................ ................ ............. ... 7-12 Chapter 8 Virt ual Private Ne tworking Overview of FWG1 14P v2 Policy-Based VPN Co nfiguration .... ................ ................ ..... 8-1 Using Policies to Manage VPN Traf f ic[...]

Contents ix 201-10301-02, May 2005 Changing the Administrator Pa ssword ..... ............. ................ ................. ................ ........ 9-9 Chapter 10 Advanced Configurat ion Using the W AN Set up Opti ons ........... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ............. ... .... ... ... 10-1 How to Configure[...]

201-10301-02, May 200 5 x Contents Subnet Addressing ................ ............. ................ ................. ............. ................ ....... B-4 Private IP Addresses .......... ... .... ............. ... ... ... ... .... ... ... ... ............. .... ... ... ... ... .... ... ... . B-7 Single IP Address Operation Using NA T .......[...]

Contents xi 201-10301-02, May 2005 Restarting the Network ....... ................ ................ ................ ................ ................ ......... C-12 Appendix D Firewall Log Format s Action List . ................ ............. ................ ................ ............. ................ ................ ........ ... D-1 Field L[...]

201-10301-02, May 200 5 xii Contents Is WP A Perfect? ........... ... ............. ... ... .... ... ... ... ... .... ... ............. ... ... .... ... ... ... ... .... ..... E-16 Product Support for WP A ............. ................ ................ ................ ................ ......... E-16 Supporting a Mixtur e of WP A and WEP Wi reless[...]

Contents xiii 201-10301-02, May 2005 Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 Configuration T emplate ... .... ... ............. ............. ................ ............. ................ ............. .... H-1 Using DDNS and Fully Qualified Domain Name s (FQDN) ....... ................ ............. . H-2 S tep-[...]

201-10301-02, May 200 5 xiv Contents[...]

About This Manual 1-1 201-10301-02, May 20 05 Chapter 1 About This Manual This chapter describes the intended audience, sc ope, conventions, and formats of this manual. Audience, Scope, Conventions, and Format s This reference manual assumes that the reader h as basic to interme diate computer and Internet skills. However , basic comp uter network,[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 1-2 About This Manual 201-10301-02, May 2005 How to Use This Manual The HTML version of this ma nual includes the following: • Buttons, and , for browsing forwards or backwards through the manual one pag e at a time • A button that displays the table of co[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 About This Manual 1-3 201-10301-02, May 20 05 How to Print this Manual T o print this manual you can choose one of the fo llowing several options, a ccording to your needs. • Printing a Page in the HTML V iew . Each page in the HTML version of the manu al i[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 1-4 About This Manual 201-10301-02, May 2005[...]

Introduction 2-1 201-10301-02, May 2005 Chapter 2 Introduction This chapter describes the features of the NETG EAR ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Key Features of the FWG1 14P v2 The ProSafe W ireless 802.1 1g Firewall/Print Serv er Model FWG1 14P v2, w ith a 4-port switch, connects your LAN to the Internet throu[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-2 Introduction 201-10301-02, May 2005 • Flash memory for firmware upgrade. • NA T off (classical routing). Full Routing on Both the Broadband and Serial Port s Y ou can install, configure, and ope rate the FWG1 14P v2 to take full advantage of a variety [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-3 201-10301-02, May 2005 • W ireless n etwork name broadc ast can be turned off so that only devices that have the network name (SSID) can connect. V irtual Private Networking The FWG1 14P v2 W ireless Firewall/Print Server provides a secure [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-4 Introduction 201-10301-02, May 2005 • Logs security incidents. The FWG1 14P v2 will log security events, such as blocked incoming traffic, port scans, attacks, and administrator logins. Y ou can conf igure the router to e-mail the log to you at specified[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-5 201-10301-02, May 2005 Extensive Protocol Support The FWG1 14P v2 W ireless Firewall/Print Server supports the T ransmission Control Protocol/ Internet Protocol (TCP/IP) and Ro uting Information Protocol (RIP). • The ability to enable or di[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-6 Introduction 201-10301-02, May 2005 Easy Inst allation and Management Y ou can install, configure, and operate the ProSaf e W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 within minutes after connecting it to the network. The following features[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-7 201-10301-02, May 2005 • 54 Mbps W ireless PC Card Model WG51 1 • 54 Mbps W ireless PCI Card Model WG31 1 • 54 Mbps W ireless USB 2.0 Adapter Model WG121 • ProSafe™ Indoor 5 dBi Omni-directional Antenna Model ANT2 4O5 • ProSafe™[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-8 Introduction 201-10301-02, May 2005 The FWG1 14P v2 Rear Panel The rear panel of the FWG1 14P v2 W ireless Fire wall/Print Server contains the port connections listed below . T able 2-1. LED Descriptions Label Activity Description POWER On Power is supplie[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Introduction 2-9 201-10301-02, May 2005 Figure 1-2: FWG1 14P v2 Rear Panel V iewed from left to right, the rear panel contains the following features: • W ireless antenna. • DB-9 serial port for modem connection. • USB 2.0 Printer Port. • Factory Defa[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 2-10 Introduction 201-10301-02, May 2005[...]

Connecting the FWG114P v2 to the Internet 3-1 201-10301-02, May 20 05 Chapter 3 Connecting the FWG1 14P v2 to the Internet This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. Y ou will find out how to configure your ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 for In te[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-2 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 For the initial connection to the In ternet and configuration of your router , you will need to connect a computer to the router that is set to automatically get its TCP/IP configuration fro[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-3 201-10301-02, May 20 05 Record Y our Internet Co nnection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and passwor[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-4 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 Connecting the FWG1 14P v2 Wireless Firewall/Print Server This section provides instructio ns for connecting the FWG1 14P v2 W ireless Firewall/Print Server. Also, the Resour ce CD for the P[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-5 201-10301-02, May 20 05 c. Securely insert the Ethernet cable from your broadban d modem into the Internet po rt ( B) on the FWG1 14P v2. Figure 3-2: Connect the broadb and modem to the router d. Securely inse[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-6 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 2. R ESTART YOUR NETWORK IN THE CORRECT SEQUENCE Wa r n i n g : Failure to restart your network in the correct sequence could prevent you from connecting to the Internet. a. First, turn on t[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-7 201-10301-02, May 20 05 3. L OG IN TO THE WIRELESS FIREWALL / PRINT SERVER a. From your PC, launch your Internet browser . Because you are not yet connected to the Internet, your browser will disp lay a page n[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-8 Connecting the FWG1 14P v2 to the Internet 201-10301-02, May 2005 d. After logging in to the router , y ou will see the login result page. Figure 3-7: Login Result p age[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FW G 1 14 P v2 to the Internet 3-9 201-10301-02, May 20 05 4. R UN THE S ETUP W IZARD TO CONNECT TO THE I NTERNET Figure 3-8: Se tup Wizard a. Y ou are now connec ted to the router . If you do not see the menu above, click the Setup W izard lin[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-10 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Basic Setup T roubleshooting Tip s Here are some tips for correcting simple problem s that prevent with yo u from connecting to the Internet or connectin g to the wireless fi rewall/print s[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-11 201-10301-02, May 20 05 • Fixed IP address assignment Next, the Setup W izard will repo rt which connection type it h as discovered, and then display the appropriate configuration menu. If the Setu p W izard f[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-12 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Note: Y ou will no longer need to launch the ISP’ s lo gin program on your computer in order to access the Internet. When you start an Internet application, your firewa ll will automatica[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-13 201-10301-02, May 20 05 Wizard-Detected Dynamic IP Account Setup If the Setup W izard determines that your Intern et service account uses Dynamic IP assignme nt, you will be directed to the menu shown in Figure [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-14 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 If your ISP allows access from only one specific computer ’ s Ethernet MAC address, select “Use this MAC address.” The firewall will then capture and use the MAC address of the comput[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-15 201-10301-02, May 20 05 1. Enter your assigned IP Address, Subnet Mask , and the IP Address of your ISP’ s gateway router . This information should have been provided to you by your ISP . Y ou will need the co[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-16 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Figure 3-12: Serial Inter net Connection configuration menu c. Fill in the ISDN or analog ISP Internet configuration parameters as appropriate: • For a Dial-up Account, ente r the Account[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-17 201-10301-02, May 20 05 Note: Y ou can validate modem string se ttings by first connecting the modem directly to a computer , establishing a connection to yo ur ISP , and then copy ing the modem string settings [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-18 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 Manually Configuring Y our Internet Connection Y ou can manually configure your firewall using the menu b elow , or you can allo w the Setup W izard to determine your configuration as descr[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Connecting the FWG114 P v2 to the Internet 3-19 201-10301-02, May 20 05 How to Manually Configure th e Primary Intern et Connection Use these steps to manually configure the primary Internet connection in th e Basic Settings menu. 1. Select your Internet conn[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 3-20 Connecting the FWG114 P v2 to the Internet 201-10301-02, May 2005 7. Router ’ s MAC Address: This section determines the Ethernet MAC address that will be used by the firewall on the Internet po rt. Some ISPs will register th e Ethernet MAC address of t[...]

Wireless Configuration 4-1 201-10301-02, May 20 05 Chapter 4 Wireless Configuration This chapter describes how to configure the wire less features of your FWG114P v2 W ireles s Firewall/Print Server. Observing Performance, Placem ent, and Range Guidelines In planning your wire less network, you sh ou ld consider the level of se curity required. Y o[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-2 Wireless Configuration 201-10301-02, May 2005 Implementing Appropriate Wireless Security Unlike wired network data, your wireless data transmissions can extend beyond your walls and can be received by anyone with a compatible adapte r . For this reason, us[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-3 201-10301-02, May 20 05 • WP A/WP A2 with Radius or WP A/WP A2-PSK. W i-Fi Protected Access (WP A and WP A2) data encryption provides data security . The very strong authentication along with dynamic per frame rekeying of WP A and[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-4 Wireless Configuration 201-10301-02, May 2005 • Wir eless Ne twork. The station name of the FWG1 14P v2. — Wir eless Network Name (SSID). The SSID is also kn own as the wireless network name. Enter a value of up to 32 alphanumeric characters. In a se t[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-5 201-10301-02, May 20 05 T o restrict access based on MAC addresses, c lick the Set up Access List button and update the MAC access control list . • Security Options – Disable : No data encryption is used. – WEP (Wir ed Equival[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-6 Wireless Configuration 201-10301-02, May 2005 Default Factory Settings The FWG1 14P v2 default factory settings shown be low . Y ou can restore these defaults with the Factory Default Restore button on the re ar panel as seen in the illustration “FWG1 14[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-7 201-10301-02, May 20 05 Before Y ou Change the SSID and WEP Settings T ake the following steps: For a new wireless network, print or copy this form and fill in the configuration parameters. For an existing wireless network, the pers[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-8 Wireless Configuration 201-10301-02, May 2005 How to Set Up and T est B asic Wireless Connectivity Follow the instructions below to set up and te st basic wireless conne ctivity . Once you have established basic wireless connectivity , you can enable secur[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4-9 201-10301-02, May 20 05 7. Click Apply to save your changes. 8. Configure and test your PCs for wireless connectivity . Program the wireless adapter of your PCs to ha ve the same SSID that you configured in the FWG1 14P v2. Check th[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-10 Wireless Configur ation 201-10301-02, May 2005 4. Click Add to open the W ireless Card Access Setup menu. Y ou can select a de vice from the list of available wireless cards the FWG114P v2 has discovered in your area, or you can manually enter the MAC add[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -11 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-5: Wire le ss Settings menu (WEP) 3. Select WEP on the pulldown menu. The WEP options menu will open. 4. Choose the Authentication [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-12 Wireless Configur ation 201-10301-02, May 2005 – WEP Keys : If using WEP , you can manually or automatically progra m the four data encryption keys. These values must be identi cal on all PCs and A ccess Points in your network. • Automatic Key Generat[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -13 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-6: Wire le ss Settings menu (WP A with Radius) 3. Select WP A with Radius on the pulldown menu. The WP A with Radius menu will open[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-14 Wireless Configur ation 201-10301-02, May 2005 • Radius Port : Enter the port number used for conn ecting to the Radius S erver . • Shar ed Key : Enter the desired value for the Shared Key . This must match the value used on the Radius server . • Ra[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -15 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-7: Wirele ss Settings menu (WP A2 with Radius) 3. Select WP A2 with Radius on the pulldown menu. The WP A2 with Radius menu will op[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-16 Wireless Configur ation 201-10301-02, May 2005 • Secondary Radius Server Name/IP Addr ess : This field is optional. If you have a Secondary Radius Server on yo ur LAN, enter its name or IP address here. • Radius Port : Enter the port number used for c[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -17 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-8: Wirele ss Settings menu (WP A and WP A2 with Radius) 3. Select WP A and WP A2 with Radius on the pulldown menu. The WP A and WP [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-18 Wireless Configur ation 201-10301-02, May 2005 • Secondary Radius Server Name/IP Addr ess : This field is optional. If you have a Secondary Radius Server on yo ur LAN, enter its name or IP address here. • Radius Port : Enter the port number used for c[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -19 201-10301-02, May 20 05 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-9: Wire less Settings menu (WP A-PSK) 3. Select WP A-PSK on the pulldown menu. The WP A-PSK menu will open. 4. Select the desired E[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-20 Wireless Configur ation 201-10301-02, May 2005 How to Configure WP A2-PSK Note : Not all wireless adapters support WP A2. Furthermore, client software is required on the client. W indows XP and W indows 2000 with Servi ce Pack 3 do include the client soft[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Configuration 4 -21 201-10301-02, May 20 05 4. Select the desired Encryption method. Fo r WP A2-PSK, the only option is AES. 5. Enter the pre-shared key in the Passphra se field. Enter a w ord or group of printable characters in the Passphrase box. T[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 4-22 Wireless Configur ation 201-10301-02, May 2005 2. Click W ireless Settings in the main menu of the F WG1 14P v2. Figure 4-1 1: Wireless Sett ings menu (WP A-PSK and WP A2-PSK) 3. Select WP A-PSK and WP A2-PSK on the pulldown menu. The WP A-PSK and WP A2-P[...]

Serial Port Configuration 5-1 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Chapter 5 Serial Port Configuration This chapter describes how to configure th e serial port options of y our ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. The FWG1 14P v2 serial port lets you share the broadband co nnection of another FWG1 14[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-2 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Configuring a Serial Port Modem Y ou can configure a se rial port modem for any of the features described above. Be sure you have prepared the basic re quirements listed belo[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-3 201-10301-02, May 2005M-10 207-01, Reference Manual v2 — For dial-up, “Standard Modem” should work in most cases. Otherwise, select your modem from the list. — If your modem is not on the list, select “U ser Defined”[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-4 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Figure 5-2: Auto-Rollover config uration menu 3. Configure the Auto-Rollover settings. 4. Click Apply for the changes to take effect . Configuring Dial-in on the Serial Port [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-5 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Basic Requirement s for Dial-in Dial-in requires these elements: 1. A broadband co nnection to the F WG1 14P v2. 2. An analog phone line. 3. A serial modem properly configur[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-6 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2 Configuring LAN-to-LAN Settings LAN-to-LAN e nables dire ct communic ations be tween two FWG1 14P v2 wireless firewall/print servers. Figure 5-4: LAN-to-LAN ne twork configur[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Serial Port Con figuration 5-7 201-10301-02, May 2005M-10 207-01, Reference Manual v2 Figure 5-5: LAN-to-LAN configur ation menu 3. Configure the LAN-to-LAN settings. Note: The LAN subnet address of each FWG1 14P v2 must be dif ferent. 4. Click Apply for the [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 5-8 S erial Port Configuration 201-10301-02, May 2005M-10207- 01, Reference Manual v2[...]

Firewall Protection and Conten t Filtering 6-1 201-10301-02, May 20 05 Chapter 6 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2 to protect your network. These f eatures can be found by clicking on the Content Filteri[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-2 Firewall Protection and Content Filtering 201-10301-02, May 2005 • W eb addresses • W eb address keywords These options are discussed below . The Keyword Blockin g menu is shown here. Figure 6-1: Block Sites menu T o enable filtering, click the checkb [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-3 201-10301-02, May 20 05 T o delete a keyword or domain, select it from th e list, click Delete Keyword, then click Apply . Keyword application examples: • If the keyword "XXX" is specified, the URL <[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-4 Firewall Protection and Content Filtering 201-10301-02, May 2005 The service numbers for man y co mmon protocols are defined by the Internet Engineering T ask Force (IETF) and published in RFC1700, “Assi gned Numbers.” Servic e numbers for other applic[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-5 201-10301-02, May 20 05 These default rules are shown in the Rules table of th e Rules menu in Figure 6-2 : Figure 6-2: Rules menu Y ou can define additional rules that will specify exce ptions to the default ru l[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-6 Firewall Protection and Content Filtering 201-10301-02, May 2005 • Service. From this list, sel ect the application or service to be allowed or blocked. The list already displays many common services, but yo u are not limited to these choices. Use the Se[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-7 201-10301-02, May 20 05 Follow these guidelines when setting up port forwarding inbound rules: • If your external IP address is assigned dynamically by your ISP , the IP address may change periodically as the DH[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-8 Firewall Protection and Content Filtering 201-10301-02, May 2005 This rule is shown in Figure 6-3 . Example: Port Forwarding for Vide oconferencing If you want to allow incoming vi deoconferencing to be initiated from a restricted range of outside IP addre[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6-9 201-10301-02, May 20 05 Figure 6-5: Service example: port forwarding for VPN when NA T is Off In the example shown in Figure 6-5 , UDP port 500 connection s are de fined as the IPSec se rv ice. Figure 6-6: Inbound[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-10 Firewall Protection and Content Filtering 201-10301-02, May 2005 • IP address of the Internet site being contacted (destination address) •T i m e o f d a y • T ype of service be ing requested (service port number) Outbound Rule Example: Blocking Ins[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -11 201-10301-02, May 20 05 Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu. For any traffic attempting to pass through the firewall, the packet informatio n is [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-12 Firewall Protection and Content Filtering 201-10301-02, May 2005 Using a Schedule to Block or Allow Content or T raffic If you enabled content filtering in the Block Sites me nu, or if you d efined an outbound rule to use a schedule, you can set up a sche[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -13 201-10301-02, May 20 05 Note: Enter the values in 24-hour time format. For ex ample, 10:30 am would b e 10 hours and 30 minutes and 10:3 0 pm would be 22 hours and 30 minutes. Be sure to click Apply when you h a[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-14 Firewall Protection and Content Filtering 201-10301-02, May 2005 Figure 6-9: E-mail menu • T urn e-mail notification on. Select this check box if you want to receive e-mail logs and alerts from the router . • Send alerts and logs by e-mail. If you ena[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -15 201-10301-02, May 20 05 – If a Denial of Service attack is detected. – If a Port Scan is detected. – If a user on your LAN attemp ts to access a website that you blocked using Keyword blocking. • Send lo[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-16 Firewall Protection and Content Filtering 201-10301-02, May 2005 V iewing Logs of W eb Access or Attempted W eb Access The router will log security-related events, such as denied incomi ng and outgoing service requests, hacker probes, and administrator lo[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Protection and Content Filtering 6 -17 201-10301-02, May 20 05 Log action buttons are described in Ta b l e 6 - 1 . What to Include in the Event Log Use these ch eckbox es t o determine which ev ents a r e included in the log. Checking all options wi[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 6-18 Firewall Protection and Content Filtering 201-10301-02, May 2005 Enable one of these three options, as required: • Disable - select this if you do not have a Syslog server . • Broadcast on LAN - the Sysl og data is broadcast, rather than sent to a spe[...]

Print Server 7-1 201-10301-02, May 20 05 Chapter 7 Print Server This chapter describes how to in stall and configure the print ser ver in your ProSafe W ireless 802.1 1g Firewall/Print Se rver Model FWG1 14P v2. Printing Options The FWG1 14P v2 supports these methods for printing: • For Windows XP and 2000 Only: TCP/IP Line Printer Remote (LPR) P[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-2 Print Server 201-10301-02, May 2005 For Windows XP and 2000, U se TCP/IP LPR Printing Follow these instructions to set up TCP/IP printing on your W indows XP and 2000 PCs. Install the FWG1 14P v2, connect your printer to the USB port on the FWG1 14P v2, an[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-3 201-10301-02, May 20 05 Complete the Add S tandard TCP/IP Printer Port Wizard. a. Click Next to proceed with the Add Standard TCP/IP Printer Port W izard. The Add Port screen will display . b. From the Add Port screen, enter 192.168.0.1 , the[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-4 Print Server 201-10301-02, May 2005 Identify the printer connected to FWG1 14P v2 USB printer port. a. From the Install Printer Software screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the FWG1 14P v2[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-5 201-10301-02, May 20 05 Note: If two long files are sent to the printer at once, W indows will pop up a print failure error message. This message ca n be ignored. The file will pr int once the printer finishes printing the first file.[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-6 Print Server 201-10301-02, May 2005 For Windows 95/98/Me, Use the Ne tgear Printer Port Driver Follow these instructions to set up the Netg ear Printer Port Drive on W indows 9x PCs. Install the Netgear Printer Port Driver and configuration utility softwar[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-7 201-10301-02, May 20 05 Set up the Netgear printer port driver . a. Click Finish when the Installation W izard is done. The Printer Port Setup utility displays, and queries the network to locate the print server in the FWG1 14P v2. After a sh[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-8 Print Server 201-10301-02, May 2005 Identify the printer connected to the FWG1 14P v2 USB printer port. a. From the Add Printer W izard screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the FWG1 14P v2.[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-9 201-10301-02, May 20 05 Printing from the Macintosh Macintosh computers can connect to a TCP/IP network printer using the Line Printer Remote (LPR) protocol. LPR printi ng can be set up on any Macinto sh that has Desktop Printi ng installed o[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-10 Print Server 201-10301-02, May 2005 6. In the LPR Printer Selec tion box, click Change... 7. In the Printer Address field, type the name or IP address of the FWG1 14P v2 W ire less Firewall/Print Server. The IP address will us ually be 192.168.0.1. Y ou c[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-11 201-10301-02, May 20 05 Figure 7-1: Print Port Configu ration menu Items shown on this screen are as follows: •P o r t If desired, click Browse Device to select a diff erent device. The Select Device Port button supports multi-port models,[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-12 Print Server 201-10301-02, May 2005 T roubleshooting the Print Server Question: When I tried to install the Printer Driver for Peer -to-Peer printin g, I received an error message and the installation was aborted. Answer: This may be caused by an existing[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-13 201-10301-02, May 20 05 c. For Network Path or Queue, enter a dummy value, such as 123, as shown below . Select NO for “Do you print from MS-DOS-based programs?”. d. Click Next. Figure 7-2: Windows Add Printe r Wizard e. The printer wi[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-14 Print Server 201-10301-02, May 2005 g. Right-click the new printer and select Properti es. Then select the De tails tab, as shown below . Figure 7-3: Windows Print er Properties h. Click the Add Port button. On the resultin g screen, select Ot her , then [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Print Server 7-15 201-10301-02, May 20 05 k. Click OK to return to the Prin ters folders, and right-cl ick on the new printer . Make sure that the W ork Offline option is NOT checked. l. From the printer Properties page, General tab, pr int a test page to con[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 7-16 Print Server 201-10301-02, May 2005[...]

Virtual Private Networking 8-1 201-10301-02, May 20 05 Chapter 8 V irtual Private Networking This chapter describes how to u se the virtual private networking (VPN) features of the FWG1 14P v2 W ireless Firewall/Print Server. VPN tunnel s provide secure, encr ypted communications between your local network and a remote network or computer . The FWG[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-2 Virtual Private Networking 201-10301-02, May 2005 Using Policies to Manage VPN T r affic Y ou create policy definitions to manage VPN traffic on the FWG1 14P v2. There are two kinds of policies: • IKE Policies : Define the authenticatio n scheme and auto[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-3 201-10301-02, May 20 05 IKE Policies’ Automatic Key and Authentication Management Click the IKE Policies link from the VPN section of the main menu , and then click the Add button of the IKE Policies screen to display th e IKE[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-4 Virtual Private Networking 201-10301-02, May 2005 The IKE Policy Configuration fields are defined in the following tabl e. T able 8-1. IKE Policy Configuration Fields Field Description General These setti ngs identify this polic y an d determine its major [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-5 201-10301-02, May 20 05 Remote These parameters apply to the target remote FWG1 14P v2, VPN gateway , or VPN client. Remote Identity T ype Use this field to identi fy th e remote FWG1 14P v2. Y ou can choose one of the following[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-6 Virtual Private Networking 201-10301-02, May 2005 VPN Policy Configuration for Auto Key Negotiation An already defined IKE policy is required for VP N - Auto Policy config uration. From the VPN Policies section of the main menu, you can navigate to the VPN[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-7 201-10301-02, May 20 05 The VPN Auto Poli cy fields ar e defined in the following tabl e. T able 8-1. VPN Auto Policy Configuration Field s Field Description General These setti ngs identify this polic y an d determine its major[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-8 Virtual Private Networking 201-10301-02, May 2005 T raffic Selector These settings determine if and when a VPN tunnel will be established. If network tr affic me ets all criteria, then a VPN tunnel will be created. Local IP The drop-down menu allows yo u t[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking 8-9 201-10301-02, May 20 05 VPN Policy Configuration for Manual Key Exchange W ith Manual Key Management, you w ill not use an IKE poli cy . Y ou mu st manually type in all the required key information. Clic k the VPN Policies link [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-10 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-4: VPN - Manual Policy Menu[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-11 201-10301-02, May 20 05 The VPN Manual Policy fields are defined in t he following table. T able 8-1. VPN Manual Poli cy Configuration Fields Field Description General These setti ngs identify this polic y an d determine its m[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-12 Virtual Private Ne tworking 201-10301-02, May 2005 SPI - Incoming Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN end point has the sam e val u e in it s "Outgoin g SPI" fi el d . SPI - Outgoing Enter a Hex valu[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-13 201-10301-02, May 20 05 Encryption Algorithm If you enable ESP Encryption, then select the Encr yption Algorithm: • DES is the default. • 3DES is more secure. Key - In Enter the key in the fie ld s pro vi d ed . • For DE[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-14 Virtual Private Ne tworking 201-10301-02, May 2005 Using Digit al Certificates for IKE Auto-Policy Authentication Digital certificates are strings gene rated us ing encryption and authe n tication schemes which cannot be duplicated by anyone w ithout acce[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-15 201-10301-02, May 20 05 W alk-Through of Configurati on Scenarios on the FWG1 14P v2 There are a variety of configurations yo u migh t implement with the FWG1 14P v2. The scenarios listed below illustrate typical configura tio[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-16 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-5: VPN Wizard S t art Screen 2. Fill in the Connection Name, pre- shared key , and select the type of target end point, and click Next to proceed. Figure 8-6: Connection Na me and Remote IP T ype[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-17 201-10301-02, May 20 05 3. Fill in the IP Address or F QDN for the ta rget VPN endpoint W AN connectio n and click Next . Figure 8-7: Remote IP 4. Identify the IP addresses at the target endp oint which can use th is tunnel, a[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-18 Virtual Private Ne tworking 201-10301-02, May 2005 Figure 8-9: VPN Wizard Summary T o view the VPNC recommended authenticatio n and encryption Phase 1 and Phase 2 se ttings the VPN W izard used, click the “ her e ” link. 5. Click Done to complete the [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-19 201-10301-02, May 20 05 VPNC Scenario 1: Gate way to Gateway with Preshared Secret s The following is a typical gateway-to-gateway VPN that uses a preshared secret for authentication. Figure 8-10: VPN Consortium Sc ena rio 1 G[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-20 Virtual Private Ne tworking 201-10301-02, May 2005 Scenario 1: FWG1 14P v2 to FW G1 14P v2 with Preshared Secrets Note : This scenario assumes all ports are open on the FWG1 14P v2. Y ou can verify this by reviewing the security settings as seen in the ?[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-21 201-10301-02, May 20 05 c. From the main menu Advanced secti on, click on the LAN IP Setup link. Figure 8-13: LAN IP configurat ion menu d. Configure the LAN IP address according to th e settings above and click Apply to save [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-22 Virtual Private Ne tworking 201-10301-02, May 2005 3. Set up the IKE Policy illustrated below on th e FWG1 14P v2. a. From the main menu VPN sectio n, click on the IKE Policies link, and then click the Add button to display the screen below . Figure 8-14:[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-23 201-10301-02, May 20 05 4. Set up the FWG1 14P v2 VPN -Auto Policy illustrated below . a. From the main menu VPN sectio n, click on the VPN Policies link, and then click on the Add Auto Policy button. Figure 8-15: Scenario 1 V[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-24 Virtual Private Ne tworking 201-10301-02, May 2005 How to Check VPN Connections Y ou can te st connectivity and view VPN status information on the FWG1 14P v2. 1. T o test connectivity betwee n the Gateway A FWG1 14P v2 LAN and the Gateway B LAN, follow t[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-25 201-10301-02, May 20 05 VPNC Scenario 2: Gateway-to -Gateway with Certificates The following is a typical gatewa y-to-gateway VPN that uses PKIX certificates for authentication. Figure 8-16: VPN Consortium Sc ena rio 2 Gateway[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-26 Virtual Private Ne tworking 201-10301-02, May 2005 • Selectors for all IP protocols, all ports, between 10.5.6.0/24 an d 172.23.9.0/24, using IPv4 subnets Scenario 2: FWG1 14P v2 to FWG1 14P v2 with Certificates The following is a typical gate way-to-ga[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-27 201-10301-02, May 20 05 b. Click the Generate Request button to display the screen illustrated in Figure 8-17 below . . Figure 8-17: Generate Se lf Certificat e Request menu c. Fill in the fields on the Add Self Certificate sc[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-28 Virtual Private Ne tworking 201-10301-02, May 2005 – E-mail Address. Y ou can enter your e-mail address here. d. Click the Next button to continue. The FWG1 14 P v2 generates a Self Certificate Request as shown below . Figure 8-18: Self Ce rtificate Req[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-29 201-10301-02, May 20 05 c. When you have finished gathering the Self Ce rtificate Request data, click the Done button. Y ou will return to the Certificates screen where your pending “FWG1 14P v2” Self Certificate Request w[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-30 Virtual Private Ne tworking 201-10301-02, May 2005 f. Y ou will now see the “FWG1 14P v2” entry in the Active Self Certificates table and the pending “FWG1 14P v2” Self Certificate Request is gone, as illustrated bel ow . Figure 8-20: Self Certif [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-31 201-10301-02, May 20 05 Now , the traf fic from devices within the range of the LAN subnet addresses on FWG1 14P v2 A and Gateway B will be authenticated using the certificates rather tha n via a shared key . 8. Set up Certifi[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-32 Virtual Private Ne tworking 201-10301-02, May 2005 Netgear VPN Client to FWG1 14P v2 Follow these procedure s to configure a VPN tunn el from a NETGEAR ProSafe VPN Client to an FWG1 14P v2. This case study follows the V i rtual Private Network Consortium [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-33 201-10301-02, May 20 05 Figure 8-22: Addressing and Subnet Used for Examples S tep-By-Step Configuratio n of FWG1 14P v2 Gateway 1. Log in to the FWG1 14P v2 ga teway as in the illustration. Out of the box, the FW G1 14P v2 is[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-34 Virtual Private Ne tworking 201-10301-02, May 2005 2. Click IKE Policies under the VPN menu and click Add on the IKE Policies Menu. Figure 8-23: NETGEAR FWG1 14P v2 IKE Policy Configuration – Enter a descriptive name for the policy in the Policy Name fi[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-35 201-10301-02, May 20 05 – From the Remote Identit y drop-down box, select Fully Qualified Domain Name . –T y p e VPNclien t in the Remote Identity Data. This will also be entered in the VPN Client My Identity ID T ype fiel[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-36 Virtual Private Ne tworking 201-10301-02, May 2005 3. Click the VPN Policies link under the VPN category on the le ft side of the main menu. This will take you to the VPN Policies Menu page. Click Add Auto Policy . This will open a new screen titled VPN ?[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-37 201-10301-02, May 20 05 – From the Remote VP N Endpoint Address T ype drop -down box, select IP Address . –T y p e 0.0.0.0 as the Address Data of the client beca use we are assuming the remote PC will have a dynamically as[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-38 Virtual Private Ne tworking 201-10301-02, May 2005 – Select Enable Authentication in the ESP Configuration Enable Authentication check box. Note : Do not confuse this with the Authentication Protocol (AH) option. Using the AH option will prevent clients[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-39 201-10301-02, May 20 05 1. Install the Netgear VPN Client Software on the PC. • Y ou may need to insert your W indow s CD to complete the installation. • Reboot your PC after installing the client software. 2. Configur e t[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-40 Virtual Private Ne tworking 201-10301-02, May 2005 Note : If the configuration settings on this scree n are not available for editing, go to the Options menu, select Secure, and Specified Options to enable editing these se ttings. From the Edit menu of th[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-41 201-10301-02, May 20 05 b. Click Pr e-Shar ed Key . Figure 8-29: Connection Identi ty Pre-Shared Key c. Enter hr5xb84l6aa9r6 , which is the same Pre-Shared Key entered in the FWG1 14P v2. d. Click OK . 4. Configur e the Connec[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-42 Virtual Private Ne tworking 201-10301-02, May 2005 5. Configur e the Connection Security Policy In this step, you will provid e the authentication (IKE Phase 1) settings, and th e key exchange (Phase 2) settings. The setting choices in this procedure foll[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-43 201-10301-02, May 20 05 Figure 8-32: Connection Security Policy Key Exchange (Phase 2) b. Configure the Key Exchange (Phase 2). • Expand the Key Exchange (Phase 2) he ading, and click on Proposal 1. • For this example, ens[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-44 Virtual Private Ne tworking 201-10301-02, May 2005 6. Configur e the Global Policy Setti ngs. a. From the Options menu at the top of th e Security Policy Editor window , select Global Policy Settings . Figure 8-33: Security Policy Editor Global Policy Opt[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-45 201-10301-02, May 20 05 T esting the VPN Connection Y ou can test the VPN connection in several ways: • From the client PC to the FWG1 14P v2 • From the FWG1 14P v2 to the client PC These procedures are explained below . F[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-46 Virtual Private Ne tworking 201-10301-02, May 2005 T o test the connection to a co mputer connected to the FWG1 14P v2, simply ping the IP address of that computer . Once connected, you can open a brows er on the remote PC and enter the LAN IP Address of [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Ne tworking 8-47 201-10301-02, May 20 05 A sample Connection Monitor screen for a dif f erent conn ectio n is sh own below: Figure 8-35: Connection Monit or screen In this example the follo wing connection op tions apply: • The FWG1 1 4P v2 [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 8-48 Virtual Private Ne tworking 201-10301-02, May 2005 The FWG1 14P v2 VPN Status screen for a successful connection is shown below : Figure 8-36: FWG1 14P v 2 VPN St atus screen[...]

Maintenance 9-1 201-10301-02, May 20 05 Chapter 9 Maintenance This chapter describes how to use the maintenan ce features of your ProSafe Wireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Thes e features are accessed via the Main Menu Maintenance heading. V iewing Wireless Firewall/Print Server S t atus Information The Router S tatus menu [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-2 Maintenance 201-10301-02, May 2005 Figure 9-1: Router S t atus screen The Router S tatus screen shows the following parameters: T able 9-1. St atus Fields Field Description System Name The System Name assigne d to the router . Firmware V ersion The ro uter[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-3 201-10301-02, May 20 05 Printer S tatus The printer status. W AN Port These parameters apply to the Internet (WAN) port of the router . MAC Address This field displays the MAC addr ess being used by the Internet (WAN) port of the router . IP [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-4 Maintenance 201-10301-02, May 2005 Click “W AN Status” to displa y the W AN connection status. Figure 9-2: Connectio n S tatus screen This screen shows the following statistics:. Modem The status of the modem port. Dial-In The status of the Dial-In por[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-5 201-10301-02, May 20 05 Log action buttons are described in Ta b l e 9 - 2 . Click “Show S tatistics” to di splay router usage statistics. Figure 9-3: Router S t atistics screen This screen shows the following statistics: T able 9-2. Conn[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-6 Maintenance 201-10301-02, May 2005 W AN Status action buttons are described in T able 9-2 . V iewing a List of Att ached Devices The Attached Devices menu contains a table of all IP devices that the router has discovered on the local network. From the Main[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-7 201-10301-02, May 20 05 Upgrading the Router Sof tware The routing software of the FWG1 14P v2 W irele ss Firewall/Print Server is stored in FLASH memory , and can be upgraded as new software is released by NETGEAR. Upgrade files can be downl[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-8 Maintenance 201-10301-02, May 2005 From the Main Menu of the brow ser interface, under the Maintenan ce heading, select the Settings Backup heading to b ring up the menu sho wn below . Figure 9-5: Settings Ba cku p menu Three options are available, and are[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Maintenanc e 9-9 201-10301-02, May 20 05 Erasing the Configuration It is sometimes desirable to restore the router to a known blank condition. This can be done by using the Erase function, which will restore al l factory settings. After an erase, the router&a[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 9-10 Maintenance 201-10301-02, May 2005[...]

Advanced Configuration 10-1 201-10301-02, May 20 05 Chapter 10 Advanced Configuration This chapter describes how to configure the advan ced features of your ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Thes e features can be found under the Advanced heading in the Main Menu of the browser interface. Using the W AN Setup Optio[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-2 Advanced Configuration 201-10301-02, May 2005 Normally , this option is Enabled, so that an Internet connection will be made automatically whenever Internet-bound traffic is detected. In locations where Internet access is billed by the minute, if this cau[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-3 201-10301-02, May 20 05 • Setting the MTU Size The default MTU size is usually fine. The no rmal MTU (Maximum T ransmit Unit) value for most Ethernet networks is 1500 Bytes. For some ISPs, particularly those using PPPoE, you may[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-4 Advanced Configuration 201-10301-02, May 2005 3. Access the website of one of the dynamic DNS service providers whose names appear in the ‘Select Service Provider ’ box, and register for an account. For example, for dyndns.o rg, go to www .dyndns.or g[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-5 201-10301-02, May 20 05 Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services, such as DHCP and RIP . From the Main Menu of the bro[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-6 Advanced Configuration 201-10301-02, May 2005 These addresses are part of the IETF-designated private address range for use in private networks, and should be suitabl e in most applications. If yo ur network has a requirement to use a different IP address[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-7 201-10301-02, May 20 05 Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server , allowing it to assign IP , DNS server , and default gateway addresses to all c[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-8 Advanced Configuration 201-10301-02, May 2005 3. T ype the MA C Address of the computer or server . (T ip: If the computer is already present on your network, you can copy its MAC address from the Attached Devices menu and paste it here.) 4. Click Apply t[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-9 201-10301-02, May 20 05 Figure 10-3. St atic Route Entry and Edit Menu 2. T ype a route name for this static route in the Route Name box. (This is for identification purpose only .) 3. Select Active to make this route ef fective. [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-10 Advanced Configuration 201-10301-02, May 2005 • Y our company’ s network is 13 4.1 77.0.0. When you first configure d your router , two implic it static routes were crea ted. A default route was created with your ISP as the gateway , and a second sta[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-11 201-10301-02, May 20 05 b. T o a llow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and end ing IP address to defi ne the allowed range. c. T o a llow access from a single IP addr[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-12 Advanced Configuration 201-10301-02, May 2005 T urn UPnP On: UPnP can be enab led or disabled for automatic devic e configuration. The default setting for UPnP is enabled. If disabled, the rout er will not allow any device to automatically control the re[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Advanced Configur ation 10-13 201-10301-02, May 20 05 These settings normally do not need to be changed. • WMM support WMM (W ireless Multimedia) is a subset of th e 802.1 1e standard. WM M allows wireless traffic to have a range of priorities, depending on[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 10-14 Advanced Configuration 201-10301-02, May 2005[...]

Troubleshooting 11-1 201-10301-02 , May 2005 Chapter 11 T roubleshooting This chapter gives information about troubleshooting your ProSafe Wireless 802.1 1g Firewall/ Print Server Model FWG1 14P v2. After each prob lem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-2 Troubleshooting 201-10301-02 , May 2005 LEDs Never T urn Off When the router is turned on, th e LEDs turns on for about 10 seconds and then turns off. If all the LEDs stay on, there is a fault within the router . If all LEDs are still on one minute after [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-3 201-10301-02 , May 2005 T roubleshooting the Web Configuration Interface If you are unable to acce ss the router ’ s W eb Config uration interface from a computer on your local network, check the following : • Check the Ethernet conne[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-4 Troubleshooting 201-10301-02 , May 2005 T roubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a W AN IP address from the ISP . Unless yo u have been assigned a [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-5 201-10301-02 , May 2005 OR Configure your router to spoof your computer ’ s MAC address. This can be done in the Basic Settings menu. Refer to “Manually Configuring Y our Internet Conn ectio n” on page 3-18 . If your router can obta[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-6 Troubleshooting 201-10301-02 , May 2005 Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly , you could have one of t he following proble[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Troubleshooting 11-7 201-10301-02 , May 2005 — Y ou r ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many broadband ISPs restrict access by only allo wing traffic from the MAC address of your broadband modem, but some IS Ps ad[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 11-8 Troubleshooting 201-10301-02 , May 2005[...]

Technical Specifications A-1 201-10301-02, May 20 05 Appendix A T echnical S pecifications This appendix provides technica l specifications for the ProSafe W ireless 802.1 1g Firewall/Print Server Model FWG1 14P v2. Network Protocol and St andards Compatibility Data and Routing Protocols: TCP/IP , RIP-1, RIP-2, DHCP PPP over Ethernet (PPPoE) VPN Pr[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 A-2 Technical Specifications 201-10301-02, May 2005 Electromagnetic Emissions For North America and Australia FCC Part 15 Class B For Japan VCCI Class B For Europe EN 300 328, EN 301 489-17, E N 301 489-1, EN 60950 Interface S p ecifications LAN: 10BASE-T or 1[...]

Networks, Routing, and Firewall Basics B-1 201-10301-02, May 20 05 Appendix B Networks, Routing, and Firewall Basics This appendix provides an ov erview of IP networks, routing, and firewalls. Related Publications As you read this document, you may be dire cted to various RF C documents for further information. An RFC is a Request For Comment (RFC)[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-2 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 Routing Information Protocol One of the protocol s used b y a rout er to b uild an d maintain a picture of the network is the Routing Information Protocol (RIP). Us ing RIP , routers periodicall[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-3 201-10301-02, May 20 05 Figure 1 1- 1: Three Main Address Classes The five address classes are: • Class A Class A addresses can have up to 16,777,2 14 hosts on a single network. They use an eight-bit network number[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-4 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 This addressing structure allows IP addresses to uniquely identify each phys ical network and each node on each ph ysical network. For each unique value of the network portion of the address, th[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-5 201-10301-02, May 20 05 Subnet addressing al lows us to split one IP network ad dress into smaller multiple physical networks known as sub networks. Some of the node numbers are used as a su bn et number instead. A C[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-6 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 The following table lists the additional subnet mask bits in dotted-decimal notation. T o use the table, write down the original class netmask and replace the 0 value octets with the dotted-deci[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-7 201-10301-02, May 20 05 NETGEAR strongly recommends that you configur e all hosts on a LAN se gment to use the same netmask for the following reasons: • So that hosts recognize lo cal IP broadcast packets. When a d[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-8 Networks, Routing, and Firewall Basics 201-10301-02, May 2005 The router accomplishes this address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Inte rnet. The inte rnal LAN IP addresses can be eith[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-9 201-10301-02, May 20 05 MAC Addresses an d Address Re solution Protocol An IP address alone cannot be used to deliver da ta from one LAN device to another . T o send data between LAN devices, you must convert the IP [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-10 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 When a PC accesses a resource by its descriptive name, it first contacts a DN S server to obtain the IP address of the resource. The PC sends the d esired message using the IP address. Ma ny l[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-11 201-10301-02, May 20 05 What is a Firewall? A firewall is a device that protects one netw ork from another , while allowing communication between the two. A firewall incorporates the functi ons of the NA T router , [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-12 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 . Category 5 Cable Quality Category 5 distributed cable that me ets ANSI/EIA/ TIA-568-A building wiring stan dards can be a maximum of 328 feet (ft.) or 10 0 meters (m) in length, div ided as [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-13 201-10301-02, May 20 05 Inside T wisted Pair Cables For two devices to communicate, th e transmitter of each device must be connected to the receiver of the other device. The cro sso ver function is usually implemen[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-14 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005 Figure B-3: Category 5 UTP Cable with Male RJ -4 5 Plug at Each End Note : Flat “silver satin” tele phone cable may have the same RJ-45 plug . However , using tele phone cable results in e[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Networks, Routing, and Firewall Basics B-15 201-10301-02, May 20 05 The FWG1 14P v2 W ireless Firewall/Print Server incorporates Auto Uplink TM technology (als o called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable pl[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 B-16 Networks, Routing, and Firewall Ba sics 201-10301-02, May 2005[...]

Preparing Your Netwo rk C-1 201-10301-02, May 20 05 Appendix C Prep aring Y our Network This appendix describes how to prepare your ne twork to connect to the Internet through the ProSafe W ireless 802.11g Firewall/Print Serv er Model FWG1 14P v2 and how to verify the readiness of broadband Internet service from an Internet serv ice provider (ISP).[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-2 Preparing Yo ur Network 201-10301-02, May 2005 In your IP network, each PC and the firewall must be assigned unique IP addresses. Each PC must also have certain other IP configuratio n informa tion, such as a subnet ma sk (netmask), a domain name server (D[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-3 201-10301-02, May 20 05 Y ou must have an Ethernet adapter , the TCP/IP protocol, and Client for M icrosoft Networks. If you need to install a ne w adapter , follow these steps: a. Click the Add button. b. Select Adapter , and then[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-4 Preparing Yo ur Network 201-10301-02, May 2005 If you need Client for Micro soft Networks: a. Click the Add button. b. Select Client, and then click Ad d. c. Select Microsoft. d. Select Client for Microsoft Networks, and then click OK. 3. Restart your PC f[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-5 201-10301-02, May 20 05 5. Uncheck all boxes in the LAN Internet Configuration screen and click Next. 6. Proceed to the end of th e W izard. V erifying TCP/IP Properties After your PC is configured and has rebooted, you can check t[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-6 Preparing Yo ur Network 201-10301-02, May 2005 5. V erify that ‘Client for Microsoft Networks’ and ‘Internet Protocol (TCP/IP)’ are present. If not, select Install and add them. 6. Select ‘Internet Protocol (TCP/IP)’, click Prop erties, and ver[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-7 201-10301-02, May 20 05 The TCP/IP Control Panel opens: 2. From the “Connect via” box, select your Macintosh’ s Ethernet interface. 3. From the “Configure” box, select Using DHCP Server . Y ou can leave the DHCP Client ID[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-8 Preparing Yo ur Network 201-10301-02, May 2005 V erifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebo oted, you can check the TC P/IP configuration by returning to the TCP/IP Control Panel. From th e Apple menu[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-9 201-10301-02, May 20 05 V erifying the Readiness of Y our Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable m[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-10 Preparing Your Network 201-10301-02, May 2005 • An IP address and subnet mask • A gateway IP address, which is the address of the ISP’ s router • One or more domain name server (DNS) IP addresses • Host name and domain suf fix For example, your [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Preparing Your Netwo rk C-11 201-10301-02, May 20 05 If an IP address appears under Installed Gatewa ys, write down the address. This is the ISP’ s gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS Co[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 C-12 Preparing Your Network 201-10301-02, May 2005 Rest arting the Network Once you have set up your com puters to work with the firewall, you must reset the network for the devices to be able to communicat e correctly . Restart any computer that is connected [...]

Firewall Log Formats D-1 201-10301-02, May 20 05 Appendix D Firewall Log Format s Action List Drop: Packet dropped by Firewall current inbound or outbound rules. Reset: TCP session reset by Firewa ll. Forward: Packet forwarded by Firewall to the ne xt hop based on matching the criteria in the rules table. Receive: Packet was pe rmitted by the firew[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-2 Firewall Log Formats 201-10301-02, May 2005 The format is: <DATE> <TIME> <PKT_TYPE> <SRC_IP> <S RC_INF> <DST_IP > <DST_INF> <ACTION><DESCRIPTION> [Fri, 2003-12-05 22:19:42] - UDP Pac ket - Source:172.31[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-3 201-10301-02, May 20 05 The format is: <DATE><TIME><PKT_TYPE>< SRC_IP><SRC_ PORT ><SRC_INF>< DST_IP><DST_POR T ><DST_PORT><ACTION><DESCRIPTION> <DATE><TIME>[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-4 Firewall Log Formats 201-10301-02, May 2005 Other Connections and T r affic to this Router The format is: <DATE><TIME>< PKT_TYPE ><SRC_IP><DST _IP><ACTION> [Fri, 2003-12-05 22:31:27] - ICMP Pa cket[Echo Request] - Source[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-5 201-10301-02, May 20 05 The format is: <DATE><TIME><PKT_TYPE>< SRC_IP><SRC_ PORT ><SRC_INF>< DST_IP><DST_POR T ><DST_PORT><ACTION><DESCRIPTION> <DATE> <TIME>[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-6 Firewall Log Formats 201-10301-02, May 2005 Access Block Site If keyword blocking is enabled and a keyword is specified, attempts to access a site whose URL contains a specified keyword are logged. The format is <DATE> <TIME> <EVENT> <[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Firewall Log Formats D-7 201-10301-02, May 20 05 The format is: <DATE><TIME><EVENT ><SRC_IP> <DATE><TIME><EVENT ><SRC_IP><SRC_PORT><DST_I P><DST_P ORT><ACT ION> [Fri, 2003-12-05 21:07:43][...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 D-8 Firewall Log Formats 201-10301-02, May 2005[...]

Wireless Networking Basics E-1 201-10301-02, May 20 05 Appendix E Wireless Networking Basics This chapter provides an overview of W ireless networking. Wireless Networking Overview The FWG1 14P v2 W ireless Firewall/Print Server conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.1 1b and 802.1 1g standards for wireless LAN[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-2 Wireless Networking B asics 201-10301-02, May 2005 Ad Hoc Mode (Peer- to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can g enerally communicate with [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-3 201-10301-02, May 20 05 • Shar ed Key . With Shared Key authentication, on ly those PCs that possess the correct authentication key can join the ne twork. By default, IEEE 802. 1 1 wireless devices operate in an Open System ne[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-4 Wireless Networking B asics 201-10301-02, May 2005 2. The access point auth enticates the station. 3. The station associates with the access point and joins the network. This process is illustrated below . Figure E-1: O pen syst em authen tication Shared K[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-5 201-10301-02, May 20 05 Figure E-2: Shared key authentication Overview of WEP Parameters Before enabling WEP on an 80 2.1 1 network, you must first consider what type of encryption you require and the key size you wa nt to use. [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-6 Wireless Networking B asics 201-10301-02, May 2005 Key Size The IEEE 802.1 1 standard su pports two types of WEP en cryption: 40-bit and 128-bit. The 64-bit WEP data encryption meth od allows for a five-character (40-bit) input. Additionally , 24 factory-s[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-7 201-10301-02, May 20 05 WEP Configuration Options The WEP settings must match on a ll 802.1 1 devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between acce[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-8 Wireless Networking B asics 201-10301-02, May 2005 Note: The availab le channels supported by the wireless products in va rious countries are dif ferent. For example, Channels 1 to 1 1 are supported in the U.S. and Canada, and Channels 1 to 13 are supporte[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-9 201-10301-02, May 20 05 WP A offers the following benefits: • Enhanced data privacy • Robust key management • Data origin authentication • Data integrity protection The W i-Fi Alliance is now perform ing interoperability[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-10 Wirele ss Network ing Basi cs 201-10301-02, May 2005 How Does WP A Comp are to IEEE 802.1 1i? WP A will be forward compatible with the IEEE 802.1 1i security specification currently under development. WP A is a subset of the current 8 02.11i draft and use[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-11 201-10301-02, May 20 05 The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods in clude 802.1X an d Pr e-s h are d ke y . Pre-shared key is an au[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-12 Wirele ss Network ing Basi cs 201-10301-02, May 2005 WP A Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Figure E-3: W P A Overview IEEE 802.1x offers an ef fective framework for authenticating and controlling user traffic [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-13 201-10301-02, May 20 05 Figure E-4: 802.1x Authent ication Sequence The AP sends Beacon Frames with WP A informatio n element to the stations in the service set. Information ele ments include the required au thentication method[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-14 Wirele ss Network ing Basi cs 201-10301-02, May 2005 3. The client sends an EAP-response packet containing the identity to the authentication server . The access point responds by enabling a port fo r passing only EAP packets from the client to an authent[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-15 201-10301-02, May 20 05 T emporal Key Integrity Protocol (TKIP) WP A uses TKIP to provide important data encr yption en hancements including a per -packet key mixing function, a message integrity check (M IC) named Michael , an[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-16 Wirele ss Network ing Basi cs 201-10301-02, May 2005 Is WP A Perfect? WP A is not without its vulnerabiliti es. Specifically , it is susceptible to denial of service (DoS) attacks. If the access point receives two da ta pa ckets that fail the mes sag e in[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Wireless Networking Basics E-17 201-10301-02, May 20 05 Changes to Wireless Access Point s W irele ss access points must have their firm ware upda ted to support the following: • The new WP A information element T o advertise their support of WP A, wireless[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 E-18 Wirele ss Network ing Basi cs 201-10301-02, May 2005 Microsoft has worked with many wireless vend ors to embed the WP A fi rmware update in the wireless adapter driver . So, to update yo ur Microsoft W indows wireless client, all you have to do is obtain [...]

Virtual Private Networking F-1 201-10301-02, May 20 05 Appendix F V irtual Private Networking There have been many improvements in the Internet, includin g Quality of S ervice, network performance, and inexpensive technologies, such as DSL. But one of the most important advances has been in V irtual Private Networking (VPN) Inte rnet Protocol secur[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-2 Virtual Private Networking 201-10301-02, May 2005 • Remote Access: Remote access enables telecommuters and mobile workers to access e-ma il and business applications. A dia l-up connection to an organization’ s modem pool is one method of access for re[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-3 201-10301-02, May 20 05 • Encapsulating Security Payload (ESP) : Provides confidentiality , authentication, and integrity . • Authentication Header (AH) : Provides authentication and integrity . • Internet Key Exchange (IK[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-4 Virtual Private Networking 201-10301-02, May 2005 The ESP header is inserted into the packet betw een the IP header and any subsequent packet contents. However , because ESP encrypts the data, the payload is changed. ESP does not encrypt the ESP header , n[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-5 201-10301-02, May 20 05 Mode SAs operate using modes. A mode is the method in which the IPSec protocol is applied to the packet. IPSec can be used in tunne l mode or tran sport mode. T ypically , the tunnel mode is used for gate[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-6 Virtual Private Networking 201-10301-02, May 2005 Key Management IPSec uses the Internet Key Exchange (IKE) protoc ol to facilitate and automate the SA setup and the exchange of keys between parties transferring data. Using keys ensures that only the sende[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-7 201-10301-02, May 20 05 VPN Process Overview Even though IPSec is standards-based, e ach vendo r has its own set of terms and procedures for implementing the standard. Because of these differences, it may be a good idea to revie[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-8 Virtual Private Networking 201-10301-02, May 2005 It will also be importan t to kn ow the su bnet mask of both gateway LAN Connections. Firewalls It is important to understand tha t many gateways are also firewalls. VPN tunn els c annot function properly i[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-9 201-10301-02, May 20 05 Figure F-5: VPN T unnel SA The SA contains all the information necessary for gateway A to negotiate a secure and encrypted communication stream with gateway B. This comm unication is often referred to as [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-10 Virtual Private Networking 201-10301-02, May 2005 2. IKE Phase I. a. The two parties negotiate the en cryption and au thentication algorithms to use in the IKE SAs. b. The two parties authenticate each other us ing a predetermined mechanism, such as presh[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Virtual Private Networking F-11 201-10301-02, May 20 05 VPNC IKE Phase II Parameters The IKE Phase 2 parameters used in Scenario 1 are: •T r i p l e D E S • SHA-1 • ESP tunnel mode • MODP group 1 • Perfect forward secrecy for rekeying • SA lifetim[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 F-12 Virtual Private Networking 201-10301-02, May 2005 • [RFC 791] Internet Pr otocol DARP A Internet Pr ogram Pr otocol Specification , Information Sciences Institute, US C, September 1981. • [RFC 1058] Routing Information Pr otocol , C Hedrick, Rutgers U[...]

NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-1 201-10301-02, May 20 05 Appendix G NETGEAR VPN Configuration FVS318 or FVM318 to FWG1 14P v2 This appendix provides a case study on how to configure a secure IPSec VPN tunnel between a NETGEAR FVS318 or FVM318 to a FWG1 14P v2. The configuratio n options and screens for the FVS318 and FVM[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-2 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 Figure G-1: Addressing and Subne t Used for Examples S tep-By-Step Configuration of FVS318 or FVM318 Gateway A 1. Log in to the FVS318 or FVM318 la beled Gateway A as in the i[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-3 201-10301-02, May 20 05 2. Click the VPN Settings link on the left side of the Settings management GUI. Click the radio button of the first available VPN leg (all 8 links are available in the exampl[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-4 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 – Choose a subnet from local address from the “T unnel ca n access” pull-down menu. – T ype the starting LAN IP Address of Gateway B ( 172.23.9.1 in our example) in th[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-5 201-10301-02, May 20 05 S tep-By-Step Configuratio n of FWG1 14P Gateway B 1. Log in to the NETGEAR FVS328 labe led Gateway B as in the illustration. Out of the box, the FVS328 is se t for its defau[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-6 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 Figure G-6: NETGEAR FVS328 IKE Policy Configuration – Part 2 – From the Encryption Al go rithm drop-down bo x, sele ct 3DES. – From the Authentication Algorith m drop-do[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-7 201-10301-02, May 20 05 Figure G-8: NETGEAR FVS328 VPN – Auto Policy (p art 1) – Enter a unique name to identify this policy . This name is not supplied to the remote VPN endpoint. In ou r exa m[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-8 NETGEAR VPN Configuration FV S318 or FVM318 to FWG114P v2 201-10301-02, May 2005 – T ype the LAN Subnet Mask of Gateway B ( 255.255.25 5.0 in our example) in the Local IP Subnet Mask field. Figure G-9: NETGEAR FWG1 14P v2 VPN – Auto Policy (par t 2) ?[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-9 201-10301-02, May 20 05 Figure G-10: NETGEAR FWG1 14P v2 VPN Policies Menu (Post Configurat ion) 6. When the sc reen returns to the VPN Policies , make sure the Enable check box is selected. Click t[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 G-10 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 201-10301-02, May 2005[...]

NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-1 201-10301-02, May 20 05 Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 This appendix provides a case study on how to configure a VPN tunnel between a NETGEAR FVS318 or FVM318 to a FWG1 14P v2 using a Fu lly Qualified Domain Name (FQDN) to resolve the publi[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-1: Addressing and Subnet Used for Examples Using DDNS and Fully Qualif ied Domain Names (FQDN) Many ISPs (Internet Service Pr oviders) provide connectivity to th[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-3 201-10301-02, May 20 05 DynDNS service. Gateway B w ill use the DDNS Service Provider when establishing a VPN tunnel. In order to establish VPN conn ectivity Gateway A must be conf igured to u[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-4 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 4. Select the Use a dynamic DNS service radio button for the servic e you are using. In this example we are using www .DynDNS .org as the service provider . – T ype the[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-5 201-10301-02, May 20 05 Figure H-4: NETGEAR FVS318 VPN Settings (p art 1) – Main Mode – In the Connection Name box, enter in a unique nam e for the VPN tunnel to be configured between the [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-6 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 – T ype the finishing LAN IP Addres s of Gateway B ( 0.0.0.0 in our example) in the Local IP Remote LAN Finish IP Address field. – T ype the LAN Subnet Mask of Gatewa[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-7 201-10301-02, May 20 05 S tep-By-Step Configurat ion of FVS328 Gateway B 1. Log in to the NETGEAR FVS328, labeled Gateway B in the illustration. Out of the box, the FVS328 is se t for its defa[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-8 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-7: NETGEAR FVS328 IKE Policy Configuration – Part 2 – From the Encryption Al go rithm drop-down bo x, sele ct 3DES. – From the Authentication Algorith m dr[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-9 201-10301-02, May 20 05 Figure H-9: NETGEAR FVS328 VPN – Auto Policy (p art 1) – Enter a unique name to identify this policy . This name is not supplied to the remote VPN endpoint. In our [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-10 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005 Figure H-10: NETGEAR FVS328 VPN – Auto Po licy (p art 2) – From the T raffic Selector Remote IP drop-down box, select Subnet address. – T ype the starting LAN IP A[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 H-1 1 201-10301-02, May 20 05 Figure H-1 1: NETGEAR FVS328 VPN Policies Menu (Post Configuration) 6. When the sc reen return s to the VPN Policies, make sure the Enable check box is selected. Clic[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 H-12 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -1 201-10301-02, May 20 05 Glossary Use the list below to find definitions for technical terms used in this manual. 802.1 1 S t andard 802.1 1, or IEEE 802.1 1, is a type of radio technology used for wireless local area networks (WLANs). It is a stan[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -2 Glossary 201-10301-02, May 2005 802.1 1e Standard 802.1 1e is a proposed IEEE standard to define quality of service (QoS) mechanis ms for wireless gear that gives support to bandwidth-sen sitiv e applications such as voice and video. 802.1 1g Standard Simil[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -3 201-10301-02, May 20 05 A bridge connects devices that all use the same kind of pro tocol. A router can connect networks that use differing protocols. It also reads th e addresses included in the packets and routes them to the appropriate computer[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -4 Glossary 201-10301-02, May 2005 ISA bus W i-Fi radi os. Client devices usually co mmunicate with hub devi ces li ke access points and gateways. Collision av oidance A network node characteristic for pr oactively detecting that it can transm it a si gnal wit[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -5 201-10301-02, May 20 05 DNS (Domai n Name Sy stem) A program that translates URLs to IP addresses by accessing a database maintained on a collection of Internet servers. The prog ram w ork s behind the scenes to facilitate su rfing the W eb with a[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -6 Glossary 201-10301-02, May 2005 Gateway In the wireless world, a gateway is an access point wi th additional software capab ilities such as providing NA T and DHCP . Gateways may also pro vide VPN support, roaming, firewalls, various levels of security , et[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -7 201-10301-02, May 20 05 IP (Internet Protocol) address A 32-bit number that identifies each se nder or receiver of information that is sent across the Internet. An IP address has two parts: an identifier of a particular netw ork on the Internet an[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -8 Glossary 201-10301-02, May 2005 In a wireless mesh example, each of the spheres be low represent a mesh router . Corporate servers and printers may be shared by attach ing to each mesh router . For wirele ss access to the mesh, an access point must be attac[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -9 201-10301-02, May 20 05 PHY defines parameters such as data rates, modula tion method, signaling para meters, transmitter/receiver synchronization, etc. W ithin an actual radio i mplementa tion, the PH Y corresponds to the radio fro nt end and bas[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -10 Glossary 201-10301-02, May 2005 Satellite broadb and A wireless high-speed Internet connection provided by satellit es. Som e sat e lli te broadband connections are two-way—up and down. Others are one-way , wit h the satell ite providing a high-speed dow[...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -11 201-10301-02, May 20 05 For example, when a web page is downloaded fro m a web server, the TCP program layer in that server divides the file into packets, numb ers the packet s, and th en forwards them individually to th e IP program layer . Alth[...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -12 Glossary 201-10301-02, May 2005 node equipped with WEP . W archalkers also draw identi fiers above the symbols to indicate the password that can be used to access the node, which can eas ily be obtained with snif fer software. As a recent development, the [...]

Reference Manual for the ProS afe Wireless 802. 11g Firewall/Print Server Model FWG114P v2 Glossary -13 201-10301-02, May 20 05 with the benefit of easier administration and use. This is similar to 802.1x support and requires a RADIUS server in order to implement. The W i-Fi Alliance will call this, 'WP A-Enterprise.' One variation of WP [...]

Reference Manual for the ProSafe Wireless 802.11g Firewall/Prin t Server Model FWG114P v2 -14 Glossary 201-10301-02, May 2005 Wi-Fi Protected Access in "Mixed Mode" Deployment In a large network with many clients, a likely scenario is that access points will be upgraded before all the W i-Fi clients. Some access points may operate in a &q[...]