NETGEAR FVS318G инструкция обслуживания

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222

Идти на страницу of

Хорошее руководство по эксплуатации

Законодательство обязывает продавца передать покупателю, вместе с товаром, руководство по эксплуатации NETGEAR FVS318G. Отсутствие инструкции либо неправильная информация, переданная потребителю, составляют основание для рекламации в связи с несоответствием устройства с договором. В законодательстве допускается предоставлении руководства в другой, чем бумажная форме, что, в последнее время, часто используется, предоставляя графическую или электронную форму инструкции NETGEAR FVS318G или обучающее видео для пользователей. Условием остается четкая и понятная форма.

Что такое руководство?

Слово происходит от латинского "instructio", тоесть привести в порядок. Следовательно в инструкции NETGEAR FVS318G можно найти описание этапов поведения. Цель инструкции заключается в облегчении запуска, использования оборудования либо выполнения определенной деятельности. Инструкция является набором информации о предмете/услуге, подсказкой.

К сожалению немного пользователей находит время для чтения инструкций NETGEAR FVS318G, и хорошая инструкция позволяет не только узнать ряд дополнительных функций приобретенного устройства, но и позволяет избежать возникновения большинства поломок.

Из чего должно состоять идеальное руководство по эксплуатации?

Прежде всего в инструкции NETGEAR FVS318G должна находится:
- информация относительно технических данных устройства NETGEAR FVS318G
- название производителя и год производства оборудования NETGEAR FVS318G
- правила обслуживания, настройки и ухода за оборудованием NETGEAR FVS318G
- знаки безопасности и сертификаты, подтверждающие соответствие стандартам

Почему мы не читаем инструкций?

Как правило из-за нехватки времени и уверенности в отдельных функциональностях приобретенных устройств. К сожалению само подсоединение и запуск NETGEAR FVS318G это слишком мало. Инструкция заключает ряд отдельных указаний, касающихся функциональности, принципов безопасности, способов ухода (даже то, какие средства стоит использовать), возможных поломок NETGEAR FVS318G и способов решения проблем, возникающих во время использования. И наконец то, в инструкции можно найти адресные данные сайта NETGEAR, в случае отсутствия эффективности предлагаемых решений. Сейчас очень большой популярностью пользуются инструкции в форме интересных анимаций или видео материалов, которое лучше, чем брошюра воспринимаются пользователем. Такой вид инструкции позволяет пользователю просмотреть весь фильм, не пропуская спецификацию и сложные технические описания NETGEAR FVS318G, как это часто бывает в случае бумажной версии.

Почему стоит читать инструкции?

Прежде всего здесь мы найдем ответы касательно конструкции, возможностей устройства NETGEAR FVS318G, использования отдельных аксессуаров и ряд информации, позволяющей вполне использовать все функции и упрощения.

После удачной покупки оборудования/устройства стоит посвятить несколько минут для ознакомления с каждой частью инструкции NETGEAR FVS318G. Сейчас их старательно готовят или переводят, чтобы они были не только понятными для пользователя, но и чтобы выполняли свою основную информационно-поддерживающую функцию.

Содержание руководства

  • Страница 1

    202-10521-02 v1.1 August 2010 NETGEAR , Inc. 350 East Plumeria Drive San Jose, CA 95134 ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual[...]

  • Страница 2

    ii v1.1, August 2010 © 2009–2010 by NETGEAR, Inc. All rights reserved. Technical Support Please refer to the support information card that shipped with your product. By registering your product at http://www.netgear.com/register , we can provide you with faster expert technical support and timely notices of product and software upgrades. NETGEAR[...]

  • Страница 3

    v1.1, August 2010 iii Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Gigabit 8 Port VPN Firewall FVS318G gemäß der im BMPT-AmtsblVfg 243/ 1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unte[...]

  • Страница 4

    v1.1, August 2010 iv Open SSL Copyright (c) 1998–2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions, and the fo[...]

  • Страница 5

    v1.1, August 2010 v Product and Publication Details PPP Copyright (c) 1989 Carnegie Mellon University. All rights reserved. Redistribution and use in source and binary forms are permitted provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other material[...]

  • Страница 6

    v1.1, August 2010 vi[...]

  • Страница 7

    vii v1.1, August 2010 Contents ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual Conventions, Formats and Scope ................................................................................... xiii How to Print This Manual ...............................................................................................[...]

  • Страница 8

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual viii Contents v1.1, August 2010 Chapter 3 LAN Configuration Choosing the VPN Firewall DHCP Options .................................................................... 3-1 Configuring the LAN Setup Options ............................................................................... 3-2[...]

  • Страница 9

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents ix v1.1, August 2010 Blocking Internet Sites (Content Filtering) .................................................................... 4-30 Configuring Source MAC Filtering ................................................................................ 4-33 Configuring IP/MAC Add[...]

  • Страница 10

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual x Contents v1.1, August 2010 Configuring NetBIOS Bridging with VPN ...................................................................... 5-55 Chapter 6 VPN Firewall and Network Management Performance Management .............................................................................[...]

  • Страница 11

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Contents xi v1.1, August 2010 Troubleshooting the Web Configuration Interface .......................................................... 7-3 Troubleshooting the ISP Connection .............................................................................. 7-4 Troubleshooting a TCP/IP Netwo[...]

  • Страница 12

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xii Contents v1.1, August 2010[...]

  • Страница 13

    xiii v1.1, August 2010 About This Manual The NETGEAR ® ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual describes how to install, configure and troubleshoot the ProSafe Gigabit 8 Port VPN Firewall FVS318G. The information in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Formats and Sco[...]

  • Страница 14

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xiv About This Manual v1.1, August 2010 • Scope . This manual is written for the VPN firewall according to these specifications. For more information about network, Internet, firewall, and VPN technologies, see the links to the NETGEAR website in Appendix C, “Related Documents .” Ho[...]

  • Страница 15

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual About This Manual xv v1.1, August 2010 202-10521-02 1.0 April 2010 Added the following new features for the April 2010 firmware maintenance release: • Connection reset and delay options on the Broadband ISP Settings screen (see “Manually Configuring Your Internet Connection ”). • [...]

  • Страница 16

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual xvi About This Manual v1.1, August 2010[...]

  • Страница 17

    1-1 v1.1, August 2010 Chapter 1 Introduction The ProSafe Gigabit 8 Port VPN Firewall FVS318G with eight 10/100/1000 Mbps Gigabit Ethernet LAN ports and one 10/100/1000 Mbps Gigabit Ethernet WAN port connects your local area network (LAN) to the Internet through an external access device such as a cable modem or DSL modem. The FVS318G is a complete [...]

  • Страница 18

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-2 Introduction v1.1, August 2010 • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, Web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability.[...]

  • Страница 19

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-3 v1.1, August 2010 • Keyword Filtering. With its URL keyword filtering feature, the FVS318G prevents objectionable content from reaching your PCs. The VPN firewall allows you to control access to Internet content by screening for keywords within Web addresses. You can co[...]

  • Страница 20

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-4 Introduction v1.1, August 2010 Extensive Protocol Support The FVS318G supports the Transmission Control Protocol/Internet Protocol (TCP/IP) and Routing Information Protoco l (RIP). For further information about TCP/IP, see the “TCP/IP Networking Basics ” document that you can acce[...]

  • Страница 21

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-5 v1.1, August 2010 • SNMP . The VPN firewall supports the Simple Network Management Protocol (SNMP) to let you monitor and manage log resources from an SNMP-compliant system manager. The SNMP system configuration lets you change the system variables for MIB2. • Diagnos[...]

  • Страница 22

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-6 Introduction v1.1, August 2010 VPN Firewall Front and Rear Panels The FVS318G front panel includes eight LAN ports, one WAN port, and four groups of status indicator light-emitting diodes (LEDs), including Power and Test, LAN, and WAN LEDs. Table 1-1 describes each item on the front p[...]

  • Страница 23

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Introduction 1-7 v1.1, August 2010 The rear panel of the FVS318G includes a cable lock receptacle, a Factory Defaults button, and a DC power connection. Viewed from left to right, the rear panel contains the following elements: 1. Cable security lock receptacle. 2. Factory Defaults button[...]

  • Страница 24

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 1-8 Introduction v1.1, August 2010 Default IP Address, Login Name, and Password Check the label on the bottom of the FVS318G’s enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 • User name: admin • Password: password When FVS318G i[...]

  • Страница 25

    2-1 v1.1, August 2010 Chapter 2 Connecting the VPN Firewall to the Internet This section provides instructions for connecting the ProSafe Gigabit 8 Port VPN Firewall FVS318G, including these topics: • “Understanding the Connection Steps ” on this page • “Logging into the VPN Firewall” on page 2-2 • “Navigating the Menus” on page 2[...]

  • Страница 26

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-2 Connecting the VPN Firewall to the Internet v1.1, August 2010 6. Configure the WAN options (optional) . As an option, change the VPN firewall’s Media Access Control (MAC) address, the factory default MTU size, and the port speed. However, these are advanced features and changing the[...]

  • Страница 27

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-3 v1.1, August 2010 3. Click Login . The Router Status screen displays. For more information about this screen, see “Viewing the VPN Firewall Configuration and System Status” on page 6-30 . Navigating the Menus The Web Configuration Manage[...]

  • Страница 28

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-4 Connecting the VPN Firewall to the Internet v1.1, August 2010 Configuring the Internet Connection to Your ISP To automatically configure the broadband port and connect to the Internet: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The [...]

  • Страница 29

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-5 v1.1, August 2010 When Auto Detect successfully detects an active Internet service, it reports which connection type it discovered. The options are described in Table 2-1 . If Auto Detect does not find a connection, you will be prompted to c[...]

  • Страница 30

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-6 Connecting the VPN Firewall to the Internet v1.1, August 2010 The Connection Status window should show a valid IP address and gateway. If the configuration was not successful, skip ahead to “Manually Configuring Your Internet Connection following this section, or see “Troubleshoot[...]

  • Страница 31

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-7 v1.1, August 2010 4. In the ISP Type section, select the type of ISP connection you use from the two listed options. (By default, “Other (PPPoE)” is selected.) • Other (PPPoE) . If you have installed login software such as WinPoET or E[...]

  • Страница 32

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-8 Connecting the VPN Firewall to the Internet v1.1, August 2010 – Idle Timeout . Check the Keep Connected radio box to keep the connection always on. To logout after the connection is idle for a period of time, click Idle Time and enter the number of minutes to wait before disconnecti[...]

  • Страница 33

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-9 v1.1, August 2010 6. Review the Domain Name Server (DNS) server options. • If your ISP has not assigned any Domain Name Servers (DNS) addresses, click Get Dynamically from ISP . • If your ISP (or your IT department) has assigned DNS addr[...]

  • Страница 34

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-10 Connecting the VPN Firewall to the Internet v1.1, August 2010 The WAN Mode screen allows you to configure how the VPN firewalll uses the external Internet connection. This screen gives you two choices for accessing the external Internet connection. • Network Address Translation (NA[...]

  • Страница 35

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-11 v1.1, August 2010 Configuring Dynamic DNS Dynamic DNS (DDNS) is an Internet service that allows routers with varying public IP addresses to be located using Internet domain names. To use DDNS, you must setup an account with a DDNS provider [...]

  • Страница 36

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-12 Connecting the VPN Firewall to the Internet v1.1, August 2010 2. Click the tab of the DNS service you want to enable. Each DNS service provider requires registration. After registration you can configure the required settings on the corresponding screen for the DNS service. 3. Access[...]

  • Страница 37

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Connecting the VPN Firewall to the Internet 2-13 v1.1, August 2010 Configuring the Advanced Broadband Options To configure the advanced broadband options: 1. Select Network Configuration from the main menu and Broadband ISP Settings from the submenu. The Broadband ISP Settings screen disp[...]

  • Страница 38

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 2-14 Connecting the VPN Firewall to the Internet v1.1, August 2010 • Router's MAC Address . Each computer or router on your network has a unique 32-bit local Ethernet address. This is also referred to as the computer's MAC (Media Access Control) address. The default is Use Def[...]

  • Страница 39

    3-1 v1.1, August 2010 Chapter 3 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G, including the following sections: • “Choosing the VPN Firewall DHCP Options ” on this page • “Configuring the LAN Setup Options” on page 3-2 • “Managing Groups and H[...]

  • Страница 40

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-2 LAN Configuration v1.1, August 2010 The VPN firewall will deliver the following settings to any LAN device that requests DHCP: • An IP address from the range that you have defined. • Subnet mask. • Gateway IP address (the VPN firewall’s LAN IP address). • Primary DNS server [...]

  • Страница 41

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-3 v1.1, August 2010 To configure the LAN Setup options: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. In the LAN TCP/IP Setup section, configure the following settings: • IP Address . The LAN a[...]

  • Страница 42

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-4 LAN Configuration v1.1, August 2010 • IP Subnet Mask . The subnet mask specifies the network number portion of an IP address. Your VPN firewall will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use 255.255.2[...]

  • Страница 43

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-5 v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following [...]

  • Страница 44

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-6 LAN Configuration v1.1, August 2010 The Network Database is updated by these methods: • DHCP Client Requests . By default, the DHCP server in this VPN firewall is enabled, and will accept and respond to DHCP client requests from PCs and other network devices. These requests also gen[...]

  • Страница 45

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-7 v1.1, August 2010 Viewing the Network Database To view the Network Database, follow these steps: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the LAN Groups tab. The LAN Groups screen di[...]

  • Страница 46

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-8 LAN Configuration v1.1, August 2010 Adding Devices to the Network Database To add devices manually to the network database: 1. To add computers to the network database manually, make the following selections: • Name : The name of the PC or device. • IP Address Type . From the pull[...]

  • Страница 47

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-9 v1.1, August 2010 Changing Group Names in the LAN Groups Database By default, the LAN Groups are named Group1 through Group8. You can rename these group names to be more descriptive, such as Engineering or Marketing. To edit the names of any of the eight available gr[...]

  • Страница 48

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-10 LAN Configuration v1.1, August 2010 Configuring Multi Home LAN IP Addresses If you have computers on your LAN using different IP address ranges (for example, 172.16.2.0 or 10.0.0.0), you can add “aliases” to the LAN port, giving computers on those networks access to the Internet [...]

  • Страница 49

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-11 v1.1, August 2010 3. In the Add Secondary LAN IP Address section, enter the additional IP address and subnet mask to be assigned to the LAN port of the VPN firewall. 4. Click Add . The secondary LAN IP address will be added to the Available Secondary LAN IPs table. [...]

  • Страница 50

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-12 LAN Configuration v1.1, August 2010 The DMZ Setup screen allows you to set up the DMZ port. It permits you to enable or disable the hardware DMZ port (LAN port 8, see “VPN Firewall Front and Rear Panels” on page 1-6 ) and configure an IP address and Mask for the DMZ port. To enab[...]

  • Страница 51

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-13 v1.1, August 2010 4. In the DHCP for DMZ Connected Computers section, select one of the following three radio buttons: • Disable DHCP Server . The DHCP server is disabled, which is the default setting. Select this radio button if another device on your DMZ network[...]

  • Страница 52

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-14 LAN Configuration v1.1, August 2010 If you will use a Lightweight Directory Access Protocol (LDAP) authentication server for network-validated domain-based authentication, select Enable LDAP Information to enable the DHCP server to provide LDAP server information. Enter the following[...]

  • Страница 53

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-15 v1.1, August 2010 To add a static route: 1. Select Network Configuration from the main menu and Routing from the submenu. The Routing screen displays. 2. Click Add . The Add Static Route screen displays. 3. Enter a route name for this static route in the Route Name [...]

  • Страница 54

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-16 LAN Configuration v1.1, August 2010 6. In the Destination IP Address field, enter the destination IP address to the host or network to which the route leads. 7. In the IP Subnet Mask field, enter the IP subnet mask for this destination. If the destination is a single host, enter 255.[...]

  • Страница 55

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual LAN Configuration 3-17 v1.1, August 2010 • The Gateway IP Address fields specifies that all traffic for these addresses should be forwarded to the ISDN firewall at 192.168.1.100. • A Metric value of 1 will work since the ISDN firewall is on the LAN. • Private is selected only as a p[...]

  • Страница 56

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 3-18 LAN Configuration v1.1, August 2010 3. From the RIP Direction pull-down menu, select the direction in which the VPN firewall will send and receives RIP packets. The choices are: • None . The VPN firewall neither broadcasts its routing table nor does it accept any RIP packets from o[...]

  • Страница 57

    4-1 v1.1, August 2010 Chapter 4 Firewall Protection and Content Filtering This chapter describes how to use the content filtering features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G to protect your network. This chapter includes the following sections: • “About Firewall Protection and Content Filtering ” on this page • “Using Rule[...]

  • Страница 58

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-2 Firewall Protection and Content Filtering v1.1, August 2010 A firewall incorporates the functions of a NAT (Network Address Translation) router, while adding features for dealing with a hacker intrusion or attack, and for controlling the types of traffic that can flow between the two [...]

  • Страница 59

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-3 v1.1, August 2010 Services-Based Rules The rules to block traffic are based on the traffic’s category of service. • Outbound Rules (service blocking) . Outbound traffic is normally allowed unless the VPN firewall is configured to disallow [...]

  • Страница 60

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-4 Firewall Protection and Content Filtering v1.1, August 2010 Select Schedule Select the desired time schedule (Schedule1, Schedule2, or Schedule3) that will be used by this rule. • This pull-down menu gets activated only when “BLOCK by schedule, otherwise Allow” or “ALLOW by sc[...]

  • Страница 61

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-5 v1.1, August 2010 Inbound Rules (Port Forwarding) Because the VPN firewall uses Network Address Translation (NAT), your network presents only one IP address to the Internet and outside users cannot directly address any of your local computers.[...]

  • Страница 62

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-6 Firewall Protection and Content Filtering v1.1, August 2010 Table 4-2. Inbound Rules Item Description Services Select the desired service or application to be covered by this rule. If the desired service or application does not appear in the list, you must define it using the Services[...]

  • Страница 63

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-7 v1.1, August 2010 Remember that allowing inbound services opens holes in your VPN firewall. Only enable those ports that are necessary for your network. It is also advisable to turn on the server application security and invoke the user passwo[...]

  • Страница 64

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-8 Firewall Protection and Content Filtering v1.1, August 2010 Viewing Rules and Order of Precedence for Rules To view the firewall rules, select Security from the main menu and Firewall from the submenu. The LAN WAN Rules screen appears ( Figure 4-1 shows some examples). As you define n[...]

  • Страница 65

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-9 v1.1, August 2010 To make changes to an existing outbound or inbound service rule on the the LAN WAN Rules, DMZ WAN Rules, or LAN DMZ Rules screen, in the Action column to the right of to the rule, click on of the following table buttons: • [...]

  • Страница 66

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-10 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Outbound Services Rules You may define rules that will specify exceptions to the default rules. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addr[...]

  • Страница 67

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-11 v1.1, August 2010 LAN WAN Inbound Services Rules This Inbound Services table lists all existing rules for inbound traffic. If you have not defined any rules, no rules will be listed. By default, all inbound traffic is blocked. Remember that a[...]

  • Страница 68

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-12 Firewall Protection and Content Filtering v1.1, August 2010 Configuring DMZ WAN Rules The firewall rules for traffic between the DMZ and the WAN/Internet are configured on the DMZ WAN Rules screen. The Default Outbound Policy is to allow all traffic from and to the Internet to pass t[...]

  • Страница 69

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-13 v1.1, August 2010 4. Configure the settings based on the descriptions in Table 4-1 on page 4-3 . 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new DMZ WAN in[...]

  • Страница 70

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-14 Firewall Protection and Content Filtering v1.1, August 2010 To create a new LAN DMZ outbound service policy: 1. Select Security from the main menu and Firewall Rules from the submenu. The LAN WAN Rules screen displays. 2. Select the LAN DMZ Rules tab. The LAN DMZ Rules screen display[...]

  • Страница 71

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-15 v1.1, August 2010 5. Click Apply. The new rule will appear in the Outbound Services table. The rule is automatically enabled. The procedure to add a new LAN DMZ inbound service policy is similar to the procedure described above with the excep[...]

  • Страница 72

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-16 Firewall Protection and Content Filtering v1.1, August 2010 LAN WAN Inbound Rule: Allowing Videoconference from Restricted Addresses If you want to allow incoming videoconferencing to be initiated from a restricted range of outside IP addresses, such as from a branch office, you can [...]

  • Страница 73

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-17 v1.1, August 2010 The following addressing scheme is used in this example: • VPN firewall FVS318G – WAN primary public IP address: 10.1.0.1 – WAN additional public IP address: 10.1.0.5 – LAN IP address 192.168.1.1 • Web server PC on[...]

  • Страница 74

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-18 Firewall Protection and Content Filtering v1.1, August 2010 To expose one of the PCs on your LAN or DMZ as this host: 1. Create an inbound rule that allows all protocols. 2. Place the rule below all other inbound rules. Note: For security, NETGEAR strongly recommends that you avoid c[...]

  • Страница 75

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-19 v1.1, August 2010 Outbound Rules Example Outbound rules let you prevent users from using applications such as Instant Messenger, Real Audio or other non-essential sites. LAN WAN Outbound Rule: Blocking Instant Messenger If you want to block I[...]

  • Страница 76

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-20 Firewall Protection and Content Filtering v1.1, August 2010 Attack Checks The Attack Checks screen allows you to specify whether or not the VPN firewall should be protected against common attacks in the DMZ, LAN and WAN networks. To enable the appropriate attack checks for your envir[...]

  • Страница 77

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-21 v1.1, August 2010 – Block TCP Flood . A SYN flood is a form of denial of service attack in which an attacker sends a succession of SYN requests to a target system. When the system responds, the attacker does not complete the connection, thu[...]

  • Страница 78

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-22 Firewall Protection and Content Filtering v1.1, August 2010 Setting Session Limits Session Limit allows you to specify the total number of sessions allowed, per user, over an IP (Internet Protocol) connection across the VPN firewall. This feature is enabled on the Session Limit scree[...]

  • Страница 79

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-23 v1.1, August 2010 The Total Number of Packets Dropped due to Session Limit field shows total number of packets dropped when session limit is reached. 6. In the Session Timeout section, modify the TCP, UDP and ICMP timeout values as you requir[...]

  • Страница 80

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-24 Firewall Protection and Content Filtering v1.1, August 2010 Creating Services, QoS Profiles, and Bandwidth Profiles When you create inbound and outbound firewall rules, you use firewall objects such as services, QoS profiles, bandwidth profiles, and schedules to narrow down the firew[...]

  • Страница 81

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-25 v1.1, August 2010 To define a new service, first you must determine which port number or range of numbers is used by the application. This information can usually be determined by contacting the publisher of the application or from user group[...]

  • Страница 82

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-26 Firewall Protection and Content Filtering v1.1, August 2010 Modifying a Service To edit the settings of a service: 1. In the Custom Services Table , click the Edit icon adjacent to the service you want to edit. The Edit Service screen displays. 2. Modify the settings you wish to chan[...]

  • Страница 83

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-27 v1.1, August 2010 A ToS priority for traffic passing through the VPN firewall is one of the following: • Normal-Service . No special priority given to the traffic. The IP packets for services with this priority are marked with a ToS value o[...]

  • Страница 84

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-28 Firewall Protection and Content Filtering v1.1, August 2010 To add a bandwidth profile: 1. Select Security from the main menu and Bandwidth Profile from the submenu. The Bandwidth Profile screen displays. 2. Click Add to add a new bandwidth profile. The Add New Bandwidth Profile scre[...]

  • Страница 85

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-29 v1.1, August 2010 c. Depending on the direction that you selected, enter the minimum and maximum bandwidths to be allowed: • Enter the Outbound Minimum Bandwidth and Outbound Maximum Bandwidth in Kbps. • Enter the Inbound Minimum Bandwidt[...]

  • Страница 86

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-30 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the radio button for All Days or Specific Days . If you chose Specific Days , check the radio button for each day you want the schedule to be in effect. 3. Check the radio button to schedule the time of day: All Day[...]

  • Страница 87

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-31 v1.1, August 2010 – Proxy . A proxy server (or simply, proxy) allows computers to route connections to other computers through the proxy, thus circumventing certain firewall rules. For example, if connections to a specific IP address are bl[...]

  • Страница 88

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-32 Firewall Protection and Content Filtering v1.1, August 2010 To enable Content Filtering: 1. Select Security from the main menu and Block Sites from the submenu. The Block Sites screen displays. Figure 4-21[...]

  • Страница 89

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-33 v1.1, August 2010 2. Check the Yes radio button to enable content filtering. 3. Click Apply to activate the screen controls. 4. Check the radio boxes of any Web components you wish to block. 5. Check the radio buttons of the groups to which y[...]

  • Страница 90

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-34 Firewall Protection and Content Filtering v1.1, August 2010 2. Check the Yes radio box in the MAC Filtering Enable section. 3. Select the action to be taken on outbound traffic from the listed MAC addresses: • Block this list and permit all other MAC addresses. • Permit this list[...]

  • Страница 91

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-35 v1.1, August 2010 Configuring IP/MAC Address Binding IP/MAC binding allows you to bind an IP address to a MAC address and the other way around. Some devices are configured with static addresses. To prevent users from changing their static IP [...]

  • Страница 92

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-36 Firewall Protection and Content Filtering v1.1, August 2010 3. Select the Yes radio box and click Apply . Make sure that you have enabled the e-maling of logs (see “Activating Notification of Events and Alerts” on page 6-23 ). 4. Add an IP/MAC Bind rule by entering: a. Name . Spe[...]

  • Страница 93

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-37 v1.1, August 2010 To edit an IP/MAC binding rule, click Edit adjacent to the entry. The following fields of an existing IP/MAC binding rule can be modified: • MAC Address . Specify the MAC Address for this rule. • IP Addresses . Specify t[...]

  • Страница 94

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-38 Firewall Protection and Content Filtering v1.1, August 2010 Without port triggering, this response would be treated as a new connection request rather than a response. As such, it would be handled in accordance with the port forwarding rules. Note these restrictions with port trigger[...]

  • Страница 95

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-39 v1.1, August 2010 a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 6. In the Incoming (Response) Port Range fields: a. Enter the Start Port range (1 - 65534). b. Enter the End Port range (1 - 65534). 7. Clic[...]

  • Страница 96

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-40 Firewall Protection and Content Filtering v1.1, August 2010 To check the status of the port triggering rules, click the Status option arrow on the Port Triggering screen. Configuring UPnP (Universal Plug and Play) The UPnP (Universal Plug and Play) feature allows the VPN Firewall to [...]

  • Страница 97

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Firewall Protection and Content Filtering 4-41 v1.1, August 2010 3. Configure the following fields: – Advertisement Period . Enter the period in minutes that specified how often the VPN firewall should broadcast its UPnP information to all devices within its range. – Advertisement Tim[...]

  • Страница 98

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 4-42 Firewall Protection and Content Filtering v1.1, August 2010 Administrator Tips Consider the following operational items: • As an option, you can enable remote management if you have to manage distant sites from a central location (see “Configuring an External Server for Authentic[...]

  • Страница 99

    5-1 v1.1, August 2010 Chapter 5 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Using the VPN Wizard for Client and Gateway Configurations ” on this page • “Testing the Connections[...]

  • Страница 100

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-2 Virtual Private Networking v1.1, August 2010 Creating Gateway to Gateway VPN Tunnels with the Wizard Follow these steps to set up a gateway VPN tunnel using the VPN Wizard. 1. Select VPN from the main menu and VPN Wizard from the submenu. The VPN Wizard screen displays. Figure 5-1 Fig[...]

  • Страница 101

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-3 v1.1, August 2010 To view the wizard default settings, click the VPN Wizard Default Values option arrow. You can modify these settings after completing the wizard. 2. Select Gateway as your connection type. 3. Create a Connection Name . Enter a descriptive n[...]

  • Страница 102

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-4 Virtual Private Networking v1.1, August 2010 8. Click Apply to save your settings. The VPN Policies screen shows that the policy is now enabled. 9. If you are connecting to another NETGEAR VPN firewall, use the VPN Wizard to configure the second VPN firewall to connect to the one you [...]

  • Страница 103

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-5 v1.1, August 2010 Creating a Client to Gateway VPN Tunnel Follow these steps to configure the a VPN client tunnel: • Configure the client policies on the gateway. • Configure the VPN client to connect to the gateway. Use the VPN Wizard Configure the Gate[...]

  • Страница 104

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-6 Virtual Private Networking v1.1, August 2010 7. Click Apply to save your settings. The VPN Policies screen (see Figure 5-7 on page 5-7 ) shows that the policy is now enabled. To view or modify the VPN policy, see “Managing VPN Policies” on page 5-15 . Tip: To assure tunnels stay a[...]

  • Страница 105

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-7 v1.1, August 2010 Use the NETGEAR VPN Client Security Policy Editor to Create a Secure Connection From a PC with the NETGEAR ProSafe VPN Client installed, configure a VPN client policy to connect to the VPN firewall. Follow these steps to configure your VPN [...]

  • Страница 106

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-8 Virtual Private Networking v1.1, August 2010 2. In the upper left of the Policy Editor window, click the New Document icon (the first on the left) to open a New Connection. Give the New Connection a name; in this example, we are using gw1 . Fill in the other options according to the i[...]

  • Страница 107

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-9 v1.1, August 2010 3. In the left frame, click My Identity . Fill in the options according to the instructions below. • From the Select Certificate pull-down menu, choose None . • Click Pre-Shared Key to enter the key you provided in the VPN Wizard; in th[...]

  • Страница 108

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-10 Virtual Private Networking v1.1, August 2010 Figure 5-11[...]

  • Страница 109

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-11 v1.1, August 2010 • In the left frame, click Security Policy to view the settings: no changes are needed. • In the left frame, expand Authentication (Phase 1) and click Proposal 1 : no changes are needed. • In the left frame, expand Key Exchange (Phas[...]

  • Страница 110

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-12 Virtual Private Networking v1.1, August 2010 Within 30 seconds you should receive the message “Successfully connected to My Connectionsgw1”. The VPN client icon in the system tray should state On: 2. To view more detailed additional status and troubleshooting information from th[...]

  • Страница 111

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-13 v1.1, August 2010 • Right-click the VPN Client icon in the system tray and select Connection Monitor. The VPN client system tray icon provides a variety of status indications, which are listed below. Figure 5-15 Note: The information in the Connection Mon[...]

  • Страница 112

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-14 Virtual Private Networking v1.1, August 2010 VPN Firewall VPN Connection Status and Logs To view VPN firewall VPN connection status, select VPN from the main menu and Connection Status from the submenu. The VPN Connection Status screen displays. You can set a Poll Interval (in second[...]

  • Страница 113

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-15 v1.1, August 2010 To view VPN firewall VPN logs, select Monitoring from the main menu and VPN Logs from the submenu. The VPN Logs screen displays. Managing VPN Policies When you use the VPN Wizard to set up a VPN tunnel, both a VPN policy and an IKE policy [...]

  • Страница 114

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-16 Virtual Private Networking v1.1, August 2010 IKE policies are activated when: 1. The VPN Policy Selector determines that some traffic matches an existing VPN policy. If the VPN policy is of type “Auto”, then the auto policy settings that are defined in the VPN policy are accessed[...]

  • Страница 115

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-17 v1.1, August 2010 Each policy that is listed in the List of IKE Policies table contains the following data: • Name . Uniquely identifies each IKE policy. The name is chosen by you and used for the purpose of managing your policies; it is not supplied to t[...]

  • Страница 116

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-18 Virtual Private Networking v1.1, August 2010 Manually Adding or Editing an IKE Policy To manually add an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure 5-18 on page 5-16 ). [...]

  • Страница 117

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-19 v1.1, August 2010 3. Complete the fields, select the radio buttons, and make your selections from the pull-down menus as explained Table 5-2 . Table 5-2. Add IKE Policy Settings Item Description (or Subfield and Description) Mode Config Record Do you want t[...]

  • Страница 118

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-20 Virtual Private Networking v1.1, August 2010 Local Identifier Type From the pull-down menu, select one of the following ISAKMP identifiers to be used by the VPN firewall, and then specify the identifier in the field below: • Local Wan IP . The WAN IP address of the VPN firewall. Wh[...]

  • Страница 119

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-21 v1.1, August 2010 Authentication Method Select one of the following radio buttons to specify the authentication method: • Pre-shared key . A secret that is shared between the VPN firewall and the remote endpoint. • RSA-Signature . Uses the active Self C[...]

  • Страница 120

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-22 Virtual Private Networking v1.1, August 2010 4. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table. To edit an IKE policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies [...]

  • Страница 121

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-23 v1.1, August 2010 4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE Policies table. Configuring VPN Policies You can create two types of VPN policies. When using the VPN Wizard to create a VPN policy, only the Auto[...]

  • Страница 122

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-24 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen is displayed. Only one client policy may configured at a time (noted by an “*” next to the policy name). The List of VPN Policies contains the following fields: • ! (Status) . In[...]

  • Страница 123

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-25 v1.1, August 2010 To delete one or more VPN polices: 1. Select the checkbox to the left of the policy that you want to delete or click the select all table button to select all VPN policies. 2. Click the delete table button. To enable or disable one ore mor[...]

  • Страница 124

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-26 Virtual Private Networking v1.1, August 2010 4. Complete the fields, select the radio buttons and checkboxes, and make your selections from the pull-down menus as explained Table 5-3 on page 5-27 . Figure 5-21[...]

  • Страница 125

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-27 v1.1, August 2010 Table 5-3. Add VPN Policy Settings Item Description (or Subfield and Description) General Policy Name A descriptive name of the VPN policy for identification and management purposes. Note : The name is not supplied to the remote VPN endpoi[...]

  • Страница 126

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-28 Virtual Private Networking v1.1, August 2010 Traffic Selection Local IP From the pull-down menu, select the address or addresses that are part of the VPN tunnel on the VPN firewall: • Any . All PCs and devices on the network. Note : You cannot select Any for both the VPN firewall a[...]

  • Страница 127

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-29 v1.1, August 2010 Integrity Algorithm From the pull-down menu, select one of the following two algorithms to be used in the VPN header for the authentication process: • SHA-1 . Hash algorithm that produces a 160-bit digest. This is the default setting. ?[...]

  • Страница 128

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-30 Virtual Private Networking v1.1, August 2010 5. Click Apply to save your settings. The VPN policy is added to the List of VPN Policies table. To edit a VPN policy: 1. Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies s[...]

  • Страница 129

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-31 v1.1, August 2010 Digital Certificates can be either self signed or can be issued by Certification Authorities (CA) such as via an in-house Windows server, or by an external organization such as Verisign or Thawte. However, if the Digital Certificates conta[...]

  • Страница 130

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-32 Virtual Private Networking v1.1, August 2010 Understanding the Certificates Screen To display the Certificates screen, select VPN form the main menu and Certificates from the submenu. Because of the large size of this screen, and because of the way the information is presented, the C[...]

  • Страница 131

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-33 v1.1, August 2010 To view the VPN certificates: Select VPN from the main menu and Certificates from the submenu. The Certificates screen displays. The top section of the Certificates screen displays the Trusted Certificates (CACertificates) section. When yo[...]

  • Страница 132

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-34 Virtual Private Networking v1.1, August 2010 There can be three reasons why a security alert is generated for a security certificate: • The security certificate was issued by a company you have not chosen to trust. • The date of the security certificate is invalid. • The name o[...]

  • Страница 133

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-35 v1.1, August 2010 • Issuer Name . The name of the CA that issued the certificate. • Expiry Time . The date on which the certificate expires. You should renew the certificate before it expires. Obtaining a Self Certificate from a Certificate Authority To[...]

  • Страница 134

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-36 Virtual Private Networking v1.1, August 2010 2. Configure the following fields: • Name . Enter a descriptive name that will identify this certificate. • Subject . This is the name which other organizations will see as the holder (owner) of the certificate. Since this name will be[...]

  • Страница 135

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-37 v1.1, August 2010 6. In the Self Certificate Requests table, click view in the Action column to view the request. 7. Copy the contents of the Data to supply to CA text box into a text file, including all of the data contained from “----BEGIN CERTIFICATE R[...]

  • Страница 136

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-38 Virtual Private Networking v1.1, August 2010 If you have not already uploaded the CA certificate, do so now, as described in “Viewing and Loading CA Certificates” on page 5-32 . You should also periodically check the Certificate Revocation Lists (CRL) table, as described in the f[...]

  • Страница 137

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-39 v1.1, August 2010 Configuring Extended Authentication (XAUTH) When connecting many VPN clients to a VPN gateway router, an administrator may want a unique user authentication method beyond relying on a single common preshared key for all clients. Although t[...]

  • Страница 138

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-40 Virtual Private Networking v1.1, August 2010 2. You can add XAUTH to an existing IKE policy by clicking the edit button adjacent to the policy to be modified or you can create a new IKE policy incorporating XAUTH by clicking add . ( Figure 5-29 shows the Add IKE Policy screen.) 3. In[...]

  • Страница 139

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-41 v1.1, August 2010 – User Database to verify against the VPN firewall’s user database. Users must be added through the User Database screen (see “Configuring the User Database for XAUTH” on page 5-41 ). – RADIUS–CHAP or RADIUS–PAP (depending on[...]

  • Страница 140

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-42 Virtual Private Networking v1.1, August 2010 2. Enter a User Name . This is the unique ID of a user which will be added to the User Name database. 3. Enter a Password for the user, and reenter the password in the Confirm Password field. 4. Click add. The user name will be added to th[...]

  • Страница 141

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-43 v1.1, August 2010 3. Enable the primary RADIUS server by checking the Yes radio box. 4. Enter the primary RADIUS Server IP Address . 5. Enter a Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phr[...]

  • Страница 142

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-44 Virtual Private Networking v1.1, August 2010 8. Set the Time Out Period , in seconds, that the VPN firewall should wait for a response from the RADIUS server. 9. Set the Maximum Retry Count. This is the number of attempts that the VPN firewall will make to contact the RADIUS server b[...]

  • Страница 143

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-45 v1.1, August 2010 Configuring Mode Config Operation on the VPN Firewall You need to configure two screens: the ModeConfig screen and the IKE Policies screen. Configuring the Mode Config Screen To configure the Mode Config screen: 1. Select VPN from the main[...]

  • Страница 144

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-46 Virtual Private Networking v1.1, August 2010 3. Enter a descriptive Record Name such as “Sales”. 4. Assign at least one range of IP pool addresses in the First IP Pool field to give to remote VPN clients. 5. If you have a WINS server on your local network, enter its IP address. 6[...]

  • Страница 145

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-47 v1.1, August 2010 9. Specify the VPN policy settings. These settings must match the configuration of the remote VPN client. Recommended settings are: • SA Lifetime: 3600 seconds • Authentication Algorithm: SHA-1 • Encryption Algorithm: 3DES 10. Click [...]

  • Страница 146

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-48 Virtual Private Networking v1.1, August 2010 Recommended settings are: • Encryption Algorithm: 3DES • Authentication Algorithm: SHA-1 • Diffie-Hellman: Group 2 • SA Lifetime: 3600 seconds Figure 5-34[...]

  • Страница 147

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-49 v1.1, August 2010 9. Enter a Pre-Shared Key that will also be configured in the VPN client. 10. XAUTH is disabled by default. To enable XAUTH, in the Extended Authentication section, select one of the following:: • Edge Device to use the VPN firewall as a[...]

  • Страница 148

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-50 Virtual Private Networking v1.1, August 2010 Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 1. Right-click the VPN client icon in the Windows toolb[...]

  • Страница 149

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-51 v1.1, August 2010 2. From the left side of the menu, click My Identity. Enter the following information: a. Click Pre-Shared Key and enter the key you configured in the VPN firewall’s Add IKE Policy screen b. From the Select Certificate pull-down menu, se[...]

  • Страница 150

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-52 Virtual Private Networking v1.1, August 2010 b. Check the Enable Perfect Forward Secrecy (PFS) radio button, and select the Diffie- Hellman Group 2 from the PFS Key Group pull-down menu. c. Enable Replay Detection should be checked. 4. Click on Authentication (Phase 1) on the left-si[...]

  • Страница 151

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-53 v1.1, August 2010 Enter the values to match your configuration of the VPN firewall ModeConfig Record menu. (The SA Lifetime can be longer, such as 8 hours (28800 seconds). 6. Click the Save icon to save the Security Policy and close the VPN ProSafe VPN clie[...]

  • Страница 152

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-54 Virtual Private Networking v1.1, August 2010 4. In the General section of the Edit VPN Policy screen, locate the keepalive configuration settings. 5. Click the Yes radio button to enable keepalive. 6. In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be t[...]

  • Страница 153

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Virtual Private Networking 5-55 v1.1, August 2010 3. In the IKE SA Parameters section of the Edit IKE Policy screen, locate the Dead Peer Detection configuration settings. 4. Click the Yes radio button to Enable Dead Peer Detection . 5. Enter the Detection Period to set the interval betwe[...]

  • Страница 154

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 5-56 Virtual Private Networking v1.1, August 2010 2. Click the VPN Policies tab. The VPN Policies screen displays (see Figure 5-20 on page 5-24 ). 3. In the List of VPN Policies table, click the edit button to the right of the VPN policy that you want to edit. The Edit VPN Policy screen d[...]

  • Страница 155

    6-1 v1.1, August 2010 Chapter 6 VPN Firewall and Network Management This chapter describes how to use the network management features of your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Performance Management ” on this page • “Configuring Users, Administrative Settings, and Remote Manageme[...]

  • Страница 156

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-2 VPN Firewall and Network Management v1.1, August 2010 VPN Firewall Features That Reduce Traffic You can adjust the following features of the VPN firewall in such a way that the traffic load on the WAN side decreases: • LAN WAN outbound rules (also referred to as service blocking) ?[...]

  • Страница 157

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-3 v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]

  • Страница 158

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-4 VPN Firewall and Network Management v1.1, August 2010 • Keyword (and Domain Name) Blocking . You can specify up to 32 words that, should they appear in the website name (that is, URL) or in a newsgroup name, will cause that site or newsgroup to be blocked by the VPN firewall. You ca[...]

  • Страница 159

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-5 v1.1, August 2010 Port Forwarding The VPN firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you can not use it (that is, the service is u[...]

  • Страница 160

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-6 VPN Firewall and Network Management v1.1, August 2010 • WAN Users . These settings determine which Internet locations are covered by the rule, based on their IP address. – Any . The rule applies to all Internet IP address. – Single address . The rule applies to a single Internet[...]

  • Страница 161

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-7 v1.1, August 2010 – After a PC has finished using a port triggering application, there is a time-out period before the application can be used by another PC. This is required because the firewall cannot be sure when the application has terminated.[...]

  • Страница 162

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-8 VPN Firewall and Network Management v1.1, August 2010 See “Specifying Quality of Service (QoS) Priorities” on page 4-26 for the procedure on how to use this feature. Tools for Traffic Management The VPN firewall includes several tools that can be used to monitor the traffic condit[...]

  • Страница 163

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-9 v1.1, August 2010 3. In the User Selection section of the screen, select either the Edit Admin Settings or Edit Guest Settings radio box. 4. In either the Admin Settings or the Guest Settings section of the screen: a. change the password by first en[...]

  • Страница 164

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-10 VPN Firewall and Network Management v1.1, August 2010 Adding External Users You can add external users for which you then can configure an authentication method (see “Configuring an External Server for Authentication” on page 6-11 ). To add an external users: 1. Select Users from[...]

  • Страница 165

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-11 v1.1, August 2010 3. Configure the following fields: a. User Name . Enter a unique identifier, using any alphanumeric characters. b. User Type . Select either Admin or Guest . c. Idle Timeout . This is the period after which an idle user will be au[...]

  • Страница 166

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-12 VPN Firewall and Network Management v1.1, August 2010 To configure external authentication: 1. Select Users from the main menu and External Authentication from the submenu. The External Users screen displays. 2. Select the External Authentication tab. The External Authentication scre[...]

  • Страница 167

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-13 v1.1, August 2010 • Secret Phrase . Transactions between the client and the RADIUS server are authenticated using a shared secret phrase, so the same secret phrase must be configured on both client and server. • Primary Server NAS Identifier . [...]

  • Страница 168

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-14 VPN Firewall and Network Management v1.1, August 2010 Enabling Remote Management Access Using the Remote Management screen, you can allow an administrator on the Internet to configure, upgrade, and check the status of your VPN firewall. You must be logged in locally to enable remote [...]

  • Страница 169

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-15 v1.1, August 2010 2. Check Allow Remote Management radio box. 3. Click the Yes radio button to enable secure HTTP management (enabled by default), and configure the external IP addresses that will be allowed to connect. a. To allow access from any [...]

  • Страница 170

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-16 VPN Firewall and Network Management v1.1, August 2010 . Using an SNMP Manager Simple Network Management Protocol (SNMP) lets you monitor and manage your VPN firewall from an SNMP Manager. It provides a remote means to monitor and control network devices, and to manage configurations,[...]

  • Страница 171

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-17 v1.1, August 2010 To create a new SNMP configuration entry: 1. Select Administration from the main menu and SNMP from the submenu. The SNMP screen displays. 2. Under Create New SNMP Configuration Entry , enter the IP address of the SNMP manager in [...]

  • Страница 172

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-18 VPN Firewall and Network Management v1.1, August 2010 When you click on the SNMP System Info option arrow on the SNMP screen, the VPN firewall’s identification information is displayed. This following identification information is available to the SNMP Manager: system contact, syst[...]

  • Страница 173

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-19 v1.1, August 2010 Backing Up Settings To back up settings: 1. Select Administration from the main menu and Settings Backup & Upgrade from the submenu. The Settings Backup and Firmware Upgrade screen displays. 2. Click backup to save a copy of y[...]

  • Страница 174

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-20 VPN Firewall and Network Management v1.1, August 2010 Restoring Settings To restore settings from a backup file: 1. On the Settings Backup and Firmware Upgrade screen, next to Restore save settings from file , click Browse . 2. Locate and select the previously saved backup file (by d[...]

  • Страница 175

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-21 v1.1, August 2010 After downloading an upgrade file, you may need to unzip (uncompress) it before upgrading the VPN firewall. If Release Notes are included in the download, read them before continuing. 4. Select Administration from the main menu an[...]

  • Страница 176

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-22 VPN Firewall and Network Management v1.1, August 2010 2. From the Date/Time pull-down menu, select the local time zone. This is required in order for scheduling to work correctly. The VPN firewall includes a Real-Time Clock (RTC), which it uses for scheduling. 3. If supported in your[...]

  • Страница 177

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-23 v1.1, August 2010 Monitoring System Performance You can be alerted to important events such as WAN traffic limits reached, login failures, and attacks. You can also view status information about the VPN firewall, broadband port, LAN ports, and VPN [...]

  • Страница 178

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-24 VPN Firewall and Network Management v1.1, August 2010 Figure 6-10[...]

  • Страница 179

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-25 v1.1, August 2010 2. In the Log Options section, enter the name of the log in the Log Identifier field. The Log Identifier is a mandatory field used to identify which device sent the log messages. The identifier is appended to log messages. 3. In t[...]

  • Страница 180

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-26 VPN Firewall and Network Management v1.1, August 2010 • LOG_ERROR (Error conditions) • LOG_WARNING (Warning conditions) • LOG_NOTICE (Normal but significant conditions) • LOG_INFO (Informational messages) • LOG_DEBUG (Debug level messages) 10. Click Reset to cancel your cha[...]

  • Страница 181

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-27 v1.1, August 2010 Enabling the Traffic Meter If your ISP charges by traffic volume over a given period of time, or if you want to study traffic types over a period of time, you can activate the traffic meter for the broadband port. To monitor traff[...]

  • Страница 182

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-28 VPN Firewall and Network Management v1.1, August 2010 • Increase this month limit by . Temporarily increase the traffic limit if you have reached the monthly limit, but need to continue accessing the Internet. Select the checkbox and enter the desired increase. (The checkbox will a[...]

  • Страница 183

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-29 v1.1, August 2010 • Restart Traffic Counter at a Specific Time . Restart the traffic counter at a specific time and day of the month. Fill in the time fields and choose AM or PM and the day of the month from the pull-down menus. • Send e-mail r[...]

  • Страница 184

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-30 VPN Firewall and Network Management v1.1, August 2010 Viewing the VPN Firewall Configuration and System Status The Router Status screen provides status and usage information. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays. T[...]

  • Страница 185

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-31 v1.1, August 2010 Monitoring VPN Firewall Statistics To display the VPN firewall statistics: 1. Select Monitoring from the main menu and Router Status from the submenu. The Router Status screen displays (see Figure 6-14 on page 6-30 ). 2. Click the[...]

  • Страница 186

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-32 VPN Firewall and Network Management v1.1, August 2010 For each interface (Broadband, LAN, and DMZ), the number of transmitted (Tx Pkts) and received (Rx Pkts) packets, the number of collided packets, the transmitted (Tx B/s) and received (Rx B/s) bytes per second, and the interface u[...]

  • Страница 187

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-33 v1.1, August 2010 Monitoring Attached Devices The LAN Groups screen contains a table of all IP devices that the VPN firewall has discovered on the local network. To view the LAN Groups screen: 1. Select Network Configuration from the main menu and [...]

  • Страница 188

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-34 VPN Firewall and Network Management v1.1, August 2010 The Known PCs and Devices table lists all current entries in the LAN Groups database. For each PC or device, the following data is displayed Monitoring VPN Tunnel Connection Status You can view the status of the VPN tunnels by sel[...]

  • Страница 189

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-35 v1.1, August 2010 The Active IPsec (SA)s table lists each active connection with the following information Viewing the VPN Logs The VPN Logs screen gives log details for recent VPN activity. Select Monitoring from the main menu and VPN Logs from th[...]

  • Страница 190

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-36 VPN Firewall and Network Management v1.1, August 2010 Viewing the DHCP Log To display the DHCP log: 1. Select Network Configuration from the main menu and LAN Settings from the submenu. The LAN Setup screen displays. 2. Click the DHCP Log option arrow in the upper right-hand section [...]

  • Страница 191

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual VPN Firewall and Network Management 6-37 v1.1, August 2010 To view the most recent entries, click refresh . Table 6-6. Port Triggering Status Data Item Description Rule The name of the rule. LAN IP Address The IP address of the PC currently using this rule. Open Ports The Incoming ports w[...]

  • Страница 192

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 6-38 VPN Firewall and Network Management v1.1, August 2010[...]

  • Страница 193

    7-1 v1.1, August 2010 Chapter 7 Troubleshooting This chapter provides troubleshooting tips and information for your ProSafe Gigabit 8 Port VPN Firewall FVS318G. This chapter includes the following sections: • “Basic Functions ” on this page • “Troubleshooting the Web Configuration Interface” on page 7-3 • “Troubleshooting the ISP Co[...]

  • Страница 194

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-2 Troubleshooting v1.1, August 2010 Power LED Not On If the Power and other LEDs are off when your VPN firewall is turned on: • Make sure that the power cord is properly connected to your VPN firewall and that the power supply adapter is properly connected to a functioning power outle[...]

  • Страница 195

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-3 v1.1, August 2010 Troubleshooting the Web Configuration Interface If you are unable to access the VPN firewall’s Web Configuration interface from a PC on your local network, check the following: • Check the Ethernet connection between the PC and the VPN firewall as[...]

  • Страница 196

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-4 Troubleshooting v1.1, August 2010 If the VPN firewall does not save changes you have made in the Web Configuration Interface, check the following: • When entering configuration settings, be sure to click the Apply button before moving to another menu or tab, or your changes are lost[...]

  • Страница 197

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-5 v1.1, August 2010 • Your ISP may check for your PC's host name. Assign the PC Host Name of your ISP account as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). • Your ISP only allows one Ethernet MAC address to connect to th[...]

  • Страница 198

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-6 Troubleshooting v1.1, August 2010 Pinging < IP address > with 32 bytes of data If the path is working, you will see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you will see this message: Request timed out If the path is [...]

  • Страница 199

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-7 v1.1, August 2010 – If your ISP assigned a host name to your PC, enter that host name as the Account Name on the Broadband ISP Settings screen (see Figure 2-2 on page 2-4 ). – Your ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many b[...]

  • Страница 200

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-8 Troubleshooting v1.1, August 2010 Problems with the date and time function can include: • Date and time shown is Thu Jan 01 00:01:52 GMT 1970. Cause: The VPN firewall has not yet successfully reached a Network Time Server. Check that your Internet access settings are configured corr[...]

  • Страница 201

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Troubleshooting 7-9 v1.1, August 2010 Table 7-1. Diagnostics Item Description Ping or Trace an IP Address Ping. Used to send a ping packet request to a specified IP address—most often, to test a connection. If the request times out (no reply is received), it usually means that the desti[...]

  • Страница 202

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual 7-10 Troubleshooting v1.1, August 2010[...]

  • Страница 203

    Default Settings and Technical Specifications A-1 v1.1, August 2010 Appendix A Default Settings and Technical Specifications Y ou can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • To perform a hard reset, push and hold the reset button for approximately 5 s[...]

  • Страница 204

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-2 Default Settings and Technical Specifications v1.1, August 2010 Technical specifications for the ProSafe Gigabit 8 Port VPN Firewall FVS318G are listed in the following table. Management Time Zone GMT Time Zone Adjusted for Daylight Saving Time Disabled SNMP Disabled Remote Management[...]

  • Страница 205

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Default Settings and Technical Specifications A-3 v1.1, August 2010 Environmental Specifications Operating temperature: 0  to 40  C (32º to 104º F) Operating humidity: 90% maximum relative humidity, noncondensing Electromagnetic Emissions Meets requirements of: FCC Part 15 Class B[...]

  • Страница 206

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual A-4 Default Settings and Technical Specifications v1.1, August 2010[...]

  • Страница 207

    Two Factor Authentication B-1 v1.1, August 2010 Appendix B Two Factor Authentication This appendix provides an overview of Two-Factor Authentication, and an example of how to implement the WiKID solution. This appendix contains the following sections: • “Why do I need Two-Factor Authentication? ” on this page. • “NETGEAR Two-Factor Authen[...]

  • Страница 208

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-2 Two Factor Authentication v1.1, August 2010 • Quick to deploy and manage . The WiKID solution integrates seamlessly with the NETGEAR SSL and VPN firewall products. • Proven regulatory compliance . Two-Factor Authentication has been used as a mandatory authentication process for ma[...]

  • Страница 209

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Two Factor Authentication B-3 v1.1, August 2010 The request-response architecture is capable of self-service initialization by end-users, dramatically reducing implementation and maintenance costs. Here is an example of how WiKID works. 1. The user launches the WiKID token software, enter[...]

  • Страница 210

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual B-4 Two Factor Authentication v1.1, August 2010 3. The user then proceeds to the Two-Factor Authentication login page and enters the generated one-time passcode as the login password. Note: The one-time passcode is time synchronized to the authentication server so that the OTP can only be[...]

  • Страница 211

    Related Documents C-1 v1.1, August 2010 Appendix C Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link TCP/IP Networking Basics http://documentation.netgear.com/reference/enu/tcpip/index.htm Wireless Networking Basics [...]

  • Страница 212

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual C-2 Related Documents v1.1, August 2010[...]

  • Страница 213

    Index-1 v1.1, August 2010 Index Numerics 3322.org 2-11 A access remote management 6-14 Add DMZ WAN Outbound Services screen 4-12 Add LAN DMZ Outbound Service screen 4-14 Add LAN WAN Inbound Service 4-11 Add LAN WAN Outbound Service screen 4-10 Add Mode Config Record screen 5-45 address reservation 3-9 Advanced Encryption Standard. See AES. Advanced[...]

  • Страница 214

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-2 v1.1, August 2010 certificates CRL 5-32 management of 5-35 trusted (CA certificates) 5-32 Classical Routing definition of 2-10 command line interface 6-16 configuration automatic by DHCP 1-4 Connecting the VPN firewall 2-1 Content Filtering 4-1 about 1-2 , 4-30 Block Sites 4-30 en[...]

  • Страница 215

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-3 v1.1, August 2010 Domain Name router 3-4 , 3-13 Domain Name Blocking 4-31 Domain Name Servers. See DNS. DoS about protection 1-2 attack 4-21 DPD 5-21 Dynamic DNS Configuration screen 2-11 Dynamic DNS. See DDNS DynDNS.org 2-11 E Edge Device 5-40 RADIUS Server 5-39 User Database 5-3[...]

  • Страница 216

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-4 v1.1, August 2010 default definition 4-2 example 4-16 field descriptions 4-6 order of precedence 4-8 Port Forwarding 4-3 , 4-5 rules for use 4-5 Inbound Services field descriptions 4-6 increasing traffic 6-4 DMZ port 6-7 Port Forwarding 6-5 Port Triggering 6-6 VPN tunnels 6-7 inst[...]

  • Страница 217

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-5 v1.1, August 2010 M MAC address 7-7 blocked, adding 4-33 configuring 2-5 format of 2-14 spoofing 7-5 main menu 2-3 MD5 IKE polices 5-20 VPN policies 5-29 ModeConfig 5-44 about 5-44 assigning remote addresses, example 5-44 Client Configuration 5-50 IKE Policies menu, configuring 5-[...]

  • Страница 218

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-6 v1.1, August 2010 service blocking 4-3 Port Forwarding Inbound Rules 4-3 , 4-5 increasing traffic 6-5 rules, about 4-5 port numbers 4-24 Port Speed 2-13 Port Triggering about 4-37 adding a rule 4-38 increasing traffic 6-6 modifying a rule 4-39 rules of use 4-38 status 6-36 Port Tr[...]

  • Страница 219

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-7 v1.1, August 2010 Routing Information Protocol. See RIP. Routing screen 3-15 RSA signatures 5-21 rules blocking traffic 4-2 inbound example 4-16 order of precedence 4-24 service blocking 4-3 services-based 4-3 running tracert 6-16 S SA IKE policies 5-20 VPN policies 5-28 , 5-29 sa[...]

  • Страница 220

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-8 v1.1, August 2010 TCP/IP network, troubleshooting 7-5 technical specifications A-1 Time daylight savings, troubleshooting 7-8 setting 6-21 troubleshooting 7-7 Time Zone setting of 6-21 Time Zone screen 6-21 ToS. See QoS. tracert use with DDNS 6-16 traffic increasing 6-4 management[...]

  • Страница 221

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-9 v1.1, August 2010 Web Components 4-30 blocking 4-33 filtering, about 4-30 Web configuration troubleshooting 7-3 WiKID 6-11 authentication, overview B-1 WinPoET 2-7 WINS server 3-4 , 3-13 X XAUTH IKE policies 5-22 IPSec Host 5-39 types of 5-39[...]

  • Страница 222

    ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual Index-10 v1.1, August 2010[...]