NETGEAR FVX538NA manual IP Addressing for VPNs in Dual WAN Port Systems

Page 103

Chapter 5

Virtual Private Networking

This chapter describes how to use the virtual private networking (VPN) features of the VPN firewall. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer.

Tip: When using dual WAN port networks, use the VPN Wizard to configure the basic parameters and them edit the VPN and IKE Policy screens for the various VPN scenarios.

Dual WAN Port Systems

The dual WAN ports in the VPN firewall can be configured for either Auto-Rollover mode for increased system reliability or Load Balancing mode for optimum bandwidth efficiency. This WAN mode choice then impacts how the VPN features must be configured.

Refer to “Virtual Private Networks (VPNs)” on page C-10 for an overview of the IP addressing requirements for VPN in the two WAN modes. To aid in determining the addressing requirements for your VPN Tunnel in either rollover mode or load balancing mode, see Table 5-1.

Table 5-1. IP Addressing for VPNs in Dual WAN Port Systems

Configuration and WAN IP address

Rollover Modea

Load Balancing Mode

 

 

 

 

VPN Road Warrior

Fixed

FQDN required

Allowed (FQDN optional)

(client-to-gateway)

 

 

 

Dynamic

FQDN required

FQDN required

 

 

 

 

 

VPN Gateway-to-Gateway

Fixed

FQDN required

Allowed (FQDN optional)

 

 

 

 

 

Dynamic

FQDN required

FQDN required

 

 

 

 

VPN Telecommuter

Fixed

FQDN required

Allowed (FQDN optional)

(client-to-gateway through

 

 

 

Dynamic

FQDN required

FQDN required

a NAT router)

 

 

 

a. All tunnels must be re-established after a rollover using the new WAN IP address.

Virtual Private Networking

5-1

v1.0, August 2006

Page 102 Page 104
Image 103
Page 102 Page 104
Contents ProSafe VPN Firewall FVX538 Reference Manual Bestätigung des Herstellers/Importeurs TrademarksStatement of Conditions EU Regulatory Compliance StatementAdditional Copyrights Voluntary Control Council for Interference Vcci StatementAugust MD5 Product and Publication Details Contents Chapter LAN Configuration Chapter Virtual Private Networking Chapter Router and Network Management Chapter Troubleshooting Index Conventions, Formats and Scope About This ManualHow to Print this Manual How to Use This ManualRevision History Xvi Chapter Introduction Key FeaturesPowerful, True Firewall with Content Filtering Autosensing Ethernet Connections with Auto Uplink Security FeaturesExtensive Protocol Support Trend Micro Integration Easy Installation and ManagementPackage Contents Object Descriptions Router Front PanelWAN Router Rear Panel Rack Mounting Hardware Router’s IP Address, Login Name, and PasswordEnter http//192.168.1.1 as the URL Default Log In SettingsProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Logging into the VPN Firewall Connecting the FVX538 to the InternetConfiguring the Internet Connections to Your ISPs Connection Method Data Required Internet connection methodsInternet connection methods Manually Configuring Your Internet Connection Setting the Router’s MAC AddressProSafe VPN Firewall 200 FVX538 Reference Manual Programming the Traffic Meter if Desired ProSafe VPN Firewall 200 FVX538 Reference Manual Parameter Description Traffic Meter SettingsConfiguring the WAN Mode Required for Dual WAN Setting Up Auto-Rollover Mode ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Load Balancing ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Dynamic DNS If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual Ddns links Configuring the Advanced WAN Options If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Using the Firewall as a Dhcp server Chapter LAN ConfigurationConfiguring the LAN Setup Options ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Multi Home LAN IPs ProSafe VPN Firewall 200 FVX538 Reference Manual Creating the Network Database Managing Groups and Hosts LAN GroupsProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Address Reservation Check the Do you want to enable DMA Port? radio box Configuring and Enabling the DMZ PortProSafe VPN Firewall 200 FVX538 Reference Manual Static Routes Configuring Static RoutesRouting Information Protocol RIP ProSafe VPN Firewall 200 FVX538 Reference Manual Static Route Example Enabling Trend Micro Antivirus EnforcementProSafe VPN Firewall 200 FVX538 Reference Manual Click Apply to submit your changes ProSafe VPN Firewall 200 FVX538 Reference Manual Using Rules to Block or Allow Specific Kinds of Traffic About Firewall Protection and Content FilteringOutbound Rules Service Blocking Services-Based RulesOutbound Rules Services menu see Adding Customized Services onInbound Rules Port Forwarding Inbound Rules Inbound Rules Order of Precedence for Rules Setting LAN WAN RulesProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules LAN WAN Inbound Services Rules Setting DMZ WAN RulesProSafe VPN Firewall 200 FVX538 Reference Manual Setting LAN DMZ Rules LAN DMZ Outbound Services Rules Attack Checks LAN DMZ Inbound Services RulesPptp LAN WAN Inbound Rule Hosting a Local Public Web Server Inbound Rules ExamplesProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN or DMZ WAN Inbound Rule Specifying an Exposed Host LAN WAN Outbound Rule Blocking Instant Messenger Outbound Rules ExampleAdding Customized Services ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Quality of Service QoS Priorities Setting a Schedule to Block or Allow Specific Traffic Setting Block Sites Content Filtering ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Source MAC Filtering Port Triggering ProSafe VPN Firewall 200 FVX538 Reference Manual Outgoing Trigger Port Range fields Mail Notifications of Event Logs and Alerts ProSafe VPN Firewall 200 FVX538 Reference Manual Numerical Code Severity SysLog Facility Message LevelsInformational Informational messages Firewall Log Field Descriptions Administrator TipsProSafe VPN Firewall 200 FVX538 Reference Manual IP Addressing for VPNs in Dual WAN Port Systems Dual WAN Port SystemsRollover Mode Setup Screen Load Balancing Setup Screen Setting up a VPN Connection using the VPN Wizard Creating a VPN Tunnel to a Gateway ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Creating a VPN Tunnel Connection to a VPN Client ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual IKE Policy VPN Tunnel PoliciesIKE Policy Table Managing IKE PoliciesManaging VPN Policies VPN PolicyVPN Policy Table VPN Tunnel Connection StatusCreating a VPN Gateway Connection Between FVX538 and FVS338 Configuring the FVX538ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the FVS338 Creating a VPN Client Connection VPN Client to FVX538 Testing the ConnectionProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the VPN Client Fvxlocal.com Home11.fvxremote.com ProSafe VPN Firewall 200 FVX538 Reference Manual Testing the Connection Certificate Authorities Generate Self Certificate Request, enter the required data Generating a Self Certificate RequestProSafe VPN Firewall 200 FVX538 Reference Manual Managing your Certificate Revocation List CRL Uploading a Trusted CertificateUpload Extended Authentication Xauth ConfigurationConfiguring Xauth for VPN Clients ProSafe VPN Firewall 200 FVX538 Reference Manual User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Mode Config Operation Manually Assigning IP Addresses to Remote Users ModeConfigConfiguring the VPN Firewall ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the ProSafe VPN Client for ModeConfig ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Bandwidth Capacity Performance ManagementService Blocking VPN Firewall Features That Reduce TrafficProSafe VPN Firewall 200 FVX538 Reference Manual Source MAC Filtering Block SitesPort Forwarding VPN Firewall Features That Increase TrafficPort Triggering DMZ Port Using QoS to Shift the Traffic MixVPN Tunnels Changing Passwords and Settings AdministrationTools for Traffic Management ProSafe VPN Firewall 200 FVX538 Reference Manual Check Allow Remote Management radio box Enabling Remote Management AccessHttps//134.177.0.1238080 Using a Snmp ManagerProSafe VPN Firewall 200 FVX538 Reference Manual Settings Backup and Firmware Upgrade Click default Backup and Restore SettingsRouter Upgrade To upgrade router software Setting the Time ZoneEnabling the Traffic Meter Monitoring the RouterProSafe VPN Firewall 200 FVX538 Reference Manual Setting Login Failures and Attacks Notification Monitoring Attached Devices IP Address Known PCs and DevicesPort Triggering Status data Viewing Port Triggering StatusRouter Status Fields Viewing Router Configuration and System StatusMonitoring WAN Ports Status Monitoring VPN Tunnel Connection Status VPN Status data VPN LogsDhcp Log Performing DiagnosticsDiagnostics Diagnostics ProSafe VPN Firewall 200 FVX538 Reference Manual Basic Functions Power LED Not OnLEDs Never Turn Off Troubleshooting the Web Configuration InterfaceLAN or Internet Port LEDs Not On ProSafe VPN Firewall 200 FVX538 Reference Manual Troubleshooting the ISP Connection Testing the LAN Path to Your Firewall Troubleshooting a TCP/IP Network Using a Ping UtilityPing -n 10 IP address Testing the Path from Your PC to a Remote DeviceProblems with Date and Time Restoring the Default Configuration and PasswordProSafe VPN Firewall 200 FVX538 Reference Manual Table A-1. VPN firewall Default Configuration Settings Appendix a Default Settings and Technical SpecificationsFeature Default Behavior Table A-2. VPN firewall Technical SpecificationsElectromagnetic Emissions ProSafe VPN Firewall 200 FVX538 Reference Manual Appendix B Related Documents ProSafe VPN Firewall 200 FVX538 Reference Manual What You Will Need to Do Before You Begin Appendix C Network Planning for Dual WAN PortsInternet Figure C-1Internet Configuration Requirements Computer Network Configuration RequirementsCabling and Computer Hardware Requirements Where Do I Get the Internet Configuration Parameters? Internet Connection Information Form Inbound Traffic Overview of the Planning ProcessVirtual Private Networks VPNs Dual WAN Ports Load Balancing PortsRequirements for exposed hosts in dual WAN port systems Inbound TrafficAlways change at the IP addresses Virtual Private Networks VPNs Reference Manual Road Warrior Example Dual WAN Ports, Before Rollover VPN Road Warrior Dual But a fully-qualified WAN1 or WAN2Road Warrior Example Dual WAN Ports, Load Balancing VPN Gateway-to-Gateway Single Gateway WAN PortsGateway-to-Gateway Example Single WAN Ports WAN A2to establish or re Gateway-to-Gateway Example Dual WAN Ports, Load Balancing NAT Router Remote tunnel Remote PC or WAN2 Index Index-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10
Related manuals
Manual 2 pages 62.01 Kb Manual 3 pages 5.38 Kb
Top Page Image Contents