NETGEAR Creating a VPN Gateway Connection Between FVX538 and FVS338, Configuring the FVX538

Page 116

ProSafe VPN Firewall 200 FVX538 Reference Manual

Tx (KBytes). The amount of data transmitted over this SA.

Tx (Packets). The number of packets transmitted over this SA.

State. The current state of the SA. Phase 1 is “Authentication phase” and Phase 2 is “Key Exchange phase”.

Action. Allows you to terminate or build the SA (connection), if required.

Creating a VPN Gateway Connection: Between FVX538 and FVS338

This section describes how to configure a VPN connection between a NETGEAR FVX538 VPN Firewall and a NETGEAR FVS338 VPN Firewall.

Using the VPN Wizard for each VPN firewall, we will create a set of policies (IKE and VPN) that will allow the two firewalls to connect from locations with fixed IP addresses. Either firewall can initiate the connection.

This procedure was developed using:

Netgear FVX538 VPN Firewall

WAN1 IP address is 10.1.32.40

LAN IP address subnet is 192.168.1.1/255.255.255.0

Netgear FVS338 VPN Firewall (remote gateway)

WAN IP address is 10.1.1.150

LAN IP address subnet is 192.168.2.1/255.255.255.0

Configuring the FVX538

To configure the FVX538 VPN Wizard:

1.Select VPN from the main menu. The Policies submenu will display showing the IKE Policies screen

2.Select VPN Wizard. The VPN Wizard screen will display.

3.Select the VPN Tunnel connection type; in this case, the Gateway radio box is selected.

4.Give the client connection a name, such as to_fvs.

5.Enter a value for the pre-shared key.

5-14

Virtual Private Networking

v1.0, August 2006

Page 115 Page 117
Image 116
Page 115 Page 117
Contents ProSafe VPN Firewall FVX538 Reference Manual Trademarks Statement of ConditionsEU Regulatory Compliance Statement Bestätigung des Herstellers/ImporteursVoluntary Control Council for Interference Vcci Statement Additional CopyrightsAugust MD5 Product and Publication Details Contents Chapter LAN Configuration Chapter Virtual Private Networking Chapter Router and Network Management Chapter Troubleshooting Index About This Manual Conventions, Formats and ScopeHow to Use This Manual How to Print this ManualRevision History Xvi Key Features Chapter IntroductionPowerful, True Firewall with Content Filtering Extensive Protocol Support Security FeaturesAutosensing Ethernet Connections with Auto Uplink Easy Installation and Management Trend Micro IntegrationPackage Contents Router Front Panel Object DescriptionsWAN Router Rear Panel Router’s IP Address, Login Name, and Password Rack Mounting HardwareDefault Log In Settings Enter http//192.168.1.1 as the URLProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Connecting the FVX538 to the Internet Logging into the VPN FirewallConfiguring the Internet Connections to Your ISPs Internet connection methods Connection Method Data RequiredInternet connection methods Setting the Router’s MAC Address Manually Configuring Your Internet ConnectionProSafe VPN Firewall 200 FVX538 Reference Manual Programming the Traffic Meter if Desired ProSafe VPN Firewall 200 FVX538 Reference Manual Traffic Meter Settings Parameter DescriptionConfiguring the WAN Mode Required for Dual WAN Setting Up Auto-Rollover Mode ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Load Balancing ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Dynamic DNS If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual Ddns links Configuring the Advanced WAN Options If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Chapter LAN Configuration Using the Firewall as a Dhcp serverConfiguring the LAN Setup Options ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Multi Home LAN IPs ProSafe VPN Firewall 200 FVX538 Reference Manual Managing Groups and Hosts LAN Groups Creating the Network DatabaseProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Address Reservation Configuring and Enabling the DMZ Port Check the Do you want to enable DMA Port? radio boxProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Static Routes Static RoutesRouting Information Protocol RIP ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Trend Micro Antivirus Enforcement Static Route ExampleProSafe VPN Firewall 200 FVX538 Reference Manual Click Apply to submit your changes ProSafe VPN Firewall 200 FVX538 Reference Manual About Firewall Protection and Content Filtering Using Rules to Block or Allow Specific Kinds of TrafficServices-Based Rules Outbound Rules Service BlockingServices menu see Adding Customized Services on Outbound RulesInbound Rules Port Forwarding Inbound Rules Inbound Rules Setting LAN WAN Rules Order of Precedence for RulesProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules Setting DMZ WAN Rules LAN WAN Inbound Services RulesProSafe VPN Firewall 200 FVX538 Reference Manual Setting LAN DMZ Rules LAN DMZ Outbound Services Rules LAN DMZ Inbound Services Rules Attack ChecksPptp Inbound Rules Examples LAN WAN Inbound Rule Hosting a Local Public Web ServerProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN or DMZ WAN Inbound Rule Specifying an Exposed Host Outbound Rules Example LAN WAN Outbound Rule Blocking Instant MessengerAdding Customized Services ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Quality of Service QoS Priorities Setting a Schedule to Block or Allow Specific Traffic Setting Block Sites Content Filtering ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Source MAC Filtering Port Triggering ProSafe VPN Firewall 200 FVX538 Reference Manual Outgoing Trigger Port Range fields Mail Notifications of Event Logs and Alerts ProSafe VPN Firewall 200 FVX538 Reference Manual SysLog Facility Message Levels Numerical Code SeverityInformational Informational messages Administrator Tips Firewall Log Field DescriptionsProSafe VPN Firewall 200 FVX538 Reference Manual Dual WAN Port Systems IP Addressing for VPNs in Dual WAN Port SystemsRollover Mode Setup Screen Load Balancing Setup Screen Setting up a VPN Connection using the VPN Wizard Creating a VPN Tunnel to a Gateway ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Creating a VPN Tunnel Connection to a VPN Client ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual VPN Tunnel Policies IKE PolicyManaging IKE Policies IKE Policy TableVPN Policy Managing VPN PoliciesVPN Tunnel Connection Status VPN Policy TableConfiguring the FVX538 Creating a VPN Gateway Connection Between FVX538 and FVS338ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the FVS338 Testing the Connection Creating a VPN Client Connection VPN Client to FVX538ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the VPN Client Fvxlocal.com Home11.fvxremote.com ProSafe VPN Firewall 200 FVX538 Reference Manual Testing the Connection Certificate Authorities Generating a Self Certificate Request Generate Self Certificate Request, enter the required dataProSafe VPN Firewall 200 FVX538 Reference Manual Uploading a Trusted Certificate Managing your Certificate Revocation List CRLExtended Authentication Xauth Configuration UploadConfiguring Xauth for VPN Clients ProSafe VPN Firewall 200 FVX538 Reference Manual User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Manually Assigning IP Addresses to Remote Users ModeConfig Mode Config OperationConfiguring the VPN Firewall ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the ProSafe VPN Client for ModeConfig ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Performance Management Bandwidth CapacityVPN Firewall Features That Reduce Traffic Service BlockingProSafe VPN Firewall 200 FVX538 Reference Manual Block Sites Source MAC FilteringVPN Firewall Features That Increase Traffic Port ForwardingPort Triggering VPN Tunnels Using QoS to Shift the Traffic MixDMZ Port Tools for Traffic Management AdministrationChanging Passwords and Settings ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Remote Management Access Check Allow Remote Management radio boxUsing a Snmp Manager Https//134.177.0.1238080ProSafe VPN Firewall 200 FVX538 Reference Manual Settings Backup and Firmware Upgrade Backup and Restore Settings Click defaultRouter Upgrade Setting the Time Zone To upgrade router softwareMonitoring the Router Enabling the Traffic MeterProSafe VPN Firewall 200 FVX538 Reference Manual Setting Login Failures and Attacks Notification Monitoring Attached Devices Known PCs and Devices IP AddressViewing Port Triggering Status Port Triggering Status dataViewing Router Configuration and System Status Router Status FieldsMonitoring WAN Ports Status Monitoring VPN Tunnel Connection Status VPN Logs VPN Status dataPerforming Diagnostics Dhcp LogDiagnostics Diagnostics ProSafe VPN Firewall 200 FVX538 Reference Manual Power LED Not On Basic FunctionsLAN or Internet Port LEDs Not On Troubleshooting the Web Configuration InterfaceLEDs Never Turn Off ProSafe VPN Firewall 200 FVX538 Reference Manual Troubleshooting the ISP Connection Troubleshooting a TCP/IP Network Using a Ping Utility Testing the LAN Path to Your FirewallTesting the Path from Your PC to a Remote Device Ping -n 10 IP addressRestoring the Default Configuration and Password Problems with Date and TimeProSafe VPN Firewall 200 FVX538 Reference Manual Appendix a Default Settings and Technical Specifications Table A-1. VPN firewall Default Configuration SettingsTable A-2. VPN firewall Technical Specifications Feature Default BehaviorElectromagnetic Emissions ProSafe VPN Firewall 200 FVX538 Reference Manual Appendix B Related Documents ProSafe VPN Firewall 200 FVX538 Reference Manual Appendix C Network Planning for Dual WAN Ports What You Will Need to Do Before You BeginFigure C-1 InternetCabling and Computer Hardware Requirements Computer Network Configuration RequirementsInternet Configuration Requirements Where Do I Get the Internet Configuration Parameters? Internet Connection Information Form Virtual Private Networks VPNs Overview of the Planning ProcessInbound Traffic Ports Dual WAN Ports Load BalancingInbound Traffic Requirements for exposed hosts in dual WAN port systemsAlways change at the IP addresses Virtual Private Networks VPNs Reference Manual Road Warrior Example Dual WAN Ports, Before Rollover But a fully-qualified WAN1 or WAN2 VPN Road Warrior DualVPN Gateway-to-Gateway Single Gateway WAN Ports Road Warrior Example Dual WAN Ports, Load BalancingGateway-to-Gateway Example Single WAN Ports WAN A2to establish or re Gateway-to-Gateway Example Dual WAN Ports, Load Balancing NAT Router Remote tunnel Remote PC or WAN2 Index Index-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10
Related manuals
Manual 2 pages 62.01 Kb Manual 3 pages 5.38 Kb
Top Page Image Contents