NETGEAR FVS318v3 manual Xii Contents

Page 12

xii

Contents

January 2005

Page 11 Page 13
Image 12
Page 11 Page 13
Contents Reference Manual for the ProSafe VPN Firewall FVS318v3 Trademarks Statement of ConditionsEN 55 022 Declaration of Conformance Bestätigung des Herstellers/Importeurs Certificate of the Manufacturer/ImporterVoluntary Control Council for Interference Vcci Statement Product and Publication Details Contents Chapter Firewall Protection Content Filtering Chapter Advanced Virtual Private Networking Chapter Advanced Configuration Appendix C Virtual Private Networking Appendix D Preparing Your Network Glossary Xii Contents Audience, Scope, Conventions, and Formats Typographical ConventionsManual Scope How to Use This Manual How to Print this Manual Printing a Page in the Html ViewPrinting a Chapter Printing the Full ManualReference Manual for the ProSafe VPN Firewall FVS318v3 Key Features of the VPN Firewall Chapter IntroductionPowerful, True Firewall with Content Filtering SecurityAutosensing Ethernet Connections with Auto Uplink Extensive Protocol SupportEasy Installation and Management Maintenance and SupportPackage Contents FVS318v3 Rear Panel LED DescriptionsNETGEAR-Related Products Netgear Product Registration, Support, and DocumentationNETGEAR-Related Products Reference Manual for the ProSafe VPN Firewall FVS318v3 Prepare to Install Your FVS318v3 ProSafe VPN Firewall First, Connect the FVS318v3Disconnect the Ethernet cable from the computer ModemRestart Your Network in the Correct Sequence Now, Configure the FVS318v3 for Internet Access Status lightsNetgear Smart Wizard Configuration Assistant welcome screen Troubleshooting Tips Be sure to restart your network in this sequenceMake sure the network settings of the computer are correct Make sure the Ethernet cables are securely pluggedOverview of How to Access the FVS318v3 VPN Firewall Ways to access the firewallLogin URL How to Bypass the Configuration Assistant Login result FVS318v3 homeUsing the Smart Setup Wizard How to Manually Configure Your Internet Connection ISP Does Not Require LoginReference Manual for the ProSafe VPN Firewall FVS318v3 11 Basic Settings ISP list Chapter Firewall Protection Content Filtering Firewall Protection and Content Filtering OverviewBlock Sites Block Sites menuUsing Rules to Block or Allow Specific Kinds of Traffic Rules menuReference Manual for the ProSafe VPN Firewall FVS318v3 Inbound Rules Port Forwarding Inbound Rule Example a Local Public Web ServerConsiderations for Inbound Rules Rule example a videoconference from restricted addressesOutbound Rules Service Blocking Outbound Rule Example Blocking Instant MessengerDefault DMZ Server Order of Precedence for RulesClick Default DMZ Server Respond to Ping on Internet WAN PortServices Services menuAdd Custom Service menu Using a Schedule to Block or Allow Specific Traffic ScheduleTime Zone Getting E-Mail Notifications of Event Logs and Alerts 10 E-mail menuReference Manual for the ProSafe VPN Firewall FVS318v3 Viewing Logs of Web Access or Attempted Web Access 11 Logs menuSyslog Log entry descriptionsLog action buttons Reference Manual for the ProSafe VPN Firewall FVS318v3 Chapter Basic Virtual Private Networking VPN Tunnel PCs AES Configuration Configuring the Client-to-Gateway VPN Tunnel on the FVS318v3 Summary screen below displays Vpnc Recommended Settings Configuring the Netgear ProSafe VPN Client on the Remote PC Security Policy Editor new connection 10 Security Policy Editor connection settings 11 Security Policy Editor Security Policy 12 Security Policy Editor My Identity 14 Security Policy Editor Authentication 15 Security Policy Editor Key Exchange 16 Running a Ping test to the LAN from the PC 18 Log Viewer screen Transferring a Security Policy to Another Client Exporting a Security PolicySelect Export Security Policy from the File pulldown Importing a Security Policy Scenario1Basic Procedure to Configure a Gateway-to-Gateway VPN Tunnel 23 VPN Wizard start screen25 Remote IP 27 VPN Wizard Summary 28 VPN Recommended Settings 30 VPN Status/Log screen Start Using a VPN Tunnel to Activate It Using the VPN Status Page to Activate a VPN TunnelVPN Tunnel Control Activating a VPN TunnelActivate the VPN Tunnel by Pinging the Remote Endpoint 32 VPN Status/Log screenType ping -t 192.168.3.1 and then click OK Type pingVerifying the Status of a VPN Tunnel 36 Pinging test resultsDeactivating a VPN Tunnel 38 Current VPN Tunnels SAs screenUsing the VPN Status Page to Deactivate a VPN Tunnel 39 VPN PoliciesDeleting a VPN Tunnel 41 Current VPN Tunnels SAs screenFVS318v3 VPN Firewall Using Policies to Manage VPN Traffic Using Automatic Key ManagementIKE Policies’ Automatic Key and Authentication Management IKE Policy Configuration MenuIKE Policy Configuration fields Field Description GeneralVPN Policy Configuration for Auto Key Negotiation Field Description RemoteVPN Auto Policy menu VPN Auto Policy Configuration Fields VPN Auto Policy fields are defined in the following tableAuthenticating Header AH VPN Policy Configuration for Manual Key Exchange Netbios EnableVPN Manual Policy menu VPN Manual Policy Configuration Fields VPN Manual Policy fields are defined in the following tableValue in its Authentication Algorithm Key Out field Netbios Enable Walk-Through of Configuration Scenarios on the FVS318v3 Certificate Revocation List CRLVPN Consortium Scenario Scenario 1 are Using IPv4 WAN IP addresses FVS318v3 Internet IP Address menuLAN IP Setup menu Set up the IKE Policy illustrated below on the FVS318v3 Scenario 1 IKE PolicySet up the FVS318v3 VPN -Auto Policy illustrated below 10 Scenario 1 VPN Auto PolicyHow to Check VPN Connections Testing the Gateway a FVS318v3 LAN and the Gateway B LANInstall the trusted CA certificate for the Trusted Root CA Obtain a root certificateCreate a certificate request for the FVS318v3 11 Generate Self Certificate Request menu Highlight, copy and paste this data into a text file 12 Self Certificate Request dataClick the Upload Certificate button 13 Self Certificate Requests table14 Self Certificates table Set up Certificate Revocation List CRL checking Reference Manual for the ProSafe VPN Firewall FVS318v3 Viewing VPN Firewall Status Information Router Status screenThis screen shows the following parameters FVS318v3 Status fieldsConnection Status fields Connection Status action buttonsRouter Statistics screen Router Statistics fieldsViewing a List of Attached Devices Upgrading the Firewall SoftwareRouter Upgrade menu Configuration File Management Backing Up the ConfigurationRestoring the Configuration Changing the Administrator Password Erasing the ConfigurationChapter Advanced Configuration How to Configure Dynamic DNSUsing the LAN IP Setup Options Configuring LAN TCP/IP Setup Parameters Using the Firewall as a Dhcp server Configuring Static Routes Using Address ReservationClick Edit or Delete Static Routes table Enabling Remote Management Access Static Route ExampleHttps//134.177.0.1238080 Reference Manual for the ProSafe VPN Firewall FVS318v3 Reference Manual for the ProSafe VPN Firewall FVS318v3 Power LED Not On Basic FunctioningLEDs Never Turn Off LAN or Internet Port LEDs Not OnTroubleshooting the Web Configuration Interface Troubleshooting the ISP Connection Troubleshooting a TCP/IP Network Using a Ping Utility Testing the LAN Path to Your FirewallTesting the Path from Your PC to a Remote Device Ping -n 10 IP addressRestoring the Default Configuration and Password Problems with Date and TimeReference Manual for the ProSafe VPN Firewall FVS318v3 Power Adapter Physical SpecificationsEnvironmental Specifications Network Protocol and Standards CompatibilityInterface Specifications Electromagnetic EmissionsAppendix B Network, Routing, and Firewall Basics Related Publications Basic Router ConceptsWhat is a Router? IP Addresses and the InternetRouting Information Protocol Figure B-1 Three Main Address Classes Netmask EqualsSubnet Addressing Figure B-2 Example of Subnetting a Class B AddressTable B-1 Netmask notation translation table for one octet Table B-2. Netmask formatsPrivate IP Addresses Table B-2 Netmask formatsSingle IP Address Operation Using NAT Figure B-3 Single IP Address Operation Using NATMAC Addresses and Address Resolution Protocol Related DocumentsDomain Name Server IP Configuration by Dhcp Internet Security and FirewallsWhat is a Firewall? Denial of Service AttackEthernet Cabling Stateful Packet InspectionTable B-3 UTP Ethernet cable wiring, straight-through Category 5 Cable QualityInside Twisted Pair Cables Figure B-4 Straight-through twisted-pair cableUplink Switches, Crossover Cables, and MDI/MDIX Switching Reference Manual for the ProSafe VPN Firewall FVS318v3 Reference Manual for the ProSafe VPN Firewall FVS318v3 What is a VPN? Appendix C Virtual Private NetworkingWhat Is IPSec and How Does It Work? IPSec Security FeaturesIPSec Components Encapsulating Security Payload ESP Authentication Header AH IKE Security AssociationMode Understand the Process Before You Begin Key ManagementVPN Process Overview AddressesVPN Tunnel Between Gateways FirewallsTable C-2 Subnet addressing IPSec Security Association IKE VPN Tunnel Negotiation StepsVpnc IKE Phase I Parameters Vpnc IKE Security ParametersTesting and Troubleshooting Vpnc IKE Phase II ParametersAdditional Reading Relevant RFCs listed numerically Appendix D Preparing Your Network Preparing Your Computers for TCP/IP NetworkingConfiguring Windows 95, 98, and Me for TCP/IP Networking Install or Verify Windows Networking ComponentsSelect Microsoft Enabling Dhcp to Automatically Configure TCP/IP Settings Choose Settings, and then Control PanelPrimary Network Logon is set to Windows logon Selecting Windows’ Internet Access Method Verifying TCP/IP PropertiesConfiguring Windows NT4, 2000 or XP for IP Networking Double-click the Network and Dialup Connections iconDhcp Configuration of TCP/IP in Windows XP Locate your Network Neighborhood iconReference Manual for the ProSafe VPN Firewall FVS318v3 Dhcp Configuration of TCP/IP in Windows Reference Manual for the ProSafe VPN Firewall FVS318v3 Obtain an IP address automatically is selected Dhcp Configuration of TCP/IP in Windows NT4 Reference Manual for the ProSafe VPN Firewall FVS318v3 Verifying TCP/IP Properties for Windows XP, 2000, and NT4 TCP/IP Properties dialog box now displaysConfiguring the Macintosh for TCP/IP Networking MacOS 8.6 orMacOS Verifying TCP/IP Properties for Macintosh Computers Are Login Protocols Used? What Is Your Configuration Information?Verifying the Readiness of Your Internet Account Select the IP Address tab Reference Manual for the ProSafe VPN Firewall FVS318v3 Restarting the Network Reference Manual for the ProSafe VPN Firewall FVS318v3 Case Study Overview Gathering the Network InformationConfigure Log in to Use the VPN Wizard to To Figure E-3 Verify the information example screen Example screen Figure E-4 Testing Flowchart Activating the VPN TunnelFVS318v3-to-FVS318v3 Case SummaryUse the VPN Wizard to configure the FVS318v3 at Gateway a Gateway a VPN Parameter Entry Continue as shown in Figure E-3Viewing and Editing the VPN Parameters Gateway a VPN Policy ParametersGateway a IKE Parameters Initiating and Checking the VPN Connections VPN Status at Gateway a FVS318v3 VPN Status at Gateway B FVS318v3FVS318v3-to-FVS318v2 Case Use the VPN Wizard to configure the FVS318v3 at Gateway a Continue as shown in Figure E-3 Viewing and Editing the VPN Parameters Reference Manual for the ProSafe VPN Firewall FVS318v3 Initiating and Checking the VPN Connections IPSec Connection Status at Gateway B FVS318v2 Status of VPN tunnel to and from Gateway aFVS318v3-to-FVL328 Case Use the VPN Wizard to configure the FVS318v3 at Gateway a Continue as shown in Figure E-3 Viewing and Editing the VPN Parameters Gateway a IKE Parameters Initiating and Checking the VPN Connections IPSec Connection Status at Gateway B FVL328 FVS318v3-to-VPN Client Case Client-to-Gateway VPN Tunnel OverviewTable E-4 Policy Summary Table E-5 Differences between VPN tunnel typesConfiguring the VPN Tunnel Connection Type a Remote VPN ClientFigure E-20 VPN Wizard at Gateway a FVS318v3 Figure E-21 VPN parameters at Gateway a FVS318v3 Figure E-22 Adding and renaming a new connection Figure E-23 Scenario1 connection screen parameters Figure E-24 Scenario1 Security Policy screen parameters Figure E-25 Scenario1 My Identity screen parameters Reference Manual for the ProSafe VPN Firewall FVS318v3 Choose Scenario1 Figure E-27 Scenario1 connection launch from VPN Client PCSelect Connection Monitor See Figure E-28for the resulting status screensConnection Monitor at Gateway B remote VPN Client List of Glossary Terms NumericPacket sent to all devices on a network Dhcp See Internet Control Message Protocol Ieee Internet service provider Megabits per second Set of rules for communication between devices on a network See Wide Area Network Wins
Related manuals
Manual 2 pages 21.29 Kb

FVS318v3 specifications

The NETGEAR FVS318v3 is a powerful dual WAN gigabit VPN firewall designed to provide robust security and reliable connectivity for small to medium-sized businesses. It offers an array of features and technologies that make it an outstanding choice for organizations requiring secure network access and improved bandwidth management.

One of the standout features of the FVS318v3 is its dual WAN capability. This allows users to connect two separate internet connections, which enhances redundancy and ensures continuous network availability. In the event that one WAN connection fails, the device automatically switches to the backup connection, minimizing downtime and maintaining productivity.

The firewall offers advanced security features, including a stateful packet inspection (SPI) firewall and NAT (Network Address Translation), which helps protect the network from unauthorized access and external threats. Additionally, the FVS318v3 supports IPsec and SSL VPN protocols, providing secure remote access for employees working from home or on the go. With support for up to 15 SSL VPN clients and 20 IPsec VPN tunnels, it is suitable for businesses that require flexible and secure remote connectivity.

In terms of performance, the FVS318v3 boasts a high-speed gigabit throughput, ensuring fast data transmission and minimal latency. This is particularly important for businesses that rely on cloud-based applications, video conferencing, and other bandwidth-intensive activities. Furthermore, the device is equipped with advanced QoS (Quality of Service) features that allow administrators to prioritize traffic, ensuring that critical applications receive the bandwidth they need during peak usage times.

Another noteworthy characteristic of the NETGEAR FVS318v3 is its user-friendly interface, which simplifies network management and configuration. Administrators can easily set up policies, monitor traffic, and manage connected devices through an intuitive web-based interface. It also offers support for 802.1Q VLAN tagging, allowing for network segmentation and improved security management.

In conclusion, the NETGEAR FVS318v3 is a versatile and feature-rich solution that delivers exceptional security and reliability for businesses. Its dual WAN functionality, advanced VPN capabilities, high-speed performance, and ease of use make it an excellent choice for organizations looking to safeguard their networks while ensuring seamless connectivity for employees.
Top Page Image Contents