NETGEAR FVS318v3 manual Contents

Page 5

Contents

Chapter 1

About This Manual

Audience, Scope, Conventions, and Formats

1-1

How to Use This Manual

1-2

How to Print this Manual

1-3

Chapter 2

 

Introduction

 

Key Features of the VPN Firewall

2-1

A Powerful, True Firewall with Content Filtering

2-2

Security

2-2

Autosensing Ethernet Connections with Auto Uplink

2-3

Extensive Protocol Support

2-3

Easy Installation and Management

2-4

Maintenance and Support

2-4

Package Contents

2-5

The FVS318v3 Front Panel

2-5

The FVS318v3 Rear Panel

2-6

NETGEAR-Related Products

2-7

NETGEAR Product Registration, Support, and Documentation

2-7

Chapter 3

 

Connecting the Firewall to the Internet

 

Prepare to Install Your FVS318v3 ProSafe VPN Firewall

3-1

First, Connect the FVS318v3

3-1

Now, Configure the FVS318v3 for Internet Access

3-4

Troubleshooting Tips

3-6

Overview of How to Access the FVS318v3 VPN Firewall

3-8

How to Log On to the FVS318v3 After

 

Configuration Settings Have Been Applied

3-9

How to Bypass the Configuration Assistant

3-10

Contents

v

January 2005

Page 4 Page 6
Image 5
Page 4 Page 6
Contents Reference Manual for the ProSafe VPN Firewall FVS318v3 EN 55 022 Declaration of Conformance TrademarksStatement of Conditions Voluntary Control Council for Interference Vcci Statement Bestätigung des Herstellers/ImporteursCertificate of the Manufacturer/Importer Product and Publication Details Contents Chapter Firewall Protection Content Filtering Chapter Advanced Virtual Private Networking Chapter Advanced Configuration Appendix C Virtual Private Networking Appendix D Preparing Your Network Glossary Xii Contents Manual Scope Audience, Scope, Conventions, and FormatsTypographical Conventions How to Use This Manual Printing a Page in the Html View How to Print this ManualPrinting a Chapter Printing the Full ManualReference Manual for the ProSafe VPN Firewall FVS318v3 Chapter Introduction Key Features of the VPN FirewallSecurity Powerful, True Firewall with Content FilteringExtensive Protocol Support Autosensing Ethernet Connections with Auto UplinkMaintenance and Support Easy Installation and ManagementPackage Contents LED Descriptions FVS318v3 Rear PanelNETGEAR-Related Products NETGEAR-Related ProductsNetgear Product Registration, Support, and Documentation Reference Manual for the ProSafe VPN Firewall FVS318v3 First, Connect the FVS318v3 Prepare to Install Your FVS318v3 ProSafe VPN FirewallModem Disconnect the Ethernet cable from the computerRestart Your Network in the Correct Sequence Status lights Now, Configure the FVS318v3 for Internet AccessNetgear Smart Wizard Configuration Assistant welcome screen Be sure to restart your network in this sequence Troubleshooting TipsMake sure the Ethernet cables are securely plugged Make sure the network settings of the computer are correctWays to access the firewall Overview of How to Access the FVS318v3 VPN FirewallLogin URL Login result FVS318v3 home How to Bypass the Configuration AssistantUsing the Smart Setup Wizard ISP Does Not Require Login How to Manually Configure Your Internet ConnectionReference Manual for the ProSafe VPN Firewall FVS318v3 11 Basic Settings ISP list Firewall Protection and Content Filtering Overview Chapter Firewall Protection Content FilteringBlock Sites menu Block SitesRules menu Using Rules to Block or Allow Specific Kinds of TrafficReference Manual for the ProSafe VPN Firewall FVS318v3 Inbound Rule Example a Local Public Web Server Inbound Rules Port ForwardingRule example a videoconference from restricted addresses Considerations for Inbound RulesOutbound Rule Example Blocking Instant Messenger Outbound Rules Service BlockingOrder of Precedence for Rules Default DMZ ServerRespond to Ping on Internet WAN Port Click Default DMZ ServerServices menu ServicesAdd Custom Service menu Schedule Using a Schedule to Block or Allow Specific TrafficTime Zone 10 E-mail menu Getting E-Mail Notifications of Event Logs and AlertsReference Manual for the ProSafe VPN Firewall FVS318v3 11 Logs menu Viewing Logs of Web Access or Attempted Web AccessLog action buttons SyslogLog entry descriptions Reference Manual for the ProSafe VPN Firewall FVS318v3 Chapter Basic Virtual Private Networking VPN Tunnel PCs AES Configuration Configuring the Client-to-Gateway VPN Tunnel on the FVS318v3 Summary screen below displays Vpnc Recommended Settings Configuring the Netgear ProSafe VPN Client on the Remote PC Security Policy Editor new connection 10 Security Policy Editor connection settings 11 Security Policy Editor Security Policy 12 Security Policy Editor My Identity 14 Security Policy Editor Authentication 15 Security Policy Editor Key Exchange 16 Running a Ping test to the LAN from the PC 18 Log Viewer screen Select Export Security Policy from the File pulldown Transferring a Security Policy to Another ClientExporting a Security Policy Scenario1 Importing a Security PolicyBasic 23 VPN Wizard start screen Procedure to Configure a Gateway-to-Gateway VPN Tunnel25 Remote IP 27 VPN Wizard Summary 28 VPN Recommended Settings 30 VPN Status/Log screen Using the VPN Status Page to Activate a VPN Tunnel Start Using a VPN Tunnel to Activate ItVPN Tunnel Control Activating a VPN Tunnel32 VPN Status/Log screen Activate the VPN Tunnel by Pinging the Remote EndpointType ping Type ping -t 192.168.3.1 and then click OK36 Pinging test results Verifying the Status of a VPN Tunnel38 Current VPN Tunnels SAs screen Deactivating a VPN Tunnel39 VPN Policies Using the VPN Status Page to Deactivate a VPN Tunnel41 Current VPN Tunnels SAs screen Deleting a VPN TunnelFVS318v3 VPN Firewall Using Automatic Key Management Using Policies to Manage VPN TrafficIKE Policy Configuration Menu IKE Policies’ Automatic Key and Authentication ManagementField Description General IKE Policy Configuration fieldsField Description Remote VPN Policy Configuration for Auto Key NegotiationVPN Auto Policy menu VPN Auto Policy fields are defined in the following table VPN Auto Policy Configuration FieldsAuthenticating Header AH Netbios Enable VPN Policy Configuration for Manual Key ExchangeVPN Manual Policy menu VPN Manual Policy fields are defined in the following table VPN Manual Policy Configuration FieldsValue in its Authentication Algorithm Key Out field Netbios Enable Certificate Revocation List CRL Walk-Through of Configuration Scenarios on the FVS318v3VPN Consortium Scenario Scenario 1 are Using IPv4 FVS318v3 Internet IP Address menu WAN IP addressesLAN IP Setup menu Scenario 1 IKE Policy Set up the IKE Policy illustrated below on the FVS318v310 Scenario 1 VPN Auto Policy Set up the FVS318v3 VPN -Auto Policy illustrated belowTesting the Gateway a FVS318v3 LAN and the Gateway B LAN How to Check VPN ConnectionsCreate a certificate request for the FVS318v3 Install the trusted CA certificate for the Trusted Root CAObtain a root certificate 11 Generate Self Certificate Request menu 12 Self Certificate Request data Highlight, copy and paste this data into a text file13 Self Certificate Requests table Click the Upload Certificate button14 Self Certificates table Set up Certificate Revocation List CRL checking Reference Manual for the ProSafe VPN Firewall FVS318v3 Router Status screen Viewing VPN Firewall Status InformationFVS318v3 Status fields This screen shows the following parametersConnection Status action buttons Connection Status fieldsRouter Statistics fields Router Statistics screenUpgrading the Firewall Software Viewing a List of Attached DevicesRouter Upgrade menu Restoring the Configuration Configuration File ManagementBacking Up the Configuration Erasing the Configuration Changing the Administrator PasswordHow to Configure Dynamic DNS Chapter Advanced ConfigurationUsing the LAN IP Setup Options Configuring LAN TCP/IP Setup Parameters Using the Firewall as a Dhcp server Click Edit or Delete Configuring Static RoutesUsing Address Reservation Static Routes table Static Route Example Enabling Remote Management AccessHttps//134.177.0.1238080 Reference Manual for the ProSafe VPN Firewall FVS318v3 Reference Manual for the ProSafe VPN Firewall FVS318v3 Basic Functioning Power LED Not OnLAN or Internet Port LEDs Not On LEDs Never Turn OffTroubleshooting the Web Configuration Interface Troubleshooting the ISP Connection Testing the LAN Path to Your Firewall Troubleshooting a TCP/IP Network Using a Ping UtilityPing -n 10 IP address Testing the Path from Your PC to a Remote DeviceProblems with Date and Time Restoring the Default Configuration and PasswordReference Manual for the ProSafe VPN Firewall FVS318v3 Physical Specifications Power AdapterEnvironmental Specifications Network Protocol and Standards CompatibilityElectromagnetic Emissions Interface SpecificationsRelated Publications Basic Router Concepts Appendix B Network, Routing, and Firewall BasicsRouting Information Protocol What is a Router?IP Addresses and the Internet Figure B-1 Three Main Address Classes Equals NetmaskFigure B-2 Example of Subnetting a Class B Address Subnet AddressingTable B-2. Netmask formats Table B-1 Netmask notation translation table for one octetTable B-2 Netmask formats Private IP AddressesFigure B-3 Single IP Address Operation Using NAT Single IP Address Operation Using NATDomain Name Server MAC Addresses and Address Resolution ProtocolRelated Documents Internet Security and Firewalls IP Configuration by DhcpDenial of Service Attack What is a Firewall?Ethernet Cabling Stateful Packet InspectionCategory 5 Cable Quality Table B-3 UTP Ethernet cable wiring, straight-throughFigure B-4 Straight-through twisted-pair cable Inside Twisted Pair CablesUplink Switches, Crossover Cables, and MDI/MDIX Switching Reference Manual for the ProSafe VPN Firewall FVS318v3 Reference Manual for the ProSafe VPN Firewall FVS318v3 Appendix C Virtual Private Networking What is a VPN?IPSec Components What Is IPSec and How Does It Work?IPSec Security Features Encapsulating Security Payload ESP IKE Security Association Authentication Header AHMode Key Management Understand the Process Before You BeginAddresses VPN Process OverviewTable C-2 Subnet addressing VPN Tunnel Between GatewaysFirewalls VPN Tunnel Negotiation Steps IPSec Security Association IKEVpnc IKE Security Parameters Vpnc IKE Phase I ParametersAdditional Reading Testing and TroubleshootingVpnc IKE Phase II Parameters Relevant RFCs listed numerically Preparing Your Computers for TCP/IP Networking Appendix D Preparing Your NetworkInstall or Verify Windows Networking Components Configuring Windows 95, 98, and Me for TCP/IP NetworkingSelect Microsoft Choose Settings, and then Control Panel Enabling Dhcp to Automatically Configure TCP/IP SettingsPrimary Network Logon is set to Windows logon Verifying TCP/IP Properties Selecting Windows’ Internet Access MethodDouble-click the Network and Dialup Connections icon Configuring Windows NT4, 2000 or XP for IP NetworkingLocate your Network Neighborhood icon Dhcp Configuration of TCP/IP in Windows XPReference Manual for the ProSafe VPN Firewall FVS318v3 Dhcp Configuration of TCP/IP in Windows Reference Manual for the ProSafe VPN Firewall FVS318v3 Obtain an IP address automatically is selected Dhcp Configuration of TCP/IP in Windows NT4 Reference Manual for the ProSafe VPN Firewall FVS318v3 TCP/IP Properties dialog box now displays Verifying TCP/IP Properties for Windows XP, 2000, and NT4MacOS Configuring the Macintosh for TCP/IP NetworkingMacOS 8.6 or Verifying TCP/IP Properties for Macintosh Computers Verifying the Readiness of Your Internet Account Are Login Protocols Used?What Is Your Configuration Information? Select the IP Address tab Reference Manual for the ProSafe VPN Firewall FVS318v3 Restarting the Network Reference Manual for the ProSafe VPN Firewall FVS318v3 Gathering the Network Information Case Study OverviewConfigure Log in to Use the VPN Wizard to To Figure E-3 Verify the information example screen Example screen Activating the VPN Tunnel Figure E-4 Testing FlowchartSummary FVS318v3-to-FVS318v3 CaseUse the VPN Wizard to configure the FVS318v3 at Gateway a Continue as shown in Figure E-3 Gateway a VPN Parameter EntryGateway a VPN Policy Parameters Viewing and Editing the VPN ParametersGateway a IKE Parameters Initiating and Checking the VPN Connections VPN Status at Gateway B FVS318v3 VPN Status at Gateway a FVS318v3FVS318v3-to-FVS318v2 Case Use the VPN Wizard to configure the FVS318v3 at Gateway a Continue as shown in Figure E-3 Viewing and Editing the VPN Parameters Reference Manual for the ProSafe VPN Firewall FVS318v3 Initiating and Checking the VPN Connections Status of VPN tunnel to and from Gateway a IPSec Connection Status at Gateway B FVS318v2FVS318v3-to-FVL328 Case Use the VPN Wizard to configure the FVS318v3 at Gateway a Continue as shown in Figure E-3 Viewing and Editing the VPN Parameters Gateway a IKE Parameters Initiating and Checking the VPN Connections IPSec Connection Status at Gateway B FVL328 Client-to-Gateway VPN Tunnel Overview FVS318v3-to-VPN Client CaseTable E-4 Policy Summary Table E-5 Differences between VPN tunnel typesConnection Type a Remote VPN Client Configuring the VPN TunnelFigure E-20 VPN Wizard at Gateway a FVS318v3 Figure E-21 VPN parameters at Gateway a FVS318v3 Figure E-22 Adding and renaming a new connection Figure E-23 Scenario1 connection screen parameters Figure E-24 Scenario1 Security Policy screen parameters Figure E-25 Scenario1 My Identity screen parameters Reference Manual for the ProSafe VPN Firewall FVS318v3 Figure E-27 Scenario1 connection launch from VPN Client PC Choose Scenario1See Figure E-28for the resulting status screens Select Connection MonitorConnection Monitor at Gateway B remote VPN Client Numeric List of Glossary TermsPacket sent to all devices on a network Dhcp See Internet Control Message Protocol Ieee Internet service provider Megabits per second Set of rules for communication between devices on a network See Wide Area Network Wins
Related manuals
Manual 2 pages 21.29 Kb

FVS318v3 specifications

The NETGEAR FVS318v3 is a powerful dual WAN gigabit VPN firewall designed to provide robust security and reliable connectivity for small to medium-sized businesses. It offers an array of features and technologies that make it an outstanding choice for organizations requiring secure network access and improved bandwidth management.

One of the standout features of the FVS318v3 is its dual WAN capability. This allows users to connect two separate internet connections, which enhances redundancy and ensures continuous network availability. In the event that one WAN connection fails, the device automatically switches to the backup connection, minimizing downtime and maintaining productivity.

The firewall offers advanced security features, including a stateful packet inspection (SPI) firewall and NAT (Network Address Translation), which helps protect the network from unauthorized access and external threats. Additionally, the FVS318v3 supports IPsec and SSL VPN protocols, providing secure remote access for employees working from home or on the go. With support for up to 15 SSL VPN clients and 20 IPsec VPN tunnels, it is suitable for businesses that require flexible and secure remote connectivity.

In terms of performance, the FVS318v3 boasts a high-speed gigabit throughput, ensuring fast data transmission and minimal latency. This is particularly important for businesses that rely on cloud-based applications, video conferencing, and other bandwidth-intensive activities. Furthermore, the device is equipped with advanced QoS (Quality of Service) features that allow administrators to prioritize traffic, ensuring that critical applications receive the bandwidth they need during peak usage times.

Another noteworthy characteristic of the NETGEAR FVS318v3 is its user-friendly interface, which simplifies network management and configuration. Administrators can easily set up policies, monitor traffic, and manage connected devices through an intuitive web-based interface. It also offers support for 802.1Q VLAN tagging, allowing for network segmentation and improved security management.

In conclusion, the NETGEAR FVS318v3 is a versatile and feature-rich solution that delivers exceptional security and reliability for businesses. Its dual WAN functionality, advanced VPN capabilities, high-speed performance, and ease of use make it an excellent choice for organizations looking to safeguard their networks while ensuring seamless connectivity for employees.
Top Page Image Contents