NETGEAR DGFV338 manual V1.0, April

Page 80

DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual

However, by defining an inbound rule you can make a local server (for example, a Web server or game server) visible and available to the Internet. The rule tells the firewall to direct inbound traffic for a particular service to one local server. If you enable Translate to a Port Number, the traffic will be forwarded to a specific port based on the destination port number. This is also known as port forwarding.

This following lists all the existing rules for incoming traffic. Remember that allowing inbound services opens holes in your firewall. Only enable those ports that are necessary for your network.

A rule is defined by the following fields:

! (Status): A rule can be disabled if not in use and enabled as needed. A rule is disabled if the status light is grey and it is enabled if the status light is green. Disabling a rule does not delete the configuration, but merely de-activates the rule.

Service Name: This is a unique name assigned to the service. The name usually indicates the type of traffic the rule covers such as ftp, ssh, telnet, ping, etc. Services not already in the list can be are added on the Services page.

Filter: Defines an action to be taken on the enabled rule. It can be:

Block Always: Block selected service at all times.

Enable Always: Allow selected service to pass through at all times.

Block by schedule, otherwise allow: Works in conjunction with a schedule defined in the Schedule 1/2/3 pages. Selected service will be blocked during the scheduled interval and will be allowed to pass through at other times.

Allow by schedule, otherwise block: Works in conjunction with a schedule defined in the Schedule 1/2/3 pages. Selected service will be allowed to pass through during the scheduled interval and will be blocked at other times.

LAN Server IP Address: An IP address and port number of a machine on the LAN which is

hosting the server. It is displayed in the form: <IP address:port number>.

For example, if a machine with an IP address of 192.168.1.100 on the LAN side is running a telnet server on port 2000, then the table will display 192.168.10.100:2000. If the telnet server is running on the default port (port 23), then the table will display only the IP address.

Destination LAN Users: Specifies whether one or more IP addresses on the LAN will be affected by the rule. This field is only enabled when in routing mode since the LAN is accessible only in this mode.

Any: All computers on the LAN will be affected by the rule.

Single Address: A single IP address on the LAN will be affected by the rule.

4-8

Security and Firewall Protection

v1.0, April 2007

Page 79 Page 81
Image 80
Page 79 Page 81
Contents NETGEAR, Inc Placement and Range Guidelines Technical SupportTrademarks Statement of ConditionsFCC Statement FCC Requirements for Operation in the United StatesEurope EU Declaration of Conformity Português Voluntary Control Council for Interference Vcci Statement Bestätigung des Herstellers/ImporteursCertificate of the Manufacturer/Importer Additional Copyrights TermsViii MD5 Product and Publication Details DGFV338Contents Chapter Wireless Configuration Chapter Virtual Private Networking Chapter LAN Configuration Appendix a Default Settings and Technical Specifications Xvi About This Manual Conventions, Format and ScopeHow to Use This Manual How to Print this ManualXix Page Key Features of the Netgear ProSafe DGFV338 Chapter IntroductionPowerful, True Firewall with Content Filtering Full Routing on Both the Adsl and 10/100 WAN PortAutosensing Ethernet Connections with Auto Uplink SecurityVirtual Private Networking VPN Easy Installation and Management Extensive Protocol SupportMaintenance and Support System RequirementsPackage Contents Hardware DescriptionObject Descriptions Nos LEDs Activity DescriptionRouter Rear Panel Router Login Factory Defaults Enter http//192.168.1.1 as the URLPlacement of your Netgear ProSafe DGFV338 Chapter Basic Installation and Configuration Using Adsl Microfilters optional Logging in and Configuring your Internet Connection Configuring Your Internet Connection using Auto Detect V1.0, April Manually Configuring your Adsl Connection Internet Service ConnectionsEnter your Internet IP Address Manually Configuring your Ethernet Connection V1.0, April Enter your Internet IP Address V1.0, April V1.0, April V1.0, April Configuring the WAN Mode Use Dedicated WAN port V1.0, April Configuring Dynamic DNS If Needed On the InternetV1.0, April DynDNS Service Screen Programming the Traffic Meter Traffic Meter AdslTraffic Meter Parameters Parameter DescriptionV1.0, April Chapter Wireless Configuration Implementing Wireless SecurityLUHOHVVDWD 6HFXULW\2SWLRQV Understanding Wireless Settings Wireless LANs Wireless Access PointV1.0, April Access Control List Wireless Advanced Options Advanced Wireless Router SettingsWEP and WPA/WPA2 Wireless Security Check List Form WPA-PSK or WPA2-PSK Pre-Shared KeyConfiguring Your Wireless Settings Configuring WEP V1.0, April Configuring WPA-PSK Configuring WPA2-PSK Configuring WPA-PSK and WPA2-PSK Configuring WPA with Radius Configuring WPA2 with Radius Configuring WPA and WPA2 with Radius Restricting Wireless Access by MAC Address V1.0, April V1.0, April Firewall Protection and Content Filtering Overview Using Rules to Block or Allow Specific Kinds of TrafficAbout Service Based Rules Outbound Rules Service Blocking V1.0, April V1.0, April V1.0, April Inbound Rules Port Forwarding Outbound Rule Example Blocking Instant MessengerV1.0, April V1.0, April V1.0, April V1.0, April Inbound Rule Example a Local Public Web Server Inbound Rule Example One-to-One NAT Mapping V1.0, April Inbound Rule Example Exposed Host Considerations for Inbound Rules Customized Services Order of Precedence for RulesV1.0, April Quality of Service QoS Priorities Outbound Rules Add ScreenAttack Checks WAN Security ChecksManaging Groups and Hosts V1.0, April V1.0, April Blocking Internet Sites Groups and HostsV1.0, April V1.0, April Enabling Source MAC Filtering Setting up Port Triggering V1.0, April Port triggering Setting a Schedule to Block or Allow Specific Traffic Event Logs and Alerts V1.0, April V1.0, April Security and Administrator Management V1.0, April Dual WAN Port Systems IP addressing requirements for VPNs in dual WAN port systemsSetting up a VPN Connection using the VPN Wizard V1.0, April V1.0, April VPN Tunnel Policies IKE PolicyManaging IKE Policies IKE Policy TableVPN Policy Managing VPN PoliciesVPN Tunnel Connection Status VPN Policy TableConfiguring the ProSafe DGFV338 Creating a VPN Connection Between FVX538 and DGFV338V1.0, April V1.0, April V1.0, April V1.0, April Configuring the FVX538 Creating a VPN Client Connection VPN Client to DGFV338 Testing the ConnectionConfiguring the DGFV338 V1.0, April Configuring the VPN Client Todgfv Left frame, select Security Policy Todgfv Testing the Connection Certificate Authorities Generating a Self Certificate Request Generate Self Certificate Request, enter the required dataV1.0, April Uploading a Trusted Certificate Managing your Certificate Revocation List CRLExtended Authentication Xauth Configuration UploadConfiguring Xauth for VPN Clients V1.0, April User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Manually Assigning IP Addresses to Remote Users ModeConfig Mode Config OperationConfiguring the ProSafe DGFV338 V1.0, April V1.0, April Configuring the ProSafe VPN Client for ModeConfig V1.0, April V1.0, April V1.0, April V1.0, April Wireless Firewall Features That Reduce Traffic Performance ManagementService Blocking Block Sites Port Forwarding Wireless Firewall Features That Increase TrafficSource MAC Filtering V1.0, April VPN Tunnels Using QoS to Shift the Traffic MixPort Triggering Tools for Traffic Management Administrator and Guest Access AuthorizationChanging the Passwords and Login Time-out Enabling Remote Management Access Under Allow Remote Management, check the Yes radio box Command Line Interface Https//172.21.4.18080Event Alerts Traffic Limits ReachedMonitoring Router StatusRouter Status WAN Ports Internet Traffic V1.0, April LAN Ports and Attached Devices Known PCs and DevicesDhcp Log Known PCs and Devices tablePort Triggering Status data Firewall SecurityPort Triggering Status V1.0, April VPN Tunnels Using a Snmp Manager VPN Status DataV1.0, April Diagnostics Diagnostics Backup and Restore Settings Configuration File ManagementSettings Backup and Firmware Upgrade Click default Router Upgrade Setting the Time Zone To upgrade router softwareV1.0, April Chapter LAN Configuration Using the Firewall as a Dhcp serverConfiguring the LAN Setup Options Security and Firewall ProtectionUsing Address Reservation Configuring Multi Home LAN IPs V1.0, April Gateway IP and DNS server IPs Configuring Static Routes Adding or Editing a Static RouteRouting Information Protocol RIP V1.0, April Enabling Universal Plug and Play UPnP Static Route ExampleUPnP Portmap Table settings Settings DescriptionV1.0, April Power LED Not On Basic FunctionsLAN or Internet Port LEDs Not On Troubleshooting the Web Configuration InterfaceLEDs Never Turn Off Troubleshooting the ISP Connection V1.0, April Troubleshooting a TCP/IP Network Using a Ping Utility Testing the LAN Path to Your FirewallTesting the Path from Your PC to a Remote Device Ping -n 10 IP addressRestoring the Default Configuration and Password Problems with Date and TimeV1.0, April Default Factory Settings Table A-1. Default Configuration SettingsFeature Default Behavior Technical Specifications Table A-2. Technical SpecificationsSpecification Description Electromagnetic Emissions Appendix B Related Documents V1.0, April Index NumericsIndex-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8
Related manuals
Manual 10 pages 13.59 Kb
Top Page Image Contents