Netbios Enable | NETGEAR fvs114 instruction

		Reference Manual for the ProSafe VPN Firewall FVS114

Table 6-1.	VPN Manual Policy Configuration Fields

Field		Description

Enable Authentication		Use this check box to enable or disable ESP authentication for this VPN
		policy.
Authentication Algorithm		If you enable authentication, then use this menu to select the algorithm:
		• MD5 — the default
		• SHA1 — more secure

Key - In		Enter the key.
		• For MD5, the key should be 16 characters.
		• For SHA-1, the key should be 20 characters.
		Any value is acceptable, provided the remote VPN endpoint has the same
		value in its Authentication Algorithm Key - Out field.

Key - Out		Enter the key in the fields provided.
		• For MD5, the key should be 16 characters.
		• For SHA-1, the key should be 20 characters.
		Any value is acceptable, provided the remote VPN endpoint has the same
		value in its Authentication Algorithm Key - In field.

NETBIOS Enable		Check this if you wish NETBIOS traffic to be forwarded over the VPN
		tunnel. The NETBIOS protocol is used by Microsoft Networking for such
		features as Network Neighborhood.

Using Digital Certificates for IKE Auto-Policy Authentication

Digital certificates are strings generated using encryption and authentication schemes that cannot be duplicated by anyone without access to the different values used in the production of the string. They are issued by Certification Authorities (CAs) to authenticate a person or a workstation uniquely. The CAs are authorized to issue these certificates by Policy Certification Authorities (PCAs), who are in turn certified by the Internet Policy Registration Authority (IPRA). The FVS114 is able to use certificates to authenticate users at the end points during the IKE key exchange process.

The certificates can be obtained from a certificate server that an organization might maintain internally or from the established public CAs. The certificates are produced by providing the particulars of the user being identified to the CA. The information provided may include the user's name, e-mail ID, and domain name.

Advanced Virtual Private Networking

6-13

202-10098-01, April 2005

Image 101

NETGEAR fvs114 manual Netbios Enable

Contents

Reference Manual for the ProSafe VPN Firewall FVS114 Statement of Conditions TrademarksEN 55 022 Declaration of Conformance Certificate of the Manufacturer/Importer Product and Publication Details 202-10098-01, April Contents Chapter Firewall Protection Content Filtering Chapter Advanced Virtual Private Networking Chapter Advanced Configuration Appendix C Virtual Private Networking Appendix D Preparing Your Network Contents Xii Contents Audience, Scope, Conventions, and Formats Chapter About This ManualTypographical Conventions Manual Scope How to Use This Manual Printing a Page in the Html View How to Print this ManualPrinting a Chapter Printing the Full Manual Reference Manual for the ProSafe VPN Firewall FVS114 Chapter Introduction Key Features of the VPN Firewall Security Powerful, True Firewall with Content Filtering Extensive Protocol Support Autosensing Ethernet Connections with Auto Uplink Maintenance and Support Easy Installation and Management Package Contents LED Descriptions FVS114 Rear Panel NETGEAR-Related Products DC power input ON/OFF switchNetgear Product Registration, Support, and Documentation NETGEAR-Related Products Reference Manual for the ProSafe VPN Firewall FVS114 First, Connect the FVS114 Connecting the Firewall to the InternetPrepare to Install Your FVS114 ProSafe VPN Firewall Modem VPN Firewall Restart Your Network in the Correct Sequence Status lights Now, Configure the FVS114 for Internet Access Netgear Smart Wizard Configuration Assistant welcome screen Make sure the network settings of the computer are correct Troubleshooting TipsBe sure to restart your network in this sequence Make sure the Ethernet cables are securely plugged Ways to access the firewall Overview of How to Access the FVS114 VPN Firewall Login URL Login result FVS114 home How to Bypass the Configuration Assistant Using the Smart Setup Wizard ISP Does Not Require Login How to Manually Configure Your Internet Connection Reference Manual for the ProSafe VPN Firewall FVS114 10 Basic Settings ISP list Reference Manual for the ProSafe VPN Firewall FVS114 Firewall Protection and Content Filtering Overview Chapter Firewall Protection Content Filtering Block Sites menu Block Sites Using Rules to Block or Allow Specific Kinds of Traffic Rules menu Reference Manual for the ProSafe VPN Firewall FVS114 Inbound Rule Example a Local Public Web Server Inbound Rules Port Forwarding Rule example a local public Web server Considerations for Inbound Rules Outbound Rules Service Blocking Rule example blocking Instant Messenger Outbound Rule Example Blocking Instant Messenger Rules table Order of Precedence for Rules Services menu Services Add Custom Service menu Schedule Using a Schedule to Block or Allow Specific Traffic Time Zone 10 E-mail menu Getting E-Mail Notifications of Event Logs and Alerts Reference Manual for the ProSafe VPN Firewall FVS114 11 Logs menu Viewing Logs of Web Access or Attempted Web Access Log entries are described in Table SyslogLog action buttons are described in Table Log entry descriptions Chapter Basic Virtual Private Networking VPN Tunnel Single Advanced methods see , Advanced Virtual Private Networking VPN Tunnel Configuration VPN Wizard start screen Configuring the Client-to-Gateway VPN Tunnel on the FVS114 Connection Name and Remote IP Type Summary screen below displays Vpnc Recommended Settings Configuring the Netgear ProSafe VPN Client on the Remote PC Security Policy Editor new connection Select Secure in the Connection Security check box 11 Security Policy Editor Security Policy 12 Security Policy Editor My Identity 13 Security Policy Editor Pre-Shared Key 15 Security Policy Editor Key Exchange 16 Running a Ping test to the LAN from the PC 18 Log Viewer screen Exporting a Security Policy Transferring a Security Policy to Another Client Importing a Security Policy Select Export Security Policy from the File pulldown Scenario1 Select the security policy to import FVS114 VPN Firewall PCs 23 VPN Wizard start screen Procedure to Configure a Gateway-to-Gateway VPN Tunnel 25 Remote IP 27 VPN Wizard Summary 28 VPN Recommended Settings 30 VPN Status/Log screen Using the VPN Status Page to Activate a VPN Tunnel Start Using a VPN Tunnel to Activate ItVPN Tunnel Control Activating a VPN Tunnel 32 VPN Status/Log screen Activate the VPN Tunnel by Pinging the Remote Endpoint Type ping Type ping -t 192.168.3.1 and then click OK 36 Pinging test results Verifying the Status of a VPN Tunnel 38 Current VPN Tunnels SAs screen Deactivating a VPN Tunnel 39 VPN Policies Using the VPN Status Page to Deactivate a VPN Tunnel 41 Current VPN Tunnels SAs screen Deleting a VPN Tunnel Virtual Private Using Automatic Key Management Using Policies to Manage VPN Traffic IKE Policy Configuration Menu IKE Policies’ Automatic Key and Authentication Management Field Description General IKE Policy Configuration fields Field Description Remote VPN Policy Configuration for Auto Key Negotiation VPN Auto Policy menu VPN Auto Policy fields are defined in the following table VPN Auto Policy Configuration Fields Authenticating Header AH Netbios Enable VPN Policy Configuration for Manual Key Exchange VPN Manual Policy menu VPN Manual Policy fields are defined in the following table VPN Manual Policy Configuration Fields Value in its Authentication Algorithm Key Out field Netbios Enable Certificate Revocation List CRL Walk-Through of Configuration Scenarios on the FVS114 VPN Consortium Scenario Are IPv4 From Settings menu FVS114 Internet IP Address menu WAN IP addresses LAN IP Setup menu Scenario 1 IKE Policy Set up the IKE Policy illustrated below on the FVS114 10 Scenario 1 VPN Auto Policy Set up the FVS114 VPN -Auto Policy illustrated below Testing the Gateway a FVS114 LAN and the Gateway B LAN How to Check VPN Connections FVS114 Scenario 2 FVS114 to FVS114 with RSA Certificates Install the trusted CA certificate for the Trusted Root CAObtain a root certificate Create a certificate request for the FVS114 11 Generate Self Certificate Request menu 12 Self Certificate Request data Highlight, copy and paste this data into a text file 13 Self Certificate Requests table Click the Upload Certificate button 14 Self Certificates table Set up Certificate Revocation List CRL checking Reference Manual for the ProSafe VPN Firewall FVS114 Viewing VPN Firewall Status Information Chapter Maintenance FVS114 Status fields This screen shows the following parameters This screen shows the following statistics Click Show WAN Status to display the WAN connection statusConnection Status fields Connection Status action buttons Router Statistics fields Click Show Statistics to display firewall usage statisticsWAN Status action buttons are described in the table below Upgrading the Firewall Software Viewing a List of Attached Devices Router Upgrade menu Configuration File Management Erasing the Configuration Backing Up the ConfigurationRestoring the Configuration Diagnostics Changing the Administrator Password Ping or Trace an IP address Diagnostics menu Reference Manual for the ProSafe VPN Firewall FVS114 WAN Setup Chapter Advanced Configuration Default DMZ Server To assign a computer or server to be a Default DMZ server How to Configure Dynamic DNSClick Default DMZ Server Respond to Ping on Internet WAN Port Dynamic DNS Configuring LAN TCP/IP Setup Parameters Using the LAN IP Setup Options Reference Manual for the ProSafe VPN Firewall FVS114 Using Address Reservation Using the Firewall as a Dhcp server Click Edit or Delete Configuring Static Routes Static Routes table Static Route Example Enabling Remote Management Access Remote Management menu Https//134.177.0.1238080 UPnP menu UPnP Reference Manual for the ProSafe VPN Firewall FVS114 Basic Functioning Chapter TroubleshootingPower LED Not On LAN or Internet Port LEDs Not On LEDs Never Turn Off Troubleshooting the Web Configuration Interface Troubleshooting the ISP Connection Testing the LAN Path to Your Firewall Troubleshooting a TCP/IP Network Using a Ping Utility If the path is working, you see this message Testing the Path from Your PC to a Remote DeviceIf the path is not working, you see this message Ping -n 10 IP address Problems with Date and Time Restoring the Default Configuration and Password Reference Manual for the ProSafe VPN Firewall FVS114 PPP over Ethernet PPPoE Appendix a Technical SpecificationsData and Routing Protocols Electromagnetic Emissions Interface Specifications10BASE-T or 100BASE-Tx, RJ-45 Related Publications Basic Router Concepts Appendix B Network, Routing, and Firewall Basics IP Addresses and the Internet What is a Router?Routing Information Protocol Is normally written as Figure B-1 Three Main Address Classes Equals NetmaskCombined with Figure B-2 Example of Subnetting a Class B Address Subnet Addressing Table B-2. Netmask formats Table B-1 Netmask notation translation table for one octet Table B-2 Netmask formats Private IP Addresses Figure B-3 Single IP Address Operation Using NAT Single IP Address Operation Using NAT Domain Name Server MAC Addresses and Address Resolution ProtocolRelated Documents Internet Security and Firewalls IP Configuration by Dhcp Denial of Service Attack What is a Firewall?Ethernet Cabling Stateful Packet Inspection Category 5 Cable Quality Table B-3 UTP Ethernet cable wiring, straight-through Figure B-4illustrates straight-through twisted pair cable Inside Twisted Pair Cables Uplink Switches, Crossover Cables, and MDI/MDIX Switching Reference Manual for the ProSafe VPN Firewall FVS114 Reference Manual for the ProSafe VPN Firewall FVS114 Appendix C Virtual Private Networking What is a VPN? IPSec Security Features What Is IPSec and How Does It Work?IPSec Components IPSec contains the following elements Encapsulating Security Payload ESP IKE Security Association Authentication Header AH Mode Key Management Understand the Process Before You Begin It functions as a VPN Process OverviewAddresses Table C-2 Subnet addressing VPN Tunnel Between GatewaysFirewalls IPSec Security Association SA negotiation IPSec Security Association IKE VPN Tunnel Negotiation Steps Vpnc IKE Security Parameters Vpnc IKE Phase I Parameters Additional Reading Testing and TroubleshootingVpnc IKE Phase II Parameters Relevant RFCs listed numerically Preparing Your Computers for TCP/IP Networking Appendix D Preparing Your Network Install or Verify Windows Networking Components Configuring Windows 95, 98, and Me for TCP/IP Networking Select TCP/IP, and then click OK Select Microsoft Restart your PC for the changes to take effect Enabling Dhcp to Automatically Configure TCP/IP SettingsChoose Settings, and then Control Panel Primary Network Logon is set to Windows logon Click OK to continue Restart the PC Selecting Windows’ Internet Access MethodVerifying TCP/IP Properties Double-click the Network and Dialup Connections icon Configuring Windows NT4, 2000 or XP for IP Networking Locate your Network Neighborhood icon Dhcp Configuration of TCP/IP in Windows XPThen, restart your PC Reference Manual for the ProSafe VPN Firewall FVS114 Dhcp Configuration of TCP/IP in Windows Reference Manual for the ProSafe VPN Firewall FVS114 Obtain an IP address automatically is selected Dhcp Configuration of TCP/IP in Windows NT4 Reference Manual for the ProSafe VPN Firewall FVS114 TCP/IP Properties dialog box now displays Verifying TCP/IP Properties for Windows XP, 2000, and NT4 Default gateway is Type exit Configuring the Macintosh for TCP/IP NetworkingMacOS 8.6 or MacOS Verifying TCP/IP Properties for Macintosh Computers Verifying the Readiness of Your Internet Account Are Login Protocols Used?What Is Your Configuration Information? Select the Gateway tab Select the IP Address tab Reference Manual for the ProSafe VPN Firewall FVS114 Restarting the Network Reference Manual for the ProSafe VPN Firewall FVS114 Numeric List of Glossary Terms AES Packet sent to all devices on a network DNS See Internet Control Message Protocol Internet service provider Megabits per second Set of rules for communication between devices on a network Radius See Wide Area Network Reference Manual for the ProSafe VPN Firewall FVS114 Reference Manual for the ProSafe VPN Firewall FVS114