Main
ii v1.1, August 2010
Technical Support
Trademarks
Statement of Conditions
Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice
EU Regulatory Compliance Statement
Besttigung des Herstellers/Importeurs
Certificate of the Manufacturer/Importer
Voluntary Control Council for Interference (VCCI) Statement
Additional Copyrights
iv
Product and Publication Details
v
Page
Contents
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
Page
Page
Page
Page
Page
About This Manual
Conventions, Formats and Scope
How to Print This Manual
Revision History
About This Manual xv
Page
Chapter 1 Introduction
Key Features
Advanced VPN Support for IPsec
A Powerful, True Firewall with Content Filtering
Security Features
Autosensing Ethernet Connections with Auto Uplink
Extensive Protocol Support
Easy Installation and Management
Maintenance and Support
Package Contents
VPN Firewall Front and Rear Panels
Page
Default IP Address, Login Name, and Password
Qualified Web Browsers
Chapter 2 Connecting the VPN Firewall to the Internet
Understanding the Connection Steps
Logging into the VPN Firewall
Navigating the Menus
Configuring the Internet Connection to Your ISP
Page
Manually Configuring Your Internet Connection
Page
Page
Configuring the WAN Mode
Page
Configuring Dynamic DNS
Page
Configuring the Advanced Broadband Options
Additional WAN Related Configuration
Chapter 3 LAN Configuration
Choosing the VPN Firewall DHCP Options
Configuring the LAN Setup Options
Page
Page
Managing Groups and Hosts (LAN Groups)
Creating the Network Database
Viewing the Network Database
Adding Devices to the Network Database
Changing Group Names in the LAN Groups Database
Setting Up DHCP Address Reservation
Configuring Multi Home LAN IP Addresses
Configuring and Enabling the DMZ Port
Page
Page
Configuring Static Routes
Page
Static Route Example
Configuring Routing Information Protocol (RIP)
Page
Chapter 4 Firewall Protection and Content Filtering
About Firewall Protection and Content Filtering
Using Rules to Block or Allow Specific Kinds of Traffic
Services-Based Rules
4-4 Firewall Protection and Content Filtering
Table 4-1. Outbound Rules (continued)
Page
4-6 Firewall Protection and Content Filtering
Table 4-2. Inbound Rules
Page
Viewing Rules and Order of Precedence for Rules
Configuring LAN WAN Rules
Page
Page
Configuring DMZ WAN Rules
Configuring LAN DMZ Rules
Page
Inbound Rules Examples
Page
Page
Page
Outbound Rules Example
Configuring Other Firewall Features
Attack Checks
Page
Setting Session Limits
Managing the Application Level Gateway for SIP Sessions
Creating Services, QoS Profiles, and Bandwidth Profiles
Adding Customized Services
Page
Specifying Quality of Service (QoS) Priorities
Creating Bandwidth Profiles
Page
Setting a Schedule to Block or Allow Specific Traffic
Blocking Internet Sites (Content Filtering)
Page
Page
Configuring Source MAC Filtering
Page
Configuring IP/MAC Address Binding
Page
Configuring Port Triggering
Page
Page
Configuring UPnP (Universal Plug and Play)
Email Notifications of Event Logs and Alerts
Administrator Tips
Chapter 5 Virtual Private Networking
Using the VPN Wizard for Client and Gateway Configurations
Page
Page
Page
Creating a Client to Gateway VPN Tunnel
Page
Page
Page
Page
Page
Testing the Connections and Viewing Status Information
NETGEAR VPN Client Status and Log Information
Page
Page
VPN Firewall VPN Connection Status and Logs
Managing VPN Policies
Configuring IKE Policies
Page
Page
Page
Virtual Private Networking 5-19
Table 5-2. Add IKE Policy Settings
5-20 Virtual Private Networking
Virtual Private Networking 5-21
5-22 Virtual Private Networking
Configuring VPN Policies
Page
Page
Page
Virtual Private Networking 5-27
Table 5-3. Add VPN Policy Settings
5-28 Virtual Private Networking
Table 5-3. Add VPN Policy Settings (continued)
Virtual Private Networking 5-29
Table 5-3. Add VPN Policy Settings (continued)
Managing Certificates
Page
Understanding the Certificates Screen
Viewing and Loading CA Certificates
Understanding and Viewing Active Self Certificates
Page
Obtaining a Self Certificate from a Certificate Authority
Page
Page
Managing your Certificate Revocation List (CRL)
Configuring Extended Authentication (XAUTH)
Configuring XAUTH for VPN Clients
Page
Configuring the User Database for XAUTH
Configuring RADIUS Clients for XAUTH
Page
Assigning IP Addresses to Remote Users (ModeConfig)
Mode Config Operation
Configuring Mode Config Operation on the VPN Firewall
Page
Page
Page
Page
Configuring the ProSafe VPN Client for ModeConfig
Page
Page
Configuring Keepalives and Dead Peer Detection
Configuring Keepalives
Configuring Dead Peer Detection
Configuring NetBIOS Bridging with VPN
Page
Chapter 6 VPN Firewall and Network Management
Performance Management
Bandwidth Capacity
VPN Firewall Features That Reduce Traffic
Page
VPN Firewall Features That Increase Traffic
Page
Page
Using QoS to Shift the Traffic Mix
Tools for Traffic Management
Configuring Users, Administrative Settings, and Remote Management
Changing Passwords and Settings
Page
Adding External Users
Configuring an External Server for Authentication
Page
Page
Enabling Remote Management Access
Page
Using an SNMP Manager
Page
Managing the Configuration File
Page
Page
Configuring Date and Time Service
Page
Monitoring System Performance
Activating Notification of Events and Alerts
Page
Page
Viewing the Logs
Enabling the Traffic Meter
Page
Page
Viewing the VPN Firewall Configuration and System Status
Monitoring VPN Firewall Statistics
Monitoring Broadband Port Status
Monitoring Attached Devices
Monitoring VPN Tunnel Connection Status
Viewing the VPN Logs
Viewing the DHCP Log
Viewing Port Triggering Status
To view the most recent entries, click refresh.
Page
Chapter 7 Troubleshooting
Basic Functions
Power LED Not On
LEDs Never Turn Off
LAN or Internet Port LEDs Not On
Troubleshooting the Web Configuration Interface
Troubleshooting the ISP Connection
Troubleshooting a TCP/IP Network Using a Ping Utility
Testing the LAN Path to Your VPN Firewall
Testing the Path from Your PC to a Remote Device
Restoring the Default Configuration and Password
Problems with Date and Time
Using the Diagnostics Utilities
Troubleshooting 7-9 v1.1, August 2010
Table 7-1. Diagnostics
Page
Appendix A Default Settings and Technical Specifications
A-2 Default Settings and Technical Specifications
Table A-2. VPN firewall Technical Specifications
Table A-1. VPN firewall Default Configuration Settings (continued)
Page
Page
Appendix B Two Factor Authentication
Why do I need Two-Factor Authentication?
What are the benefits of Two-Factor Authentication?
What is Two-Factor Authentication
NETGEAR Two-Factor Authentication Solutions
Page
Page
Appendix C Related Documents
Page
Index-1
Index
Numerics
A
B
C
D
Index-3
E
F
G
H
I
K
L
Index-5
M
N
O
P
Index-6
Q
R
Index-7
S
T
Index-8
U
V
W
X