6
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Chapter 5 Firewall Protection
About Firewall Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Administrator Tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Overview of Rules to Block or Allow Specific Kinds of Traffic . . . . . . . . . 126
Outbound Rules (Service Blocking) . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Inbound Rules (Port Forwarding). . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
Order of Precedence for Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Configure LAN WAN Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
Create LAN WAN Outbound Service Rules . . . . . . . . . . . . . . . . . . . . .137
Create LAN WAN Inbound Service Rules . . . . . . . . . . . . . . . . . . . . . .139
Configure DMZ WAN Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Create DMZ WAN Outbound Service Rules. . . . . . . . . . . . . . . . . . . . . 145
Create DMZ WAN Inbound Service Rules . . . . . . . . . . . . . . . . . . . . . .147
Configure LAN DMZ Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Create LAN DMZ Outbound Service Rules . . . . . . . . . . . . . . . . . . . . . 152
Create LAN DMZ Inbound Service Rules. . . . . . . . . . . . . . . . . . . . . . . 153
Examples of Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
Examples of Inbound Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . .155
Examples of Outbound Firewall Rules. . . . . . . . . . . . . . . . . . . . . . . . .160
Configure Other Firewall Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
Attack Checks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Set Limits for IPv4 Sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Manage the Application Level Gateway for SIP Sessions . . . . . . . . . .167
Services, Bandwidth Profiles, and QoS Profiles. . . . . . . . . . . . . . . . . . . . 168
Add Customized Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Create Bandwidth Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Preconfigured Quality of Service Profiles. . . . . . . . . . . . . . . . . . . . . . . 173
Configure Content Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Set a Schedule to Block or Allow Specific Traffic. . . . . . . . . . . . . . . . . . . 178
Enable Source MAC Filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179
Set Up IP/MAC Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
Configure Port Triggering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
Configure Universal Plug and Play. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Chapter 6 Virtual Private Networking Using IPSec and L2TP Connections
Use the IPSec VPN Wizard for Client and Gateway Configurations . . . . 189
Create an IPv4 Gateway-to-Gateway VPN Tunnel with the Wizard. . . 190
Create an IPv6 Gateway-to-Gateway VPN Tunnel with the Wizard. . . 194
Create an IPv4 Client-to-Gateway VPN Tunnel with the Wizard . . . . . 198
Test the Connection and View Connection and Status Information . . . . .213
Test the NETGEAR VPN Client Connection . . . . . . . . . . . . . . . . . . . .213
NETGEAR VPN Client Status and Log Information . . . . . . . . . . . . . . .215
View the Wireless VPN Firewall IPSec VPN Connection Status . . . . . 215
View the Wireless VPN Firewall IPSec VPN Log. . . . . . . . . . . . . . . . .216
Manage IPSec VPN Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217
Manage IKE Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217