Reference Manual for the ProSafe VPN Firewall FVS318v3

FVS318v3 Scenario 2: FVS318v3 to FVS318v3 with RSA Certificates

The following is a typical gateway-to-gateway VPN that uses Public Key Infrastructure x.509 (PKIX) certificates for authentication. The network setup is identical to the one given in Scenario 1. The IKE Phase 1 and Phase 2 parameters are identical to the ones given in Scenario 1, with the exception that the identification is done with signatures authenticated by PKIX certificates.

Note: Before completing this configuration scenario, make sure the correct Time Zone is set on the FVS318v3. For instructions on this topic, see “Time Zone” on page 4-13.

1.Obtain a root certificate.

a.Obtain the root certificate (that includes the public key) from a Certificate Authority (CA)

Note: The procedure for obtaining certificates differs from a CA like Verisign and a CA such as a Windows 2000 certificate server, which an organization operates for providing certificates for its members. For example, an administrator of a Windows 2000 certificate server might provide it to you via e-mail.

b.Save the certificate as a text file called trust.txt.

2.Install the trusted CA certificate for the Trusted Root CA.

a.Log in to the FVS318v3.

b.From the main menu VPN section, click the CAs link.

c.Click Add to add a CA.

d.Click Browse to locate the trust.txt file.

e.Click Upload.

3.Create a certificate request for the FVS318v3.

a.From the main menu VPN section, click the Certificates link.

6-22

Advanced Virtual Private Networking

January 2005

Page 109 Page 111
Page 110
Image 110
NETGEAR FVS318v3 manual Obtain a root certificate, Install the trusted CA certificate for the Trusted Root CA
Page 109 Page 111

FVS318v3 specifications

The NETGEAR FVS318v3 is a powerful dual WAN gigabit VPN firewall designed to provide robust security and reliable connectivity for small to medium-sized businesses. It offers an array of features and technologies that make it an outstanding choice for organizations requiring secure network access and improved bandwidth management.

One of the standout features of the FVS318v3 is its dual WAN capability. This allows users to connect two separate internet connections, which enhances redundancy and ensures continuous network availability. In the event that one WAN connection fails, the device automatically switches to the backup connection, minimizing downtime and maintaining productivity.

The firewall offers advanced security features, including a stateful packet inspection (SPI) firewall and NAT (Network Address Translation), which helps protect the network from unauthorized access and external threats. Additionally, the FVS318v3 supports IPsec and SSL VPN protocols, providing secure remote access for employees working from home or on the go. With support for up to 15 SSL VPN clients and 20 IPsec VPN tunnels, it is suitable for businesses that require flexible and secure remote connectivity.

In terms of performance, the FVS318v3 boasts a high-speed gigabit throughput, ensuring fast data transmission and minimal latency. This is particularly important for businesses that rely on cloud-based applications, video conferencing, and other bandwidth-intensive activities. Furthermore, the device is equipped with advanced QoS (Quality of Service) features that allow administrators to prioritize traffic, ensuring that critical applications receive the bandwidth they need during peak usage times.

Another noteworthy characteristic of the NETGEAR FVS318v3 is its user-friendly interface, which simplifies network management and configuration. Administrators can easily set up policies, monitor traffic, and manage connected devices through an intuitive web-based interface. It also offers support for 802.1Q VLAN tagging, allowing for network segmentation and improved security management.

In conclusion, the NETGEAR FVS318v3 is a versatile and feature-rich solution that delivers exceptional security and reliability for businesses. Its dual WAN functionality, advanced VPN capabilities, high-speed performance, and ease of use make it an excellent choice for organizations looking to safeguard their networks while ensuring seamless connectivity for employees.
Top Page Image Contents