FVS338 ProSafe VPN Firewall 50 Reference Manual
Statement of Conditions
Trademarks
EU Regulatory Compliance Statement
Bestätigung des Herstellers/Importeurs
Additional Copyrights
Voluntary Control Council for Interference Vcci Statement
V1.0, March
MD5
Product and Publication Details
Contents
Chapter LAN Configuration
Chapter Virtual Private Networking
Chapter Router and Network Management
Chapter Troubleshooting
Appendix C Related Documents Index
Conventions, Formats and Scope
About This Manual
How to Print this Manual
How to Use This Manual
Part Number Version Description
Revision History
Xvi About This Manual
Chapter Introduction
Key Features
Powerful, True Firewall with Content Filtering
Full Routing on Both the Broadband and Serial WAN Ports
Security
Extensive Protocol Support
Autosensing Ethernet Connections with Auto Uplink
Package Contents
Router Front Panel
Router Hardware Components
Object Descriptions
Router Rear Panel
Rack Mounting Hardware
Factory Default Login
Enter http//192.168.1.1 as the URL
Logging in to the VPN Firewall
Connecting the VPN Firewall to Your Network
Configuring your Internet Connection
Connection Method Data Required
Internet connection methods
Internet connection methods
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Setting the Router’s MAC Address Advanced Options
FVS338 ProSafe VPN Firewall 50 Reference Manual
Manually Configuring Your Internet Connection
To manually configure your WAN1 ISP settings
FVS338 ProSafe VPN Firewall 50 Reference Manual
Programming the Traffic Meter if Desired
FVS338 ProSafe VPN Firewall 50 Reference Manual
Parameter Description
Traffic Meter Settings
Configuring the WAN Mode
Configuring Dynamic DNS If Needed
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Using the VPN Firewall as a Dhcp Server
Configuring Your LAN Local Area Network
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Configuring Multi-Home LAN IPs
FVS338 ProSafe VPN Firewall 50 Reference Manual
Creating the Network Database
Managing Groups and Hosts
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
IP Address Type
Setting Up Address Reservation
Configuring Static Routes
255.255.255.255
Static Route Example
RIP Configuration
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
About Firewall Security
Using Rules to Block or Allow Specific Kinds of Traffic
Outbound Rules Service Blocking
Services-Based Rules
Outbound Rules Fields
Services menu see Adding Customized Services on
Inbound Rules Port Forwarding
Service QoS Priorities on
Priorities on
Inbound Rules Fields
Order of Precedence for Firewall Rules
Setting LAN WAN Rules
LAN WAN Outbound Services Rules
LAN WAN Inbound Services Rules
WAN Security Checks
Attack Checks
Pptp
Session Limit
Hosting a Local Public Web Server
Inbound Rules Examples
Allowing Videoconference from Restricted Addresses
Setting Up One-to-One NAT Mapping
FVS338 ProSafe VPN Firewall 50 Reference Manual
Specifying an Exposed Host
Outbound Rules Example Blocking Instant Messenger
Adding Customized Services
FVS338 ProSafe VPN Firewall 50 Reference Manual
On the LAN WAN Outbound Services screen see Figure
Specifying Quality of Service QoS Priorities
Setting a Schedule to Block or Allow Traffic
Setting Block Sites Content Filtering
FVS338 ProSafe VPN Firewall 50 Reference Manual
Enabling Source MAC Filtering
FVS338 ProSafe VPN Firewall 50 Reference Manual
IP/MAC Binding
FVS338 ProSafe VPN Firewall 50 Reference Manual
Setting Up Port Triggering
Outgoing Trigger Port Range fields
Bandwidth Limiting
FVS338 ProSafe VPN Firewall 50 Reference Manual
Mail Notifications of Event Logs and Alerts
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Log Entry Descriptions
Administrator Information
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
IP Addressing Requirements for VPN in Dual WAN Port Systems
Dual WAN Port Systems
Creating a VPN Tunnel to a Gateway
Setting up a VPN Connection using the VPN Wizard
Creating a VPN Tunnel Connection to a VPN Client
IKE Policies
IKE Policy Operation
IKE Policy Table
VPN Policies
VPN Policy Table
VPN Policy Operation
VPN Tunnel Connection Status
Creating a VPN Gateway Connection Between FVS338 and FVX538
Configuring the FVS338
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Configuring the FVX538
Creating a VPN Client Connection VPN Client to FVS338
Testing the Connection
Configuring the FVS338
Configuring the VPN Client
FVS338 ProSafe VPN Firewall 50 Reference Manual
10.1.32.41
Fvsremote.com 10.0.0.12
Left frame, click Security Policy shown in Figure
Testing the Connection
Extended Authentication Xauth Configuration
Configuring Xauth for VPN Clients
User Database Configuration
Radius Client Configuration
Enter the Primary Radius Server IP address
Manually Assigning IP Addresses to Remote Users ModeConfig
Setting Up ModeConfig
ModeConfig Operation
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
FVS338 ProSafe VPN Firewall 50 Reference Manual
Configuring the ProSafe VPN Client for ModeConfig
Remoteid.com
FVS338 ProSafe VPN Firewall 50 Reference Manual
Trusted Certificates CA Certificates
Certificates
Generate Self Certificate Request, enter the required data
Self Certificates
FVS338 ProSafe VPN Firewall 50 Reference Manual
Save to file
Managing your Certificate Revocation List CRL
FVS338 ProSafe VPN Firewall 50 Reference Manual
Performance Management
VPN Firewall Features That Reduce Traffic
Service Blocking
Block Sites
VPN Firewall Features That Increase Traffic
Source MAC Filtering
Port Forwarding
FVS338 ProSafe VPN Firewall 50 Reference Manual
VPN Tunnels
Port Triggering
Using QoS to Shift the Traffic Mix
Administration
Changing Passwords and Settings
Tools for Traffic Management
FVS338 ProSafe VPN Firewall 50 Reference Manual
Enabling Remote Management Access
Https//194.177.0.1238080
Check the Allow Telnet Management radio box
Using a Snmp Manager
FVS338 ProSafe VPN Firewall 50 Reference Manual
Backup and Restore Settings
Settings Backup and Firmware Upgrade
Router Upgrade
Setting the Time Zone
Monitoring the Router
Enabling the Traffic Meter
Setting Login Failures and Attacks Notification
FVS338 ProSafe VPN Firewall 50 Reference Manual
Port Triggering Status data
Viewing Port Triggering Status
Router Configuration Status Fields
Viewing Router Configuration and System Status
Monitoring WAN Ports Status
IPSec Connection Status Fields
Monitoring VPN Tunnel Connection Status
Dhcp Log
VPN Logs
Performing Diagnostics
Diagnostics Fields
Reboot the Router
Basic Functions
Power LED Not On
Troubleshooting the Web Configuration Interface
LEDs Never Turn Off
LAN or Internet Port LEDs Not On
FVS338 ProSafe VPN Firewall 50 Reference Manual
Troubleshooting the ISP Connection
Testing the LAN Path to Your Firewall
Troubleshooting a TCP/IP Network Using a Ping Utility
Ping -n 10 IP address
Testing the Path from Your PC to a Remote Device
Problems with Date and Time
Restoring the Default Configuration and Password
FVS338 ProSafe VPN Firewall 50 Reference Manual
Table A-1. FVS338 Default Settings
Appendix a Default Settings and Technical Specifications
Feature Default Behavior
Table A-2. VPN firewall Default Technical Specifications
Electromagnetic Emissions
FVS338 ProSafe VPN Firewall 50 Reference Manual
System Log Messages
System Startup
Table B-1. Log Parameter Terms
Reboot
Table B-3. System Logs Reboot
Table B-2. System Logs System Startup
Table B-5. System Logs Login/Logout
Login/Logout
Firewall Restart
Table B-4. System Logs NTP
WAN Status
IPSec Restart
Load Balancing
Table B-6. System Logs Firewall Restart
Table B-8. System Logs WAN Status, Load Balancing
Auto Rollover
System Logs WAN Status, Auto Rollover
PPP Logs
Table B-9. System Logs WAN Status, PPE, PPPoE Idle-Timeout
PPPoE Idle-Timeout Logs
Web Filtering and Content Filtering Logs
Table B-10. System Logs WAN Status, PPE, Pptp Idle-Timeout
Table B-11. System Logs WAN Status, PPE, PPP Authentication
Table B-12. System Logs Web Filtering and Content Filtering
Traffic Metering Logs
Unicast Logs
Icmp Redirect Logs
Invalid Packet Logging
FTP Logging
Table B-17. System Logs FTP
Table B-18. System Logs Invalid Packets
Invalidbadchecksumdrop SRC=192.168.20.10
Invalidbadhwchecksumdrop SRC=192.168.20.10
Invalidreopencloseconndrop SRC=192.168.20.10
Routing Logs
LAN to DMZ Logs
LAN to WAN Logs
DMZ to WAN Logs
WAN to LAN Logs
WAN to DMZ Logs
DMZ to LAN Logs
Table B-23. Routing Logs DMZ to WAN
Table B-24. Routing Logs WAN to DMZ
Appendix C Related Documents
FVS338 ProSafe VPN Firewall 50 Reference Manual
Index
Index-2
Index-3
Index-4
Index-5
Index-6
Index-7
Index-8
