Manuals
/
Brands
/
Computer Equipment
/
Network Card
/
NETGEAR
/
Computer Equipment
/
Network Card
NETGEAR
FVX538, FVX538NA manual
1
1
222
222
Download
222 pages, 7.36 Mb
August 2006
202-10062-04
v1.0
NETGEAR
, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
ProSafe VPN Firewall 200
FVX538 Reference
Manual
Contents
Main
Page
iii
Voluntary Control Council for Interference (VCCI) Statement
Additional Copyrights
iv
v
Product and Publication Details
Contents
Page
Page
Page
Page
Page
About This Manual
Conventions, Formats and Scope
How to Use This Manual
How to Print this Manual
Revision History
Page
Chapter 1 Introduction
Key Features
Dual WAN Ports for Increased Reliability or Outbound Load Balancing
A Powerful, True Firewall with Content Filtering
Security Features
Autosensing Ethernet Connections with Auto Uplink
Extensive Protocol Support
Trend Micro Integration
Easy Installation and Management
Maintenance and Support
Package Contents
Router Front Panel
Introduction 1-7
Table 1-1. Object Descriptions (continued)
Router Rear Panel
Rack Mounting Hardware
The Routers IP Address, Login Name, and Password
Default Log In Settings
Page
Page
Chapter 2 Connecting the FVX538 to the Internet
Logging into the VPN Firewall
Configuring the Internet Connections to Your ISPs
Page
Page
Setting the Routers MAC Address
Manually Configuring Your Internet Connection
Page
Programming the Traffic Meter (if Desired)
Page
Connecting the FVX5 3 8 to the Internet 2-9
Table 2-2. Traffic Meter Settings
Configuring the WAN Mode (Required for Dual WAN)
Setting Up Auto-Rollover Mode
Page
Setting Up Load Balancing
Page
Configuring Dynamic DNS (If Needed)
Page
Page
Configuring the Advanced WAN Options (If Needed)
Page
Page
Chapter 3 LAN Configuration
Using the Firewall as a DHCP server
Configuring the LAN Setup Options
Page
Configuring Multi Home LAN IPs
Page
Managing Groups and Hosts (LAN Groups)
Creating the Network Database
Page
Page
Setting Up Address Reservation
Configuring and Enabling the DMZ Port
Page
Static Routes
Configuring Static Routes
Routing Information Protocol (RIP)
Page
Static Route Example
Enabling Trend Micro Antivirus Enforcement
Page
Page
Page
Chapter 4 Firewall Protection and Content Filtering
About Firewall Protection and Content Filtering
Using Rules to Block or Allow Specific Kinds of Traffic
Services-Based Rules
Firewall Protection and Content Filtering 4-3
Table 4-1. Outbound Rules
Page
Firewall Protection and Content Filtering 4-5
Table 4-2. Inbound Rules
Page
Order of Precedence for Rules
Setting LAN WAN Rules
Page
Page
Setting DMZ WAN Rules
Page
Setting LAN DMZ Rules
Page
Attack Checks
Page
Inbound Rules Examples
Page
Page
Page
Outbound Rules Example
Adding Customized Services
Page
Setting Quality of Service (QoS) Priorities
Setting a Schedule to Block or Allow Specific Traffic
Setting Block Sites (Content Filtering)
Page
Enabling Source MAC Filtering
Port Triggering
Page
Page
E-Mail Notifications of Event Logs and Alerts
Page
Page
Page
Administrator Tips
Page
Chapter 5 Virtual Private Networking
Dual WAN Port Systems
Page
Setting up a VPN Connection using the VPN Wizard
Creating a VPN Tunnel to a Gateway
Page
Page
Creating a VPN Tunnel Connection to a VPN Client
Page
Page
VPN Tunnel Policies
IKE Policy
Page
VPN Policy
VPN Tunnel Connection Status
Creating a VPN Gateway Connection: Between FVX538 and FVS338
Configuring the FVX538
Page
Page
Page
Page
Configuring the FVS338
Testing the Connectio n
Creating a VPN Client Connection: VPN Client to FVX538
Configuring the FVX538
Page
Configuring the VPN Client
Page
Page
Page
Testing the Connectio n
Certificate Authorities
Generating a Self Certificate Request
Page
Uploading a Trusted Certificate
Managing your Certificate Revocation List (CRL)
Extended Authentication (XAUTH) Configuration
Configuring XAUTH for VPN Clients
Page
User Database Configuration
RADIUS Client Configuration
Page
Manually Assigning IP Addresses to Remote Users (ModeConfig)
Mode Config Operation
Configuring the VPN Firewall
Page
Page
Configuring the ProSafe VPN Client for ModeConfig
Page
Page
Page
Page
Page
Chapter 6 Router and Network Management
Performance Management
Bandwidth Capacity
VPN Firewall Features That Reduce Traffic
Page
Page
VPN Firewall Features That Increase Traffic
Page
Using QoS to Shift the Traffic Mix
Tools for Traffic Management
Administration
Changing Passwords and Settings
Page
Enabling Remote Management Access
Using a SNMP Manager
Page
Settings Backup and Firmware Upgrade
Page
Page
Setting the Time Zone
Monitoring the Router
Enabling the Traffic Meter
Page
Setting Login Failures and Attacks Notification
Monitoring Attached Devices
Page
Viewing Port Triggering Status
Viewing Router Configuration and System Status
Monitoring WAN Ports Status
Page
VPN Logs
Page
Page
Page
Page
Chapter 7 Troubleshooting
Basic Functions
Power LED Not On
LEDs Never Turn Off
LAN or Internet Port LEDs Not On
Troubleshooting the Web Configuration Interface
Page
Troubleshooting the ISP Connection
Troubleshooting a TCP/IP Network Using a Ping Utility
Testing the LAN Path to Your Firewall
Testing the Path from Your PC to a Remote Device
Restoring the Default Configuration and Password
Problems with Date and Time
Page
Appendix A Default Settings and Technical Specifications
Technical specifications for the ProSafe VPN Firewall 200 are listed in the following table.
A-2 Default Settings and Technical Specifications
Table A-2. VPN firewall Technical Specifications
Table A-1. VPN firewall Default Configuration Settings (continued)
Page
Page
Appendix B Related Documents
Page
Appendix C Network Planning for Dual WAN Ports
What You Will Need to Do Before You Begin
Page
Cabling and Computer Hardware Requirements
Computer Network Configuration Requirements
Internet Configuration Requirements
Where Do I Get the Internet Configuration Parameters?
Internet Connection Information Form
Overview of the Planning Process
Inbound Traffic
Virtual Private Networks (VPNs)
The Roll-over Case for Firewalls With Dual WAN Ports
The Load Balancing Case for Firewalls With Dual WAN Ports
Inbound Traffic
Inbound Traffic to Single WAN Port (Reference Case)
Inbound Traffic to Dual WAN Port Systems
Page
Virtual Private Networks (VPNs)
VPN Road Wa rrior (Client-to-Gateway)
Page
Page
VPN Gateway-to-Gateway
Network Planning for Dual WAN Ports C-15
Figure C-14
Figure C-13
Gateway-to-Gateway Example (Single WAN Ports)
Gateway-to-Gateway Example (Dual WAN Ports, Before Rollover)
Page
VPN Telecommuter (Client-to-Gateway Through a NAT Router)
Page
Page
Page
Index-1
Index
A
B
C
Index-2
D
Index-3
E
F
G
Index-4
H
I
K
Index-5
L
M
N
Index-6
O
P
Q
Index-7
R
S
Index-8
T
Index-9
U
V
Index-10
W
X