Manuals / Brands / Power Tools / Router / NETGEAR / Power Tools / Router

NETGEAR STM150EW-100NAS, UTM5EW-100NAS 3. Specify the settings that are explained in the following table.

1 704

Download 704 pages, 32.53 Mb

Virtual Private Networking UsingIPSec, PPTP,or L2TP Connections

285

ProSecure Unified Threat Management (UTM) Appliance

Figure 169.

3. Specify the settings that are explained in the following table.

Table 69. VPN client IPSec configuration settings

Setting Description

VPN Client address Either enter 0.0.0.0 as the IP address, or enter a virtual IP address that is used by

the VPN client in the UTM’s LAN; the computer (for which the VPN client opened a

tunnel) appears in the LAN with this IP address.

Address Type Select Subnet address from the drop-down list. This selection defines which

addresses the VPN client can communicate with after the VPN tunnel is

established.

Remote LAN address Enter 192.168.1.0 as the remote IP address (that is, LAN network address) of the

gateway that opens the VPN tunnel.

Subnet mask Enter 255.255.255.0 as the remote subnet mask of the gateway that opens the VPN

tunnel.

ESP Encryption Select 3DES as the encryption algorithm from the drop-down list.

Authentication Select SHA-1 as the authentication algorithm from the drop-down

list.

Mode Select Tunne l as the encapsulation mode from the drop-down list.

PFS and Group Select the PFS check box, and then select the DH2 (1024) key group from the

drop-down list.

Note: On the UTM, this key group is referred to as Diffie-Hellman Group 2 (1024

bit).

Contents

Main Support Trademarks ProSecure Product Updates ProSecure Forum Revision History Page Page Contents Chapter 1 Introduction Chapter 2 Use the Setup Wizard to Provision the UTM in Your Network Chapter 3 Manually Configure Internet and WAN Settings Chapter 4 LAN Configuration Chapter 5 Firewall Protection Chapter 6 Content Filtering and Optimizing Scans Chapter 7 Virtual Private Networking Using IPSec, PPTP, or L2TP Connections Chapter 8 Virtual Private Networking Using SSL Connections Chapter 9 Manage Users, Authentication, and VPN Certificates Chapter 10 Network and System Management Chapter 11 Monitor System Access and Performance Chapter 12 Troubleshoot and Use Online Support Appendix A xDSL Network Module for the UTM9S and UTM25S Appendix B Wireless Network Module for the UTM9S and UTM25S Appendix C 3G/4G Dongles for the UTM9S and UTM25S Appendix D Network Planning for Dual WAN Ports (Multiple WAN Port Models Only) Appendix E ReadyNAS Integration Appendix F Two-Factor Authentication Appendix G System Logs and Error Messages Page What Is the ProSecure Unified Threat Management (UTM) Appliance? Key Features and Capabilities Multiple WAN Port Models for Increased Reliability or Outbound Load Balancing Wireless Features DSL Features Advanced VPN Support for Both IPSec and SSL A Powerful, True Firewall Stream Scanning for Content Filtering Security Features Autosensing Ethernet Connections with Auto Uplink Extensive Protocol Support Easy Installation and Management Maintenance and Support Model Comparison Service Registration Card with License Keys Package Contents Hardware Features Front Panel UTM5 and UTM10 Front Panel UTM25 Front Panel UTM50 Front Panel UTM150 Front Panel UTM9S and UTM25S and Network Modules xDSL Network Modules Wireless Network Modules Figure 8. Wireless network module LED Descriptions, UTM5, UTM10, UTM25, UTM50, and UTM150 The following table describes the function of each LED. Table 2. LED descriptions UTM5, UTM10, UTM25, UTM50, and UTM150 Table 2. LED descriptions UTM5, UTM10, UTM25, UTM50, and UTM150 (continued) LED Descriptions, UTM9S, UTM25S, and their Network Modules Table 3. LED descriptions UTM9S and UTM25S Rear Panel UTM5, UTM10, and UTM25 Figure 9. Rear panel of the UTM5, UTM10, and UTM25 Table 3. LED descriptions UTM9S and UTM25S (continued) Security lock receptacle Console port Factory Defaults AC power receptacle reset button Rear Panel UTM50 and UTM150 Rear Panel UTM9S and UTM25S Bottom Panels with Product Labels Page Page Choose a Location for the UTM Use the Rack-Mounting Kit UTM in Your Network Steps for Initial Connection Qualified Web Browsers Requirements for Entering IP Addresses Log In to the UTM Page Page Page Page Use the Setup Wizard to Perform the Initial Configuration Setup Wizard Step 1 of 10: LAN Settings Table 4. Setup Wizard Step 1: LAN Settings screen settings Table 4. Setup Wizard Step 1: LAN Settings screen settings (continued) Setup Wizard Step 2 of 10: WAN Settings Enter the settings as explained in the following table, and then click Next to go the following Table 5. Setup Wizard Step 2: WAN Settings screen settings Table 5. Setup Wizard Step 2: WAN Settings screen settings (continued) Setup Wizard Step 3 of 10: System Date and Time Enter the settings as explained in the following table, and then click Next to go the following Figure 29. Setup Wizard Step 4 of 10: Services Table 6. Setup Wizard Step 3: System Date and Time screen settings Page Setup Wizard Step 5 of 10: Email Security Figure 30. Table 8. Setup Wizard Step 5: Email Security screen settings Setup Wizard Step 6 of 10: Web Security Table 9. Setup Wizard Step 6: Web Security screen settings Page Page Setup Wizard Step 8 of 10: Email Notification Setup Wizard Step 9 of 10: Signatures & Engine Figure 34. Table 12. Setup Wizard Step 9: Signatures & Engine screen settings Setup Wizard Step 10 of 10: Saving the Configuration Register the UTM with NETGEAR Use the Web Management Interface to Activate Licenses Page Electronic Licensing Automatic Retrieval of Licenses after a Factory Default Reset Verify Correct Installation Test Connectivity Test HTTP Scanning What to Do Next Page Settings Internet and WAN Configuration Tasks Automatically Detecting and Connecting the Internet Connections Page Page Page Manually Configure the Internet Connection Figure 41. Table 14. PPTP and PPPoE settings Figure 42. Table 14. PPTP and PPPoE settings (continued) Figure 43. Table 15. Internet IP address settings Table 16. DNS server settings Page Page Configure Network Address Translation (All Models) Configure Classical Routing (All Models) Configure Auto-Rollover Mode and the Failure Detection Method (Multiple WAN Port Models) Configure Auto-Rollover Mode Configure the Failure Detection Method (Multiple WAN Port Models) Configure Load Balancing (Multiple WAN Port Models) Page Figure 49. 3. Configure the protocol binding settings as explained in the following table: Table 18. Add Protocol Binding screen settings Configure Secondary WAN Addresses Page Page Page Figure 52. 6. Click Apply to save your configuration. Table 19. DNS service settings Set the UTMs MAC Address and Configure Advanced WAN Options Figure 53. 4. Enter the settings as explained in the following table: Table 20. Advanced WAN settings Table 20. Advanced WAN settings (continued) Page Manage Virtual LANs and DHCP Options Port-B ased VLAN s Assign and Manage VLAN Profiles VLAN DHCP Options DHCP Server DHCP Relay DNS Proxy LDAP Server Configure a VLAN Profile Page Table 21. Edit VLAN Profile screen settings Page Table 21. Edit VLAN Profile screen settings (continued) Configure VLAN MAC Addresses and Advanced LAN Settings Configure Multihome LAN IP Addresses on the Default VLAN Page Manage Groups and Hosts (LAN Groups) Manage the Network Database Page Add Computers or Devices to the Network Database Modify Computers or Devices in the Network Database Delete Computers or Devices from the Network Database Change Group Names in the Network Database Set Up Address Reservation Configure and Enable the DMZ Port Figure 62. Table 23. DMZ Setup screen settings Table 23. DMZ Setup screen settings (continued) Page Manage Routing Configure Static Routes Figure 64. 3. Enter the settings as explained in the following table: 4. Click Apply to save your settings. The new static route is added to the Static Routes table. Table 24. Add Static Route screen settings Configure Routing Information Protocol Figure 65. Table 25. RIP Configuration screen settings Table 25. RIP Configuration screen settings (continued) Static Route Example About Firewall Protection Administrator Tips Overview of Rules to Block or Allow Specific Kinds of Traffic Outbound Rules (Service Blocking) Page Page Table 27. Outbound rules overview (continued) Inbound Rules (Port Forwarding) Page Table 28. Inbound rules overview Page Table 28. Inbound rules overview (continued) Order of Precedence for Rules Configure LAN WAN Rules Create LAN WAN Outbound Service Rules Create LAN WAN Inbound Service Rules Configure DMZ WAN Rules Page Create DMZ WAN Outbound Service Rules Create DMZ WAN Inbound Service Rules Configure LAN DMZ Rules Page Create LAN DMZ Outbound Service Rules Create LAN DMZ Inbound Service Rules Examples of Firewall Rules Inbound Rule Examples LAN WAN Inbound Rule: Host a Local Public Web Server Page LAN WAN or DMZ WAN Inbound Rule: Set Up One-to-One NAT Mapping Page LAN WAN or DMZ WAN Inbound Rule: Specify an Exposed Host Outbound Rule Example LAN WAN Outbound Rule: Block Instant Messenger Configure Other Firewall Features VLAN Rules Figure 82. 3. Enter the settings as explained in the following table. Table 29. Add VLAN-VLAN Service screen settings Page Attack Checks, VPN Pass-through, and Multicast Pass-through Configure Multicast Pass-Through To configure multicast pass-through: Table 30. Attack Checks screen settings (continued) Page Set Session Limits Manage the Application Level Gateway for SIP Sessions and VPN Scanning Create Services, QoS Profiles, Bandwidth Profiles, and Traffic Meter Profiles Add Customized Services Page Create Service Groups Page Create IP Groups Page Create Quality of Service Profiles Page Create Bandwidth Profiles Page Figure 96. Table 34. Add Bandwidth Profile screen settings Create Traffic Meter Profiles Page Figure 98. Table 35. Add Traffic Meter Profile screen settings Set a Schedule to Block or Allow Specific Traffic Page Enable Source MAC Filtering Page Set Up IP/MAC Bindings Figure 102. Table 37. IP/MAC Binding screen settings Configure Port Triggering Page Page Configure Universal Plug and Play Enable and Configure the Intrusion Prevention System Table 39. IPS screen settings (continued) Page Page Page About Content Filtering and Scans Default Email and Web Scan Settings Table 41. Default email and web scan settings Configure Email Protection Customize Email Protocol Scan Settings Page Customize Email Antivirus and Notification Settings Table 42. Anti-Virus screen settings for email traffic Table 42. Anti-Virus screen settings for email traffic (continued) Email Content Filtering Page Table 43. Email Filters screen settings Protect Against Email Spam Set Up the Whitelist and Blacklist Page Table 44. Whitelist/Blacklist screen settings Configure the Real-Time Blacklist Configure Distributed Spam Analysis Page Table 45. Distributed Spam Analysis screen settings (continued) Configure Web and Services Protection Customize Web Protocol Scan Settings Page Configure HTTPS Smart Block Page Page Page Configure Web Malware or Antivirus Scans Table 47. Anti-Virus screen settings for HTTP/HTTPS traffic Configure Web Content Filtering Page Page Figure 121. Content filtering, screen 3 of 3 Table 48. Content Filtering screen settings Page Table 48. Content Filtering screen settings (continued) Configure Web URL Filtering Page Table 49. URL Filtering screen settings Table 49. URL Filtering screen settings (continued) Configure HTTPS Scanning and SSL Certificates How HTTPS Scanning Works Page Configure the HTTPS Scan Settings Manage SSL Certificates for HTTPS Scanning Manage the Active HTTPS Certificate Manage Trusted HTTPS Certificates Manage Untrusted HTTPS Certificates Specify Trusted Hosts for HTTPS Scanning Figure 130. Table 51. Trusted Hosts screen settings Configure the SSL Settings for HTTPS Scanning Configure FTP Scanning Customize FTP Antivirus Settings Configure FTP Content Filtering Configure Application Control Page Page Page Page Page 6. Configure the policy as explained in the following table: Table 56. Application Control Policy pop-up screen settings Page Set Exception Rules for Web and Application Access Page Page Page Page Page Page Page Page Page Create Custom Categories for Exceptions for Web and Application Access Page Web Category. Figure 147. Custom categories: web categories Table 58. Custom Categories screen settings Table 58. Custom Categories screen settings (continued) Set Scanning Exclusions for IP Addresses and Ports Page Using IPSec, PPTP, or L2TP Connections Considerations for Dual WAN Port Systems (Multiple WAN Port Models Only) Page Use the IPSec VPN Wizard for Client and Gateway Configurations Create Gateway-to-Gateway VPN Tunnels with the Wizard Page Figure 153. Table 61. IPSec VPN Wizard default values for a gateway-to-gateway tunnel 2. Select the radio buttons and complete the fields and as explained in the following table: Table 62. IPSec VPN Wizard settings for a gateway-to-gateway tunnel Table 61. IPSec VPN Wizard default values for a gateway-to-gateway tunnel (continued) Page Create a Client-to-Gateway VPN Tunnel Use the VPN Wizard to Configure the Gateway for a Client Tunnel Page Table 64. IPSec VPN Wizard settings for a client-to-gateway tunnel (continued) Page Use the NETGEAR VPN Client Wizard to Create a Secure Connection Page Page c. Specify the settings that are explained in the following table. Table 66. VPN client advanced authentication settings Manually Create a Secure Connection Using the NETGEAR VPN Client Page Page Page Page Figure 169. 3. Specify the settings that are explained in the following table. Table 69. VPN client IPSec configuration settings Page Test the Connection and View Connection and Status Information Test the NETGEAR VPN Client Connection Page Page View the UTM IPSec VPN Log Manage IPSec VPN and IKE Policies Manage IKE Policies IKE Policies Screen Figure 179. Table 71. List of IKE Policies table information Manually Add or Edit an IKE Policy Page 3. Complete the fields, select the radio buttons, and make your selections from the drop-down Table 72. Add IKE Policy screen settings Page Table 72. Add IKE Policy screen settings (continued) Page Manage VPN Policies VPN Policies Screen Figure 181. Table 73. List of VPN Policies table information Manually Add or Edit a VPN Policy Page Table 74. Add New VPN Policy screen settings Page Page 4. Click Apply to save your settings. The VPN policy is added to the List of VPN Policies table. Configure Extended Authentication (XAUTH) Configure XAUTH for VPN Clients User Database Configuration RADIUS Client and Server Configuration 2. Complete the fields and select the radio buttons as explained in the following table: Table 76. RADIUS Client screen settings Assign IP Addresses to Remote Users (Mode Config) Mode Config Operation Configure Mode Config Operation on the UTM Page Figure 185. 3. Complete the fields, select the check box, and make your selections from the drop-down Table 77. Add Mode Config Record screen settings Table 77. Add Mode Config Record screen settings (continued) Page Table 78. IKE policy settings for a Mode Config configuration Table 78. IKE policy settings for a Mode Config configuration (continued) 8. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table. Configure the ProSafe VPN Client for Mode Config Operation Table 78. IKE policy settings for a Mode Config configuration (continued) Page Page Page Page Page Page Test the Mode Config Connection Modify or Delete a Mode Config Record Configure Keep-Alives and Dead Peer Detection Configure Keep-Alives Configure Dead Peer Detection Configure NetBIOS Bridging with IPSec VPN Configure the PPTP Server Page View the Active PPTP Users To view the active PPTP tunnel users: Figure 200. Select Monitoring > Active Users & VPNs > PPTP Active Users. The PPTP Active Users screen displays: Table 84. PPTP Server screen settings (continued) Configure the L2TP Server Figure 201. Table 86. L2TP Server screen settings View the Active L2TP Users For More IPSec VPN Information Using SSL Connections SSL VPN Portal Options Build a Portal Using the SSL VPN Wizard SSL VPN Wizard Step 1 of 6 (Portal Settings) Page Table 88. SSL VPN Wizard Step 1 of 6 screen settings (portal settings) (continued) SSL VPN Wizard Step 2 of 6 (Domain Settings) Table 89. SSL VPN Wizard Step 2 of 6 screen settings (domain settings) Page Page Page SSL VPN Wizard Step 3 of 6 (User Settings) SSL VPN Wizard Step 4 of 6 (Client IP Addresses and Routes) Page SSL VPN Wizard Step 5 of 6 (Port Forwarding) SSL VPN Wizard Step 6 of 6 (Verify and Save Your Settings) Page Access the New SSL VPN Portal Page Page View the UTM SSL VPN Connection Status View the UTM SSL VPN Log Manually Configure and Modify SSL Portals Page Manually Create or Modify the Portal Layout Page 3. Complete the fields and select the check boxes as explained in the following table: Table 93. Add Portal Layout screen settings Configure Domains, Groups, and Users Configure Applications for Port Forwarding Add Servers and Port Numbers Add a Host Name Configure the SSL VPN Client Configure the Client IP Address Range Add Routes for VPN Tunnel Clients Configure the Advanced SSL VPN Client Settings Use Network Resource Objects to Simplify Policies Add New Network Resources Edit Network Resources to Specify Addresses Configure User, Group, and Global Policies Global Default Policy View Policies Add a Policy Figure 224. 3. Select the radio buttons, complete the fields, and make your selection from the drop-down Table 97. Add SSL VPN Policy screen settings Table 97. Add SSL VPN Policy screen settings (continued) Page For More SSL VPN Information Certificates Authentication Process and Options Table 98. External authentication protocols and methods Configure Authentication Domains, Groups, and Users Login Portals Administrative Users and Users with Guest Privileges Users with Special Access Privileges Page Page Unauthenticated or Anonymous Users Active Directories and LDAP Configurations How an Active Directory Works How to Bind a DN in an Active Directory Configuration Page Page Configure Domains Create and Delete Domains Page Table 99. Add Domain screen settings Page Page Page Edit Domains Configure Groups Create and Delete Groups Edit Groups Configure Custom Groups Page Table 101. Add Custom Group screen settings Page Configure User Accounts Page Page Set User Login Policies Configure Login Policies Configure Login Restrictions Based on IP Address Configure Login Restrictions Based on Web Browser Page Change Passwords and Other User Settings DC Agent Requirements for the ProSecure DC Agent Software and DC Agent Server Download ProSecure DC Agent Software, and Create and Delete DC Agents Page Example: Configure Active Directory Single Sign-On with a DC Agent Page Page Configure RADIUS VLANs Configure Global User Settings View and Log Out Active Users Page Manage Digital Certificates for VPN Connections VPN Certificates Screen Manage CA Certificates Manage Self-Signed Certificates Generate a CSR and Obtain a Self-Signed Certificate from a CA Page Page View and Manage Self-Signed Certificates Manage the Certificate Revocation List Page Performance Management Bandwidth Capacity Features That Reduce Traffic LAN WAN Outbound Rules and DMZ WAN Outbound Rules (Service Blocking) Page Content Filtering Source MAC Filtering Features That Increase Traffic LAN WAN Inbound Rules and DMZ WAN Inbound Rules (Port Forwarding) Page Port Trigg ering Configure the DMZ Port Configure Exposed Hosts Configure VPN Tunnels Use QoS and Bandwidth Assignments to Shift the Traffic Mix Assign QoS Profiles Assign Bandwidth Profiles Monitoring Tools for Traffic Management System Management Change Passwords and Administrator and Guest Settings Page Configure Remote Management Access Page Use a Simple Network Management Protocol Manager Page Table 108. Global SNMP settings and SNMPv1/v2c settings Page Table 109. SNMPv3 settings (continued) Manage the Configuration File Back Up Settings Restore Settings Revert to Factory Default Settings Update the Firmware View the Available Firmware Versions Upgrade the Firmware from an Update Server and Reboot the UTM Page Upgrade the Firmware from a Downloaded File and Reboot the UTM Page Page Reboot without Changing the Firmware Update the Scan Signatures and Scan Engine Firmware Page Configure Automatic Update and Frequency Settings Configure Date and Time Service Page Connect to a ReadyNAS and Configure Quarantine Settings Log Storage Connect to a ReadyNAS Configure the Quarantine Settings Figure 270. 2. To enable the UTM to quarantine files, select the Yes radio button. Table 113. Quarantine settings Perfor ma nc e Enable the WAN Traffic Meter Page Table 114. WAN traffic meter settings Page Configure Logging, Alerts, and Event Notifications Configure the Email Notification Server Configure and Activate System, Email, and Syslog Logs Page Table 116. Email and Syslog screen settings Table 116. Email and Syslog screen settings (continued) How to Send Syslogs over a VPN Tunnel between Sites Configure Gateway 1 at Site 1 Configure Gateway 2 at Site 2 Configure and Activate Update Failure and Attack Alerts Figure 275. Table 117. Alerts screen settings Table 117. Alerts screen settings (continued) Configure and Activate Firewall Logs Monitor Real-Time Traffic, Security, and Statistics Page To set the poll interval: Table 119. Dashboard screen: threats and traffic information Page Table 120. Dashboard screen: most recent 5 threats and top 5 threats information Figure 279. Dashboard, screen 3 of 3 The following table explains the fields of the Service Statistics section of the Dashboard screen: Table 121. Dashboard screen: service statistics information Monitor Application Use in Real Time Page Page View Status Screens View the System Status View the System Status Screen View the Network Status Screen Table 123. System Status screen fields (continued) Page View the Router Statistics Screen View the Wireless Statistics Screen (UTM9S and UTM25S Only) Page View the Detailed Status Screen Page The following table explains the fields of the Detailed Status screen: Table 127. Detailed Status screen fields Page Table 127. Detailed Status screen fields (continued) View the VLAN Status Screen View the xDSL Statistics Screen (UTM9S and UTM25S Only) View the Active VPN Users View the VPN Tunnel Connection Status View the Active PPTP and L2TP Users View the Port Triggering Status Page View the WAN, xDSL, or USB Port Status View Attached Devices and the DHCP Leases View Attached Devices Page View the DHCP Leases Query and Manage the Logs Overview of the Logs Query and Download Logs Table 134. Logs Query screen settings Page Table 134. Logs Query screen settings (continued) Example: Use the Logs to Identify Infected Clients Log Management Query and Manage the Quarantine Logs Query the Quarantined Logs Table 135. Quarantine screen settings View and Manage the Quarantined Spam Table View and Manage the Quarantined Infected Files Table Spam Reports for End Users View, Schedule, and Generate Reports Enable Application Session Monitoring Report Filtering Options Table 136. Report screen: filtering options settings Use Report Templates and View Reports Onscreen Page Page Page Page Schedule, Email, and Manage Reports To schedule automatic generation and emailing of reports: Figure 310. Report, screen 3 of 4 2. Enter the settings in the Schedule Reports section as explained in the following table: Managing Saved Reports Table 138. Report screen: schedule report settings Use Diagnostics Utilities Use the Network Diagnostic Tools Send a Ping Packet Trace a Route Display the Routing Table Look Up a DNS Address Use the Real-Time Traffic Diagnostics Tool Gather Important Log Information and Generate a Network Statistics Report Gather Important Log Information Generate Network Statistics Perform Maintenance on the USB Device, Reboot the UTM, or Shut Down the UTM Perform Maintenance on the USB Device Reboot and Shut Down the UTM Page Page Basic Functioning Verify the Correct Sequence of Events at Startup Power L ED Not On Test LED Never Turns Off LAN or WAN Port LEDs Not On Troubleshoot the Web Management Interface When You Enter a URL or IP Address, a Time-Out Error Occurs Troubleshoot the ISP Connection Page Troubleshoot a TCP/IP Network Using a Ping Utility Test the LAN Path to Your UTM Test the Path from Your Computer to a Remote Device Restore the Default Configuration and Password Problems with Date and Time Use Online Support Enable Remote Troubleshooting Send Suspicious Files to NETGEAR for Analysis Access the Knowledge Base and Documentation A and UTM25S xDSL Network Module Configuration Tasks Configure the xDSL Settings Page Figure 321. Table 140. xDSL settings Automatically Detecting and Connecting the xDSL Internet Connection Page Page Manually Configure the xDSL Internet Connection Page Table 142. PPPoE and PPPoA settings Figure 328. Table 143. Internet IP address settings Page Page Configure Network Address Translation Configure Classical Routing Configure Auto-Rollover Mode and the Failure Detection Method Configure Auto-Rollover Mode Configure the Failure Detection Method Page Configure Load Balancing Page Figure 334. 3. Configure the protocol binding settings as explained in the following table: Table 146. Add Protocol Binding screen settings Configure Secondary WAN Addresses Page Page Page Set the UTMs MAC Address and Configure Advanced WAN Options Page 4. Enter the settings as explained in the following table: 5. Click Apply to save your changes. Table 148. Advanced DSL settings Page B UTM9S and UTM25S Overview of the Wireless Network Module Configuration Order Wireless Equipment Placement and Range Guidelines Configure the Basic Radio Settings 2. Specify the settings as explained the following table: Table 149. Radio Settings screen settings (continued) Operating Frequency (Channel) Guidelines Wireless Data Security Options Wireless Security Profiles Page Before You Change the SSID, WEP, and WPA Settings Configure and Enable Wireless Profiles 3. Specify the settings as explained in the following table: Page Table 151. Add Wireless Profiles screen settings (continued) Page Restrict Wireless Access by MAC Address Page View the Access Point Status and Connected Clients for a Wireless Profile Configure a Wireless Distribution System Page Configure Advanced Radio Settings 3. Specify the settings as explained in the following table: Table 153. Advanced Wireless screen settings Configure WMM QoS Priority Settings Page Test Basic Wireless Connectivity For More Information About Wireless Configurations C UTM25S 3G/4G Dongle Configuration Tasks Manually Configure the USB Internet Connection Page 3G/4G Dongles for the UTM9S and UTM25S 4. Configure the settings as explained in the following table: Table 154. USB ISP settings Page Configure the 3G/4G Settings 3G/4G Dongles for the UTM9S and UTM25S Table 155. 3G/4G settings Page Page Configure Network Address Translation Configure Classical Routing Configure Load Balancing Page Page Page Page Page Page Page D (Multiple WAN Port Models Only) What to Consider Before You Begin Plan Your Network and Network Management and Set Up Accounts Page Cabling and Computer Hardware Requirements Computer Network Configuration Requirements Internet Configuration Requirements Where Do I Get the Internet Configuration Information? Internet Connection Information Overview of the Planning Process Inbound Traffic Inbound Traffic to a Single WAN Port System Inbound Traffic to a Dual WAN Port System Inbound Traffic: Dual WAN Ports for Improved Reliability Inbound Traffic: Dual WAN Ports for Load Balancing Virtual Private Networks VPN Road Warrior (Client-to-Gateway) VPN Road Warrior: Single-Gateway WAN Port (Reference Case) VPN Road Warrior: Dual-Gateway WAN Ports for Improved Reliability VPN Road Warrior: Dual-Gateway WAN Ports for Load Balancing VPN Gateway-to-Gateway VPN Gateway-to-Gateway: Single-Gateway WAN Ports (Reference Case) VPN Gateway-to-Gateway: Dual-Gateway WAN Ports for Improved Reliability VPN Gateway-to-Gateway: Dual-Gateway WAN Ports for Load Balancing VPN Telecommuter (Client-to-Gateway through a NAT Router) VPN Telecommuter: Single-Gateway WAN Port (Reference Case) VPN Telecommuter: Dual-Gateway WAN Ports for Improved Reliability VPN Telecommuter: Dual-Gateway WAN Ports for Load Balancing E Supported ReadyNAS Models Install the UTM Add-On on the ReadyNAS Page Connect to the ReadyNAS on the UTM Page Page F Why Do I Need Two-Factor Authentication? What Are the Benefits of Two-Factor Authentication? What Is Two-Factor Authentication? NETGEAR Two-Factor Authentication Solutions Page Page G System Log Messages System Startup Reboot NTP This section describes logs that are generated by the administrative interfaces of the device. Login/Logout Table 164. System logs: NTP Table 165. System logs: login/logout Firewall Restart IPSec Restart WAN Status Auto-Rollover Mode This section describes the logs that are generated when the WAN mode is set to auto-rollover. Load Balancing Mode Table 168. System logs: WAN status, auto rollover This section describes the logs that are generated when the WAN mode is set to load balancing. PPP Logs Table 169. System logs: WAN status, load balancing Table 170. System logs: WAN status, PPPoE idle timeout PPTP Idle-Timeout logs Table 170. System logs: WAN status, PPPoE idle timeout (continued) Table 171. System logs: WAN status, PPTP idle timeout PPP Authentication logs Traffic Metering Logs This section describes logs that are generated when the UTM processes unicast packets. This section describes logs that are generated when the traffic meter has reached a limit. Unicast, Multicast, and Broadcast Logs Table 172. System logs: WAN status, PPP authentication Invalid Packet Logging Table 175. System logs: unicast, redirect Table 176. System logs: multicast/broadcast Table 177. System logs: invalid packets Table 177. System logs: invalid packets (continued) Service Logs Content-Filtering and Security Logs Web Filtering and Content-Filtering Logs This section describes logs that are generated when the UTM filters web content. Table 179. Content-filtering and security logs: web filtering and content filtering Spam Logs Table 179. Content-filtering and security logs: web filtering and content filtering (continued) This section describes logs that are generated when the UTM filters spam email messages. Table 180. Content-filtering and security logs: spam Tra ffic Log s This section describes logs that are generated when the UTM processes web and email This section describes logs that are generated when the UTM filters email content. Malware Logs This section describes logs that are generated when the UTM detects viruses. IPS Logs This section describes logs that are generated when traffic matches IPS rules. Anomaly Behavior Logs Table 184. Content-filtering and security logs: IPS Table 185. Content-filtering and security logs: anomaly behavior Routing L ogs LAN-to-WAN Logs LAN-to-DMZ Logs This section describes logs that are generated when the UTM processes LAN-to-DMZ traffic. This section describes logs that are generated when the UTM processes WAN-to-LAN traffic. DMZ-to-WAN Logs This section describes logs that are generated when the UTM processes DMZ-to-WAN DMZ-to-LAN Logs This section describes logs that are generated when the UTM processes DMZ-to-LAN traffic. WAN-to-DMZ Logs This section describes logs that are generated when the UTM processes WAN-to-DMZ Table 191. Routing logs: DMZ to WAN Default Settings Page Page Page Page Page Page Physical and Technical Specifications The following table shows the physical and technical specifications for the UTM: Table 194. UTM physical and technical specifications The following table shows the IPSec VPN specifications for the UTM: Table 195. UTM IPSec VPN specifications Table 194. UTM physical and technical specifications (continued) The following table shows the SSL VPN specifications for the UTM: Table 196. UTM SSL VPN specifications Table 197. Wireless specifications UTM9S and UTM25S wireless network module Note: For default email and web scan settings, see Table41 on page 193. Table 197. Wireless specifications UTM9S and UTM25S wireless network module (continued) I NETGEAR Wired Products Page Notification of Compliance (Wired) Additional Copyrights Notification of Compliance (Wired) J J. Notification of Compliance (Wireless) NETGEAR Dual Band - Wireless Regulatory Compliance Information Europe - EU Declaration of Conformity EDOC in Languages of the European Community Page FCC Requirements for Operation in the United States FCC Information to User FCC Guidelines for Human Exposure FCC Declaration of Conformity FCC Radio Frequency Interference Warnings & Instructions Canadian Department of Communications Radio Interference Regulations Industry Canada IMPORTANT NOTE: Radiation Exposure Statement: Caution: NOTE IMPORTANTE: Dclaration d'exposition aux radiations: Interference Reduction Table Index Numerics A B C D Page E F G H I J K L M N O P Page Q R S Page T U V W Page X