1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVG318
    5. /
  5. 28
Page 136 / 176 Scroll up to view Page 131 - 135
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
8-6
Advanced Configuration
v1.0, September 2007
5.
Type the Destination IP Address of the final destination.
6.
Type the IP Subnet Mask for this destination.
If the destination is a single host, type
255.255.255.255
.
7.
Type the Gateway IP Address, which must be a firewall on the same LAN segment as the
firewall.
8.
Type a number between 1 and 15 as the Metric value.
This represents the number of firewalls between your network and the destination. Usually, a
setting of 2 or 3 works, but if this is a direct connection, set it to 1.
9.
Click
Apply
to have the static route entered into the table as shown below.
To edit the static route entry, click
Edit.
Configuring RIP
.RIP (Routing Information Protocol, RFC 2453) is an Interior Gateway Protocol (IGP) that is
commonly used in internal networks. It allows a router to exchange routing information
automatically with other routers, and allows it to dynamically adjust its routing tables and adapt to
changes in the network.
To enable RIP:
1.
Click the
RIP Configuration
link on the Routing screen (shown in
Figure 8-4
above).The
RIP Configuration screen will display
2.
Select the RIP Direction.The RIP Direction selection controls how the firewall sends and
receives RIP packets. Both is the default.
When set to Both or Out Only, the firewall broadcasts its routing table periodically.
Figure 8-4
Note:
RIP is disabled by default.
Page 137 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Advanced Configuration
8-7
v1.0, September 2007
When set to Both or In Only, it incorporates the RIP information that it receives.
When set to None, it will not send any RIP packets and ignores any RIP packets received.
3.
Enable the RIP Version. This controls the format and the broadcasting method of the RIP
packets that the firewall sends. (It recognizes both formats when receiving.)
RIP-1 is universally supported. RIP-1 is probably adequate for most networks, unless you
have an unusual network setup.
RIP-2 carries more information.
RIP-2B uses subnet broadcasting.RIP-2B broadcasts data in the entire subnet.
RIP-2M sends data to multicast addresses.
4.
If authentication is required for RIP 2B/2M:
Select the
Yes
radio box.
Input the MD-5 keys and Effective Start and End dates for the First and Second Keys for
MD5 based authentication between routers.
5.
Click
Apply.
Static Route Example
As an example of when a static route is needed, consider the following case:
Your primary Internet access is through a cable modem to an ISP.
Figure 8-5
Page 138 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
8-8
Advanced Configuration
v1.0, September 2007
You have an ISDN firewall on your home network for connecting to the company where you
are employed. This firewall’s address on your LAN is 192.168.0.100.
Your company’s network is 134.177.0.0.
When you first configured your firewall, two implicit static routes were created. A default route
was created with your ISP as the gateway, and a second static route was created to your local
network for all 192.168.0.x addresses. With this configuration, if you attempt to access a device on
the 134.177.0.0 network, your firewall will forward your request to the ISP. The ISP forwards your
request to the company where you are employed, and the request will likely be denied by the
company’s firewall.
In this case you must define a static route, telling your firewall that 134.177.0.0 should be accessed
through the ISDN firewall at 192.168.0.100. The static route would look like
Figure 8-4
.
In this example:
The Destination IP Address and IP Subnet Mask fields specify that this static route applies to
all 134.177.x.x addresses.
The Gateway IP Address fields specifies that all traffic for these addresses should be
forwarded to the ISDN firewall at 192.168.0.100.
A Metric value of 1 will work since the ISDN firewall is on the LAN.
Private is selected only as a precautionary security measure in case RIP is activated.
Enabling Remote Management Access
Using the Remote Management page, you can allow a user or users on the Internet to configure,
upgrade and check the status of your FVG318 VPN firewall.
To configure your firewall for Remote Management:
1.
Select Administration > Remote Management from the main menu. The Remote Management
screen will display.
Note:
Be sure to change the firewall’s default configuration password to a very secure
password. The ideal password should contain no dictionary words from any
language, and should be a mixture of letters (both upper and lower case), numbers,
and symbols. Your password can be up to 30 characters.
Page 139 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Advanced Configuration
8-9
v1.0, September 2007
2.
Select the
Yes
radio box for Allow Remote Management.
Specify what external addresses will be allowed to access the firewall’s remote
management.
To allow access from any IP address on the Internet, select Everyone.
To allow access from a range of IP addresses on the Internet, select IP address range.
Enter a beginning and ending IP address to define the allowed range.
To allow access from a single IP address on the Internet, select Only this PC.
Enter the IP address that will be allowed access.
3.
Specify the Port Number that will be used for accessing the management interface.
Web browser access normally uses the standard HTTP service port 80. For greater security,
you can change the remote management web interface to a custom port by entering that
number in the box provided. Choose a number between 1024 and 65535, but do not use the
number of any common service port. The default is 8080, which is a common alternate for
HTTP.
4.
Click
Apply
to have your changes take effect.
Figure 8-6
Note:
For enhanced security, restrict access to as few external IP addresses as
practical.
Page 140 / 176
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
8-10
Advanced Configuration
v1.0, September 2007
SNMP Administration
Simple Network Management Protocol (SNMP) lets you monitor and manage your router from an
SNMP Manager. SNMP provides a remote means to monitor and control network devices, and to
manage configurations, statistics collection, performance, and security. The router supports the
SNMPv2c protocol version and can send traps to a specified community.
Select Administration > SNMP to access the SNMP screen shown below:
The SNMP Configuration table lists the IP addresses of SNMP agents to which the router will send
trap messages. The following are present in the table:
IP Address
: The IP address of the SNMP manager or trap agent.
Subnet Mask
: The network mask used to determine the list of allowed SNMP managers.
Port
: The SNMP trap port of the IP address to which, the trap messages will be sent.
Community
: The community string to which the agent belongs. Most agents are configured to
listen for traps in the Public community.
Tip:
If you are using a dynamic DNS service such as TZO, you can always identify
the IP address of your FVG318 by running
TRACERT
from the Windows Start
menu Run option. For example, type
tracert yourFVG318.mynetgear.net
and
you will see the IP address your ISP assigned to the FVG318.
Figure 8-7

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top