1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVL328
    5. /
  5. 21
Page 101 / 234 Scroll up to view Page 96 - 100
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
Virtual Private Networking
6-31
May 2004, 202-10030-02
Figure 6-19:
Self Certificate Requests table
5.
Receive the certificate back from the Trusted Root CA and save it as a text file.
Note:
In the case of a Windows 2000 internal CA, the CA administrator might simply email it
to back to you. Follow the procedures of your CA. Save the certificate you get back from the
CA as a text file called
final.txt
.
6.
Upload the new certificate.
a.
From the main menu VPN section, click the Certificates link.
b.
Click the radio button of the Self Certificate Request you want to upload.
c.
Click the Upload Certificate button.
d.
Browse to the location of the file you saved in step 5 above, which contains the certificate
from the CA.
e.
Click the Upload button.
Page 102 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
6-32
Virtual Private Networking
May 2004, 202-10030-02
f.
You will now see the “FVL328” entry in the Active Self Certificates table and the pending
“FVL328” Self Certificate Request is gone, as illustrated below.
Figure 6-20:
Self Certificates table
7.
Associate the new certificate and the Trusted Root CA certificate on the FVL328.
a.
Create a new IKE policy called
Scenario_2
with all the same properties of
Scenario_1
(see
“Scenario 1 IKE Policy” on page 6-24
) except now use the RSA Signature instead of
the shared key.
Figure 6-21:
IKE policy using RSA Signature
b.
Create a new VPN Auto Policy called
scenario2a
with all the same properties as
scenario1a
except that it uses the IKE policy called Scenario_2.
Page 103 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
Virtual Private Networking
6-33
May 2004, 202-10030-02
Now, the traffic from devices within the range of the LAN subnet addresses on FVL328
Gateway A and Gateway B will be authenticated using the certificates and generated keys
rather than via a shared key.
8.
Set up Certificate Revocation List (CRL) checking.
a.
Get a copy of the CRL from the CA and save it as a text file.
Note:
The procedure for obtaining a CRL differs from a CA like Verisign and a CA such
as a Windows 2000 certificate server, which an organization operates for providing
certificates for its members. Follow the procedures of your CA.
b.
From the main menu VPN section, click the CRL link.
c.
Click Add to add a CRL.
d.
Click Browse to locate the CRL file.
e.
Click Upload.
Now expired or revoked certificates will not be allowed to use the VPN tunnels managed by
IKE policies which use this CA.
Note:
You must update the CRLs regularly in order to maintain the validity of the
certificate-based VPN policies.
Page 104 / 234
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2
6-34
Virtual Private Networking
May 2004, 202-10030-02
Page 105 / 234
Managing Your Network
7-1
May 2004, 202-10030-02
Chapter 7
Managing Your Network
This chapter describes how to perform network management tasks with your FVL328 Prosafe
High Speed VPN Firewall.
Protecting Access to Your FVL328 Firewall
For security reasons, the firewall has its own user name and password. Also, after a period of
inactivity for a set length of time, the administrator login will automatically disconnect. You can
use the procedures below to change the firewall's password and the amount of time for the
administrator’s login timeout.
Note:
The user name and password are not the same as any user name or password your may use
to log in to your Internet connection.
NETGEAR recommends that you change this password to a more secure password. The ideal
password should contain no dictionary words from any language, and should be a mixture of both
upper and lower case letters, numbers, and symbols. Your password can be up to 30 characters.
How to Change the Built-In Password
1.
Log in to the firewall at its default LAN address of
with its default User
Name of
admin
, default password of
password
, or using whatever password and LAN
address you have chosen for the firewall.
2.
From the main menu of the browser interface, under the Maintenance heading, select Set
Password to bring up the menu shown below.

Rate

4 / 5 based on 1 vote.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top