NETGEAR FVS124G Router Manual PDF (Setup & Configuration Guide)

Page 111 / 238 Scroll up to view Page 106 - 110

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

Firewall Protection and Content Filtering

6-35

202-10085-01, March 2005

Administrator Information

Consider the following operational items:

1.

As an option, you can enable remote management if you have to manage distant sites from a

central location (see

“Enabling Remote Management Access” on page 8-9

).

2.

Although rules (see

“Using Rules to Block or Allow Specific Kinds of Traffic” on page 6-1

) is

the basic way of managing the traffic through your system, you can further refine your control

with the following optional features of the FVS124G VPN Firewall:

–

Groups and hosts (see

“Managing Groups and Hosts” on page 6-20

)

–

Services (see

“Services-Based Rules” on page 6-4

)

–

Schedules (see

“Using a Schedule to Block or Allow Specific Traffic” on page 6-22

)

–

Block sites (see

“Block Sites” on page 6-24

)

–

Source MAC filtering (see

“Source MAC Filtering” on page 6-27

)

–

Port triggering (see

“Port Triggering” on page 6-28

)

Source port and

interface

The service port number of the initiating device, and whether it originated

from the LAN or WAN

Destination

The name or IP address of the destination device or website.

Destination port and

interface

The service port number of the destination device, and whether it’s on the

LAN or WAN.

Table 6-8.

Log action buttons

Field

Description

Refresh

Click this button to refresh the log screen.

Clear Log

Click this button to clear the log entries.

Send Log

Click this button to email the log immediately.

Table 6-7.

Log entry descriptions

Field

Description

Page 112 / 238

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

6-36

Firewall Protection and Content Filtering

202-10085-01, March 2005

Page 113 / 238

Virtual Private Networking

7-1

202-10085-01, March 2005

Chapter 7

Virtual Private Networking

This chapter describes how to use the virtual private networking (VPN) features of the FVS124G

VPN Firewall. VPN tunnels provide secure, encrypted communications between your local

network and a remote network or computer.

Tip

: When using dual WAN port networks, use the VPN Wizard to configure the basic parameters

and them edit the VPN and IKE Policy screens for the various VPN scenarios.

Dual WAN Port Systems

The dual WAN ports in the FVS124G VPN Firewall can be configured for either rollover mode for

increased system reliability or load balancing mode for optimum bandwidth efficiency. This WAN

mode choice then impacts how the VPN features have to be configured.

Rollover vs. Load Balancing Mode

Refer to

“Virtual Private Networks (VPNs)” on page 3-5

for an overview of the IP addressing

requirements for VPN in the two WAN modes.

Table 7-1.

IP addressing requirements for VPNs in dual WAN port systems

Configuration and WAN IP address

Rollover Mode

*

All tunnels must be re-established after a rollover using the new WAN IP address.

Load Balancing Mode

VPN Road Warrior

(client-to-gateway)

Fixed

FQDN required

Allowed (FQDN optional)

Dynamic

FQDN required

VPN Gateway-to-Gateway

Fixed

FQDN required

Allowed (FQDN optional)

Dynamic

FQDN required

VPN Telecommuter

(client-to-gateway through

a NAT router)

Fixed

FQDN required

Allowed (FQDN optional)

Dynamic

FQDN required

Page 114 / 238

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

7-2

Virtual Private Networking

202-10085-01, March 2005

Figure 7-1

shows the setup screens for the selected WAN mode. This setup is accomplished in

“Step 4: Configure the WAN Mode (Required for Dual WAN)” on page 4-15

.

Figure 7-1:

WAN Mode Setup screens

Fully Qualified Domain Names

The use of fully qualified domain names is:

•

Mandatory when the WAN ports are in rollover mode (

Figure 7-2

)

•

Mandatory when the WAN port are in load balancing mode and the IP addresses are dynamic

(

Figure 7-3

)

•

Optional when the WAN ports are in load balancing mode the IP addresses are static

(

Figure 7-3

)

Rollover Mode Setup Screen

Load Balancing Mode Setup Screen

Page 115 / 238

Reference Manual for the ProSafe VPN Firewall 25 with 4 Gigabit LAN and Dual WAN Ports

Virtual Private Networking

7-3

202-10085-01, March 2005

See

“Step 5: Configure Dynamic DNS (If Needed)” on page 4-20

for how to select and configure

the Dynamic DNS service.

Figure 7-2:

Functional operation of FVS124G WAN ports for rollover mode

Rest of

FVS124G

Functions

FVS124G

WAN Port

Functions

FVS124G

Rollover

Control

FVS124G Firewall

WAN 1 Port

WAN 2 Port

Internet

FQDN required

FVS124G Functional Block Diagram

Dynamic DNS screen

Same FQDN setup for BOTH WAN ports

Select Dynamic DNS service

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share