1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS318N
    5. /
  5. 2
Page 6 / 414 Scroll up to view Page 1 - 5
6
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Chapter 5
Firewall Protection
About Firewall Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
Administrator Tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
Overview of Rules to Block or Allow Specific Kinds of Traffic . . . . . . . . . 126
Outbound Rules (Service Blocking) . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
Inbound Rules (Port Forwarding) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Order of Precedence for Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Configure LAN WAN Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Create LAN WAN Outbound Service Rules . . . . . . . . . . . . . . . . . . . . . 137
Create LAN WAN Inbound Service Rules . . . . . . . . . . . . . . . . . . . . . . 139
Configure DMZ WAN Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Create DMZ WAN Outbound Service Rules. . . . . . . . . . . . . . . . . . . . . 145
Create DMZ WAN Inbound Service Rules . . . . . . . . . . . . . . . . . . . . . . 147
Configure LAN DMZ Rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
Create LAN DMZ Outbound Service Rules . . . . . . . . . . . . . . . . . . . . . 152
Create LAN DMZ Inbound Service Rules. . . . . . . . . . . . . . . . . . . . . . . 153
Examples of Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Examples of Inbound Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Examples of Outbound Firewall Rules . . . . . . . . . . . . . . . . . . . . . . . . . 160
Configure Other Firewall Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Attack Checks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162
Set Limits for IPv4 Sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Manage the Application Level Gateway for SIP Sessions . . . . . . . . . . 167
Services, Bandwidth Profiles, and QoS Profiles. . . . . . . . . . . . . . . . . . . . 168
Add Customized Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Create Bandwidth Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Preconfigured Quality of Service Profiles. . . . . . . . . . . . . . . . . . . . . . . 173
Configure Content Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Set a Schedule to Block or Allow Specific Traffic. . . . . . . . . . . . . . . . . . .178
Enable Source MAC Filtering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Set Up IP/MAC Bindings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
Configure Port Triggering. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Configure Universal Plug and Play. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Chapter 6
Virtual Private Networking
Using IPSec and L2TP Connections
Use the IPSec VPN Wizard for Client and Gateway Configurations . . . .189
Create an IPv4 Gateway-to-Gateway VPN Tunnel with the Wizard. . . 190
Create an IPv6 Gateway-to-Gateway VPN Tunnel with the Wizard. . . 194
Create an IPv4 Client-to-Gateway VPN Tunnel with the Wizard . . . . . 198
Test the Connection and View Connection and Status Information. . . . . 213
Test the NETGEAR VPN Client Connection . . . . . . . . . . . . . . . . . . . . 213
NETGEAR VPN Client Status and Log Information . . . . . . . . . . . . . . . 215
View the Wireless VPN Firewall IPSec VPN Connection Status . . . . . 215
View the Wireless VPN Firewall IPSec VPN Log . . . . . . . . . . . . . . . . . 216
Manage IPSec VPN Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Manage IKE Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Page 7 / 414
7
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Manage VPN Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225
Configure Extended Authentication (XAUTH) . . . . . . . . . . . . . . . . . . . . .233
Configure XAUTH for VPN Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
User Database Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
RADIUS Client and Server Configuration. . . . . . . . . . . . . . . . . . . . . . .235
Assign IPv4 Addresses to Remote Users (Mode Config). . . . . . . . . . . . .237
Mode Config Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Configure Mode Config Operation on the Wireless VPN Firewall . . . .238
Configure the ProSafe VPN Client for Mode Config Operation . . . . . .245
Test the Mode Config Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
Modify or Delete a Mode Config Record. . . . . . . . . . . . . . . . . . . . . . . .253
Configure Keep-Alives and Dead Peer Detection . . . . . . . . . . . . . . . . . .253
Configure Keep-Alives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
Configure Dead Peer Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
Configure NetBIOS Bridging with IPSec VPN . . . . . . . . . . . . . . . . . . . . .256
Configure the L2TP Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
View the Active L2TP Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
Chapter 7
Virtual Private Networking
Using SSL Connections
SSL VPN Portal Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260
Overview of the SSL Configuration Process . . . . . . . . . . . . . . . . . . . . . .261
Create the Portal Layout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262
Configure Domains, Groups, and Users. . . . . . . . . . . . . . . . . . . . . . . . . .266
Configure Applications for Port Forwarding . . . . . . . . . . . . . . . . . . . . . . .267
Add Servers and Port Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267
Add a New Host Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268
Configure the SSL VPN Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Add Routes for VPN Tunnel Clients . . . . . . . . . . . . . . . . . . . . . . . . . . .272
Use Network Resource Objects to Simplify Policies . . . . . . . . . . . . . . . .273
Add New Network Resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Edit Network Resources to Specify Addresses . . . . . . . . . . . . . . . . . .274
Configure User, Group, and Global Policies. . . . . . . . . . . . . . . . . . . . . . .276
View Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
Add an IPv4 or IPv6 SSL VPN Policy. . . . . . . . . . . . . . . . . . . . . . . . . .278
Access the New SSL Portal Login Screen . . . . . . . . . . . . . . . . . . . . . . . .282
View the SSL VPN Connection Status . . . . . . . . . . . . . . . . . . . . . . . . .285
View the SSL VPN Log. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285
Chapter 8
Manage Users, Authentication, and VPN Certificates
The Wireless VPN Firewall’s Authentication Process and Options . . . . .287
Configure Authentication Domains, Groups, and Users. . . . . . . . . . . . . .289
Configure Domains. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
Configure Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
Configure User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
Set User Login Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299
Change Passwords and Other User Settings. . . . . . . . . . . . . . . . . . . .304
Page 8 / 414
8
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Manage Digital Certificates for VPN Connections . . . . . . . . . . . . . . . . . . 306
VPN Certificates Screen. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Manage VPN CA Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Manage VPN Self-Signed Certificates . . . . . . . . . . . . . . . . . . . . . . . . .309
Manage the VPN Certificate Revocation List . . . . . . . . . . . . . . . . . . . . 313
Chapter 9
Network and System Management
Performance Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Bandwidth Capacity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Features That Reduce Traffic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Features That Increase Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Use QoS and Bandwidth Assignment to Shift the Traffic Mix. . . . . . . . 319
Monitoring Tools for Traffic Management. . . . . . . . . . . . . . . . . . . . . . . 320
System Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320
Change Passwords and Administrator and Guest Settings . . . . . . . . . 320
Configure Remote Management Access . . . . . . . . . . . . . . . . . . . . . . . 322
Use a Simple Network Management Protocol Manager. . . . . . . . . . . . 326
Manage the Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
Configure Date and Time Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Chapter 10
Monitor System Access and Performance
Enable the WAN Traffic Meter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
Configure Logging, Alerts, and Event Notifications . . . . . . . . . . . . . . . . . 338
How to Send Syslogs over a VPN Tunnel between Sites . . . . . . . . . . 342
View Status Screens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
View the System Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
View the VPN Connection Status and L2TP Users . . . . . . . . . . . . . . . 353
View the VPN Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
View the Port Triggering Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
View the WAN Port Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
View the Attached Devices and the DHCP Log . . . . . . . . . . . . . . . . . . 359
View the Status of a Wireless Profile . . . . . . . . . . . . . . . . . . . . . . . . . . 361
Diagnostics Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Send a Ping Packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Trace a Route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Look Up a DNS Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
Display the Routing Tables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Capture Packets in Real Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Reboot the Wireless VPN Firewall Remotely . . . . . . . . . . . . . . . . . . . . 366
Chapter 11
Troubleshooting
Basic Functioning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Power LED Not On. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368
Test LED Never Turns Off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
LAN or WAN Port LEDs Not On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Troubleshoot the Web Management Interface. . . . . . . . . . . . . . . . . . . . . 369
Page 9 / 414
9
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
When You Enter a URL or IP Address, a Time-Out Error Occurs . . . . . .370
Troubleshoot the ISP Connection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .370
Troubleshooting the IPv6 Connection . . . . . . . . . . . . . . . . . . . . . . . . . . .372
Troubleshoot a TCP/IP Network Using a Ping Utility . . . . . . . . . . . . . . . .375
Test the LAN Path to Your Wireless VPN Firewall . . . . . . . . . . . . . . . .375
Test the Path from Your Computer to a Remote Device . . . . . . . . . . .376
Restore the Default Configuration and Password . . . . . . . . . . . . . . . . . .376
Address Problems with Date and Time . . . . . . . . . . . . . . . . . . . . . . . . . .377
Access the Knowledge Base and Documentation . . . . . . . . . . . . . . . . . .378
Appendix A
Default Settings and Technical Specifications
Factory Default Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379
Physical and Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . .385
Appendix B
Two-Factor Authentication
Why Do I Need Two-Factor Authentication? . . . . . . . . . . . . . . . . . . . . . .389
What Are the Benefits of Two-Factor Authentication? . . . . . . . . . . . . .389
What Is Two-Factor Authentication?. . . . . . . . . . . . . . . . . . . . . . . . . . .390
NETGEAR Two-Factor Authentication Solutions . . . . . . . . . . . . . . . . . . .390
Appendix C
Notification of Compliance (Wired)
Appendix D
Notification of Compliance (Wireless)
Index
Page 10 / 414
10
1
1.
Introduction
This chapter provides an overview of the features and capabilities of the ProSafe Wireless-N
8-Port Gigabit VPN Firewall FVS318N and explains how to log in to the device and use its web
management interface. This chapter contains the following sections:
What Is the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N?
Key Features and Capabilities
Package Contents
Hardware Features
Choose a Location for the Wireless VPN Firewall
Log In to the Wireless VPN Firewall
Note:
For more information about the topics covered in this manual, visit
the FVS318N support website at
.
What Is the ProSafe Wireless-N 8-Port Gigabit VPN
Firewall FVS318N?
The ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N, hereafter referred to as the
wireless VPN firewall, connects your local area network (LAN) and wireless LAN (WLAN) to
the Internet through an external broadband access device such as a cable or DSL modem,
satellite or wireless Internet dish, or another router. A 2.4-GHz radio supports wireless
connections in 802.11n mode with support for legacy clients in 802.11b and 802.11g mode.
The wireless VPN firewall routes both IPv4 and IPv6 traffic. A powerful, flexible firewall
protects your IPv4 and IPv6 networks from denial of service (DoS) attacks, unwanted traffic,
and traffic with objectionable content. IPv6 traffic is supported through 6to4 and Intra-Site
Automatic Tunnel Addressing Protocol (ISATAP) tunnels.
The wireless VPN firewall provides advanced IPSec and SSL VPN technologies with support
for up to 12 IPSec VPN tunnels and 5 SSL VPN tunnels, as well as L2TP support for easy
and secure remote connections. The use of Gigabit Ethernet WAN and LAN ports ensures
high data transfer speeds.

Rate

4.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top