NETGEAR FVS318N Router Manual PDF (Setup & Configuration Guide)

Page 186 / 414 Scroll up to view Page 181 - 185

Firewall Protection

186

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

Note these restrictions on port triggering:

•

Only one computer can use a port-triggering application at any time.

•

After a computer has finished using a port-triggering application, there is a short time-out

period before the application can be used by another computer. This time-out period is

required so the wireless VPN firewall can determine that the application has terminated.

Note:

For additional ways of allowing inbound traffic, see

Inbound Rules

(Port Forwarding)

on page 130.



To add a port-triggering rule:

1.

Select

Security > Port Triggering

. The Port Triggering screen displays. (The following

figure shows a rule in the Port Triggering Rule table as an example.)

Figure 101.

2.

In the Add Port Triggering Rule section, enter the settings as explained in the following table:

Table 40.

Port Triggering screen settings

Setting

Description

Name

A descriptive name of the rule for identification and management purposes.

Enable

From the drop-down list, select

Yes

to enable the rule. (You can define a rule but not

enable it.) The default setting is No.

Protocol

From the drop-down list, select the protocol to which the rule applies:

•

TCP

. The rule applies to an application that uses the Transmission Control

Protocol (TCP).

•

UDP

. The rule applies to an application that uses the User Datagram Protocol

(UDP).

Page 187 / 414

Firewall Protection

187

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

3.

Click the

Add

table button. The new port-triggering rule is added to the Port Triggering Rules

table.



To edit a port-triggering rule:

1.

In the Port Triggering Rules table, click the

Edit

table button to the right of the

port-triggering rule that you want to edit. The Edit Port Triggering Rule screen displays.

2.

Modify the settings that you wish to change (see the previous table).

3.

Click

Apply

to save your changes. The modified port-triggering rule is displayed in the Port

Triggering Rules table.



To remove one or more port-triggering rules from the table:

1.

Select the check box to the left of each port-triggering rule that you want to delete, or

click the

Select All

table button to select all rules.

2.

Click the

Delete

table button.



To display the status of the port-triggering rules:

Click the

Status

option arrow in the upper right of the Port Triggering screen. A pop-up

screen displays, showing the status of the port-triggering rules.

Figure 102.

Configure Universal Plug and Play

The Universal Plug and Play (UPnP) feature enables the wireless VPN firewall to

automatically discover and configure devices when it searches the LAN and WAN.

Note:

UPnP is supported for IPv4 devices only.

Outgoing (Trigger)

Port Range

Start Port

The start port (1–65535) of the range for triggering.

End Port

The end port (1–65535) of the range for triggering.

Incoming (Response)

Port Range

Start Port

The start port (1–65535) of the range for responding.

End Port

The end port (1–65535) of the range for responding.

Table 40.

Port Triggering screen settings (continued)

Setting

Description

Page 188 / 414

Firewall Protection

188

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N



To configure UPnP:

1.

Select

Security > UPnP

. The UPnP screen displays:

Figure 103.

The UPnP Portmap Table in the lower part of the screen shows the IP addresses and

other settings of UPnP devices that have accessed the wireless VPN firewall and that

have been automatically detected by the wireless VPN firewall:

•

Active

. A Yes or No indicates if the UPnP device port that established a connection is

currently active.

•

Protocol

. Indicates the network protocol such as HTTP or FTP that is used by the

device to connect to the VPN firewall.

•

Int. Port

. Indicates if any internal ports are opened by the UPnP device.

•

Ext. Port

. Indicates if any external ports are opened by the UPnP device.

•

IP Address

. Lists the IP address of the UPnP device accessing the VPN firewall.

2.

To enable the UPnP feature, select the

Yes

radio button. (The feature is disabled by default.)

To disable the feature, select

No

.

3.

Fill in the following fields:

•

Advertisement Period

. Enter the period in seconds that specifies how often the

wireless VPN firewall should broadcast its UPnP information to all devices within its

range. The default setting is 30 seconds.

•

Advertisement Time to Live

. Enter a number that specifies how many steps (hops)

each UPnP packet is allowed to propagate before being discarded. Small values will

limit the UPnP broadcast range. The default setting is 4 hops.

4.

Click

Apply

to save your settings.

To refresh the contents of the UPnP Portmap Table, click

Refresh

.

Page 189 / 414

189

6

6.

Virtual Private Networking

Using IPSec and L2TP Connections

This chapter describes how to use the IP security (IPSec) virtual private networking (VPN)

features of the wireless VPN firewall to provide secure, encrypted communications between your

local network and a remote network or computer. This chapter contains the following sections:

•

Use the IPSec VPN Wizard for Client and Gateway Configurations

•

Test the Connection and View Connection and Status Information

•

Manage IPSec VPN Policies

•

Configure Extended Authentication (XAUTH)

•

Assign IPv4 Addresses to Remote Users (Mode Config)

•

Configure Keep-Alives and Dead Peer Detection

•

Configure NetBIOS Bridging with IPSec VPN

•

Configure the L2TP Server

Use the IPSec VPN Wizard for Client and Gateway

Configurations

You can use the IPSec VPN Wizard to configure multiple gateway or client VPN tunnel

policies.

The following sections provide wizard and NETGEAR ProSafe VPN Client software

configuration procedures:

•

Create an IPv4 Gateway-to-Gateway VPN Tunnel with the Wizard

on page 190

•

Create an IPv6 Gateway-to-Gateway VPN Tunnel with the Wizard

on page 194

•

Create an IPv4 Client-to-Gateway VPN Tunnel with the Wizard

on page 198

Note:

Although the wireless VPN firewall supports IPv6, the NETGEAR

ProSafe VPN Client supports IPv4 only; an upcoming release of the

VPN Client will support IPv6.

Page 190 / 414

Virtual Private Networking Using IPSec and L2TP Connections

190

ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

Configuring a VPN tunnel connection requires that you specify all settings on both sides of

the VPN tunnel to match or mirror each other precisely, which can be a daunting task. The

VPN Wizard efficiently guides you through the setup procedure with a series of questions that

determine the IPSec keys and VPN policies it sets up. The VPN Wizard also configures the

settings for the network connection: security association (SA), traffic selectors, authentication

algorithm, and encryption. The settings that are used by the VPN Wizard are based on the

recommendations of the VPN Consortium (VPNC), an organization that promotes

multivendor VPN interoperability.

Create an IPv4 Gateway-to-Gateway VPN Tunnel with the

Wizard

Figure 104.



To set up an IPv4 gateway-to-gateway VPN tunnel using the VPN Wizard:

1.

Select

VPN > IPSec VPN > VPN Wizard

.

In the upper right of the screen, the IPv4 radio

button is selected by default. The VPN Wizard screen displays the IPv4 settings. (The

following screen contains some examples that do not relate to other examples in this

manual.)

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share