1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 12
Page 56 / 178 Scroll up to view Page 51 - 55
FVS338 ProSafe VPN Firewall 50 Reference Manual
3-12
LAN Configuration
v1.0, September 2006
None
– the router neither broadcasts its route table nor does it accept any RIP packets
from other routers. This effectively disables RIP.
4.
Select the
RIP Version
from the pull-down menu:
RIP-1
– classful routing and does not include subnet information. This is the most
commonly supported version.
RIP-2
– supports subnet information. Both RIP-2B and RIP-2M send the routing data in
RIP-2 format:
RIP-2B
– uses subnet broadcasting.
RIP-2M
– uses multicasting (see Note below).
5.
RIP authentication is disabled by default. To enable authentication for RIP-2B or RIP-2M,
a.
Check the
Yes
radio button.
b.
Input MD5 keys and effective and end dates for the
First Key Parameters
and
Second
Key Parameters
for MD5 based authentication between routers.
6.
Click
Apply
to save your settings.
Enabling Trend Micro Antivirus Enforcement
If you have installed the Trend Micro Client/Server Messaging Suite for SMB on your local
network, the firewall can enforce antivirus scanning. When Antivirus Enforcement is selected,
local PCs will not be allowed web access unless they have the Trend Micro OfficeScan client
installed and updated with the latest virus definitions.
To enable Trend Micro Antivirus Enforcement:
1.
Select
Security
from the main menu and
Trend Micro
from the submenu. The
Trend Micro
screen sill display.\
2.
Check the
Yes
radio box for
Do you want to enable antivirus Enforcement?.
Note:
Multicasting can reduce the load on non-router machines because they do
not listen to the RIP multicast address and will not receive the RIP packets.
However, if one router uses multicasting, then all routers on your network
must use multicasting. For RIP-2B and RIP-2M you can select the type of
authentication as NONE or MD5. If you select MD5 then you need to enter
additional parameters.
Page 57 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
LAN Configuration
3-13
v1.0, September 2006
3.
Enter the IP address of the
OfficeScan
Server
on your local network.
4.
Enter the 5-digit port number used for communications between the OfficeScan clients and the
server.
5.
Click
Apply
to enable Trend Micro.
The Host Exclusion List table lists PCs that are allowed to access the WAN without OfficeScan
client.
To allow a PC to access the web without the OfficeScan client:
Enter the IP address of the PC in the
Host
field in the
Add Host
section and click
Add.
The
address will be added to the
Host Exclusion List
table.
Note:
The OfficeScan Server must appear in the exclusion list.
Figure 3-6
Note:
Follow the instructions in the Trend Micro documentation to complete the
installation and configuration of the Trend Micro OfficeScan Server.
Page 58 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
3-14
LAN Configuration
v1.0, September 2006
Page 59 / 178
Firewall Protection and Content Filtering
4-1
v1.0, September 2006
Chapter 4
Firewall Protection and Content Filtering
The ProSafe VPN Firewall 50 provides you with Web content filtering options such as Block Sites
and Keyword Blocking. Parents and network administrators can establish restricted access policies
based on time-of-day, Web addresses and Web address keywords. You can also block Internet
access by applications and services, such as chat or games. It also provides various firewall
activity reports and instant alerts via e-mail.
About Firewall Security
A firewall is a special category of router that protects one network (the “trusted” network, such as
your LAN) from another (the untrusted network, such as the Internet), while allowing
communication between the two.
A firewall incorporates the functions of a NAT (Network Address Translation) router, while
adding features for dealing with a hacker intrusion or attack, and for controlling the types of traffic
that can flow between the two networks. Unlike simple Internet sharing NAT routers, a firewall
uses a process called stateful packet inspection to protect your network from attacks and
intrusions. NAT performs a very limited stateful inspection in that it considers whether the
incoming packet is in response to an outgoing request, but true Stateful Packet Inspection goes far
beyond NAT.
Using Rules to Block or Allow Specific Kinds of Traffic
Firewall rules are used to block or allow specific traffic passing through from one side to the other.
You can configure up to 600 rules on the FVS338. Inbound rules (WAN to LAN) restrict access by
outsiders to private resources, selectively allowing only specific outside users to access specific
resources. Outbound rules (LAN to WAN) determine what outside resources local users can have
access to.
A firewall has two default rules, one for inbound traffic and one for outbound. The default rules of
the FVS338 are:
Inbound
: Block all access from outside except responses to requests from the LAN side.
Page 60 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
4-2
Firewall Protection and Content Filtering
v1.0, September 2006
Outbound
: Allow all access from the LAN side to the outside.
Services-Based Rules
The rules to block traffic are based on the traffic’s category of service.
Inbound Rules (port forwarding
). Inbound traffic is normally blocked by the firewall unless
the traffic is in response to a request from the LAN side. The firewall can be configured to
allow this otherwise blocked traffic.
Outbound Rules (service blocking).
Outbound traffic is normally allowed unless the firewall
is configured to disallow it.
Customized Services
. Additional services can be added to the list of services in the factory
default list. These added services can then have rules defined for them to either allow or block
that traffic.
Quality of Service (QoS)
. Each service at its own native priority that impacts its quality of
performance and tolerance for jitter or delays. You can change this QoS priority if desired to
change the traffic mix through the system.
Outbound Rules (Service Blocking)
The FVS338 allows you to block the use of certain Internet services by PCs on your network. This
is called service blocking or port filtering.
Note:
See
“Enabling Source MAC Filtering” on page 4-23
for yet another way to block
outbound traffic from selected PCs that would otherwise be allowed by the
firewall.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top