1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 26
Page 126 / 178 Scroll up to view Page 121 - 125
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-36
Virtual Private Networking
v1.0, September 2006
.
To submit your Self Certificate request to a CA:
1.
Connect to the web site of the CA.
2.
Start the Self Certificate request procedure.
3.
When prompted for the requested data, copy the data from your saved data file (including “---
-BEGIN CERTIFICATE REQUEST---” and “---END CERTIFICATE REQUEST’).
4.
Submit the CA form. If no problems ensue, the Certificate will be issued.
Figure 5-26
Save to file
Page 127 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-37
v1.0, September 2006
When you obtain the certificate from the CA, you can then upload it to your computer. Click
Browse
to locate the
Certificate file
and then click
Upload.
The certificate will display in the
Active Self Certificates
table (see
Figure 5-25
).
Certificates are updated by their issuing CA authority on a regular basis. You should track all of
your CAs to ensure that you have the latest version and/or that your certificate has not been
revoked. To track your CAs, you must upload the Certificate Identify for each CA to the CRL.
Managing your Certificate Revocation List (CRL)
CRL (Certificate Revocation List) files show Certificates which are active and certificates which
have been revoked, and are no longer valid. Each CA issues their own CRLs.
It is important that you keep your CRLs up-to-date. You should obtain the CRL for each CA
regularly.
The CRL table lists your active CAs and their critical release dates:
CA Identity
– The official name of the CA which issued this CRL.
Last Update
– The date when this CRL was released.
Next Update
– The date when the next CRL will be released.
To upload a Certificate Identity to the CRL:
1.
Click
Browse
, and then locate the file you previously downloaded from a CA.
2.
Select the Certificate Identity file. The name will appear in the “File to upload” field. Click
Upload.
The new Certificate Identity will appear in the
Certification Revocation Lists
table.
If you have a previous CA Identity from the same CA, it should now be deleted.
.
Page 128 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-38
Virtual Private Networking
v1.0, September 2006
Page 129 / 178
Router and Network Management
6-1
v1.0, September 2006
Chapter 6
Router and Network Management
This chapter describes how to use the network management features of your ProSafe VPN
Firewall 50. These features can be found by clicking on the appropriate heading in the Main Menu
of the browser interface.
The ProSafe VPN Firewall 50 offers many tools for managing the network traffic to optimize its
performance. You can also control administrator access, be alerted to important events requiring
prompt action, monitor the firewall status, perform diagnostics, and manage the firewall
configuration file.
Performance Management
Performance management consists of controlling the traffic through the VPN firewall so that the
necessary traffic gets through when there is a bottleneck and either reducing unnecessary traffic or
rescheduling some traffic to low-peak times to prevent bottlenecks from occurring in the first
place. The VPN firewall has the necessary features and tools to help the network manager
accomplish these goals.
VPN Firewall Features That Reduce Traffic
Features of the VPN firewall that can be called upon to decrease WAN-side loading are as follows:
Service Blocking
Block Sites
Source MAC Filtering
Page 130 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
6-2
Router and Network Management
v1.0, September 2006
Service Blocking
You can control specific outbound traffic (for example., from LAN to WAN). Outbound Services
lists all existing rules for outbound traffic. If you have not defined any rules, only the default rule
will be listed. The default rule allows all outgoing traffic.
Each rule lets you specify the desired action for the connections covered by the rule:
BLOCK always
BLOCK by schedule, otherwise Allow
ALLOW always
ALLOW by schedule, otherwise Block
As you define your firewall rules, you can further refine their application according to the
following criteria:
LAN Users
– These settings determine which computers on your network are affected by this
rule. Select the desired options:
Any: All PCs and devices on your LAN.
Single address: The rule will be applied to the address of a particular PC.
Address range: The rule is applied to a range of addresses.
Groups: The rule is applied to a Group (you use the Network Database to assign PCs to
Groups—see
“Managing Groups and Hosts” on page 3-5
).
WAN Users
– These settings determine which Internet locations are covered by the rule, based
on their IP address.
Any: The rule applies to all Internet IP address.
Single address: The rule applies to a single Internet IP address.
Address range: The rule is applied to a range of Internet IP addresses.
Services
– You can specify the desired Services or applications to be covered by this rule. If
the desired service or application does not appear in the list, you must define it using the
Services menu (see
“Services-Based Rules” on page 4-2
).
Schedule
– You can specify whether the rule is to be applied on the Schedule 1, Schedule 2, or
Schedule 3 time schedule (see
“Setting a Schedule to Block or Allow Traffic” on page 4-20
).
Warning:
This feature is for Advanced Administrators only! Incorrect configuration
will cause serious problems.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top