NETGEAR FVX538 Router Manual PDF (Setup & Configuration Guide)

Page 96 / 240 Scroll up to view Page 91 - 95

ProSafe VPN Firewall 200 FVX538 Reference Manual

4-36

Firewall Protection and Content Filtering

v1.0, March 2009

3.

From the

Protocol

pull-down menu, select either the TCP or UDP protocol.

4.

In the

Outgoing (Trigger) Port Range

fields:

a.

Enter the

Start Port

range (1 - 65534).

b.

Enter the

End Port

range (1 - 65534).

5.

In the

Incoming (Response) Port Range

fields:

a.

Enter the

Start Port

range (1 - 65534).

b.

Enter the

End Port

range (1 - 65534).

Figure 4-21

Page 97 / 240

ProSafe VPN Firewall 200 FVX538 Reference Manual

Firewall Protection and Content Filtering

4-37

v1.0, March 2009

6.

Click

Add.

The Port Triggering Rule will be added to the

Port Triggering Rules

table.

To edit or modify a rule:

1.

Click

Edit

in the Action column opposite the rule you wish to edit. The

Edit Port Triggering

Rule

screen will display.

2.

Modify any of the fields for this rule.

3.

Click

Reset

to cancel any changes and return to the previous settings.

4.

Click

Apply

to save your modifications. Your changes will appear in the

Port Triggering

Rules

table.

To check the status of the Port Triggering rules, click the

Status

link on the

Port Triggering

screen.

Bandwidth Limiting

Bandwidth Limiting determines the way in which data is communicated with your host. The

purpose of bandwidth limiting is to provide a method for limiting traffic, thus preventing LAN

users from consuming all the bandwidth on your WAN link.

•

Bandwidth limiting is done on the available WAN interface in both the single port and Auto-

Failover modes. Bandwidth limiting is handled on the user-specified interface in Load

Balancing mode.

•

Bandwidth limiting does not apply to the DMZ interface.

Figure 4-22

Page 98 / 240

ProSafe VPN Firewall 200 FVX538 Reference Manual

4-38

Firewall Protection and Content Filtering

v1.0, March 2009

For example, when a new connection is established by a device, the device will locate the firewall

rule corresponding to the connection.

•

If the rule has a bandwidth profile specification, then the device will create a bandwidth class

in the kernel.

•

If multiple connections correspond to the same firewall rule, they will share the same class.

An exception occurs for an individual bandwidth profile if the classes are per source IP. The source

IP is the IP of the first packet of the connection:

The class is deleted when all the connections using the class expire.

To add a Bandwidth Profile:

1.

Select

Security

from the main menu and

Bandwidth Profile

from the sub-menu. The

Bandwidth Profile

screen will display.

2.

Click Add to add a new Bandwidth Profile. When the Add New Bandwidth Profile screen

displays, enter the following:

a.

Name

: Specify an easily identifiable name for the profile.

b.

Minimum Bandwidth

: Specify the minimum bandwidth value in Kbps for the profile.

c.

Maximum Bandwidth

: Specify the maximum bandwidth value in Kbps for the profile.

d.

Type

: Specify the type of profile.

e.

Direction

: Specify the direction for the profile.

f.

WAN

: Specify the WAN interface (if in Load Balancing Mode) for the profile.

3.

Click

Apply

to save your settings. Your new Bandwidth Profile will be added to the

Bandwidth Profile Table. The Bandwidth Profile table lists the currently defined bandwidth

profiles:

Figure 4-23

Page 99 / 240

ProSafe VPN Firewall 200 FVX538 Reference Manual

Firewall Protection and Content Filtering

4-39

v1.0, March 2009

•

Name

: Displays the user-defined name for this bandwidth profile.

•

Bandwidth Range

: Displays the range for the bandwidth profile.

•

Type

: Displays the type of bandwidth profile.

•

Direction

: Displays the direction of the bandwidth profile.

•

WAN

: Displays the WAN interface for the Load Balancing mode.

To edit a Bandwidth Profile:

1.

Click the

Edit

link adjacent to the profile you want to edit. The Edit Bandwidth Profile screen

will display.

2.

Modify any of the following fields:

a.

Minimum Bandwidth

: Specify the minimum bandwidth value in Kbps for the profile.

b.

Maximum Bandwidth

: Specify the maximum bandwidth value in Kbps for the profile.

c.

Type

: Specify the type for the profile.

d.

Direction

: Specify the direction for the profile.

e.

WAN

: Specify WAN in case of Load Balancing mode for the profile.

3.

Click

Apply

. Your modified profile will display in the Bandwidth Profile table.

To remove an entry from the table, select the profile and click

Delete

.

To remove all the profiles, click

Select All

and then click

Delete

.

E-Mail Notifications of Event Logs and Alerts

The Firewall Logs can be configured to log and then e-mail denial of access, general attack

information, and other information to a specified e-mail address. For example, your VPN firewall

will log security-related events such as: accepted and dropped packets on different segments of

your LAN or DMZ; denied incoming and outgoing service requests; hacker probes and Login

attempts; and other general information based on the settings you input on the

Firewall Logs &

E-mail

screen. In addition, if you have set up Content Filtering on the Block Sites screen (see

“Setting Block Sites (Content Filtering)” on page 4-29

), a log will be generated when someone on

your network tries to access a blocked site.

Page 100 / 240

ProSafe VPN Firewall 200 FVX538 Reference Manual

4-40

Firewall Protection and Content Filtering

v1.0, March 2009

You must have e-mail notification enabled to receive the logs in an e-mail message. If you don't

have e-mail notification enabled, you can view the logs on the

Logs

screen (see

Figure 4-25 on

page 4-42

). Selecting all events will increase the size of the log, so it is good practice to select only

those events which are required.

To set up Firewall Logs and E-mail alerts:

1.

Select

Monitoring

from the main menu and then

Firewall Logs & E-mail

from the submenu.

The

Firewall Logs & E-mail

screen will display.

2.

Enter the name of the log in the

Log Identifier

field. Log Identifier is a mandatory field used

to identify the log messages. The ID appended to log messages.

Figure 4-24

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share