Contents

xi

201-10301-02, May 2005

Restarting the Network

................................................................................................

C-12

Appendix D

Firewall Log Formats

Action List

......................................................................................................................

D-1

Field List

........................................................................................................................

D-1

Outbound Log

................................................................................................................

D-1

Inbound Log

...................................................................................................................

D-2

Other IP Traffic

..............................................................................................................

D-2

Router Operation

...........................................................................................................

D-3

Other Connections and Traffic to this Router

................................................................

D-4

DoS Attack/Scan

...........................................................................................................

D-4

Access Block Site

..........................................................................................................

D-6

All Web Sites and News Groups Visited

........................................................................

D-6

System Admin Sessions

................................................................................................

D-6

Policy Administration LOG

.............................................................................................

D-7

Appendix E

Wireless Networking Basics

Wireless Networking Overview

......................................................................................

E-1

Infrastructure Mode

.................................................................................................

E-1

Ad Hoc Mode (Peer-to-Peer Workgroup)

................................................................

E-2

Network Name: Extended Service Set Identification (ESSID)

................................

E-2

Authentication and WEP Data Encryption

.....................................................................

E-2

802.11 Authentication

..............................................................................................

E-3

Open System Authentication

...................................................................................

E-3

Shared Key Authentication

......................................................................................

E-4

Overview of WEP Parameters

................................................................................

E-5

Key Size

..................................................................................................................

E-6

WEP Configuration Options

....................................................................................

E-7

Wireless Channels

.........................................................................................................

E-7

WPA Wireless Security

..................................................................................................

E-8

How Does WPA Compare to WEP?

........................................................................

E-9

How Does WPA Compare to IEEE 802.11i?

........................................................

E-10

What are the Key Features of WPA Security?

......................................................

E-10

WPA Authentication: Enterprise-level User

Authentication via 802.1x/EAP and RADIUS

..................................................

E-12

WPA Data Encryption Key Management

........................................................

E-14

201-10301-02, May 2005

xii

Contents

Is WPA Perfect?

....................................................................................................

E-16

Product Support for WPA

......................................................................................

E-16

Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged

......

E-16

Changes to Wireless Access Points

...............................................................

E-17

Changes to Wireless Network Adapters

.........................................................

E-17

Changes to Wireless Client Programs

............................................................

E-18

Appendix F

Virtual Private Networking

What is a VPN?

..............................................................................................................

F-1

What is IPSec and How Does It Work?

..........................................................................

F-2

IPSec Security Features

..........................................................................................

F-2

IPSec Components

..................................................................................................

F-2

Encapsulating Security Payload (ESP)

....................................................................

F-3

Authentication Header (AH)

.....................................................................................

F-4

IKE Security Association

..........................................................................................

F-4

Mode

..................................................................................................................

F-5

Key Management

.....................................................................................................

F-6

Understand the Process Before You Begin

....................................................................

F-6

VPN Process Overview

..................................................................................................

F-7

Network Interfaces and Addresses

..........................................................................

F-7

Interface Addressing

..........................................................................................

F-7

Firewalls

............................................................................................................

F-8

Setting Up a VPN Tunnel Between Gateways

.........................................................

F-8

VPNC IKE Security Parameters

...................................................................................

F-10

VPNC IKE Phase I Parameters

..............................................................................

F-10

VPNC IKE Phase II Parameters

.............................................................................

F-11

Testing and Troubleshooting

.........................................................................................

F-11

Additional Reading

.......................................................................................................

F-11

Appendix G

NETGEAR VPN Configuration

FVS318 or FVM318 to FWG114P v2

Configuration Template

..................................................................................................

G-1

Step-By-Step Configuration of FVS318 or FVM318 Gateway A

....................................

G-2

Step-By-Step Configuration of FWG114P Gateway B

...................................................

G-5

Test the VPN Connection

..............................................................................................

G-9

Contents

xiii

201-10301-02, May 2005

Appendix H

NETGEAR VPN Configuration

FVS318 or FVM318 with FQDN to FVS328

Configuration Template

..................................................................................................

H-1

Using DDNS and Fully Qualified Domain Names (FQDN)

.....................................

H-2

Step-By-Step Configuration of FVS318 or FVM318 Gateway A

....................................

H-3

Step-By-Step Configuration of FVS328 Gateway B

.......................................................

H-7

Test the VPN Connection

............................................................................................

H-11

Glossary

201-10301-02, May 2005

xiv

Contents

About This Manual

1-1

201-10301-02, May 2005

Chapter 1

About This Manual

This chapter describes the intended audience, scope, conventions, and formats of this manual.

Audience, Scope, Conventions, and Formats

This reference manual assumes that the reader has basic to intermediate computer and Internet

skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial

information is provided in the Appendices and on the Netgear website.

This guide uses the following typographical conventions:

This guide uses the following formats to highlight special messages:

This manual is written for the FWG114P v2 Wireless Firewall/Print Server according to these

specifications:

Table 1-1.

Typographical Conventions

italics

Emphasis, books, CDs, URL names

bold

User input

fixed

Screen text, file and server names, extensions, commands, IP addresses

Note:

This format is used to highlight information of importance or special interest.

Table 1-2.

Manual Scope

Product Version

ProSafe Wireless 802.11g

Firewall/Print Server Model FWG114P v2

Manual Publication Date

May 2005

Note:

Product updates are available on the NETGEAR, Inc. Web site at

http://kbserver.netgear.com/products/FWG114P v2.asp

.