1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 80
Page 396 / 469 Scroll up to view Page 391 - 395
Troubleshooting
396
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Troubleshoot the ISP Connection
If your VPN firewall is unable to access the Internet, you should first determine whether the
VPN firewall is able to obtain a WAN IP address from the ISP. Unless you were assigned a
static IP address, your VPN firewall requests an IP address from the ISP. You can determine
whether the request was successful using the web management interface.
To check the WAN IP address:
1.
Launch your browser and navigate to an external site such as www.netgear.com.
2.
Access the web management interface of the VPN firewall’s configuration at
3.
Select
Network Configuration > WAN Settings > WAN Setup
. The WAN Setup screen
for IPv4 displays.
4.
Take one of the following actions:
-
For IPv4
. In the Action column, click the
Status
button of the WAN interface for which
you want to display the Connection Status pop-up screen (see
Figure
13
on page
34).
-
For IPv6
. In the upper right of the screen, select the
IPv6
radio button. The WAN Setup
screen displays the IPv6 settings. In the Action column, click the
Status
button of the
WAN interface for which you want to display the Connection Status pop-up screen
(see
Figure
31
on page
57).
5.
Check that an IP address is shown for the WAN port. If an IP address with zeros only is
shown, or if no IP address is shown, the VPN firewall has not obtained an IP address from
your ISP, or for IPv6, has not obtained or generated an IP address.
If your VPN firewall is unable to obtain an IP address from the ISP, you might need to
force your modem, dish, or router to recognize your new VPN firewall by performing
the following procedure:
1.
Turn off the power to the modem, dish, or router.
2.
Turn off the power to your VPN firewall.
3.
Wait 5 minutes, and turn on the power to the modem, dish, or router.
4.
When the LEDs of the modem, dish, or router indicate that synchronization with the ISP has
occurred, turn on the power to your VPN firewall.
If your VPN firewall is still unable to obtain an IP address from the ISP, the problem might be
one of the following:
Your ISP might require a login program.
For IPv4 connections, ask your ISP whether they require PPP over Ethernet (PPPoE) or
some other type of login.
For IPv4 connections, if your ISP requires a login, you might have incorrectly set the login
name and password.
For IPv4 connections, your ISP might check for your computer’s host name. On a WAN
IPv4 ISP Settings screen, in the Account Name field, enter the host name, system name,
or account name that was assigned to you by your ISP. You might also need to enter the
assigned domain name or workgroup name in the Domain Name field, and you might
Page 397 / 469
Troubleshooting
397
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
have to enter additional information. For more information, see
Manually Configure an
IPv4 Internet Connection
on page
34.
Your ISP allows only one Ethernet MAC address to connect to the Internet, and might
check for your computer’s MAC address. In this case, do one of the following:
-
Inform your ISP that you have a new network device, and ask them to use the VPN
firewall’s MAC address.
-
Configure your VPN firewall to spoof your computer’s MAC address. You can do this
in the Router’s MAC Address section on a WAN Advanced Options screen. For more
information, see
Configure Advanced WAN Options and Other Tasks
on page
71.
If your VPN firewall can obtain an IP address, but an attached computer is unable to load any
web pages from the Internet:
Your computer might not recognize any DNS server addresses.
A DNS server is a host on the Internet that translates Internet names (such as
www.netgear.com) to numeric IP
addresses. Typically, your ISP provides the addresses
of one or two DNS servers for your use. You can configure your computer manually with
DNS addresses, as described in your operating system documentation
.
Your computer might not have the VPN firewall configured as its TCP/IP gateway.
Troubleshooting the IPv6 Connection
If you have difficulty connecting over an IPv6 connection, there might be an incorrect
configuration on the VPN firewall or the computer from which you are trying to connect to the
VPN firewall:
Check the VPN firewall:
By default, the VPN firewall is set to IPv4-only mode. Make sure that the VPN firewall is
set to IPv4/IPv6 mode (see
Configure the IPv6 Routing Mode
on page
53).
Make sure that the ISP settings are correct (see
Configure a Static IPv6 Internet
Connection
on page
58). The VPN firewall cannot receive a valid IPv6 address if the
Internet connection is not correctly configured.
Make sure that the VPN firewall can provide IPv6 addresses to the computers on the LAN
(see
Manage the IPv6 LAN
on page
102). Check the settings on the LAN Setup screen
for IPv6, and if applicable for your type of configuration, on the RADVD screen.
Check the computer:
Make sure that the operating system supports IPv6. Normally, the following operating
systems support IPv6:
-
Windows 7, all 32- and 64-bit versions
-
Windows Vista, all 32- and 64-bit versions
-
Windows XP Professional SP3 (32- and 64-bit)
-
Windows Server 2008, all versions
-
Windows Server 2008 R2, all versions
Page 398 / 469
Troubleshooting
398
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
-
Windows Server 2003, all versions
-
Windows Server 2003 R2, all versions
-
Linux and other UNIX-based systems with a correctly configured kernel
-
MAC OS X
Make sure that IPv6 is enabled on the computer. On a computer that runs a
Windows-based operating system, do the following (note that the steps might differ on the
various Windows operating systems):
a.
Open the Network Connections screen or the Network and Sharing Center screen.
For example, on the Windows taskbar, click
Start
, select
Control Panel
, and select
Network Connections
.
b.
Click or double-click
Local Area Connection
for the connection to the VPN firewall.
The Local Area Connection Properties screen displays:
Figure 258.
c.
Make sure that Internet Protocol Version 6 (TCP/IPv6) displays, as is shown in the
previous figure.
Make sure that the computer has an IPv6 address. If the computer has a link-local
address only, it cannot reach the VPN firewall or the Internet. On a computer that runs a
Windows-based operating system, do the following (note that the steps might differ on the
various Windows operating systems):
a.
Open the Network Connections screen or the Network and Sharing Center screen.
For example, on the Windows taskbar, click
Start
, select
Control Panel
, and select
Network Connections
.
b.
Click or double-click
Local Area Connection
for the connection to the VPN firewall.
Page 399 / 469
Troubleshooting
399
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
c.
Click or double-click
View status of this connection
. The Local Area Connection
Status screen displays:
Figure 259.
d.
Make sure that Internet access shows for the IPv6 connection. (The previous figure
shows that there is no Internet access.)
e.
Click
Details
. The Network Connection Details screen displays:
Figure 260.
Page 400 / 469
Troubleshooting
400
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
f.
Make sure that an IPv6 address shows. The previous figure does not show an IPv6
address for the computer but only a link-local IPv6 address and an IPv6 default
gateway address, both of which start, in this case, with FE80.
Troubleshoot a TCP/IP Network Using a Ping Utility
Test the LAN Path to Your VPN Firewall
Test the Path from Your Computer to a Remote Device
Most TCP/IP terminal devices and firewalls contain a ping utility that sends an echo request
packet to the designated device. The device then responds with an echo reply. You can easily
troubleshoot a TCP/IP network by using the ping utility in your computer or workstation.
Test the LAN Path to Your VPN Firewall
You can ping the VPN firewall from your computer to verify that the LAN path to the VPN
firewall is set up correctly.
To ping the VPN firewall from a computer running Windows 95 or later:
1.
From the Windows taskbar, click
Start
and select
Run
.
2.
In the field provided, type
ping
followed by the IP address of the VPN firewall, for example:
3.
Click
OK
.
A message similar to the following should display:
Pinging <IP address> with 32 bytes of data
If the path is working, you see this message:
Reply from <IP address>: bytes=32 time=NN ms TTL=xxx
If the path is not working, you see this message:
Request timed out
If the path is not functioning correctly, you might have one of the following problems:
Wrong physical connections
-
Make sure that the LAN port LED is on. If the LED is off, follow the instructions in
LAN or WAN Port LEDs Not On
on page
394.
-
Check that the corresponding Link LEDs are on for your network interface card
and for the hub ports (if any) that are connected to your workstation and VPN
firewall.
Wrong network configuration
-
Verify that the Ethernet card driver software and TCP/IP software are both
installed and configured on your computer or workstation.
-
Verify that the IP address for your VPN firewall and your workstation are correct
and that the addresses are on the same subnet.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top