NETGEAR SRX5308 Router Manual PDF (Setup & Configuration Guide)

Page 456 / 469 Scroll up to view Page 451 - 455

456

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

IPv6

configuring

69

described

68

VPN IPSec

202

,

206

,

214

autosensing port speed

74

B

backing up configuration file

348

bandwidth allocation, WAN traffic

76

–

80

bandwidth capacity

329

bandwidth limits, logging dropped packets

363

bandwidth profiles

creating

181

–

183

shifting traffic mix

335

baud rate

19

blocking

cookies

187

instant messaging (rule example)

168

Java

187

sessions

173

sites to reduce traffic

331

TCP flood

171

traffic, reaching limit

LAN

361

WAN

358

UDP flood

171

broadband.

See

WAN.

browsers

user login policies

317

web management interface

21

buttons (web management interface)

24

C

CA (certification authority)

238

,

320

–

327

cache control, SSL VPN

280

capturing packets

391

Category 5 cable

415

certificate revocation list (CRL)

321

,

326

certificate signing request (CSR)

323

certificates

commercial CAs

321

CRL

321

,

326

CSR

323

overview

320

self-signed

321

–

323

signature key length

324

trusted

321

–

322

certification authority (CA)

238

,

320

–

327

CHAP (Challenge Handshake Authentication Protocol)

270

,

273

,

302

–

306

See also

MIAS (Microsoft Internet Authentication Ser-

vice)

RADIUS authentication

WiKID

classical routing (IPv4), configuring

30

CLI (command-line interface)

19

,

342

client identifier

38

command-line interface (CLI)

19

,

342

community strings, SNMP

344

compatibility, protocols and standards

410

compliance

453

concatenating IPv6 addresses

65

configuration file, managing

347

–

349

configuration manager (web management interface)

login

21

menu

24

configuration settings, defaults

405

–

410

congestion priority, WAN QoS profile

79

connection reset, PPPoE broadband connection

37

connection type and state (WAN), viewing

375

connection, speed (WAN), configuring

75

connectivity, testing

82

console port

19

content filtering, configuring

188

cookies, blocking

187

counter

LAN traffic

359

,

360

WAN traffic

357

CRL (certificate revocation list)

321

,

326

crossover cable

15

,

394

CSR (certificate signing request)

323

custom services, firewall

177

D

Data Encryption Standard.

See

DES.

database, local users

305

date and daylight saving time

settings

352

troubleshooting settings

403

DDNS (Dynamic DNS), configuring

49

–

52

Dead Peer Detection (DPD)

236

,

267

defaults

See also

Appendix A, Default Settings and

Technical Specifications

attack checks

171

baud rate

19

client address ranges, SSL BPN

287

configuration settings

405

–

410

configuration, restoring

401

Page 457 / 469

457

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

DMZ port

IPv4 address and subnet mask

116

IPv6 address and prefix length

120

settings

115

domain, users

303

DPD settings

268

factory

20

,

349

,

401

failure detection settings

IPv4

47

IPv6

70

firewall rules

136

group, users

307

idle time-out periods

groups

309

L2TP server

273

PPTP server

270

users

312

IPSec VPN Wizard

205

IPv4 gateway

38

IPv4 routing mode

29

IPv6 gateway

59

IPv6 routing mode

53

LAN group

98

LAN IPv6 address

105

LAN IPv6 prefix length

105

load balancing method

42

login time-out

23

MAC address setting

74

MAC address sharing

93

MTU

73

NTP servers

354

password

22

,

401

port number LDAP server

92

port speed

74

portal address, SSL VPN

278

PVID

85

QoS priorities for IPv6 firewall rules

186

remote management

340

router lifetime

DMZ RADVD

125

LAN RADVD

111

secure HTTP access

340

server preference, IPv6

DMZ DHCP

120

LAN DHCP

106

session time-out periods

174

SIP support for ALG

176

SNMPv3 users

343

Telnet access

341

UPnP settings

200

user accounts

310

user name

22

VLAN

85

,

98

VPN firewall IPv4 address and subnet mask

90

VPN Wizard settings

205

WAN QoS priority queue

76

delegating, IPv6 prefixes

LAN DHCPv6 server

103

,

107

WAN DHCPv6 client

55

,

57

demilitarized zone.

See

DMZ.

denial of service (DoS)

attack check settings

171

default protection

14

,

140

DES (Data Encryption Standard) and 3DES

IKE SA settings

235

,

243

–

244

,

252

SNMPv3 user settings

346

DH (Diffie-Hellman) groups

232

,

236

,

245

,

252

DHCP (Dynamic Host Configuration Protocol)

automatic configuration of devices

15

DNS servers, IPv4 addresses

91

,

117

domain name

91

,

117

LDAP server

92

,

118

lease time

91

,

117

log, monitoring

387

relay

117

relay, VLANs

87

,

91

server

117

server, VLANs

87

,

90

WINS server

91

,

117

DHCP log messages, explanation of

447

DHCPv6, stateless and stateful

DMZ, configuring

120

LAN, configuring

105

WAN, configuring

56

diagnostics tools

388

Differentiated Services Code Point (DSCP)

76

,

185

Diffie-Hellman (DH) groups

232

,

236

,

245

,

252

DiffServ (Differentiated Services)

LAN QoS

185

WAN QoS

76

digital certificates.

See

certificates.

dimensions

410

direction, bandwidth profiles

182

DMZ (demilitarized zone)

configuring

114

–

127

increasing traffic

334

port

15

DNS (Domain Name Server)

automatic configuration of computers

15

dynamic

49

–

52

looking up an address

390

Mode Config address allocation

252

proxy

16

,

118

proxy, VLANs

87

,

92

queries, auto-rollover

45

server IPv4 addresses

broadband settings

39

DMZ settings

117

LAN/VLAN settings

91

Page 458 / 469

458

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

SSL VPN settings

286

server IPv6 addresses

broadband settings

59

,

63

DMZ settings

121

LAN settings

106

SSL VPN settings

286

DNS logs, viewing

366

documentation, online

403

domain name blocking

187

Domain Name Server.

See

DNS.

domain name, PPTP and PPPoE connections

36

domains for authentication

303

,

311

DoS (denial of service)

attack check settings

171

default protection

14

,

140

downloading

firmware

350

SSL certificate

22

DPD (Dead Peer Detection)

236

,

267

DSCP (Differentiated Services Code Point)

76

,

185

dual WAN ports

auto-rollover and load balancing

418

–

421

FQDNs

50

,

202

–

203

,

421

network, planning

413

overview

13

duplex, half and full

74

Dynamic DNS (DDNS), configuring

49

–

52

Dynamic Host Configuration Protocol.

See

DHCP.

dynamically assigned IPv4 addresses

38

DynDNS.org

49

–

52

E

e-commerce

275

edge devices, configuring

246

–

247

electromagnetic emissions

411

emailing

IP/MAC binding violations

193

–

195

logs

364

traffic meter reports and alerts

357

–

358

environmental specifications

411

error messages

syslog

365

understanding

431

event logs

363

examples of firewall rules

164

–

169

exchange mode, IKE policies

232

,

234

exposed hosts

50

increasing traffic

334

specifying (rule example)

167

extended authentication (XAUTH)

configuring

245

–

247

IKE policies

237

F

factory default settings

list of

405

–

410

reverting to

349

Factory Defaults Reset button

20

failover attempts, DNS lookup or ping

75

IPv4

47

IPv6

70

failure detection method

IPv4, configuring

45

–

47

IPv6, configuring

70

–

71

fe80 and fec0 IPv6 addresses

102

firewall

attack checks

170

–

172

bandwidth profiles

181

–

183

custom services

177

default settings

407

inbound rules.

See

inbound rules.

outbound rules.

See

outbound rules.

overview

14

QoS LAN profiles

184

–

186

rules

See also

inbound rules.

See also

outbound rules.

numbers and types supported

136

order of precedence

144

scheduling

189

firmware, downloading and upgrading

350

–

352

flags, router advertisements

DMZ, configuring for

125

LAN, configuring for

111

FQDNs (fully qualified domain names)

auto-rollover mode and load balancing mode

50

DDNS requirements

49

dual WAN ports, planning

202

–

203

IPSec VPN, configuring endpoints

206

,

210

,

213

,

235

multiple WAN ports

414

,

421

SSL VPN, configuring port forwarding

277

front panel

LEDs

18

ports

17

FTP access, allowing from DMZ (rule example)

169

full tunnel, SSL VPN

285

fully qualified domain names.

See

FQDNs.

G

gateway, ISP

IPv4 address

38

IPv6 address

59

Page 459 / 469

459

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

global addresses, IPv6

65

global IPv6 tunnels

DMZ, configuring for

126

LAN, configuring for

112

group and global policies, configuring for SSL VPN

291

groups

IP groups

179

LAN groups

98

–

101

users, for authentication

307

guests, user account

311

–

312

GUI (graphical user interface)

described

23

troubleshooting

394

H

hardware

front panel ports

17

rear panel components

19

requirements

415

Help button (web management interface)

25

hosts

exposed, increasing traffic

334

exposed, specifying (rule example)

167

name resolution

283

public web server (rule example)

164

HTTP management

340

humidity, operating and storage

411

I

ICMP (Internet Control Message Protocol)

time-out

174

type

178

idle time-out, broadband connection

37

IGMP (Internet Group Management Protocol)

174

IGP (Interior Gateway Protocol)

129

IKE policies

exchange mode

232

,

234

ISAKMP identifier

232

,

235

managing

231

Mode Config operation

234

,

253

XAUTH

237

inbound rules

default

136

examples

164

–

168

increasing traffic

332

IPv4

DMZ-to-WAN rules

156

LAN-to-DMZ rules

162

LAN-to-WAN rules

150

IPv6

DMZ-to-WAN rules

157

LAN-to-DMZ rules

163

LAN-to-WAN rules

151

order of precedence

144

overview

140

QoS profile, ToS

143

scheduling

189

settings

141

–

144

inbound traffic, bandwidth

182

increasing traffic

overview

332

–

335

port forwarding

140

individual bandwidth allocation, WAN traffic

79

installation, verifying

82

instant messaging, blocking (rule example)

168

interface specifications

411

Interior Gateway Protocol (IGP)

129

Internet

configuration requirements

416

form to save connection information

417

Internet connection

configuring

26

default settings

405

Internet connectivity, testing

82

Internet Control Message Protocol (ICMP)

time-out

174

type

178

Internet Group Management Protocol (IGMP)

174

Internet Key Exchange.

See

IKE policies.

Internet LED

19

Internet service provider (ISP)

connection, troubleshooting

396

gateway IPv4 address

38

gateway IPv6 address

59

Intra-Site Automatic Tunnel Addressing Protocol

(ISATAP) tunnels

configuring globally

65

DMZ, configuring for

126

LAN, configuring for

112

IP buttons (web management interface)

24

IP groups, creating

179

IP precedence, QoS

185

IP/MAC bindings

192

–

196

IPSec hosts, XAUTH

246

–

247

IPSec VPN Wizard

client-to-gateway tunnels, setting up

212

default settings

205

described

16

gateway-to-gateway tunnels, setting up

204

,

208

IPSec VPN.

See

VPN tunnels.

IPv4 addresses

autogenerated

394

default

90

Page 460 / 469

460

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

DHCP, address pool

117

DMZ port

116

DNS servers

39

,

91

,

117

dynamically assigned

38

errors

25

ISATAP tunnel address

66

L2TP server

273

MAC bindings

193

port forwarding, SSL VPN

283

PPTP server

270

requirements

25

reserved

101

secondary LAN

94

–

96

secondary WAN

47

SIIT address

68

SSL VPN

clients, configuring

287

policies, configuring

294

resources, configuring

290

static or permanent

33

,

38

subnet mask, default

90

subnet mask, DMZ port

116

VPN tunnels

206

,

214

,

235

,

243

IPv4 DMZ, configuring

115

–

118

IPv4 gateway

38

IPv4 Internet connection

autodetecting

31

manually configuring

34

setting up

27

IPv4 ISP, logging in

35

IPv4 routing modes

29

IPv6 addresses

autoconfiguration

55

,

105

,

120

concatenating

65

DHCPv6, stateless and stateful

DMZ, configuring

120

LAN, configuring

105

WAN, configuring

56

DMZ address pools

122

DMZ advertisement prefixes

125

DMZ port

120

DNS servers

59

,

63

,

106

,

121

errors

25

fe80 and fec0

102

LAN address pools

107

LAN advertisement prefixes

111

LAN, configuring

105

link-local address

102

MAC bindings

195

PPPoE

62

private address

65

requirements

25

route destination

133

secondary LAN

113

–

114

SIIT address

68

SSL VPN

clients, configuring

287

policies, configuring

294

resources, configuring

290

static or permanent

59

tunnel addresses, viewing

67

unique global address

65

VPN tunnels

210

,

235

,

243

IPv6 connection, troubleshooting

397

IPv6 DMZ, configuring

118

–

127

IPv6 gateway

133

IPv6 Internet connection

manually configuring

58

,

61

setting up

28

IPv6 mode, configuring

54

IPv6 networks, described

53

IPv6 prefix length

DMZ address

120

DMZ advertisements

126

DMZ DHCPv6 address pools

122

IPSec VPN policies

243

ISP address

59

LAN address

105

LAN advertisements

112

LAN DHCPv6 address pools

107

LAN prefix delegation

108

secondary LAN IP address

114

SSL VPN policies

295

static routes

133

IPv6 prefix lifetimes

DMZ advertisements

126

LAN advertisements

112

IPv6 prefixes

6to4 tunnel

64

DMZ advertisements

126

ISATAP tunnels

66

LAN advertisements

112

IPv6 tunnel status and addresses, viewing

67

IPv6 tunnels

configuring globally

64

–

67

DMZ, configuring for

126

LAN, configuring for

112

ISAKMP identifier

232

,

235

ISATAP (Intra-Site Automatic Tunnel Addressing

Protocol) tunnels

configuring globally

65

DMZ, configuring for

126

LAN, configuring for

112

ISP (Internet service provider)

connection, troubleshooting

396

gateway IPv4 address

38

gateway IPv6 address

59

Rate

Popular NETGEAR Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share