1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRXN3205
    5. /
  5. 34
Page 166 / 218 Scroll up to view Page 161 - 165
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
9-6
Firewall and Network Management
v1.0, October 2008
Enable DNS Proxy.
Allows the firewall to handle DNS queries from the LAN.
Enable Stealth Mode.
Prevents the firewall from responding to incoming requests for
unsupported services.
As you define your firewall rules, you can further refine the application according to the following
criteria:
LAN Users.
These settings determine which computers on your network are affected by this
rule. Select the desired IP Address in this field.
WAN Users.
These settings determine which Internet locations are covered by the rule, based
on the IP address.
Any: The rule applies to all Internet IP address.
Single address: The rule applies to a single Internet IP address.
Address range: The rule is applied to a range of Internet IP addresses.
Destination Address.
These settings determine the destination IP address for this rule which
will be applicable to incoming traffic. This rule will be applied only when the destination IP
address of the incoming packet matches the IP address of the WAN interface. Selecting ANY
enables the rule for any LAN IP destination.
Services.
You can specify the desired Services or applications to be covered by this rule. If the
desired service or application does not appear in the list, you must define it using the Services
menu (see
“Adding Customized Services” on page 5-15
).
Schedule.
You can specify whether the rule is to be applied on the Schedule 1, Schedule 2, or
Schedule 3 time schedule (see
“Setting Schedules to Block or Allow Traffic” on page 5-17
).
See
“Using Rules & Services to Block or Allow Traffic” on page 5-2
for the procedure on how to
use this feature.
Port Triggering
Port triggering allows some applications to function correctly that would otherwise be partially
blocked by the firewall. Using this feature requires that you know the port numbers used by the
application.
Once configured, port triggering operates as follows:
A PC makes an outgoing connection using a port number defined in the Port Triggering table.
This firewall records this connection, opens the additional INCOMING port or ports
associated with this entry in the Port Triggering table, and associates them with the PC.
Page 167 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Firewall and Network Management
9-7
v1.0, October 2008
The remote system receives the PCs request and responds using the different port numbers that
you have now opened.
This firewall matches the response to the previous request and forwards the response to the
PC. Without port triggering, this response would be treated as a new connection request rather
than a response. As such, it would be handled in accordance with the Port Forwarding rules.
Only one PC can use a port triggering application at any time.
After a PC has finished using a port triggering application, there is a time-out period
before the application can be used by another PC. This is required because the firewall
cannot be sure when the application has terminated.
See
“Enabling Port Triggering” on page 5-23
for the procedure on how to use this feature.
VPN Tunnels
The VPN firewall permits up to 5 IPsec VPN tunnels and 3 SSL VPN tunnels not to exceed 8 total
tunnels at a time. Each tunnel requires extensive processing for encryption and authentication.
See
Chapter 6, “Virtual Private Networking Using IPsec
” for the procedures on how to use IPsec
VPN, and
Chapter 7, “Virtual Private Networking Using SSL
for the procedures on how to use
SSL VPN.
Using QoS to Shift the Traffic Mix
The QoS priority settings determine the priority and, in turn, the quality of service for the traffic
passing through the firewall. The QoS is set individually for each service.
You can accept the default priority defined by the service itself by not changing its QoS
setting.
You can change the priority to a higher or lower value than its default setting to give the
service higher or lower priority than it otherwise would have.
The QoS priority settings conform to the IEEE 802.1D-1998 (formerly 802.1p) standard for class
of service tag.
You will not change the WAN bandwidth used by changing any QoS priority settings. But you will
change the mix of traffic through the WAN port by granting some services a higher priority than
others. The quality of a service is impacted by its QoS setting, however.
See
“Setting Quality of Service (QoS) Priorities” on page 5-16
for the procedure on how to use
this feature.
Page 168 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
9-8
Firewall and Network Management
v1.0, October 2008
Tools for Traffic Management
The ProSafe Wireless-N VPN Firewall includes several tools that can be used to monitor the traffic
conditions of the firewall and control who has access to the Internet and the types of traffic each
individual is allowed to have. See
“Monitoring System Performance” on page 11-1
for a
discussion of the tools.
Changing Passwords and Administrator Settings
The default administrator and guest password for the Web Configuration Manager is
password
.
Netgear recommends that you change this password to a more secure password. You can also
configure a separate password for the guest account.
To modify the Administrator user account settings, including password:
1.
Select
Users > Users
from the main/submenu and the List of Users screen displays.
2.
Select the checkbox adjacent to admin in the
Name
column, then click
Edit
in the
Action
column.
Figure 9-1OK
Page 169 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Firewall and Network Management
9-9
v1.0, October 2008
The Edit User screen is displayed, with the current settings for Administrator displayed in the
Select User Type
pull-down menu.
3.
Select the
Check to Edit Password
checkbox. The password fields become active.
4.
Enter the old password, then enter the new password twice.
5.
(Optional) To change the idle timeout for an administrator login session, enter a new number
of minutes in the
Idle Timeout
field.
6.
Click
Apply
to save your settings or
Reset
to return to your previous settings.
Figure 9-2
Note:
If the administrator login timeout value is too large, you may have to wait a
long time before you are able to log back into the firewall if your previous
login was disrupted (for example, if you did not click
Logout
on the Main
Menu bar to log out).
Note:
After a factory default reset, the password and timeout value will be changed
back to
password
and
5
minutes, respectively.
Page 170 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
9-10
Firewall and Network Management
v1.0, October 2008
Enabling Remote Management Access
Using the Remote Management page, you can allow an administrator on the Internet to configure,
upgrade, and check the status of your firewall. You must be logged in locally to enable remote
management.
To configure your firewall for Remote Management:
1.
Select
Administration > Remote Management
from the main/submenu.
The Remote Management screen displays.
.
2.
Click the
Yes
radio box to enable HTTPS remote management (enabled by default).
3.
Click
Apply
to have your changes take effect.
When accessing your firewall from the Internet, the Secure Sockets Layer (SSL) will be
enabled. You will enter
https://
(not
http://
) and type your firewall’s WAN IP address into your
browser.
For example, if your WAN IP address is 172.16.0.123, type the following in your browser:
Note:
Be sure to change the default configuration password of the firewall to a very
secure password. The ideal password should contain no dictionary words from any
language, and should be a mixture of letters (both upper and lower case), numbers,
and symbols. Your password can be up to 30 characters. See
“Changing Passwords
and Administrator Settings” on page 9-8
for the procedure on how to do this.
Figure 9-3
Note:
For enhanced security, restrict access to as few external IP addresses as
practical. See
“Setting User Login Policies” on page 8-5
for instructions on
restricting administrator access. Be sure to use strong passwords.

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top