User ManualTable of ContentsProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N1Contents41. Introduction10What Is the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N?10Key Features and Capabilities11Wireless Features11Advanced VPN Support for Both IPSec and SSL12A Powerful, True Firewall12Security Features13Autosensing Ethernet Connections with Auto Uplink13Extensive Protocol Support13Easy Installation and Management14Maintenance and Support15Package Contents15Hardware Features15Front Panel15Rear Panel18Bottom Panel with Product Label19Choose a Location for the Wireless VPN Firewall19Log In to the Wireless VPN Firewall20Web Management Interface Menu Layout22Requirements for Entering IP Addresses242. IPv4 and IPv6 Internet and Broadband Settings25Internet and WAN Configuration Tasks25Tasks to Set Up an IPv4 Internet Connection to Your ISP25Tasks to Set Up an IPv6 Internet Connection to Your ISP26Configure the IPv4 Internet Connection and WAN Settings26Configure the IPv4 WAN Mode27Let the Wireless VPN Firewall Automatically Detect and Configure an IPv4 Internet Connection28Manually Configure an IPv4 Internet Connection31Configure Dynamic DNS35Configure the IPv6 Internet Connection and WAN Settings37Configure the IPv6 Routing Mode38Use a DHCPv6 Server to Configure an IPv6 Internet Connection39Configure a Static IPv6 Internet Connection41Configure a PPPoE IPv6 Internet Connection43Configure 6to4 Automatic Tunneling46Configure ISATAP Automatic Tunneling47View the Tunnel Status and IPv6 Addresses49Configure Stateless IP/ICMP Translation49Configure Advanced WAN Options and Other Tasks50Additional WAN-Related Configuration Tasks53Verify the Connection53What to Do Next533. LAN Configuration54Manage IPv4 Virtual LANs and DHCP Options54Port-Based VLANs55Assign and Manage VLAN Profiles56VLAN DHCP Options57Configure a VLAN Profile59Configure VLAN MAC Addresses and LAN Advanced Settings64Configure IPv4 Multihome LAN IP Addresses on the Default VLAN65Manage IPv4 Groups and Hosts (IPv4 LAN Groups)67Manage the Network Database68Change Group Names in the Network Database71Set Up DHCP Address Reservation72Manage the IPv6 LAN73DHCPv6 Server Options73Configure the IPv6 LAN75Configure the IPv6 Router Advertisement Daemon and Advertisement Prefixes for the LAN80Configure IPv6 Multihome LAN IP Addresses on the Default VLAN84Enable and Configure the DMZ Port for IPv4 and IPv6 Traffic85DMZ Port for IPv4 Traffic86DMZ Port for IPv6 Traffic89Configure the IPv6 Router Advertisement Daemon and Advertisement Prefixes for the DMZ93Manage Static IPv4 Routing98Configure Static IPv4 Routes98Configure the Routing Information Protocol100IPv4 Static Route Example103Manage Static IPv6 Routing1034. Wireless Configuration and Security106Overview of the Wireless Features106Wireless Equipment Placement and Range Guidelines107Configure the Basic Radio Settings108Operating Frequency (Channel) Guidelines110Wireless Data Security Options111Wireless Security Profiles112Before You Change the SSID, WEP, and WPA Settings114Configure and Enable Wireless Profiles115Restrict Wireless Access by MAC Address120View the Status of a Wireless Profile122Configure Wi-Fi Protected Setup123Configure Advanced Radio Settings125Test Basic Wireless Connectivity1275. Firewall Protection128About Firewall Protection128Administrator Tips129Overview of Rules to Block or Allow Specific Kinds of Traffic129Outbound Rules (Service Blocking)130Inbound Rules (Port Forwarding)133Order of Precedence for Rules137Configure LAN WAN Rules138Create LAN WAN Outbound Service Rules140Create LAN WAN Inbound Service Rules143Configure DMZ WAN Rules145Create DMZ WAN Outbound Service Rules148Create DMZ WAN Inbound Service Rules150Configure LAN DMZ Rules153Create LAN DMZ Outbound Service Rules155Create LAN DMZ Inbound Service Rules157Examples of Firewall Rules159Examples of Inbound Firewall Rules159Examples of Outbound Firewall Rules164Configure Other Firewall Features166Attack Checks166Set Limits for IPv4 Sessions170Manage the Application Level Gateway for SIP Sessions171Services, Bandwidth Profiles, and QoS Profiles172Add Customized Services172Create Bandwidth Profiles175Preconfigured Quality of Service Profiles177Configure Content Filtering178Set a Schedule to Block or Allow Specific Traffic182Enable Source MAC Filtering183Set Up IP/MAC Bindings184Configure Port Triggering190Configure Universal Plug and Play1926. Virtual Private Networking Using IPSec and L2TP Connections194Use the IPSec VPN Wizard for Client and Gateway Configurations194Create an IPv4 Gateway-to-Gateway VPN Tunnel with the Wizard195Create an IPv6 Gateway-to-Gateway VPN Tunnel with the Wizard199Create an IPv4 Client-to-Gateway VPN Tunnel with the Wizard203Test the Connection and View Connection and Status Information218Test the NETGEAR VPN Client Connection218NETGEAR VPN Client Status and Log Information220View the Wireless VPN Firewall IPSec VPN Connection Status220View the Wireless VPN Firewall IPSec VPN Log221Manage IPSec VPN Policies222Manage IKE Policies222Manage VPN Policies230Configure Extended Authentication (XAUTH)238Configure XAUTH for VPN Clients239User Database Configuration240RADIUS Client and Server Configuration240Assign IPv4 Addresses to Remote Users (Mode Config)243Mode Config Operation243Configure Mode Config Operation on the Wireless VPN Firewall244Configure the ProSafe VPN Client for Mode Config Operation251Test the Mode Config Connection258Modify or Delete a Mode Config Record259Configure Keep-Alives and Dead Peer Detection259Configure Keep-Alives260Configure Dead Peer Detection261Configure NetBIOS Bridging with IPSec VPN262Configure the L2TP Server263View the Active L2TP Users2657. Virtual Private Networking Using SSL Connections266SSL VPN Portal Options266Overview of the SSL Configuration Process267Create the Portal Layout268Configure Domains, Groups, and Users272Configure Applications for Port Forwarding273Add Servers and Port Numbers273Add a New Host Name274Configure the SSL VPN Client275Configure the Client IP Address Range276Add Routes for VPN Tunnel Clients278Use Network Resource Objects to Simplify Policies279Add New Network Resources279Edit Network Resources to Specify Addresses280Configure User, Group, and Global Policies282View Policies283Add an IPv4 or IPv6 SSL VPN Policy284Access the New SSL Portal Login Screen288View the SSL VPN Connection Status and SSL VPN Log2928. Manage Users, Authentication, and VPN Certificates294The Wireless VPN Firewall’s Authentication Process and Options294Configure Authentication Domains, Groups, and Users296Configure Domains296Configure Groups300Configure User Accounts303Set User Login Policies306Change Passwords and Other User Settings311Manage Digital Certificates for VPN Connections313VPN Certificates Screen314Manage VPN CA Certificates315Manage VPN Self-Signed Certificates316Manage the VPN Certificate Revocation List3209. Network and System Management322Performance Management322Bandwidth Capacity322Features That Reduce Traffic323Features That Increase Traffic325Use QoS and Bandwidth Assignment to Shift the Traffic Mix328Monitoring Tools for Traffic Management328System Management329Change Passwords and Administrator and Guest Settings329Configure Remote Management Access331Use the Command-Line Interface335Use a Simple Network Management Protocol Manager335Manage the Configuration File340Configure Date and Time Service34410. Monitor System Access and Performance346Enable the WAN Traffic Meter346Configure Logging, Alerts, and Event Notifications349How to Send Syslogs over a VPN Tunnel between Sites353View Status Screens356View the System Status356View the VPN Connection Status and L2TP Users364View the VPN Logs365View the Port Triggering Status366View the WAN Port Status367View the Attached Devices and the DHCP Log370View the Status of a Wireless Profile372Diagnostics Utilities373Send a Ping Packet375Trace a Route375Look Up a DNS Address375Display the Routing Tables376Capture Packets in Real Time376Reboot the Wireless VPN Firewall Remotely37711. Troubleshooting378Basic Functioning379Power LED Not On379Test LED Never Turns Off379LAN or WAN Port LEDs Not On380Troubleshoot the Web Management Interface380When You Enter a URL or IP Address, a Time-Out Error Occurs381Troubleshoot the ISP Connection382Troubleshooting the IPv6 Connection383Troubleshoot a TCP/IP Network Using a Ping Utility386Test the LAN Path to Your Wireless VPN Firewall386Test the Path from Your Computer to a Remote Device387Restore the Default Configuration and Password388Address Problems with Date and Time389Access the Knowledge Base and Documentation389A. Default Settings and Technical Specifications390Factory Default Settings390Physical and Technical Specifications396B. Two-Factor Authentication400Why Do I Need Two-Factor Authentication?400What Are the Benefits of Two-Factor Authentication?400What Is Two-Factor Authentication?401NETGEAR Two-Factor Authentication Solutions401C. Notification of Compliance (Wired)404D. Notification of Compliance (Wireless)408Index412Size: 22.3 MBPages: 425Language: EnglishOpen manual