Reference ManualTable of ContentsReference Manual for the Model FVS318 Broadband ProSafe VPN Firewall1Contents5Chapter 1 About This Manual13Audience13Scope13Typographical Conventions14Special Message Formats14How to Use the HTML Version of this Manual15How to Print this Manual16Chapter 2 Introduction17About the FVS31817Key Features17Virtual Private Networking (VPN)17A Powerful, True Firewall18Content Filtering18Configurable Auto Uplink™ Ethernet Connection18Protocol Support19Easy Installation and Management20What’s in the Box?21The Firewall’s Front Panel21The Firewall’s Rear Panel22Chapter 3 Connecting the Firewall to the Internet23What You Will Need Before You Begin23LAN Hardware Requirements23Computer Requirements23Cable or DSL Modem Requirement23LAN Configuration Requirements24Internet Configuration Requirements24Where Do I Get the Internet Configuration Parameters?24Worksheet for Recording Your Internet Connection Information25How to Connect the FVS318 VPN Firewall26Wizard-Detected PPPoE Option31Wizard-Detected Dynamic IP Option32Wizard-Detected Fixed IP (Static) Option33Testing Your Internet Connection34How to Manually Configure Your Internet Connection35Chapter 4 Protecting Your Network39Protecting Access to Your FVS318 VPN Firewall39How to Change the Built-In Password39How to Change the Administrator Login Timeout40Using Basic Firewall Services40How to Block Keywords and Sites41How to Block or Allow Services43How to Add to the List of Services45Setting Times and Scheduling Firewall Services48How to Set Your Time Zone48How to Schedule Firewall Services49Chapter 5 Advanced WAN and LAN Configuration51Configuring Advanced WAN Settings51Setting Up A Default DMZ Server51Enabling Access to Local Servers Through a FVS31852How to Configure Port Forwarding to Local Servers52Respond to Ping on Internet WAN Port53How to Support Internet Services, Applications, or Games53How to Clear a Port Assignment54Local Web and FTP Server Example54How to Set Up Computers for Half Life, KALI or Quake III54Working with LAN IP Settings55What Does UPnP Support Do for Me?55How to Enable UPnP56Understanding LAN TCP/IP Setup Parameters57Setting the MTU Size58Using the Router as a DHCP Server58How to Specify Reserved IP Addresses59How to Configure LAN TCP/IP Settings60How to Configure Dynamic DNS61Using Static Routes62Static Route Example62How to Configure Static Routes63Chapter 6 Virtual Private Networking65Overview of VPN Configuration65Understanding How FVS318 VPN Tunnels Are Configured66Configuring VPN Network Connection Parameters67Configuring a SA Using IKE Main Mode69Configuring a SA Using IKE Aggressive Mode70Configuring a SA Using Manual Key Management71Planning a VPN73How to Configure a Network to Network VPN Tunnel75How to Configure a Remote PC to Network VPN80Monitoring the PC VPN Connection Using SafeNet Tools90How to Configure Manual Keys as an Alternative to IKE92How to Delete a Security Association94Blank VPN Tunnel Configuration Worksheets95Chapter 7 Managing Your Network97Network Management Information97Viewing Router Status and Usage Statistics97Viewing Attached Devices100Viewing, Selecting, and Saving Logged Information101Selecting What Information to Log102Saving Log Files on a Server103Examples of log messages103Activation and Administration103Dropped Packets103Enabling Security Event E-mail Notification104Backing Up, Restoring, or Erasing Your Settings105How to Back Up the Configuration to a File105How to Restore a Configuration from a File106How to Erase the Configuration107Running Diagnostic Utilities and Rebooting the Router107How to Enable Remote Management108How to Upgrade the Router’s Firmware109Chapter 8 Troubleshooting111Basic Functions111Power LED Not On112Test LED Never Turns On or Test LED Stays On112Local or Internet Port Link LEDs Not On112Troubleshooting the Web Configuration Interface113Troubleshooting the ISP Connection114Troubleshooting a TCP/IP Network Using a Ping Utility115Testing the LAN Path to Your Firewall116Testing the Path from Your PC to a Remote Device116Restoring the Default Configuration and Password117Problems with Date and Time118Appendix A Technical Specifications119Technical Specifications119Appendix B Networks, Routing, and Firewall Basics121Related Publications121Basic Router Concepts121What is a Router?121Routing Information Protocol122IP Addresses and the Internet122Netmask124Subnet Addressing124Private IP Addresses127Single IP Address Operation Using NAT128MAC Addresses and Address Resolution Protocol129Related Documents129Domain Name Server129IP Configuration by DHCP130Internet Security and Firewalls130What is a Firewall?131Stateful Packet Inspection131Denial of Service Attack131Ethernet Cabling131Category 5 Cable Quality132Inside Twisted Pair Cables133Uplink Switches, Crossover Cables, and MDI/MDIX Switching134Appendix C Preparing Your Network137Preparing Your Computers for TCP/IP Networking137Configuring Windows 95, 98, and Me for TCP/IP Networking138Install or Verify Windows Networking Components138Enabling DHCP to Automatically Configure TCP/IP Settings140Selecting Windows’ Internet Access Method142Verifying TCP/IP Properties142Configuring Windows NT4, 2000 or XP for IP Networking143Install or Verify Windows Networking Components143DHCP Configuration of TCP/IP in Windows XP, 2000, or NT4144DHCP Configuration of TCP/IP in Windows XP144DHCP Configuration of TCP/IP in Windows 2000146DHCP Configuration of TCP/IP in Windows NT4149Verifying TCP/IP Properties for Windows XP, 2000, and NT4150Configuring the Macintosh for TCP/IP Networking151MacOS 8.6 or 9.x151MacOS X152Verifying TCP/IP Properties for Macintosh Computers153Verifying the Readiness of Your Internet Account154Are Login Protocols Used?154What Is Your Configuration Information?154Obtaining ISP Configuration Information for Windows Computers155Obtaining ISP Configuration Information for Macintosh Computers156Restarting the Network157Appendix D Virtual Private Networking159What is a VPN?159What Is IPSec and How Does It Work?160IPSec Security Features160IPSec Components160Encapsulating Security Payload (ESP)161Authentication Header (AH)162IKE Security Association162Mode163Key Management164Understand the Process Before You Begin164VPN Process Overview165Network Interfaces and Addresses165Interface Addressing165Firewalls166Setting Up a VPN Tunnel Between Gateways166VPNC IKE Security Parameters168VPNC IKE Phase I Parameters168VPNC IKE Phase II Parameters169Testing and Troubleshooting169Additional Reading169Appendix E NETGEAR VPN Configuration of FVS318 or FVM318 to FVL328171Configuration Profile171Step-By-Step Configuration of FVS318 or FVM318 Gateway A172Step-By-Step Configuration of FVL328 Gateway B175Test the VPN Connection179Appendix F NETGEAR VPN Configuration FVS318 or FVM318 to Cisco IOS181Configuration Profile181Step-By-Step Configuration of FVS318 or FVM318 Gateway A182Step-By-Step Configuration of Cisco IOS Gateway B185Test the VPN Connection188Appendix G NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVL328191Configuration Profile191The Use of a Fully Qualified Domain Name (FQDN)192Step-By-Step Configuration of FVS318 or FVM318 Gateway A193Step-By-Step Configuration of FVL328 Gateway B197Test the VPN Connection202Glossary203Numeric203A203B204C205D206E207F207G208H208I208L210M210N211O212P212Q214R214S214T215U215V216W216Index219Size: 4.99 MBPages: 222Language: EnglishOpen manual