FVL328 Reference Manual
Page 7
... to Block or Allow Content or Traffic 5-13 Setting the Time Zone 5-14 Set Clock ...5-14 Enable NTP (Network Time Protocol 5-14 User-defined NTP Server 5-15 Getting E-Mail Notifications of Event Logs and Alerts 5-15 Viewing Logs of Web Access or Attempted Web Access 5-17 What to Include in the Event Log 5-19 Chapter 6 Virtual Private Networking Overview of FVL328 Policy-Based VPN Configuration 6-1 Using Policies to Manage VPN Traffic 6-1 Using Automatic Key Management 6-2 IKE Policies' Automatic Key and Authentication Management 6-3 VPN Policy Configuration for Auto Key Negotiation...
... to Block or Allow Content or Traffic 5-13 Setting the Time Zone 5-14 Set Clock ...5-14 Enable NTP (Network Time Protocol 5-14 User-defined NTP Server 5-15 Getting E-Mail Notifications of Event Logs and Alerts 5-15 Viewing Logs of Web Access or Attempted Web Access 5-17 What to Include in the Event Log 5-19 Chapter 6 Virtual Private Networking Overview of FVL328 Policy-Based VPN Configuration 6-1 Using Policies to Manage VPN Traffic 6-1 Using Automatic Key Management 6-2 IKE Policies' Automatic Key and Authentication Management 6-3 VPN Policy Configuration for Auto Key Negotiation...
FVL328 Reference Manual
Page 20
... Configuration Protocol (DHCP). IP-MAC address locking ensures the same PC always gets the same IP address. • DNS Proxy When DHCP is a protocol for Telstra cable in settings where you want to the correct configuration. Supported protocols include: • The Ability to Enable or Disable IP Address Sharing by NAT The FVL328 allows several networked computers to make the right connection. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 The firewall incorporates Auto UplinkTM technology. That port will accommodate either type...
... Configuration Protocol (DHCP). IP-MAC address locking ensures the same PC always gets the same IP address. • DNS Proxy When DHCP is a protocol for Telstra cable in settings where you want to the correct configuration. Supported protocols include: • The Ability to Enable or Disable IP Address Sharing by NAT The FVL328 allows several networked computers to make the right connection. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 The firewall incorporates Auto UplinkTM technology. That port will accommodate either type...
FVL328 Reference Manual
Page 21
... Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Dynamic DNS Dynamic DNS services allow you to test Internet connectivity and reboot the firewall. The FVL328 also now supports trace route. • Visual monitoring The firewall's front panel LEDs provide an easy way to the network. Easy Installation and Management You can connect to many popular Dynamic DNS services to the Web Management Interface from the FVL328 when your are connected over the Internet via the Internet using a domain name when your dynamic IP address. A user...
... Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Dynamic DNS Dynamic DNS services allow you to test Internet connectivity and reboot the firewall. The FVL328 also now supports trace route. • Visual monitoring The firewall's front panel LEDs provide an easy way to the network. Easy Installation and Management You can connect to many popular Dynamic DNS services to the Web Management Interface from the FVL328 when your are connected over the Internet via the Internet using a domain name when your dynamic IP address. A user...
FVL328 Reference Manual
Page 28
... when your browser will display a page not found message. b. RESTART YOUR NETWORK IN THE CORRECT SEQUENCE Warning: Failure to restart your Internet browser. c. Figure 3-4: Log in the correct sequence could prevent you are lit, check that software, or cancel it if it starts automatically. Because you from connecting to the Internet May 2004, 202-10030-02 Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 2.
... when your browser will display a page not found message. b. RESTART YOUR NETWORK IN THE CORRECT SEQUENCE Warning: Failure to restart your Internet browser. c. Figure 3-4: Log in the correct sequence could prevent you are lit, check that software, or cancel it if it starts automatically. Because you from connecting to the Internet May 2004, 202-10030-02 Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 2.
FVL328 Reference Manual
Page 30
... Internet service account uses a login protocol such as you will report the type of connection follow the steps in the configuration menu for Recording Your Internet Connection Information" on page 3-10. Choose NAT or Classical Routing. Note: If you can manually configure your firewall and the cable or DSL line. NAT automatically assigns private IP addresses (192.168.0.x) to check the physical connection between your Internet connection settings by experienced users. The options are now connected to use...
... Internet service account uses a login protocol such as you will report the type of connection follow the steps in the configuration menu for Recording Your Internet Connection Information" on page 3-10. Choose NAT or Classical Routing. Note: If you can manually configure your firewall and the cable or DSL line. NAT automatically assigns private IP addresses (192.168.0.x) to check the physical connection between your Internet connection settings by experienced users. The options are now connected to use...
FVL328 Reference Manual
Page 31
...'s Primary DNS Server. If the NETGEAR Web site does not appear within one minute, refer to test your Account Name (may need to access the Internet. NAT allows all LAN computers to as mail or news servers. This is essential for Internet access via this Router. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 1. Enter your Internet connection. Enter the PPPoE login user name and password provided by sharing this Computer's MAC address to have the router use the MAC address of...
...'s Primary DNS Server. If the NETGEAR Web site does not appear within one minute, refer to test your Account Name (may need to access the Internet. NAT allows all LAN computers to as mail or news servers. This is essential for Internet access via this Router. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 1. Enter your Internet connection. Enter the PPPoE login user name and password provided by sharing this Computer's MAC address to have the router use the MAC address of...
FVL328 Reference Manual
Page 32
... the firewall during login. If your ISP allows access from the MAC address of the network interface card in a MAC address. Click the Test button to numeric IP addresses. If the NETGEAR Web site does not appear within one computer that is a host on the Internet port. The firewall will be using its MAC address. 4. You must obtain it from the ISP. They will register the Ethernet MAC address of that computer. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Configuring...
... the firewall during login. If your ISP allows access from the MAC address of the network interface card in a MAC address. Click the Test button to numeric IP addresses. If the NETGEAR Web site does not appear within one computer that is a host on the Internet port. The firewall will be using its MAC address. 4. You must obtain it from the ISP. They will register the Ethernet MAC address of that computer. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Configuring...
FVL328 Reference Manual
Page 33
...Secondary DNS Server address is now configured to save the settings. 4. DNS servers are performed by your ISP and enter them manually here. You should see the firewall's Internet LED blink, indicating communication to troubleshoot problems that may occur. Testing Your Internet Connection After completing the Internet connection configuration, your can test your ISP's Primary DNS Server. The browser should have been provided to connect, log in to Chapter 8, Troubleshooting. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 1. Click the Test button to...
...Secondary DNS Server address is now configured to save the settings. 4. DNS servers are performed by your ISP and enter them manually here. You should see the firewall's Internet LED blink, indicating communication to troubleshoot problems that may occur. Testing Your Internet Connection After completing the Internet connection configuration, your can test your ISP's Primary DNS Server. The browser should have been provided to connect, log in to Chapter 8, Troubleshooting. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 1. Click the Test button to...
FVL328 Reference Manual
Page 35
...: Disabling NAT will be manually administering the IP address space on the LAN side of the router. - Connecting the FVL328 to the factory default. These parameters may be necessary to Complete a Manual Configuration Manually configure the firewall in an area such as Austria that uses a Static IP address. If a Secondary DNS Server address is required. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 How to access your ISP's services such as mail or news servers. Answer the question, "Does Your Internet Connection...
...: Disabling NAT will be manually administering the IP address space on the LAN side of the router. - Connecting the FVL328 to the factory default. These parameters may be necessary to Complete a Manual Configuration Manually configure the firewall in an area such as Austria that uses a Static IP address. If a Secondary DNS Server address is required. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 How to access your ISP's services such as mail or news servers. Answer the question, "Does Your Internet Connection...
FVL328 Reference Manual
Page 36
... the ISP's router to save your Internet connection. The Gateway is first opened. Click Apply to which your firewall will reboot the router and reset all the FVL328 configuration settings to test your settings. 5. Also enter the netmask and the Gateway IP address. You should reboot your ISP assigned. Note: Disabling NAT will connect. - They will then capture and use the one or two DNS servers to your firewall during login, select "Use these DNS servers" and enter...
... the ISP's router to save your Internet connection. The Gateway is first opened. Click Apply to which your firewall will reboot the router and reset all the FVL328 configuration settings to test your settings. 5. Also enter the netmask and the Gateway IP address. You should reboot your ISP assigned. Note: Disabling NAT will connect. - They will then capture and use the one or two DNS servers to your firewall during login, select "Use these DNS servers" and enter...
FVL328 Reference Manual
Page 39
... DHCP server' check box. To view the DHCP Log, click DHCP Log. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 If another device on your network will be the DHCP server, or if you will deliver the following parameters to any LAN device that requests DHCP: • An IP Address from the range you have chosen for devices with its default LAN address of your computers, clear the 'Use router as the firewall's LAN IP address. Specify the pool of password, or using whatever password and LAN address...
... DHCP server' check box. To view the DHCP Log, click DHCP Log. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 If another device on your network will be the DHCP server, or if you will deliver the following parameters to any LAN device that requests DHCP: • An IP Address from the range you have chosen for devices with its default LAN address of your computers, clear the 'Use router as the firewall's LAN IP address. Specify the pool of password, or using whatever password and LAN address...
FVL328 Reference Manual
Page 48
... password and LAN address you have an ISDN router on your configuration. Click the radio button for connecting to Configure Dynamic DNS 1. Access the Web site of the browser interface, under Advanced, click Dynamic DNS. 3. Using Static Routes Static Routes provide additional routing information to save your network. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 How to the company where you are employed. Note: If your LAN is 192.168.0.100. • Your company's network is through a cable modem...
... password and LAN address you have an ISDN router on your configuration. Click the radio button for connecting to Configure Dynamic DNS 1. Access the Web site of the browser interface, under Advanced, click Dynamic DNS. 3. Using Static Routes Static Routes provide additional routing information to save your network. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 How to the company where you are employed. Note: If your LAN is 192.168.0.100. • Your company's network is through a cable modem...
FVL328 Reference Manual
Page 97
... VPN section and click the VPN Status link. The network setup is established. Using our example, log in Scenario 1. At this feature when you want to ping the FVL328 as a test of network connectivity, be sent to the WAN interface of the VPN tunnels for authentication. b. This will report the status and data transmission statistics of Gateway B. For instructions on this topic, please see, "Setting the Time Zone" on the Internet WAN port by checking the check...
... VPN section and click the VPN Status link. The network setup is established. Using our example, log in Scenario 1. At this feature when you want to ping the FVL328 as a test of network connectivity, be sent to the WAN interface of the VPN tunnels for authentication. b. This will report the status and data transmission statistics of Gateway B. For instructions on this topic, please see, "Setting the Time Zone" on the Internet WAN port by checking the check...
FVL328 Reference Manual
Page 112
.... How to Configure Remote Management Using the Remote Management page, you can change the router's default password to the firewall at its default LAN address of http://192.168.0.1 with its default user name of admin, default password of your FVL328 Prosafe High Speed VPN Firewall. To allow access from any common service port. Specify what external addresses will be up to configure, upgrade and check the status of password, or using whatever password and LAN address you can allow access from a range of IP addresses on the Internet to 30...
.... How to Configure Remote Management Using the Remote Management page, you can change the router's default password to the firewall at its default LAN address of http://192.168.0.1 with its default user name of admin, default password of your FVL328 Prosafe High Speed VPN Firewall. To allow access from any common service port. Specify what external addresses will be up to configure, upgrade and check the status of password, or using whatever password and LAN address you can allow access from a range of IP addresses on the Internet to 30...
FVL328 Reference Manual
Page 124
... file), you have chosen for example, LAN users accessing the Internet). Documentation updates are available on the NETGEAR, Inc. How to the Router (such as new software is stored in Figure 7-14. 7-20 May 2004, 202-10030-02 Managing Your Network Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Perform a DNS Lookup to test if an Internet name resolves to an IP address to verify that the DNS server configuration is working. • Display the Routing Table to...
... file), you have chosen for example, LAN users accessing the Internet). Documentation updates are available on the NETGEAR, Inc. How to the Router (such as new software is stored in Figure 7-14. 7-20 May 2004, 202-10030-02 Managing Your Network Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Perform a DNS Lookup to test if an Internet name resolves to an IP address to verify that the DNS server configuration is working. • Display the Routing Table to...
FVL328 Reference Manual
Page 130
... off power to the cable or DSL modem. 4. Turn off power to obtain a WAN IP address from the ISP. Wait five minutes and reapply power to the cable or DSL modem. 2. Turn off when entering this information. When the modem's LEDs indicate that an IP address is password. Launch your ISP. To check the WAN IP address: 1. If the firewall does not save changes you have been assigned a static IP address, your changes are using the Web configuration manager. Check...
... off power to the cable or DSL modem. 4. Turn off power to obtain a WAN IP address from the ISP. Wait five minutes and reapply power to the cable or DSL modem. 2. Turn off when entering this information. When the modem's LEDs indicate that an IP address is password. Launch your ISP. To check the WAN IP address: 1. If the firewall does not save changes you have been assigned a static IP address, your changes are using the Web configuration manager. Check...
FVL328 Reference Manual
Page 133
... the current configuration and restore factory defaults in two ways: • Use the Erase function of the Web Configuration Manager (see that the network address of your PC's Network Control Panel. If the path is functioning correctly, replies as described in "Verifying TCP/IP Properties" on the rear panel of the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 PING -n 10 where is the IP address of a remote device such as your firewall listed as the...
... the current configuration and restore factory defaults in two ways: • Use the Erase function of the Web Configuration Manager (see that the network address of your PC's Network Control Panel. If the path is functioning correctly, replies as described in "Verifying TCP/IP Properties" on the rear panel of the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 PING -n 10 where is the IP address of a remote device such as your firewall listed as the...
FVL328 Reference Manual
Page 202
... firewall software you may need to insert your Windows CD to complete the installation. • Reboot your PC after installing the client software. 2. Install the FVL328 Firewall Software on your PC. • You may be directly connected to the Internet through dialup, cable or DSL modem, or other means, and we will connect to NETGEAR FVL328 or FWAG114 VPN Router May 2004, 202-10030-02 Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 This procedure describes linking a remote PC and a LAN...
... firewall software you may need to insert your Windows CD to complete the installation. • Reboot your PC after installing the client software. 2. Install the FVL328 Firewall Software on your PC. • You may be directly connected to the Internet through dialup, cable or DSL modem, or other means, and we will connect to NETGEAR FVL328 or FWAG114 VPN Router May 2004, 202-10030-02 Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 This procedure describes linking a remote PC and a LAN...
FVL328 Reference Manual
Page 216
... configuration. Main Mode Menu. Select the Use a dynamic DNS service radio button for your dynamic DNS account. 5. Type the Host Name that the complete FQDN we are using . Click the Edit button below. Type the User Name for the service you . Click on the VPN Settings link on the Internet. 6. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 4. In this example we are using dyndns.org as 192.168.x.x or 10.x.x.x, the dynamic DNS service will not work...
... configuration. Main Mode Menu. Select the Use a dynamic DNS service radio button for your dynamic DNS account. 5. Type the Host Name that the complete FQDN we are using . Click the Edit button below. Type the User Name for the service you . Click on the VPN Settings link on the Internet. 6. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 4. In this example we are using dyndns.org as 192.168.x.x or 10.x.x.x, the dynamic DNS service will not work...
FVL328 Reference Manual
Page 233
... panel 2-7 reset button, clearing config 8-7 restore factory settings 7-18 RFC 1466 B-7, B-9 1597 B-7, B-9 1631 B-7, B-9 finding B-7 RIP (Router Information Protocol) 4-2 router concepts B-1 Routing Information Protocol 2-4, B-2 rules inbound 5-7 outbound 5-10 Index S SA E-4 Scope of Document 1-1 Secondary DNS Server 3-7, 3-8, 3-9, 3-11, 3-12 service blocking 5-10 service numbers 5-4 Setup Wizard 3-1 SMTP 5-16, 7-16 spoof MAC address 8-5 stateful packet inspection 2-3, 5-1, B-10 Static Routes 4-3 subnet addressing B-4 subnet mask B-5 Syslog 7-15 T TCP/IP configuring C-1, D-1, E-1, F-1 network...
... panel 2-7 reset button, clearing config 8-7 restore factory settings 7-18 RFC 1466 B-7, B-9 1597 B-7, B-9 1631 B-7, B-9 finding B-7 RIP (Router Information Protocol) 4-2 router concepts B-1 Routing Information Protocol 2-4, B-2 rules inbound 5-7 outbound 5-10 Index S SA E-4 Scope of Document 1-1 Secondary DNS Server 3-7, 3-8, 3-9, 3-11, 3-12 service blocking 5-10 service numbers 5-4 Setup Wizard 3-1 SMTP 5-16, 7-16 spoof MAC address 8-5 stateful packet inspection 2-3, 5-1, B-10 Static Routes 4-3 subnet addressing B-4 subnet mask B-5 Syslog 7-15 T TCP/IP configuring C-1, D-1, E-1, F-1 network...