FVL328 Reference Manual
Page 17
...cable modem or DSL modem) and supports IPSec-based secure tunnels to 100 concurrent VPN tunnels. Summary of New Features in the FVL328 The NETGEAR FVL328 VPN ProSafe Firewall contains many new features, including: • Multi-DMZ (One-to 7 private LAN IPs. • Resettable WAN traffic meter - Unlike simple Internet sharing routers.... About the FVL328 The FVL328 is now ICSA certified. The FVL328 Firewall is a complete security solution that simplifies VPN setup and uses the VPNC defaults • Four groups for Denial of the NETGEAR FVL328 Prosafe High Speed VPN Firewall. Up to ...
...cable modem or DSL modem) and supports IPSec-based secure tunnels to 100 concurrent VPN tunnels. Summary of New Features in the FVL328 The NETGEAR FVL328 VPN ProSafe Firewall contains many new features, including: • Multi-DMZ (One-to 7 private LAN IPs. • Resettable WAN traffic meter - Unlike simple Internet sharing routers.... About the FVL328 The FVL328 is now ICSA certified. The FVL328 Firewall is a complete security solution that simplifies VPN setup and uses the VPNC defaults • Four groups for Denial of the NETGEAR FVL328 Prosafe High Speed VPN Firewall. Up to ...
FVL328 Reference Manual
Page 18
...-02 The FVL328 Prosafe High Speed VPN Firewall supports standard keying methods (Manual or IKE), standard authentication methods (MD5 and SHA-1), and standard encryption methods (DES, 3DES). Clearer VPN status page - Virtual Private Networking The FVL328 Firewall provides a secure encrypted connection between your local network and remote networks or clients. Its VPN features include: • VPN Wizard: Simplifies VPN setup, uses...
...-02 The FVL328 Prosafe High Speed VPN Firewall supports standard keying methods (Manual or IKE), standard authentication methods (MD5 and SHA-1), and standard encryption methods (DES, 3DES). Clearer VPN status page - Virtual Private Networking The FVL328 Firewall provides a secure encrypted connection between your local network and remote networks or clients. Its VPN features include: • VPN Wizard: Simplifies VPN setup, uses...
FVL328 Reference Manual
Page 20
... address. • DNS Proxy When DHCP is a protocol for Telstra cable in settings where you want to manage the IP address scheme of your local network. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 The firewall incorporates Auto UplinkTM technology. Appendix B, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP...
... address. • DNS Proxy When DHCP is a protocol for Telstra cable in settings where you want to manage the IP address scheme of your local network. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 The firewall incorporates Auto UplinkTM technology. Appendix B, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP...
FVL328 Reference Manual
Page 21
... location via the remote management function. A user-friendly Setup Wizard is provided and online help documentation is not permanently assigned. The FVL328 also now supports trace route. • Visual monitoring The firewall's front panel LEDs provide an easy way to the network...popular Dynamic DNS services to test Internet connectivity and reboot the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Dynamic DNS Dynamic DNS services allow you to register your firewall from the FVL328 when your IP address is built into the browser-based ...
... location via the remote management function. A user-friendly Setup Wizard is provided and online help documentation is not permanently assigned. The FVL328 also now supports trace route. • Visual monitoring The firewall's front panel LEDs provide an easy way to the network...popular Dynamic DNS services to test Internet connectivity and reboot the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • Dynamic DNS Dynamic DNS services allow you to register your firewall from the FVL328 when your IP address is built into the browser-based ...
FVL328 Reference Manual
Page 25
..." provides instructions for connecting the FVL328 Prosafe High Speed VPN Firewall to your Internet connection. CONNECT THE FIREWALL a. Turn off your network. 1. How to Connect the FVL328 to Your LAN There are three steps to connecting your firewall: • Connect the firewall to your network. • ...firewall on your network in the correct sequence. • Log in to the firewall. • Connect to the Internet. Connecting the FVL328 to the Internet 3-1 May 2004, 202-10030-02 You can perform basic configuration of your FVL328 Prosafe High Speed VPN Firewall using the Setup...
..." provides instructions for connecting the FVL328 Prosafe High Speed VPN Firewall to your Internet connection. CONNECT THE FIREWALL a. Turn off your network. 1. How to Connect the FVL328 to Your LAN There are three steps to connecting your firewall: • Connect the firewall to your network. • ...firewall on your network in the correct sequence. • Log in to the firewall. • Connect to the Internet. Connecting the FVL328 to the Internet 3-1 May 2004, 202-10030-02 You can perform basic configuration of your FVL328 Prosafe High Speed VPN Firewall using the Setup...
FVL328 Reference Manual
Page 29
... letters. After logging in to the router, you will see the Internet connection Setup Wizard on the settings main page. RUN THE SETUP WIZARD TO CONNECT TO THE INTERNET Figure 3-6: Setup Wizard Connecting the FVL328 to the Internet 3-5 May 2004, 202...-10030-02 d. A login window opens as any user name or password you may use to log in to your Internet connection. 4. Model FVL328 ProSafe High-Speed VPN Firewall...
... letters. After logging in to the router, you will see the Internet connection Setup Wizard on the settings main page. RUN THE SETUP WIZARD TO CONNECT TO THE INTERNET Figure 3-6: Setup Wizard Connecting the FVL328 to the Internet 3-5 May 2004, 202...-10030-02 d. A login window opens as any user name or password you may use to log in to your Internet connection. 4. Model FVL328 ProSafe High-Speed VPN Firewall...
FVL328 Reference Manual
Page 30
...FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 a. When the firewall successfully detects an active Internet service, the firewall's Internet LED goes on page 3-10. If the Setup Wizard finds no connection, you will report the type of the main menu. The Setup Wizard will be directed to the PPPoE: 3-6 Connecting the FVL328...a login protocol such as you can manually configure your firewall and the cable or DSL line. c. Configuring for each type of connection follow the steps in the Setup Wizard for Recording Your Internet Connection Information" on the ...
...FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 a. When the firewall successfully detects an active Internet service, the firewall's Internet LED goes on page 3-10. If the Setup Wizard finds no connection, you will report the type of the main menu. The Setup Wizard will be directed to the PPPoE: 3-6 Connecting the FVL328...a login protocol such as you can manually configure your firewall and the cable or DSL line. c. Configuring for each type of connection follow the steps in the Setup Wizard for Recording Your Internet Connection Information" on the ...
FVL328 Reference Manual
Page 32
...If you leave the Domain Name field blank, the firewall will attempt to learn the domain automatically from only one minute, refer to Chapter 8, Troubleshooting. The Router's MAC Address is allowed by the ISP. If the NETGEAR Web site does not appear within one specific computer's... you will be used by the firewall on the Internet that translates Internet names (such as mail or news servers. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Configuring for a Wizard-Detected Fixed IP (Static) Account If the Setup Wizard determines that your Internet service ...
...If you leave the Domain Name field blank, the firewall will attempt to learn the domain automatically from only one minute, refer to Chapter 8, Troubleshooting. The Router's MAC Address is allowed by the ISP. If the NETGEAR Web site does not appear within one specific computer's... you will be used by the firewall on the Internet that translates Internet names (such as mail or news servers. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Configuring for a Wizard-Detected Fixed IP (Static) Account If the Setup Wizard determines that your Internet service ...
FVL328 Reference Manual
Page 33
...Click Apply to the firewall, then, from your ISP's gateway router. Log in "Worksheet for your computers requires access. DNS servers are performed by your firewall, launch a browser such...firewall's Internet LED blink, indicating communication to Chapter 8, Troubleshooting. You will need the configuration parameters from the Setup Basic Settings link, click the Test button. If the NETGEAR Web site does not appear within one of your ISP you by the firewall as Microsoft Internet Explorer or Netscape Navigator. Model FVL328 ProSafe High-Speed VPN Firewall...
...Click Apply to the firewall, then, from your ISP's gateway router. Log in "Worksheet for your computers requires access. DNS servers are performed by your firewall, launch a browser such...firewall's Internet LED blink, indicating communication to Chapter 8, Troubleshooting. You will need the configuration parameters from the Setup Basic Settings link, click the Test button. If the NETGEAR Web site does not appear within one of your ISP you by the firewall as Microsoft Internet Explorer or Netscape Navigator. Model FVL328 ProSafe High-Speed VPN Firewall...
FVL328 Reference Manual
Page 34
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Manually Configuring Your Internet Connection You can manually configure your configuration as described in the previous section. ISP Does Not Require Login ISP Does Require Login Figure 3-7: Browser-based configuration Basic Settings menu 3-10 Connecting the FVL328 to determine your firewall using the menu below, or you can allow the Setup Wizard to the Internet May 2004, 202-10030-02
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Manually Configuring Your Internet Connection You can manually configure your configuration as described in the previous section. ISP Does Not Require Login ISP Does Require Login Figure 3-7: Browser-based configuration Basic Settings menu 3-10 Connecting the FVL328 to determine your firewall using the menu below, or you can allow the Setup Wizard to the Internet May 2004, 202-10030-02
FVL328 Reference Manual
Page 37
If your FVL328 Prosafe High Speed VPN Firewall. The LAN TCP/IP Setup parameters are: • IP Address This is : • LAN IP addresses-192.168.0.1 • Subnet mask-255.255.255.0 These addresses are local to it, ..., and should be suitable in most applications. These features can make those changes. Note: If you change the LAN IP address of the firewall while connected through a gateway or router. Combined with the IP address, the IP Subnet Mask allows a device to know which must then open a new connection to the new...
If your FVL328 Prosafe High Speed VPN Firewall. The LAN TCP/IP Setup parameters are: • IP Address This is : • LAN IP addresses-192.168.0.1 • Subnet mask-255.255.255.0 These addresses are local to it, ..., and should be suitable in most applications. These features can make those changes. Note: If you change the LAN IP address of the firewall while connected through a gateway or router. Combined with the IP address, the IP Subnet Mask allows a device to know which must then open a new connection to the new...
FVL328 Reference Manual
Page 38
... networks, unless you have an unusual network setup. - See "IP Configuration by DHCP" on your network. 4-2 WAN and LAN Configuration May 2004, 202-10030-02 The RIP Direction selection controls how the firewall sends and receives RIP packets. Both RIP-2B.../IP settings of the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • RIP Direction RIP (Router Information Protocol) allows a router to the RIP multicast address and will broadcast its routing table periodically. - Using the Router as a DHCP Server By default, the firewall will function as a...
... networks, unless you have an unusual network setup. - See "IP Configuration by DHCP" on your network. 4-2 WAN and LAN Configuration May 2004, 202-10030-02 The RIP Direction selection controls how the firewall sends and receives RIP packets. Both RIP-2B.../IP settings of the firewall. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 • RIP Direction RIP (Router Information Protocol) allows a router to the RIP multicast address and will broadcast its routing table periodically. - Using the Router as a DHCP Server By default, the firewall will function as a...
FVL328 Reference Manual
Page 39
Specify the pool of IP addresses to be part of the range for the firewall. 2. From the Main Menu, under Advanced, click the LAN IP Setup link to the firewall at its default user name of admin, default password of password, or using whatever password and LAN ... it checked. otherwise, the firewall's LAN IP address • Secondary DNS Server, if you entered a Primary DNS address in to view the menu, shown below. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 If another device on your computers, clear the 'Use router as the firewall's LAN IP address. Log ...
Specify the pool of IP addresses to be part of the range for the firewall. 2. From the Main Menu, under Advanced, click the LAN IP Setup link to the firewall at its default user name of admin, default password of password, or using whatever password and LAN ... it checked. otherwise, the firewall's LAN IP address • Secondary DNS Server, if you entered a Primary DNS address in to view the menu, shown below. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 If another device on your computers, clear the 'Use router as the firewall's LAN IP address. Log ...
FVL328 Reference Manual
Page 40
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Figure 4-1: LAN IP Setup Menu 3. To reserve an IP address: 1. Reserved IP addresses should be assigned to Configure Reserved IP Addresses When you specify a reserved IP address for a PC ... require permanent IP settings. How to servers that PC will always receive the same IP address each time it accesses the firewall's DHCP server. Choose an IP address from the router's LAN subnet, such as 192.168.0.X. 4-4 WAN and LAN Configuration May 2004, 202-10030-02 Enter the LAN TCP/IP and...
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Figure 4-1: LAN IP Setup Menu 3. To reserve an IP address: 1. Reserved IP addresses should be assigned to Configure Reserved IP Addresses When you specify a reserved IP address for a PC ... require permanent IP settings. How to servers that PC will always receive the same IP address each time it accesses the firewall's DHCP server. Choose an IP address from the router's LAN subnet, such as 192.168.0.X. 4-4 WAN and LAN Configuration May 2004, 202-10030-02 Enter the LAN TCP/IP and...
FVL328 Reference Manual
Page 41
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 3. Note: If the PC is already present on page 4-7). Click Apply to edit or delete. 2. Reboot the PC or access its MAC address from the Internet. The WAN Setup menu allows configuration of the browser interface. These features ...Default DMZ Server" on page 4-7 and "Multi-DMZ Servers" on your network, you can set up a Default DMZ Server and allow the router to respond to the reserved address you can copy its IP configuration and force a DHCP release and renew. To edit or delete a reserved...
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 3. Note: If the PC is already present on page 4-7). Click Apply to edit or delete. 2. Reboot the PC or access its MAC address from the Internet. The WAN Setup menu allows configuration of the browser interface. These features ...Default DMZ Server" on page 4-7 and "Multi-DMZ Servers" on your network, you can set up a Default DMZ Server and allow the router to respond to the reserved address you can copy its IP configuration and force a DHCP release and renew. To edit or delete a reserved...
FVL328 Reference Manual
Page 42
If this causes high connection costs, you must connect manually, using the sub-screen accessed from the Connection Status button on the Status screen. 4-6 WAN and LAN Configuration May 2004, 202-10030-02 If disabled, you can disable this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Figure 4-2: WAN Setup Connect Automatically, as Required Normally, this setting.
If this causes high connection costs, you must connect manually, using the sub-screen accessed from the Connection Status button on the Status screen. 4-6 WAN and LAN Configuration May 2004, 202-10030-02 If disabled, you can disable this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 Figure 4-2: WAN Setup Connect Automatically, as Required Normally, this setting.
FVL328 Reference Manual
Page 91
... all ports are open UDP port 500 for the firewall. 2. Log in to the FVL328 labeled Gateway A as explained in the Rules menu. From the main menu Setup section, click the Basic Settings link. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 FVL328 Scenario 1: How to the firewall at its default LAN address of http://192.168...
... all ports are open UDP port 500 for the firewall. 2. Log in to the FVL328 labeled Gateway A as explained in the Rules menu. From the main menu Setup section, click the Basic Settings link. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 FVL328 Scenario 1: How to the firewall at its default LAN address of http://192.168...
FVL328 Reference Manual
Page 92
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 WAN IP addresses ISP provides these addresses Figure 6-12: FVL328 Internet IP Address menu b. Select whether enable or disable NAT (Network Address Translation). You should only disable NAT if you ... In most situations, NAT is performed by sharing this Router's WAN IP address. For more information on page 3-11. 6-22 May 2004, 202-10030-02 Virtual Private Networking Configure the WAN Internet Address according to the settings in the Basic Setup topics, please see "How to Complete a Manual Configuration...
Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 WAN IP addresses ISP provides these addresses Figure 6-12: FVL328 Internet IP Address menu b. Select whether enable or disable NAT (Network Address Translation). You should only disable NAT if you ... In most situations, NAT is performed by sharing this Router's WAN IP address. For more information on page 3-11. 6-22 May 2004, 202-10030-02 Virtual Private Networking Configure the WAN Internet Address according to the settings in the Basic Setup topics, please see "How to Complete a Manual Configuration...
FVL328 Reference Manual
Page 93
From the main menu Advanced section, click the LAN IP Setup link. Configure the LAN IP address according to save your workstation will be disconnected from the FVL328. Note: After you use to connect to the built-in Figure 6-11 above and click Apply to the settings in... Private Networking May 2004, 202-10030-02 6-23 e. For more information on LAN TCP/IP setup topics, please see "How to change the LAN IP address settings, your settings. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 d. You will have to log on with http://10.5.6.1 which is now...
From the main menu Advanced section, click the LAN IP Setup link. Configure the LAN IP address according to save your workstation will be disconnected from the FVL328. Note: After you use to connect to the built-in Figure 6-11 above and click Apply to the settings in... Private Networking May 2004, 202-10030-02 6-23 e. For more information on LAN TCP/IP setup topics, please see "How to change the LAN IP address settings, your settings. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 d. You will have to log on with http://10.5.6.1 which is now...
FVL328 Reference Manual
Page 97
... policy. Go to the ones given in the Rules menu. FVL328 Scenario 2: Authenticating with testing. 3. The network setup is a typical gateway-to-gateway VPN that the identification is configured to respond to ping the FVL328 as a test of Security Associations, follow these steps: a.... message back from the target FVL328. For instructions on this test several seconds and two minutes, the ping response should turn off this point the connection is set on the Internet WAN port by PKIX certificates. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 2. ...
... policy. Go to the ones given in the Rules menu. FVL328 Scenario 2: Authenticating with testing. 3. The network setup is a typical gateway-to-gateway VPN that the identification is configured to respond to ping the FVL328 as a test of Security Associations, follow these steps: a.... message back from the target FVL328. For instructions on this test several seconds and two minutes, the ping response should turn off this point the connection is set on the Internet WAN port by PKIX certificates. Model FVL328 ProSafe High-Speed VPN Firewall Reference Manual Revision 2 2. ...