FVS318 Reference Manual
Page 6
...to Block or Allow Services 4-5 How to Add to the List of Services 4-7 Setting Times and Scheduling Firewall Services 4-10 How to Set Your Time Zone 4-10 How to Schedule Firewall Services 4-11 Chapter 5 Advanced WAN and LAN Configuration Configuring Advanced WAN Settings 5-1 Setting Up A Default DMZ Server 5-1 Enabling Access to Local Servers Through a FVS318 5-2 How to Configure Port Forwarding to Local Servers 5-2 Respond to Ping on Internet WAN Port 5-3 How to Support Internet Services, Applications, or Games 5-3 How to Clear a Port Assignment 5-4 Local Web and FTP Server Example...
...to Block or Allow Services 4-5 How to Add to the List of Services 4-7 Setting Times and Scheduling Firewall Services 4-10 How to Set Your Time Zone 4-10 How to Schedule Firewall Services 4-11 Chapter 5 Advanced WAN and LAN Configuration Configuring Advanced WAN Settings 5-1 Setting Up A Default DMZ Server 5-1 Enabling Access to Local Servers Through a FVS318 5-2 How to Configure Port Forwarding to Local Servers 5-2 Respond to Ping on Internet WAN Port 5-3 How to Support Internet Services, Applications, or Games 5-3 How to Clear a Port Assignment 5-4 Local Web and FTP Server Example...
FVS318 Reference Manual
Page 19
... single-user ISP account. • Automatic Configuration of Attached PCs by your PC. • PPTP login support for European ISPs, BigPond login for the Model FVS318 Broadband ProSafe VPN Firewall The firewall incorporates Auto UplinkTM technology. Appendix B, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP). The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • PPP over Ethernet (PPPoE) PPP over a DSL connection...
... single-user ISP account. • Automatic Configuration of Attached PCs by your PC. • PPTP login support for European ISPs, BigPond login for the Model FVS318 Broadband ProSafe VPN Firewall The firewall incorporates Auto UplinkTM technology. Appendix B, "Networks, Routing, and Firewall Basics" provides further information on your Internet service provider (ISP). The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • PPP over Ethernet (PPPoE) PPP over a DSL connection...
FVS318 Reference Manual
Page 20
... configure your type of ISP account. • Remote management The firewall allows you to login to the Web Management Interface from a remote location via the Internet. For security, you can limit remote management access to a specified remote IP address or range of addresses, and you can choose a nonstandard port number. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. These functions allow you to test Internet connectivity and reboot the firewall...
... configure your type of ISP account. • Remote management The firewall allows you to login to the Web Management Interface from a remote location via the Internet. For security, you can limit remote management access to a specified remote IP address or range of addresses, and you can choose a nonstandard port number. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Windows, Macintosh, or Linux. These functions allow you to test Internet connectivity and reboot the firewall...
FVS318 Reference Manual
Page 34
...'s gateway router. Log in , or disconnect. Enter the IP address of your Internet connection. Your firewall automatically connects to a numeric IP address. You will need the configuration parameters from any computer connected to your firewall, launch a browser such as www.netgear.com to the Internet when one minute, refer to provide Internet access for the Model FVS318 Broadband ProSafe VPN Firewall 1. If a Secondary DNS Server address is now configured to Chapter 8, Troubleshooting. You should see the firewall's Internet LED blink, indicating...
...'s gateway router. Log in , or disconnect. Enter the IP address of your Internet connection. Your firewall automatically connects to a numeric IP address. You will need the configuration parameters from any computer connected to your firewall, launch a browser such as www.netgear.com to the Internet when one minute, refer to provide Internet access for the Model FVS318 Broadband ProSafe VPN Firewall 1. If a Secondary DNS Server address is now configured to Chapter 8, Troubleshooting. You should see the firewall's Internet LED blink, indicating...
FVS318 Reference Manual
Page 54
... this case, you can access your Web server by DHCP, it is 172.16.1.23, for example, an Internet user can also consider using a domain name when your ISP, the IP address may change periodically as a Web and FTP server, configure the Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.0.33 In order for the Model FVS318 Broadband ProSafe VPN Firewall How to keep the...
... this case, you can access your Web server by DHCP, it is 172.16.1.23, for example, an Internet user can also consider using a domain name when your ISP, the IP address may change periodically as a Web and FTP server, configure the Ports menu to forward HTTP (port 80) and FTP (port 21) to local address 192.168.0.33 In order for the Model FVS318 Broadband ProSafe VPN Firewall How to keep the...
FVS318 Reference Manual
Page 58
... default DHCP and TCP/IP settings of the Firewall are satisfactory. If another device on your network. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Note: If you change the MTU size: 1. These addresses should not be done unless you are sure it is 1500 Bytes. For some ISPs, particularly some using PPPoE, your router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it checked. See "IP Configuration by setting the Starting IP Address...
... default DHCP and TCP/IP settings of the Firewall are satisfactory. If another device on your network. Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall Note: If you change the MTU size: 1. These addresses should not be done unless you are sure it is 1500 Bytes. For some ISPs, particularly some using PPPoE, your router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it checked. See "IP Configuration by setting the Starting IP Address...
FVS318 Reference Manual
Page 62
... the following case: • Your primary Internet access is your dynamic DNS account. 7. For example, for an account. Type the FQDN that your dynamic DNS account. 8. Type the Password (or key) for the Model FVS318 Broadband ProSafe VPN Firewall 3. Reference Manual for your dynamic DNS service provider gave you is YourName.Ng.iego.net then this is through a cable modem to an ISP. • You have an ISDN router on your configuration.
... the following case: • Your primary Internet access is your dynamic DNS account. 7. For example, for an account. Type the FQDN that your dynamic DNS account. 8. Type the Password (or key) for the Model FVS318 Broadband ProSafe VPN Firewall 3. Reference Manual for your dynamic DNS service provider gave you is YourName.Ng.iego.net then this is through a cable modem to an ISP. • You have an ISDN router on your configuration.
FVS318 Reference Manual
Page 66
... is not possible for NETGEAR to provide specific technical support for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running VPN client software. Reference Manual for every other tunnel endpoint • The FVS318 VPN Firewall supports up to eight concurrent tunnels. Understanding How FVS318 VPN Tunnels Are Configured You create VPN tunnels definitions via the VPN Settings link under the Setup section of SA key exchange modes: - These scenarios are...
... is not possible for NETGEAR to provide specific technical support for the Model FVS318 Broadband ProSafe VPN Firewall VPN client access allows a remote PC to connect to your network is one tunnel endpoint, running VPN client software. Reference Manual for every other tunnel endpoint • The FVS318 VPN Firewall supports up to eight concurrent tunnels. Understanding How FVS318 VPN Tunnels Are Configured You create VPN tunnels definitions via the VPN Settings link under the Setup section of SA key exchange modes: - These scenarios are...
FVS318 Reference Manual
Page 107
... verify that the DNS server configuration is working. • Display the Routing Table to identify what other routers the router is sometimes desirable to restore the firewall to clear problems with . • Trace the Routing Path to identify any connectivity or congestion problems in the network. • Reboot the Router to enable new network configurations to take effect or to the factory default settings. Note: To restore the factory default configuration settings without knowing the login password or IP address, you can...
... verify that the DNS server configuration is working. • Display the Routing Table to identify what other routers the router is sometimes desirable to restore the firewall to clear problems with . • Trace the Routing Path to identify any connectivity or congestion problems in the network. • Reboot the Router to enable new network configurations to take effect or to the factory default settings. Note: To restore the factory default configuration settings without knowing the login password or IP address, you can...
FVS318 Reference Manual
Page 108
.... Reference Manual for the firewall. 2. Log in Figure 7-9. Your password can allow a user or users on the Internet to configure, upgrade and check the status of password, or using whatever User Name, Password and LAN address you can be up to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default password of your NETGEAR Cable/DSL ProSafe VPN Firewall. Figure 7-9: Diagnostics menu How to Enable Remote Management Using the Remote Management page, you have chosen for the Model FVS318 Broadband ProSafe VPN Firewall From...
.... Reference Manual for the firewall. 2. Log in Figure 7-9. Your password can allow a user or users on the Internet to configure, upgrade and check the status of password, or using whatever User Name, Password and LAN address you can be up to the firewall at its default LAN address of http://192.168.0.1 with its default User Name of admin, default password of your NETGEAR Cable/DSL ProSafe VPN Firewall. Figure 7-9: Diagnostics menu How to Enable Remote Management Using the Remote Management page, you have chosen for the Model FVS318 Broadband ProSafe VPN Firewall From...
FVS318 Reference Manual
Page 109
... router from the Internet, you use the number of the FVS318 VPN Firewall is stored in FLASH memory, and can be allowed access. 4. b. Upgrade files can change the remote management web interface to define the allowed range. To allow access from a single IP address on the Internet, select IP address range. For example, if your external address is 134.177.0.123 and you will be downloaded from NETGEAR's website. Managing Your Network M-10146-01 7-13 To allow access from NETGEAR. NETGEAR...
... router from the Internet, you use the number of the FVS318 VPN Firewall is stored in FLASH memory, and can be allowed access. 4. b. Upgrade files can change the remote management web interface to define the allowed range. To allow access from a single IP address on the Internet, select IP address range. For example, if your external address is 134.177.0.123 and you will be downloaded from NETGEAR's website. Managing Your Network M-10146-01 7-13 To allow access from NETGEAR. NETGEAR...
FVS318 Reference Manual
Page 114
... IP address from the ISP, the problem may be one of the following procedure: 1. Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of the firewall's configuration at http://192.168.0.1 3. To check the WAN IP address: 1. Turn off power to access the Internet, you may have occurred, but the Web browser may require a login program. Troubleshooting the ISP Connection If your firewall has...
... IP address from the ISP, the problem may be one of the following procedure: 1. Ask your ISP whether they require PPP over Ethernet (PPPoE) or some other type of the firewall's configuration at http://192.168.0.1 3. To check the WAN IP address: 1. Turn off power to access the Internet, you may have occurred, but the Web browser may require a login program. Troubleshooting the ISP Connection If your firewall has...
FVS318 Reference Manual
Page 117
... restrict access to that your firewall listed as described in the previous section are displayed. To restore the factory default configuration settings without knowing the administration password or IP address, you do not receive replies: - If the IP configuration of the remote device. - Your ISP could be visible in the Basic Settings menu. - Many broadband ISPs restrict access by DHCP, this method for the Model FVS318 Broadband ProSafe VPN Firewall PING -n 10...
... restrict access to that your firewall listed as described in the previous section are displayed. To restore the factory default configuration settings without knowing the administration password or IP address, you do not receive replies: - If the IP configuration of the remote device. - Your ISP could be visible in the Basic Settings menu. - Many broadband ISPs restrict access by DHCP, this method for the Model FVS318 Broadband ProSafe VPN Firewall PING -n 10...
FVS318 Reference Manual
Page 194
... be secure. Type the User Name for the Model FVS318 Broadband ProSafe VPN Firewall Figure G-2: Dynamic DNS Setup Menu 4. In this the domain name. Note: The router supports only basic DDNS and the login and password may call this example we are using . If your ISP assigns a private WAN IP address such as the Host Name. The dynamic DNS service provider may not be routed on the Internet. Reference Manual for your dynamic DNS account. G-4 NETGEAR VPN Configuration FVS318...
... be secure. Type the User Name for the Model FVS318 Broadband ProSafe VPN Firewall Figure G-2: Dynamic DNS Setup Menu 4. In this the domain name. Note: The router supports only basic DDNS and the login and password may call this example we are using . If your ISP assigns a private WAN IP address such as the Host Name. The dynamic DNS service provider may not be routed on the Internet. Reference Manual for your dynamic DNS account. G-4 NETGEAR VPN Configuration FVS318...
FVS318 Reference Manual
Page 221
... password restoring 8-7 PC, using to configure C-21 Perfect Forward Secrecy 6-15, 6-19 ping 5-3 Port Forwarding 5-2 port forwarding behind NAT B-8 Port Forwarding Menu 5-3 port numbers 4-5 PPP over Ethernet 2-3, C-18 PPPoE 2-3, 3-9, C-18 PPTP 3-8, 3-15 PreShared Key 6-11, 6-15, 6-17, 6-19, 6-31, 6-32 Primary DNS Server 3-9, 3-10, 3-12, 3-14 protocols Address Resolution B-9 DHCP 2-3, B-10 Routing Information 2-3, B-2 support 2-3 TCP/IP 2-3 publications, related B-1 Q Quake 5-4 R rear panel 2-6 Index requirements access device 3-1 hardware 3-1 Reserved IP Addresses 5-9 restore factory settings...
... password restoring 8-7 PC, using to configure C-21 Perfect Forward Secrecy 6-15, 6-19 ping 5-3 Port Forwarding 5-2 port forwarding behind NAT B-8 Port Forwarding Menu 5-3 port numbers 4-5 PPP over Ethernet 2-3, C-18 PPPoE 2-3, 3-9, C-18 PPTP 3-8, 3-15 PreShared Key 6-11, 6-15, 6-17, 6-19, 6-31, 6-32 Primary DNS Server 3-9, 3-10, 3-12, 3-14 protocols Address Resolution B-9 DHCP 2-3, B-10 Routing Information 2-3, B-2 support 2-3 TCP/IP 2-3 publications, related B-1 Q Quake 5-4 R rear panel 2-6 Index requirements access device 3-1 hardware 3-1 Reserved IP Addresses 5-9 restore factory settings...
FVS318v3 Reference Manual
Page 17
... ProSafe VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts - In addition to NAT, the built-in eight-port 10/100 Mbps switch. • Ethernet connection to a WAN device, such as a cable modem or DSL modem. The FVS318v3 VPN Firewall provides the following features: • Easy, Web-based setup for up to the Internet through an external access device such as a cable modem or DSL modem. • Extensive protocol support. • Login capability. • Front panel LEDs...
... ProSafe VPN Firewall with multiple Web content filtering options, plus browsing activity reporting and instant alerts - In addition to NAT, the built-in eight-port 10/100 Mbps switch. • Ethernet connection to a WAN device, such as a cable modem or DSL modem. The FVS318v3 VPN Firewall provides the following features: • Easy, Web-based setup for up to the Internet through an external access device such as a cable modem or DSL modem. • Extensive protocol support. • Login capability. • Front panel LEDs...
FVS318v3 Reference Manual
Page 118
... DHCP Client, Fixed IP, PPPoE, BPA or PPTP. The default is configured to the firewall. Reference Manual for the LAN attached devices. 7-2 Maintenance January 2005 The MAC address used by the Local (LAN) port of the firewall. The default is 255.255.255.0 Identifies if the firewall's built-in DHCP server is shown, the firewall cannot connect to obtain the WAN IP address. These parameters apply to the Internet (WAN) port of the firewall. The MAC address used by the Local (LAN) port...
... DHCP Client, Fixed IP, PPPoE, BPA or PPTP. The default is configured to the firewall. Reference Manual for the LAN attached devices. 7-2 Maintenance January 2005 The MAC address used by the Local (LAN) port of the firewall. The default is 255.255.255.0 Identifies if the firewall's built-in DHCP server is shown, the firewall cannot connect to obtain the WAN IP address. These parameters apply to the Internet (WAN) port of the firewall. The MAC address used by the Local (LAN) port...
FVS318v3 Reference Manual
Page 128
... addresses will manually configure the network settings of all of the range for your computers, clear the Use router as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to save part of your network. otherwise, the firewall's LAN IP address) • Secondary DNS server (if you entered a primary DNS address in this menu. See "IP Configuration by DHCP" on the LAN. If another device on your network will be the DHCP server...
... addresses will manually configure the network settings of all of the range for your computers, clear the Use router as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to save part of your network. otherwise, the firewall's LAN IP address) • Secondary DNS server (if you entered a primary DNS address in this menu. See "IP Configuration by DHCP" on the LAN. If another device on your network will be the DHCP server...
FVS318v3 Reference Manual
Page 131
This represents the number of firewalls between 1 and 15 as the gateway, and a second static route was created with your request to configure, upgrade and check the status of 1 will likely be denied by the company's firewall. Enabling Remote Management Access Using the Remote Management page, you can allow a user or users on your LAN is 192.168.0.100. • Your company's network is on the 134.177.0.0 network, your firewall will forward your ISP as...
This represents the number of firewalls between 1 and 15 as the gateway, and a second static route was created with your request to configure, upgrade and check the status of 1 will likely be denied by the company's firewall. Enabling Remote Management Access Using the Remote Management page, you can allow a user or users on your LAN is 192.168.0.100. • Your company's network is on the 134.177.0.0 network, your firewall will forward your ISP as...
FVS318v3 Reference Manual
Page 141
... log is January 1, 2000. Restoring the Default Configuration and Password This section explains how to restore the factory default configuration settings, changing the firewall's administration password to password and the IP address to Manually Configure Your Internet Connection" on the Internet. Each entry in the Content Filtering section displays the current date and time of day. Cause: The firewall has not yet successfully reached a Network Time Server. Release the Reset button and wait for Daylight Savings Time. Troubleshooting 9-7 January 2005 Problems...
... log is January 1, 2000. Restoring the Default Configuration and Password This section explains how to restore the factory default configuration settings, changing the firewall's administration password to password and the IP address to Manually Configure Your Internet Connection" on the Internet. Each entry in the Content Filtering section displays the current date and time of day. Cause: The firewall has not yet successfully reached a Network Time Server. Release the Reset button and wait for Daylight Savings Time. Troubleshooting 9-7 January 2005 Problems...