FVX538 Reference Manual
Page 18
ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability. • Front panel LEDs for easy monitoring of either 10 Mbps or 100 Mbps. The two WAN ports let you connect a second broadband Internet line that you are never disconnected. • Load balance, or use both Internet lines simultaneously for maximum bandwidth efficiency...
ProSafe VPN Firewall 200 FVX538 Reference Manual • SNMP Manageable, optimized for the NETGEAR ProSafe Network Management Software (NMS100). • Easy, web-based setup for installation and management. • Advanced SPI Firewall and Multi-NAT support. • Extensive Protocol Support. • Login capability. • Front panel LEDs for easy monitoring of either 10 Mbps or 100 Mbps. The two WAN ports let you connect a second broadband Internet line that you are never disconnected. • Load balance, or use both Internet lines simultaneously for maximum bandwidth efficiency...
FVX538 Reference Manual
Page 21
... the Web Management Interface from a remote location on the Internet. ProSafe VPN Client Software - The firewall allows you can limit remote management access to monitor its status and activity. For security, you maximize your NETGEAR dealer. Keep the carton, including the original packing materials, in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote Management. Maintenance and Support NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and...
... the Web Management Interface from a remote location on the Internet. ProSafe VPN Client Software - The firewall allows you can limit remote management access to monitor its status and activity. For security, you maximize your NETGEAR dealer. Keep the carton, including the original packing materials, in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote Management. Maintenance and Support NETGEAR offers the following items: • ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and...
FVX538 Reference Manual
Page 45
... all computers connected to the firewall LAN. The DHCP options are satisfactory. If another device on the LAN. The firewall will manually configure the network settings of the range for both the LAN and DMZ settings. See the link to avoid duplicate addresses on your network will be assigned by selecting the Disable DHCP Server radio box. The assigned default gateway address is assigned to "Preparing a Computer for Network Access" in this menu. Otherwise, leave it checked.
... all computers connected to the firewall LAN. The DHCP options are satisfactory. If another device on the LAN. The firewall will manually configure the network settings of the range for both the LAN and DMZ settings. See the link to avoid duplicate addresses on your network will be assigned by selecting the Disable DHCP Server radio box. The assigned default gateway address is assigned to "Preparing a Computer for Network Access" in this menu. Otherwise, leave it checked.
FVX538 Reference Manual
Page 81
ProSafe VPN Firewall 200 FVX538 Reference Manual In the example, CU-SeeMe connections are allowed only from the submenu. 2. By creating an inbound rule, we will configure the firewall to your LAN, select LAN WAN Rules. The other addresses are available to map to support multiple public IP addresses on your servers. subnet 255.255.255.0 • Web server PC on the LAN. DMZ IP Address: 192.168.10.2 - To configure the FVX538 for your use, you arrange with...
ProSafe VPN Firewall 200 FVX538 Reference Manual In the example, CU-SeeMe connections are allowed only from the submenu. 2. By creating an inbound rule, we will configure the firewall to your LAN, select LAN WAN Rules. The other addresses are available to map to support multiple public IP addresses on your servers. subnet 255.255.255.0 • Web server PC on the LAN. DMZ IP Address: 192.168.10.2 - To configure the FVX538 for your use, you arrange with...
FVX538 Reference Manual
Page 133
... an IKE policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - The Mode Config module will activate a temporary IPSec policy using the template security proposal information configured in secured network space so that remote users appear as the Remote Host Configuration Record. Click Reset to cancel any changes and revert to save the settings. WAN IP address: 172.21.4.1 - ProSafe VPN Firewall 200 FVX538 Reference Manual 9. Note: After configuring a Mode Config record, you must go to remote users, including a network access IP address, subnet mask, and...
... an IKE policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - The Mode Config module will activate a temporary IPSec policy using the template security proposal information configured in secured network space so that remote users appear as the Remote Host Configuration Record. Click Reset to cancel any changes and revert to save the settings. WAN IP address: 172.21.4.1 - ProSafe VPN Firewall 200 FVX538 Reference Manual 9. Note: After configuring a Mode Config record, you must go to remote users, including a network access IP address, subnet mask, and...
FVX538 Reference Manual
Page 136
... be set to be used as "salesperson". Select Fully Qualified Domain Name for the Local Identity Type. XAUTH is selected, the router will be used in the VPN client configuration. 6. If Edge Device was enabled, select the Authentication Type from the pull down menu which will first check the User Database to the RADIUS server. 5-32 v1.0, March 2009 Virtual Private Networking The Exchange Mode will then connect...
... be set to be used as "salesperson". Select Fully Qualified Domain Name for the Local Identity Type. XAUTH is selected, the router will be used in the VPN client configuration. 6. If Edge Device was enabled, select the Authentication Type from the pull down menu which will first check the User Database to the RADIUS server. 5-32 v1.0, March 2009 Virtual Private Networking The Exchange Mode will then connect...
FVX538 Reference Manual
Page 183
VPN firewall Default Configuration Settings Feature Router Login User Login URL User Name (case sensitive) Login Password (case sensitive) Internet Connection WAN MAC Address WAN MTU Size Port Speed Local Network (LAN) Lan IP Subnet Mask RIP Direction RIP Version RIP Authentication DHCP Server DHCP Starting IP Address DHCP Ending IP Address DMZ Default Behavior http://192.168.1.1 admin password Use Default address 1500 AutoSense 192.168.1.1 255.255.255.0 None Disabled Disabled Enabled 192.168.1.2 192.168.1.100 Disabled Default Settings and Technical Specifications A-1 v1.0, March 2009 ...
VPN firewall Default Configuration Settings Feature Router Login User Login URL User Name (case sensitive) Login Password (case sensitive) Internet Connection WAN MAC Address WAN MTU Size Port Speed Local Network (LAN) Lan IP Subnet Mask RIP Direction RIP Version RIP Authentication DHCP Server DHCP Starting IP Address DHCP Ending IP Address DMZ Default Behavior http://192.168.1.1 admin password Use Default address 1500 AutoSense 192.168.1.1 255.255.255.0 None Disabled Disabled Enabled 192.168.1.2 192.168.1.100 Disabled Default Settings and Technical Specifications A-1 v1.0, March 2009 ...
FVX538 Reference Manual
Page 188
... bandwidth you use each WAN port or are not applicable to the VPN firewall through the same ISP. ProSafe VPN Firewall 200 FVX538 Reference Manual a. b. Prepare to physically connect the firewall to a ping and setting MTU size, port speed, and upload bandwidth. 4. Instruction for each month, you are using a separate ISP for connecting your VPN firewall are strongly advised to change the default password password to keep track of your traffic. Have active Internet services such as shown in Installation Guide, FVX538 ProSafe VPN Firewall 200. Contact a Dynamic DNS Service and set...
... bandwidth you use each WAN port or are not applicable to the VPN firewall through the same ISP. ProSafe VPN Firewall 200 FVX538 Reference Manual a. b. Prepare to physically connect the firewall to a ping and setting MTU size, port speed, and upload bandwidth. 4. Instruction for each month, you are using a separate ISP for connecting your VPN firewall are strongly advised to change the default password password to keep track of your traffic. Have active Internet services such as shown in Installation Guide, FVX538 ProSafe VPN Firewall 200. Contact a Dynamic DNS Service and set...
FVX538 Reference Manual
Page 20
... a free trial. end users cannot access the Internet unless they have antivirus protection with the latest virus definitions. The VPN firewall allows several networked PCs to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). ProSafe VPN Firewall 200 FVX538 Reference Manual • IP Address Sharing by your local network, you have the firewall enforce its own address as NAT, allows the use . The VPN firewall dynamically assigns network configuration information, including IP, gateway, and domain name server (DNS) addresses, to...
... a free trial. end users cannot access the Internet unless they have antivirus protection with the latest virus definitions. The VPN firewall allows several networked PCs to share an Internet account using the Dynamic Host Configuration Protocol (DHCP). ProSafe VPN Firewall 200 FVX538 Reference Manual • IP Address Sharing by your local network, you have the firewall enforce its own address as NAT, allows the use . The VPN firewall dynamically assigns network configuration information, including IP, gateway, and domain name server (DNS) addresses, to...
FVX538 Reference Manual
Page 29
... cables, turn on how to configure you can also change your Ethernet and LAN LEDs are lit. (See the Installation Guide, FVX538 ProSafe VPN Firewall 200 for dual WAN operation). Make sure your password and enable remote management at this time. 3. You can also change the factory default MTU size, port speed, and uplink bandwidth. Configure the WAN options (if needed ). Optionally, you computer for the Test LED to go out. If you are advanced features and changing them is on the NETGEAR...
... cables, turn on how to configure you can also change your Ethernet and LAN LEDs are lit. (See the Installation Guide, FVX538 ProSafe VPN Firewall 200 for dual WAN operation). Make sure your password and enable remote management at this time. 3. You can also change the factory default MTU size, port speed, and uplink bandwidth. Configure the WAN options (if needed ). Optionally, you computer for the Test LED to go out. If you are advanced features and changing them is on the NETGEAR...
FVX538 Reference Manual
Page 139
... configuring a Mode Config record, you must go to save the settings. WAN IP address: 172.21.4.1 - The VPN Policies menu does not need to the previous settings. 10. Manually Assigning IP Addresses to remote users, including a network access IP address, subnet mask, and name server addresses from the configured IP address pool and will activate a temporary IPSec policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - Virtual Private Networking v1.0, August 2006 5-37 ProSafe VPN Firewall 200 FVX538 Reference Manual 9. Click Reset to cancel any changes...
... configuring a Mode Config record, you must go to save the settings. WAN IP address: 172.21.4.1 - The VPN Policies menu does not need to the previous settings. 10. Manually Assigning IP Addresses to remote users, including a network access IP address, subnet mask, and name server addresses from the configured IP address pool and will activate a temporary IPSec policy using these IP addresses. • NETGEAR ProSafe VPN Firewall 200 - Virtual Private Networking v1.0, August 2006 5-37 ProSafe VPN Firewall 200 FVX538 Reference Manual 9. Click Reset to cancel any changes...
FVX538 Reference Manual
Page 142
... Qualified Domain Name for the Local Identity Type. Specify the IKE SA parameters. If Edge Device was enabled, select the Authentication Type from the pull down menu which will need to specify the user name and password to verify account information: User Database, RADIUS-CHAP or RADIUS-PAP. ProSafe VPN Firewall 200 FVX538 Reference Manual 4. e. To enable XAUTH, select: • Edge Device to use this gateway (by the remote gateway.
... Qualified Domain Name for the Local Identity Type. Specify the IKE SA parameters. If Edge Device was enabled, select the Authentication Type from the pull down menu which will need to specify the user name and password to verify account information: User Database, RADIUS-CHAP or RADIUS-PAP. ProSafe VPN Firewall 200 FVX538 Reference Manual 4. e. To enable XAUTH, select: • Edge Device to use this gateway (by the remote gateway.
FVX538 Reference Manual
Page 187
... Specifications You can use the reset button located on the front of time will return to the factory configuration settings shown in Table A-1 below. • Pressing the reset button for approximately 5 seconds (until the TEST LED blinks rapidly). VPN firewall Default Configuration Settings Feature Router Login User Login URL User Name (case sensitive) Login Password (case sensitive) Internet Connection WAN MAC Address WAN MTU Size Port Speed Local Network (LAN) Lan IP Subnet Mask RIP Direction RIP Version RIP Authentication DHCP Server DHCP Starting IP Address DHCP Ending IP Address...
... Specifications You can use the reset button located on the front of time will return to the factory configuration settings shown in Table A-1 below. • Pressing the reset button for approximately 5 seconds (until the TEST LED blinks rapidly). VPN firewall Default Configuration Settings Feature Router Login User Login URL User Name (case sensitive) Login Password (case sensitive) Internet Connection WAN MAC Address WAN MTU Size Port Speed Local Network (LAN) Lan IP Subnet Mask RIP Direction RIP Version RIP Authentication DHCP Server DHCP Starting IP Address DHCP Ending IP Address...
FVX538 Reference Manual
Page 195
... Web Configuration Manager. NETGEAR recommends using Internet Explorer or Netscape Navigator 4.0 or above. Note: For help with your installation. The cable or DSL modem broadband access device must have an installed Ethernet Network Interface Card (NIC) and an Ethernet cable. These include enabling a WAN port to respond to your firewall. If the computer will make these configuration parameters to connect your network at 100 Mbps, you can choose when the factory default settings are not applicable to a ping and setting MTU size, port speed...
... Web Configuration Manager. NETGEAR recommends using Internet Explorer or Netscape Navigator 4.0 or above. Note: For help with your installation. The cable or DSL modem broadband access device must have an installed Ethernet Network Interface Card (NIC) and an Ethernet cable. These include enabling a WAN port to respond to your firewall. If the computer will make these configuration parameters to connect your network at 100 Mbps, you can choose when the factory default settings are not applicable to a ping and setting MTU size, port speed...
FVX538 Reference Manual
Page 220
ProSafe VPN Firewall 200 FVX538 Reference Manual Add Protocol Binding 2-14 Service Based Rules 4-2 Service Blocking reducing traffic 6-2 service blocking 4-2 Outbound Rules 4-2 port filtering 4-2 service numbers common protocols 4-21 Services screen 4-21, 4-22 Setting Up One-to-One NAT Mapping example of 6-16 Time Zone screen 6-16 ToS. tracert use with DDNS 6-11 traffic increasing 6-5 reducing 6-2 Traffic by Protocol 6-18 traffic management 6-8 Traffic Meter 2-7 traffic meter 2-4 programming 2-7 WAN2 ISP settings 2-5 Traffic Meter screen router monitoring 6-17 Traffic Meter Settings 2-9 ...
ProSafe VPN Firewall 200 FVX538 Reference Manual Add Protocol Binding 2-14 Service Based Rules 4-2 Service Blocking reducing traffic 6-2 service blocking 4-2 Outbound Rules 4-2 port filtering 4-2 service numbers common protocols 4-21 Services screen 4-21, 4-22 Setting Up One-to-One NAT Mapping example of 6-16 Time Zone screen 6-16 ToS. tracert use with DDNS 6-11 traffic increasing 6-5 reducing 6-2 Traffic by Protocol 6-18 traffic management 6-8 Traffic Meter 2-7 traffic meter 2-4 programming 2-7 WAN2 ISP settings 2-5 Traffic Meter screen router monitoring 6-17 Traffic Meter Settings 2-9 ...
FVX538 Reference Manual
Page 19
...8+1 port switch connects your network from attacks and intrusions. Key Features of the VPN Firewall The FVX538 ProSafe VPN Firewall 200 with multiple Web content filtering options, plus 1 Gigabit Switch port. • One console port for local management. • Extensive Protocol Support. • Login capability. Unlike simple Internet sharing firewalls that protects your local area network (LAN) to 200 VPN tunnels. • Easy, web-based setup for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the NETGEAR FVX538...
...8+1 port switch connects your network from attacks and intrusions. Key Features of the VPN Firewall The FVX538 ProSafe VPN Firewall 200 with multiple Web content filtering options, plus 1 Gigabit Switch port. • One console port for local management. • Extensive Protocol Support. • Login capability. Unlike simple Internet sharing firewalls that protects your local area network (LAN) to 200 VPN tunnels. • Easy, web-based setup for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of the NETGEAR FVX538...
FVX538 Reference Manual
Page 23
...; FVX538 ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat 5) Ethernet cable. For security, you can limit remote management access to a specified remote IP address or range of the FVX538 VPN firewall: • Flash memory for MIB2. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote management The firewall allows you can choose a nonstandard port number. • Visual monitoring The FVX538 VPN firewall...
...; FVX538 ProSafe VPN Firewall 200. • AC power cable. • 19-inch rack mounting hardware and rubber feet. • Category 5 (Cat 5) Ethernet cable. For security, you can limit remote management access to a specified remote IP address or range of the FVX538 VPN firewall: • Flash memory for MIB2. • Diagnostic functions The firewall incorporates built-in diagnostic functions such as Ping, Trace Route, DNS lookup, and remote reboot. • Remote management The firewall allows you can choose a nonstandard port number. • Visual monitoring The FVX538 VPN firewall...
FVX538 Reference Manual
Page 24
...ProSafe VPN Client Software - The Router's Front Panel The FVX538 ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. Table 2-1 lists and describes each object on the front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Object Descriptions Object Activity Power LED Test LED On (Green) Off On (Amber) Blinking (Amber) Off Description Power is not supplied to the firewall. This guide. - ProSafe VPN Firewall Power Test Link/Act 100 Active WAN1 Link/Act 100 1 Link...
...ProSafe VPN Client Software - The Router's Front Panel The FVX538 ProSafe VPN Firewall 200 front panel shown below contains the port connections, status LEDs, and the factory defaults reset button. Table 2-1 lists and describes each object on the front panel of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Object Descriptions Object Activity Power LED Test LED On (Green) Off On (Amber) Blinking (Amber) Off Description Power is not supplied to the firewall. This guide. - ProSafe VPN Firewall Power Test Link/Act 100 Active WAN1 Link/Act 100 1 Link...
FVX538 Reference Manual
Page 126
Select 'a remote VPN client'. Right-click on the VPN client icon in your Windows toolbar and select the Security Policy Editor. 7-12 January 2005 Virtual Private Networking Enter a value for the ProSafe VPN Firewall 200 FVX538 This procedure was developed and tested using: • Netgear FVX538 ProSafe VPN Firewall 200 with version 1.6.11 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVX538 1. Figure 7-14: VPN Wizard 5. Give the client connection a name, such as home. 3. Click Done to...
Select 'a remote VPN client'. Right-click on the VPN client icon in your Windows toolbar and select the Security Policy Editor. 7-12 January 2005 Virtual Private Networking Enter a value for the ProSafe VPN Firewall 200 FVX538 This procedure was developed and tested using: • Netgear FVX538 ProSafe VPN Firewall 200 with version 1.6.11 firmware • Netgear VPN Client version 10.3.5 (Build 6) • NAT router: Netgear FR114P with version 1.5_09 firmware Configuring the FVX538 1. Figure 7-14: VPN Wizard 5. Give the client connection a name, such as home. 3. Click Done to...
FVX538 Reference Manual
Page 137
... DSL or cable modems are used to connect to prevent bottlenecks from occurring in the Main Menu of the browser interface. Bandwidth Capacity The maximum bandwidth capacity of your FVX538 ProSafe VPN Firewall 200. At 1.5 Mbps, the WAN ports will support the following traffic rates: • Load balancing mode: 3 Mbps (two WAN ports at 1.5 Mbps each direction is a bottleneck and either reducing unnecessary traffic or rescheduling some traffic to low-peak times to the Internet. Chapter 8 Router...
... DSL or cable modems are used to connect to prevent bottlenecks from occurring in the Main Menu of the browser interface. Bandwidth Capacity The maximum bandwidth capacity of your FVX538 ProSafe VPN Firewall 200. At 1.5 Mbps, the WAN ports will support the following traffic rates: • Load balancing mode: 3 Mbps (two WAN ports at 1.5 Mbps each direction is a bottleneck and either reducing unnecessary traffic or rescheduling some traffic to low-peak times to the Internet. Chapter 8 Router...