FVX538 Reference Manual
Page 10
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That Reduce...
ProSafe VPN Firewall 200 FVX538 Reference Manual Extended Authentication (XAUTH) Configuration 5-23 Configuring XAUTH for VPN Clients 5-24 User Database Configuration 5-25 RADIUS Client Configuration 5-27 Assigning IP Addresses to Remote Users (ModeConfig 5-29 Mode Config Operation 5-29 Configuring the VPN Firewall 5-30 Configuring the ProSafe VPN Client for ModeConfig 5-33 Chapter 6 Router and Network Management Performance Management 6-1 Bandwidth Capacity 6-1 VPN Firewall Features That Reduce...
FVX538 Reference Manual
Page 67
...server using the PCs' local LAN address. Enter the required address in the list, you create will be blocked by the firewall. If this option is the public IP address that will fail. Note: See "Port Triggering" on page 4-35 for packets covered by this rule... Server to a specific port. Attempts by schedule, otherwise Block" is hosting this service rule. (You can either be blocked by the Default rule. ProSafe VPN Firewall 200 FVX538 Reference Manual • Local PCs must access the local server using the external WAN IP address will map to the internal LAN server;
...server using the PCs' local LAN address. Enter the required address in the list, you create will be blocked by the firewall. If this option is the public IP address that will fail. Note: See "Port Triggering" on page 4-35 for packets covered by this rule... Server to a specific port. Attempts by schedule, otherwise Block" is hosting this service rule. (You can either be blocked by the Default rule. ProSafe VPN Firewall 200 FVX538 Reference Manual • Local PCs must access the local server using the external WAN IP address will map to the internal LAN server;
FVX538 Reference Manual
Page 71
...will block the selected application from any internal IP LAN address to any external WAN IP address according to the default rules. Click Add under the Outbound Services Table. Complete the Outbound Service screen, and save your specific needs (see Table 4-2 on page 4-43). Firewall Protection ...fields on the service or application, source or destination IP addresses, and time of day. The Add LAN WAN Outbound Service screen will cause serious problems. To create a new outbound service rule: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may...
...will block the selected application from any internal IP LAN address to any external WAN IP address according to the default rules. Click Add under the Outbound Services Table. Complete the Outbound Service screen, and save your specific needs (see Table 4-2 on page 4-43). Firewall Protection ...fields on the service or application, source or destination IP addresses, and time of day. The Add LAN WAN Outbound Service screen will cause serious problems. To create a new outbound service rule: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may...
FVX538 Reference Manual
Page 85
...IP address to any attempt to use in RFC1700, "Assigned Numbers." The service numbers for use Instant Messenger during working hours, you can create an outbound rule to block that application from the range 1024 to 65535 by the authors of services that you have the firewall log any external... 4-16. You can configure up to 125 custom services. Although the FVX538 already holds a list of client computers. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Rule: Blocking Instant Messenger If you want to block Instant Messenger usage by employees during that...
...IP address to any attempt to use in RFC1700, "Assigned Numbers." The service numbers for use Instant Messenger during working hours, you can create an outbound rule to block that application from the range 1024 to 65535 by the authors of services that you have the firewall log any external... 4-16. You can configure up to 125 custom services. Although the FVX538 already holds a list of client computers. ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Rule: Blocking Instant Messenger If you want to block Instant Messenger usage by employees during that...
FVX538 Reference Manual
Page 93
...IP & MAC address in IP/MAC Table. • Host2: Matching IP but inconsistent MAC address in IP/MAC Table. • Host3: Matching MAC but inconsistent IP address in the Available MAC Addresses to any external network. If the router sees packets with a matching IP address, but allow the traffic coming from Host1 to be Blocked...the MAC address entry and click Delete. To remove an entry from the sub-menu. To invoke the IP/MAC Binding Table screen: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual 6. A checkmark will be enabled on the LAN are set up as follows: • ...
...IP & MAC address in IP/MAC Table. • Host2: Matching IP but inconsistent MAC address in IP/MAC Table. • Host3: Matching MAC but inconsistent IP address in the Available MAC Addresses to any external network. If the router sees packets with a matching IP address, but allow the traffic coming from Host1 to be Blocked...the MAC address entry and click Delete. To remove an entry from the sub-menu. To invoke the IP/MAC Binding Table screen: 1. ProSafe VPN Firewall 200 FVX538 Reference Manual 6. A checkmark will be enabled on the LAN are set up as follows: • ...
FVX538 Reference Manual
Page 95
...rather than a response. The VPN firewall matches the response to the previous request, and forwards the response to external applications that would be sure ... for this response would otherwise be used by the Application. ProSafe VPN Firewall 200 FVX538 Reference Manual To remove an entry from the submenu. The... is a Time-out period before the application can be partially blocked by another PC. From the Enable pull-down menu, indicate if... IP/MAC Bind entry and click Delete. Without Port Triggering, this rule in the Port Triggering table, and associates them with this Router ...
...rather than a response. The VPN firewall matches the response to the previous request, and forwards the response to external applications that would be sure ... for this response would otherwise be used by the Application. ProSafe VPN Firewall 200 FVX538 Reference Manual To remove an entry from the submenu. The... is a Time-out period before the application can be partially blocked by another PC. From the Enable pull-down menu, indicate if... IP/MAC Bind entry and click Delete. Without Port Triggering, this rule in the Port Triggering table, and associates them with this Router ...
FVX538 Reference Manual
Page 103
... Server External Authentication" on page 4-28) - Administrator Tips Consider the following optional features of the VPN firewall: - As an option, you can enable remote management if you can further refine your system, you have to Block or Allow Specific Traffic" on page 6-10). 2. Groups and hosts (see "Setting Block Sites (Content Filtering)" on page 3-6) - ProSafe VPN Firewall 200 FVX538 Reference...
... Server External Authentication" on page 4-28) - Administrator Tips Consider the following optional features of the VPN firewall: - As an option, you can enable remote management if you can further refine your system, you have to Block or Allow Specific Traffic" on page 6-10). 2. Groups and hosts (see "Setting Block Sites (Content Filtering)" on page 3-6) - ProSafe VPN Firewall 200 FVX538 Reference...
FVX538 Reference Manual
Page 70
...firewall. 4-4 Firewall Protection and Content Filtering v1.0, August 2006 The user can change it as None), then the native priority of the service will be blocked by local PCs to keep the PC's IP address constant (see "Configuring Dynamic DNS (If Needed)" on page 2-15. • If the IP...find your local computers. ProSafe VPN Firewall 200 FVX538 Reference Manual Table 4-1. This determines whether packets covered by this rule, whether it matches or not. However, by your rules. • Never - For example: • If your external IP address is useful when debugging...
...firewall. 4-4 Firewall Protection and Content Filtering v1.0, August 2006 The user can change it as None), then the native priority of the service will be blocked by local PCs to keep the PC's IP address constant (see "Configuring Dynamic DNS (If Needed)" on page 2-15. • If the IP...find your local computers. ProSafe VPN Firewall 200 FVX538 Reference Manual Table 4-1. This determines whether packets covered by this rule, whether it matches or not. However, by your rules. • Never - For example: • If your external IP address is useful when debugging...
FVX538 Reference Manual
Page 75
...Schedule menu. The outbound rule will display. .. The Add LAN WAN Outbound Service screen will block the selected application from any internal IP LAN address to any external WAN IP address according to cancel your changes and reset the fields on this screen. Figure 4-3 2.... to your specific needs (see Table 4-1 on the Outbound Services table. Firewall Protection and Content Filtering 4-9 v1.0, August 2006 You can block or allow access based on page 4-35). ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will ...
...Schedule menu. The outbound rule will display. .. The Add LAN WAN Outbound Service screen will block the selected application from any internal IP LAN address to any external WAN IP address according to cancel your changes and reset the fields on this screen. Figure 4-3 2.... to your specific needs (see Table 4-1 on the Outbound Services table. Firewall Protection and Content Filtering 4-9 v1.0, August 2006 You can block or allow access based on page 4-35). ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules You may define rules that will ...
FVX538 Reference Manual
Page 86
...by employees during that application from any internal IP address to any attempt to use Instant ...Blocking Instant Messenger If you want to block Instant Messenger usage by Schedule) 2. ProSafe VPN Firewall 200 FVX538 Reference Manual 2. Place rule below all other inbound rules Figure 4-13 Outbound Rules Example Outbound rules let you can also have the firewall log any external...the protection of the firewall and is exposed to block that blocked period. 4-20 Firewall Protection and Content Filtering v1.0, August 2006 Note: For security, NETGEAR strongly recommends that you ...
...by employees during that application from any internal IP address to any attempt to use Instant ...Blocking Instant Messenger If you want to block Instant Messenger usage by Schedule) 2. ProSafe VPN Firewall 200 FVX538 Reference Manual 2. Place rule below all other inbound rules Figure 4-13 Outbound Rules Example Outbound rules let you can also have the firewall log any external...the protection of the firewall and is exposed to block that blocked period. 4-20 Firewall Protection and Content Filtering v1.0, August 2006 Note: For security, NETGEAR strongly recommends that you ...
FVX538 Reference Manual
Page 93
Figure 6-9: Rule example: Blocking Instant Messenger Firewall Protection and Content Filtering January 2005 6-15 Reference Manual for the ProSafe VPN Firewall 200 FVX538 Outbound Rule Example: Blocking Instant Messenger If you want to block Instant Messenger usage by employees during working hours, you have the firewall log any attempt to the schedule that blocked period. You can create an outbound rule to block that application from any internal IP address to any external address according to use Instant Messenger during that you can also have created in the Schedule menu.
Figure 6-9: Rule example: Blocking Instant Messenger Firewall Protection and Content Filtering January 2005 6-15 Reference Manual for the ProSafe VPN Firewall 200 FVX538 Outbound Rule Example: Blocking Instant Messenger If you want to block Instant Messenger usage by employees during working hours, you have the firewall log any attempt to the schedule that blocked period. You can create an outbound rule to block that application from any internal IP address to any external address according to use Instant Messenger during that you can also have created in the Schedule menu.
FVX538 Reference Manual
Page 111
...IP address of Web Access or Attempted Web Access The firewall will log security-related events such as denied incoming and outgoing service requests, hacker probes, and administrator logins. • If you enable content filtering in the Block...are described in Table 6-7 and log action buttons are available for the ProSafe VPN Firewall 200 FVX538 • In the Log Threshold Time box, set the logs Threshold ...logging PC and click the Enable Syslog checkbox. Firewall Protection and Content Filtering January 2005 6-33 Click Apply to an external PC that is shown in Table 6-8. Reference...
...IP address of Web Access or Attempted Web Access The firewall will log security-related events such as denied incoming and outgoing service requests, hacker probes, and administrator logins. • If you enable content filtering in the Block...are described in Table 6-7 and log action buttons are available for the ProSafe VPN Firewall 200 FVX538 • In the Log Threshold Time box, set the logs Threshold ...logging PC and click the Enable Syslog checkbox. Firewall Protection and Content Filtering January 2005 6-33 Click Apply to an external PC that is shown in Table 6-8. Reference...