SRX5308 Reference Manual
Page 8
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Chapter 9 Monitoring System Access and Performance Enabling the WAN Traffic Meter 9-1 Activating Notification of Events, Alerts, and Syslogs 9-5 Viewing Status and Log Screens 9-9 Viewing the System (Router) Status and Statistics 9-10 Viewing the VLAN Status 9-16 Viewing and Disconnecting Active Users 9-17 Viewing the VPN... 10-6 Testing the LAN Path to Your VPN Firewall 10-7 Testing the Path from Your PC to a Remote Device 10-7 Restoring the Default Configuration and Password 10-8 Problems with Date and Time 10-10...
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Chapter 9 Monitoring System Access and Performance Enabling the WAN Traffic Meter 9-1 Activating Notification of Events, Alerts, and Syslogs 9-5 Viewing Status and Log Screens 9-9 Viewing the System (Router) Status and Statistics 9-10 Viewing the VLAN Status 9-16 Viewing and Disconnecting Active Users 9-17 Viewing the VPN... 10-6 Testing the LAN Path to Your VPN Firewall 10-7 Testing the Path from Your PC to a Remote Device 10-7 Restoring the Default Configuration and Password 10-8 Problems with Date and Time 10-10...
SRX5308 Reference Manual
Page 22
...pinouts are lost, and the default password is 9600 K. A power on page 8-14. 3. Console port. The default baud rate is restored. 4. For information about eight seconds until the front panel Test light flashes to reset the SRX5308 to an optional console terminal... object, press and hold this button for connecting to factory default settings. The ports has a DB9 male connector. Factory default reset button. All configuration settings are : (2) Tx, (3) Rx, (5) and (7) Gnd. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Viewed from left to right, the rear panel contains...
...pinouts are lost, and the default password is 9600 K. A power on page 8-14. 3. Console port. The default baud rate is restored. 4. For information about eight seconds until the front panel Test light flashes to reset the SRX5308 to an optional console terminal... object, press and hold this button for connecting to factory default settings. The ports has a DB9 male connector. Factory default reset button. All configuration settings are : (2) Tx, (3) Rx, (5) and (7) Gnd. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Viewed from left to right, the rear panel contains...
SRX5308 Reference Manual
Page 28
.... 5. Use lower-case letters. 4. Note: The VPN firewall user name and password are not the same as any user name or password you might get a warning message regarding the SSL certificate. The Web Management Interface appears, displaying the Router...SSL certificate. 3. Figure 2-2 2-4 Connecting the VPN Firewall to the VPN firewall with a browser via an SSL connection, you might use lower-case letters. In the Username field, type admin. Click Login. In the Domain drop-down list, leave the default selection, which is geardomain. 6. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
.... 5. Use lower-case letters. 4. Note: The VPN firewall user name and password are not the same as any user name or password you might get a warning message regarding the SSL certificate. The Web Management Interface appears, displaying the Router...SSL certificate. 3. Figure 2-2 2-4 Connecting the VPN Firewall to the VPN firewall with a browser via an SSL connection, you might use lower-case letters. In the Username field, type admin. Click Login. In the Domain drop-down list, leave the default selection, which is geardomain. 6. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
SRX5308 Reference Manual
Page 36
... 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 2. Locate the IPS Login section on page 2-9, which you want to automatically configure the connection to the Internet. Figure 2-9 In the ISP Login section, select one of ISP connection that you selected Yes, enter the login name in the Login field and the password in Figure 2-10. By default...
... 2010 ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 2. Locate the IPS Login section on page 2-9, which you want to automatically configure the connection to the Internet. Figure 2-9 In the ISP Login section, select one of ISP connection that you selected Yes, enter the login name in the Login field and the password in Figure 2-10. By default...
SRX5308 Reference Manual
Page 88
...-2B or RIP-2M is used for authentication. MD5 Auth Key The password that is disabled by default, that does not include subnet information. Second Key Parameters MD5 Key Id The identifier for the key that is the default setting. • RIP-1. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 3-5. RIP Configuration Settings Setting Description (or Subfield and...
...-2B or RIP-2M is used for authentication. MD5 Auth Key The password that is disabled by default, that does not include subnet information. Second Key Parameters MD5 Key Id The identifier for the key that is the default setting. • RIP-1. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 3-5. RIP Configuration Settings Setting Description (or Subfield and...
SRX5308 Reference Manual
Page 170
....0, April 2010 XAUTH occurs through the VPN firewall's user database. XAUTH occurs through the Add User screen (see "RADIUS Client Configuration" on page 5-39. Password The password for VPN Clients" on page 5-39). • Radius PAP. This the default setting. • Edge Device. In...with the IKE Policies screen in the local user database, the VPN firewall connects to the List of the IKE policy that are User Database, RADIUS PAP, or RADIUS CHAP. • IPSec Host. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 5-10. Add IKE Policy Settings (continued)...
....0, April 2010 XAUTH occurs through the VPN firewall's user database. XAUTH occurs through the Add User screen (see "RADIUS Client Configuration" on page 5-39. Password The password for VPN Clients" on page 5-39). • Radius PAP. This the default setting. • Edge Device. In...with the IKE Policies screen in the local user database, the VPN firewall connects to the List of the IKE policy that are User Database, RADIUS PAP, or RADIUS CHAP. • IPSec Host. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 5-10. Add IKE Policy Settings (continued)...
SRX5308 Reference Manual
Page 180
...the IKE policy. XAUTH occurs through the VPN firewall's user database. The VPN policy must be added through RADIUS Password Authentication Protocol (PAP). The Edit IKE Policy...User Database Configuration" on page 5-39). • Radius PAP. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Configuring XAUTH for VPN Clients Once the XAUTH has been enabled, you must establish user ... 5-22). 2. XAUTH is authenticated by a VPN policy. This the default setting. • Edge Device. The VPN firewall functions as a VPN concentrator on which device is used to enable ...
...the IKE policy. XAUTH occurs through the VPN firewall's user database. The VPN policy must be added through RADIUS Password Authentication Protocol (PAP). The Edit IKE Policy...User Database Configuration" on page 5-39). • Radius PAP. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Configuring XAUTH for VPN Clients Once the XAUTH has been enabled, you must establish user ... 5-22). 2. XAUTH is authenticated by a VPN policy. This the default setting. • Edge Device. The VPN firewall functions as a VPN concentrator on which device is used to enable ...
SRX5308 Reference Manual
Page 192
... operation: 1. Configuring the ProSafe VPN Client for Mode Config Operation From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection for XAUTH. The VPN firewall functions as a VPN concentrator on which device is...Password The password for VPN Clients" on page 5-12). 5-50 Virtual Private Networking Using IPsec Connections v1.0, April 2010 Right-click the VPN client icon in the local user database, the VPN firewall connects to save your Windows toolbar, and select Security Policy Editor. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
... operation: 1. Configuring the ProSafe VPN Client for Mode Config Operation From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection for XAUTH. The VPN firewall functions as a VPN concentrator on which device is...Password The password for VPN Clients" on page 5-12). 5-50 Virtual Private Networking Using IPsec Connections v1.0, April 2010 Right-click the VPN client icon in the local user database, the VPN firewall connects to save your Windows toolbar, and select Security Policy Editor. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
SRX5308 Reference Manual
Page 226
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Figure 6-9 4. The default User Portal screen displays. Figure 6-10 6-24 Virtual Private Networking Using SSL Connections v1.0, April 2010 Click Login. Enter a user name and password that are associated with the SSL portal and the domain (see "Configuring VPN Authentication Domains, Groups, and Users" on page 7-1). 5.
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Figure 6-9 4. The default User Portal screen displays. Figure 6-10 6-24 Virtual Private Networking Using SSL Connections v1.0, April 2010 Click Login. Enter a user name and password that are associated with the SSL portal and the domain (see "Configuring VPN Authentication Domains, Groups, and Users" on page 7-1). 5.
SRX5308 Reference Manual
Page 227
... the NETGEAR website. Allows the user to the right of current SSL VPN tunnels: 1. To disconnect an active user, click the Disconnect table button to change their password. • Support. Click the SSL VPN Connection Status submenu tab. Virtual Private Networking Using SSL Connections v1.0, April 2010 6-25 Select VPN > Connection Status from the menu. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual The default...
... the NETGEAR website. Allows the user to the right of current SSL VPN tunnels: 1. To disconnect an active user, click the Disconnect table button to change their password. • Support. Click the SSL VPN Connection Status submenu tab. Virtual Private Networking Using SSL Connections v1.0, April 2010 6-25 Select VPN > Connection Status from the menu. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual The default...
SRX5308 Reference Manual
Page 229
... three items: a user name, a password, and a domain selection. Users connecting to the VPN firewall must specify a group. The login window that is presented. Note: IPsec VPN users always belong to the default domain (geardomain) and are assigned to a group, and a group is used and, for IPsec VPN and SSL VPN. This includes administrators and SSL VPN clients. When you create...
... three items: a user name, a password, and a domain selection. Users connecting to the VPN firewall must specify a group. The login window that is presented. Note: IPsec VPN users always belong to the default domain (geardomain) and are assigned to a group, and a group is used and, for IPsec VPN and SSL VPN. This includes administrators and SSL VPN clients. When you create...
SRX5308 Reference Manual
Page 230
...ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Configuring Domains The domain determines the authentication method to provide specific group policies or bookmarks based on WiKID authentication. Table 7-1. Authentication Protocols and Methods Authentication Protocol or Method Description (or Subfield and Description) PAP CHAP RADIUS MIAS WiKID NT Domain Active Directory Password...method that functions with the passcode. The default domain of Microsoft Windows 2003 Server. You cannot delete the default domain. A network-validated domain-based ...
...ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Configuring Domains The domain determines the authentication method to provide specific group policies or bookmarks based on WiKID authentication. Table 7-1. Authentication Protocols and Methods Authentication Protocol or Method Description (or Subfield and Description) PAP CHAP RADIUS MIAS WiKID NT Domain Active Directory Password...method that functions with the passcode. The default domain of Microsoft Windows 2003 Server. You cannot delete the default domain. A network-validated domain-based ...
SRX5308 Reference Manual
Page 232
... Secret fields. • Radius-MSCHAPv2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 2. Enter the settings as explained in Table 7-2. Users are configured (see "RADIUS Client Configuration" on the VPN firewall. RADIUS Challenge Handshake Authentication Protocol (CHAP).... RADIUS Microsoft CHAP version 2. The Add Domain screen displays. Table 7-2. Authentication Type Note: If you select any other fields on this screen. • Radius-PAP. This is the default setting. RADIUS Password...
... Secret fields. • Radius-MSCHAPv2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 2. Enter the settings as explained in Table 7-2. Users are configured (see "RADIUS Client Configuration" on the VPN firewall. RADIUS Challenge Handshake Authentication Protocol (CHAP).... RADIUS Microsoft CHAP version 2. The Add Domain screen displays. Table 7-2. Authentication Type Note: If you select any other fields on this screen. • Radius-PAP. This is the default setting. RADIUS Password...
SRX5308 Reference Manual
Page 239
... login policies. The Users screen displays (see Figure 7-7 on the Group screen. Note: The user is added to the VPN firewall's Web Management Interface. Confirm Password The password in the Password field. You cannot delete a default user. 2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 7-4. From the drop-down list shows the groups that you want to delete, or click the...
... login policies. The Users screen displays (see Figure 7-7 on the Group screen. Note: The user is added to the VPN firewall's Web Management Interface. Confirm Password The password in the Password field. You cannot delete a default user. 2. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 7-4. From the drop-down list shows the groups that you want to delete, or click the...
SRX5308 Reference Manual
Page 243
...; Firefox. All other browsers that you can change the password, user type, and idle timeout settings. Managing Users, Authentication, and Certificates v1.0, April 2010 7-15 Click the Add table button. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 4. Click Apply to the Defined Browsers table ... the menu. The browser is added to access the VPN firewall's Web Management Interface is password. Changing Passwords and Other User Settings For any other users have read -only access. Note: The default password for the administrator and for any user, you want to...
...; Firefox. All other browsers that you can change the password, user type, and idle timeout settings. Managing Users, Authentication, and Certificates v1.0, April 2010 7-15 Click the Add table button. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 4. Click Apply to the Defined Browsers table ... the menu. The browser is added to access the VPN firewall's Web Management Interface is password. Changing Passwords and Other User Settings For any other users have read -only access. Note: The default password for the administrator and for any user, you want to...
SRX5308 Reference Manual
Page 262
... account. NETGEAR recommends that you change the password for the administrator account to have. To modify the administrator user account settings, including the password: 1. ...default administrator and default guest passwords for Traffic Management The VPN firewall includes several tools that can be used to monitor the traffic conditions of the firewall and content filtering engine and to monitor the users' access to the Internet and the types of traffic that is to a service or application by applying a bandwidth profile. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
... account. NETGEAR recommends that you change the password for the administrator account to have. To modify the administrator user account settings, including the password: 1. ...default administrator and default guest passwords for Traffic Management The VPN firewall includes several tools that can be used to monitor the traffic conditions of the firewall and content filtering engine and to monitor the users' access to the Internet and the types of traffic that is to a service or application by applying a bandwidth profile. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308...
SRX5308 Reference Manual
Page 264
... to as few external IP addresses as practical. • Deny or allow login access from any of minutes in many ways, NETGEAR highly recommends that you need to change the admin and guest default passwords before continuing (see "Configuring Login Policies" on page 8-8). 8-10 v1.0, April 2010 Network and System Management ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 5.
... to as few external IP addresses as practical. • Deny or allow login access from any of minutes in many ways, NETGEAR highly recommends that you need to change the admin and guest default passwords before continuing (see "Configuring Login Policies" on page 8-8). 8-10 v1.0, April 2010 Network and System Management ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 5.
SRX5308 Reference Manual
Page 268
...are not preserved after making the changes. SNMP lets you monitor and manage your VPN firewall from the menu. SNMP exposes management data in the form of the VPN firewall (see Figure 8-4 on the managed systems, which describe the system configuration. ...login and password information (or enter guest and password to its factory defaults (or use your computer's command-line prompt, enter the following command: telnet 192.168.1.1 2. Enter admin and password when prompted for conditions that warrant administrative attention. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference ...
...are not preserved after making the changes. SNMP lets you monitor and manage your VPN firewall from the menu. SNMP exposes management data in the form of the VPN firewall (see Figure 8-4 on the managed systems, which describe the system configuration. ...login and password information (or enter guest and password to its factory defaults (or use your computer's command-line prompt, enter the following command: telnet 192.168.1.1 2. Enter admin and password when prompted for conditions that warrant administrative attention. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference ...
SRX5308 Reference Manual
Page 273
..., click the Restore button. Warning: When you do not interrupt the process. Note: After rebooting with factory default settings, the VPN firewall's password is password and the LAN IP address is running, select Monitoring from the Settings Backup and Firmware Upgrade screen (see "Rear... version in the System Info section of the restore operation. To restore the factory default configuration settings when you push the hardware reset button or click the software Default button, the VPN firewall settings are lost. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 3.
..., click the Restore button. Warning: When you do not interrupt the process. Note: After rebooting with factory default settings, the VPN firewall's password is password and the LAN IP address is running, select Monitoring from the Settings Backup and Firmware Upgrade screen (see "Rear... version in the System Info section of the restore operation. To restore the factory default configuration settings when you push the hardware reset button or click the software Default button, the VPN firewall settings are lost. ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual 3.
SRX5308 Reference Manual
Page 284
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 9-2. Complete the fields that are sent, and then ...Hourly. or p.m. The SMTP server requires authentication with CRAM-MD5 login. Specify the user name and password to an email address. Password The password for sending the logs. The Ident protocol is Identd). The logs are sent. Return E-Mail A... Select the Respond to Identd from SMTP Server check box to respond to you leave this is the default setting. From the Unit drop-down list select the hour on which the notifications are sent weekly....
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 9-2. Complete the fields that are sent, and then ...Hourly. or p.m. The SMTP server requires authentication with CRAM-MD5 login. Specify the user name and password to an email address. Password The password for sending the logs. The Ident protocol is Identd). The logs are sent. Return E-Mail A... Select the Respond to Identd from SMTP Server check box to respond to you leave this is the default setting. From the Unit drop-down list select the hour on which the notifications are sent weekly....