VerweisanleitungInhaltsverzeichnisProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual1Contents7About This Manual13Conventions, Formats, and Scope13How to Use This Manual14How to Print this Manual14Revision History15Chapter 1 Introduction17Key Features17Dual WAN Ports for Increased Reliability or Outbound Load Balancing18Advanced VPN Support for Both IPsec and SSL18A Powerful, True Firewall with Content Filtering19Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support20Easy Installation and Management20Maintenance and Support21Package Contents21Front Panel Features22Rear Panel Features23Default IP Address, Login Name, and Password Location24Qualified Web Browsers24Chapter 2 Connecting the FVS336G to the Internet27Understanding the Connection Steps27Logging into the VPN Firewall Router28Navigating the Menus30Configuring the Internet Connections31Automatically Detecting and Connecting31Manually Configuring the Internet Connection35Configuring the WAN Mode (Required for Dual WAN)38Network Address Translation39Classical Routing39Configuring Auto-Rollover Mode40Configuring Load Balancing42Configuring Dynamic DNS (Optional)44Configuring the Advanced WAN Options (Optional)46Additional WAN Related Configuration48Chapter 3 LAN Configuration49Using the VPN Firewall as a DHCP server49Configuring the LAN Setup Options50Managing Groups and Hosts (LAN Groups)53Viewing the LAN Groups Database54Changing Group Names in the LAN Groups Database55Configuring DHCP Address Reservation56Configuring Multi Home LAN IP Addresses57Configuring Static Routes58Configuring Static Routes58Configuring Routing Information Protocol (RIP)60Chapter 4 Firewall Protection and Content Filtering63About Firewall Protection and Content Filtering63Using Rules to Block or Allow Specific Kinds of Traffic64Services-Based Rules64Order of Precedence for Rules69Setting the Default Outbound Policy69Creating a LAN WAN Outbound Services Rule70Creating a LAN WAN Inbound Services Rule71Attack Checks72Inbound Rules Examples74Outbound Rules Example78Adding Customized Services78Setting Quality of Service (QoS) Priorities79Setting a Schedule to Block or Allow Specific Traffic80Setting Block Sites (Content Filtering)81Enabling Source MAC Filtering84Port Triggering85E-Mail Notifications of Event Logs and Alerts87Administrator Tips87Chapter 5 Virtual Private Networking Using IPsec89Considerations for Dual WAN Port Systems89Configuring an IPsec VPN Connection using the VPN Wizard92Creating a VPN Tunnel to a Gateway93Creating a VPN Tunnel Connection to a VPN Client96Managing VPN Tunnel Policies101About IKE102Managing IKE Policies102About the IKE Policy Table102VPN Policy103VPN Tunnel Connection Status105Creating a VPN Client Connection: VPN Client to FVS336G105Configuring the FVS336G105Configuring the VPN Client106Testing the Connection107Manually Assigning IP Addresses to Remote Users (ModeConfig)108Mode Config Operation108Configuring the VPN Firewall108Configuring the ProSafe VPN Client for ModeConfig112Extended Authentication (XAUTH) Configuration113Configuring XAUTH for VPN Clients114User Database Configuration115RADIUS Client Configuration115Chapter 6 Virtual Private Networking Using SSL Connections119Understanding the Portal Options119Planning for SSL VPN120Creating the Portal Layout121Configuring Domains, Groups, and Users125Configuring Applications for Port Forwarding125Adding Servers126Adding A New Host Name127Configuring the SSL VPN Client128Configuring the Client IP Address Range129Adding Routes for VPN Tunnel Clients130Replacing and Deleting Client Routes130Using Network Resource Objects to Simplify Policies131Adding New Network Resources131Configuring User, Group, and Global Policies133Viewing Policies134Adding a Policy135Chapter 7 Managing Users, Authentication, and Certificates139Adding Authentication Domains, Groups, and Users139Creating a Domain139Creating a Group141Creating a New User Account142Setting User Login Policies144Managing Certificates147Viewing and Loading CA Certificates147Viewing Active Self Certificates148Obtaining a Self Certificate from a Certificate Authority149Managing your Certificate Revocation List (CRL)152Chapter 8 Router and Network Management155Performance Management155Bandwidth Capacity155Features That Reduce Traffic156Features That Increase Traffic159Using QoS to Shift the Traffic Mix162Tools for Traffic Management162Changing Passwords and Administrator Settings162Enabling Remote Management Access164Using an SNMP Manager166Settings Backup and Firmware Upgrade168Configuring Date and Time Service170Chapter 9 Monitoring System Performance173Enabling the Traffic Meter173Activating Notification of Events and Alerts176Viewing Firewall Logs178Viewing Router Configuration and System Status179Monitoring the Status of WAN Ports181Monitoring Attached Devices182Reviewing the DHCP Log184Monitoring Active Users185Viewing Port Triggering Status185Monitoring VPN Tunnel Connection Status187Reviewing the VPN Logs188Chapter 10 Troubleshooting189Basic Functions189Power LED Not On190LEDs Never Turn Off190LAN or WAN Port LEDs Not On190Troubleshooting the Web Configuration Interface191Troubleshooting the ISP Connection192Troubleshooting a TCP/IP Network Using a Ping Utility193Testing the LAN Path to Your VPN Firewall193Testing the Path from Your PC to a Remote Device194Restoring the Default Configuration and Password195Problems with Date and Time195Diagnostics Functions196Appendix A Default Settings and Technical Specifications199Appendix B Related Documents203Appendix C Network Planning for Dual WAN Ports205What You Will Need to Do Before You Begin205Cabling and Computer Hardware Requirements207Computer Network Configuration Requirements207Internet Configuration Requirements208Where Do I Get the Internet Configuration Parameters?208Internet Connection Information Form209Overview of the Planning Process210Inbound Traffic210Virtual Private Networks (VPNs)210The Roll-over Case for Firewalls With Dual WAN Ports211The Load Balancing Case for Firewalls With Dual WAN Ports211Inbound Traffic212Inbound Traffic to Single WAN Port (Reference Case)212Inbound Traffic to Dual WAN Port Systems212Virtual Private Networks (VPNs)214VPN Road Warrior (Client-to-Gateway)215VPN Gateway-to-Gateway218VPN Telecommuter (Client-to-Gateway Through a NAT Router)221Index225Größe: 5,42 MBSeiten: 233Language: EnglishHandbuch öffnen