User ManualTable of ContentsReference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v21Product and Publication Details3Contents5Chapter 1 About This Manual15Audience, Scope, Conventions, and Formats15How to Use This Manual16How to Print this Manual17Chapter 2 Introduction19Key Features of the FWG114P v219Full Routing on Both the Broadband and Serial Ports20802.11g and 802.11b Wireless Networking20Virtual Private Networking21Wireless Multimedia (WMM) Support21A Powerful, True Firewall with Content Filtering21Security22Autosensing Ethernet Connections with Auto Uplink22Extensive Protocol Support23Easy Installation and Management24NETGEAR Related Products24Package Contents25The FWG114P v2 Front Panel25The FWG114P v2 Rear Panel26Chapter 3 Connecting the FWG114P v2 to the Internet29What You Will Need Before You Begin29Cabling and Computer Hardware Requirements29Computer Network Configuration Requirements29Internet Configuration Requirements30Where Do I Get the Internet Configuration Parameters?30Record Your Internet Connection Information31Connecting the FWG114P v2 Wireless Firewall/Print Server32Verify That Basic Requirements Are Met32Basic Setup Troubleshooting Tips38FWG114P v2 Setup Wizard Auto Detection38Wizard-Detected Login Account Setup39Wizard-Detected Dynamic IP Account Setup41Wizard-Detected Fixed IP Account Setup42How to Configure the Serial Port as the Primary Internet Connection43Testing Your Internet Connection45Manually Configuring Your Internet Connection46How to Manually Configure the Primary Internet Connection47Chapter 4 Wireless Configuration49Observing Performance, Placement, and Range Guidelines49Implementing Appropriate Wireless Security50Understanding Wireless Settings51Default Factory Settings54Before You Change the SSID and WEP Settings55How to Set Up and Test Basic Wireless Connectivity56How to Restrict Wireless Access by MAC Address57How to Configure WEP58How to Configure WPA with Radius60How to Configure WPA2 with Radius62How to Configure WPA and WPA2 with Radius64How to Configure WPA-PSK66How to Configure WPA2-PSK68How to Configure WPA-PSK and WPA2-PSK69Chapter 5 Serial Port Configuration71Configuring a Serial Port Modem72Basic Requirements for Serial Port Modem Configuration72How to Configure a Serial Port Modem72Configuring Auto-Rollover73Basic Requirements for Auto-Rollover73How to Configure Auto-Rollover73Configuring Dial-in on the Serial Port74Basic Requirements for Dial-in75How to Configure Dial-in75Configuring LAN-to-LAN Settings76Basic Requirements for LAN-to-LAN Connections76How to Configure LAN-to-LAN Connections76Chapter 6 Firewall Protection and Content Filtering79Firewall Protection and Content Filtering Overview79Using the Block Sites Menu to Screen Content79Services and Rules Regulate Inbound and Outbound Traffic81Defining a Service81Using Inbound/Outbound Rules to Block or Allow Services82Examples of Using Services and Rules to Regulate Traffic84Inbound Rules (Port Forwarding)84Example: Port Forwarding to a Local Public Web Server85Example: Port Forwarding for Videoconferencing86Example: Port Forwarding for VPN Tunnels when NAT is Off86Outbound Rules (Service Blocking or Port Filtering)87Outbound Rule Example: Blocking Instant Messaging88Other Rules Considerations88Order of Precedence for Rules89Rules Menu Options89Using a Schedule to Block or Allow Content or Traffic90Setting the Time Zone91Getting E-Mail Notifications of Event Logs and Alerts91Viewing Logs of Web Access or Attempted Web Access94What to Include in the Event Log95Chapter 7 Print Server97Printing Options97For Windows XP and 2000, Use TCP/IP LPR Printing98For Windows 95/98/Me, Use the Netgear Printer Port Driver102Printing from the Macintosh105Windows Printer Port Management106Troubleshooting the Print Server108Chapter 8 Virtual Private Networking113Overview of FWG114P v2 Policy-Based VPN Configuration113Using Policies to Manage VPN Traffic114Using Automatic Key Management114IKE Policies’ Automatic Key and Authentication Management115VPN Policy Configuration for Auto Key Negotiation118VPN Policy Configuration for Manual Key Exchange121Using Digital Certificates for IKE Auto-Policy Authentication126Certificate Revocation List (CRL)126Walk-Through of Configuration Scenarios on the FWG114P v2127How to Use the VPN Wizard to Configure a VPN Tunnel127VPNC Scenario 1: Gateway to Gateway with Preshared Secrets131Scenario 1: FWG114P v2 to FWG114P v2 with Preshared Secrets132How to Check VPN Connections136VPNC Scenario 2: Gateway-to-Gateway with Certificates137Scenario 2: FWG114P v2 to FWG114P v2 with Certificates138Netgear VPN Client to FWG114P v2144Configuration Profile144Step-By-Step Configuration of FWG114P v2 Gateway145Step-By-Step Configuration of the Netgear VPN Client150Testing the VPN Connection157From the Client PC to the FWG114P v2157From the FWG114P v2 to the Client PC158Monitoring the PC VPN Connection158Viewing the FWG114P v2 VPN Status and Log Information159Chapter 9 Maintenance161Viewing Wireless Firewall/Print Server Status Information161Viewing a List of Attached Devices166Upgrading the Router Software167Configuration File Management167Restoring and Backing Up the Configuration168Erasing the Configuration169Changing the Administrator Password169Chapter 10 Advanced Configuration171Using the WAN Setup Options171How to Configure Dynamic DNS173Using the LAN IP Setup Options175Configuring LAN TCP/IP Setup Parameters175Using the Router as a DHCP server177Using Address Reservation177Configuring Static Routes178Enabling Remote Management Access180Using Universal Plug and Play (UPnP)181Advanced Wireless Settings182Chapter 11 Troubleshooting185Basic Functioning185Power LED Not On185LEDs Never Turn Off186LAN or Internet Port LEDs Not On186Troubleshooting the Web Configuration Interface187Troubleshooting the ISP Connection188Troubleshooting a TCP/IP Network Using a Ping Utility189Testing the LAN Path to Your Router189Testing the Path from Your Computer to a Remote Device190Restoring the Default Configuration and Password191Problems with Date and Time191Appendix A Technical Specifications193Appendix B Networks, Routing, and Firewall Basics195Related Publications195Basic Router Concepts195What is a Router?195Routing Information Protocol196IP Addresses and the Internet196Netmask198Subnet Addressing198Private IP Addresses201Single IP Address Operation Using NAT201MAC Addresses and Address Resolution Protocol203Related Documents203Domain Name Server203IP Configuration by DHCP204Internet Security and Firewalls204What is a Firewall?205Stateful Packet Inspection205Denial of Service Attack205Ethernet Cabling205Category 5 Cable Quality206Inside Twisted Pair Cables207Uplink Switches, Crossover Cables, and MDI/MDIX Switching208Appendix C Preparing Your Network211Preparing Your Computers for TCP/IP Networking211Configuring Windows 95, 98, and Me for TCP/IP Networking212Install or Verify Windows Networking Components212Enabling DHCP to Automatically Configure TCP/IP Settings214Selecting Windows’ Internet Access Method214Verifying TCP/IP Properties215Configuring Windows NT, 2000 or XP for IP Networking215Installing or Verifying Windows Networking Components215Verifying TCP/IP Properties216Configuring the Macintosh for TCP/IP Networking216MacOS 8.6 or 9.x216MacOS X217Verifying TCP/IP Properties for Macintosh Computers218Verifying the Readiness of Your Internet Account219Are Login Protocols Used?219What Is Your Configuration Information?219Obtaining ISP Configuration Information for Windows Computers220Obtaining ISP Configuration Information for Macintosh Computers221Restarting the Network222Appendix D Firewall Log Formats223Action List223Field List223Outbound Log223Inbound Log224Other IP Traffic224Router Operation225Other Connections and Traffic to this Router226DoS Attack/Scan226Access Block Site228All Web Sites and News Groups Visited228System Admin Sessions228Policy Administration LOG229Appendix E Wireless Networking Basics231Wireless Networking Overview231Infrastructure Mode231Ad Hoc Mode (Peer-to-Peer Workgroup)232Network Name: Extended Service Set Identification (ESSID)232Authentication and WEP Data Encryption232802.11 Authentication233Open System Authentication233Shared Key Authentication234Overview of WEP Parameters235Key Size236WEP Configuration Options237Wireless Channels237WPA Wireless Security238How Does WPA Compare to WEP?239How Does WPA Compare to IEEE 802.11i?240What are the Key Features of WPA Security?240WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS242WPA Data Encryption Key Management244Is WPA Perfect?246Product Support for WPA246Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged246Changes to Wireless Access Points247Changes to Wireless Network Adapters247Changes to Wireless Client Programs248Appendix F Virtual Private Networking249What is a VPN?249What is IPSec and How Does It Work?250IPSec Security Features250IPSec Components250Encapsulating Security Payload (ESP)251Authentication Header (AH)252IKE Security Association252Mode253Key Management254Understand the Process Before You Begin254VPN Process Overview255Network Interfaces and Addresses255Interface Addressing255Firewalls256Setting Up a VPN Tunnel Between Gateways256VPNC IKE Security Parameters258VPNC IKE Phase I Parameters258VPNC IKE Phase II Parameters259Testing and Troubleshooting259Additional Reading259Appendix G NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2261Configuration Template261Step-By-Step Configuration of FVS318 or FVM318 Gateway A262Step-By-Step Configuration of FWG114P Gateway B265Test the VPN Connection269Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328271Configuration Template271Using DDNS and Fully Qualified Domain Names (FQDN)272Step-By-Step Configuration of FVS318 or FVM318 Gateway A273Step-By-Step Configuration of FVS328 Gateway B277Test the VPN Connection281Glossary283Size: 8.05 MBPages: 296Language: EnglishOpen manual
User ManualTable of ContentsTesting the VPN Connection5From the Client PC to the FWG114P5From the FWG114P to the Client PC6Monitoring the PC VPN Connection6Viewing the FWG114P VPN Status and Log Information7Chapter 9 Maintenance9Viewing Wireless Firewall/Print Server Status Information9Viewing a List of Attached Devices13Upgrading the Router Software14Configuration File Management14Restoring and Backing Up the Configuration15Erasing the Configuration16Changing the Administrator Password16Chapter 10 Advanced Configuration17Using the WAN Setup Options17How to Configure Dynamic DNS19Using the LAN IP Setup Options21Configuring LAN TCP/IP Setup Parameters21Using the Router as a DHCP server23Using Address Reservation23Configuring Static Routes24Enabling Remote Management Access26Using Universal Plug and Play (UPnP)27Advanced Wireless Settings28Chapter 11 Troubleshooting31Basic Functioning31Power LED Not On31LEDs Never Turn Off32LAN or Internet Port LEDs Not On32Troubleshooting the Web Configuration Interface33Troubleshooting the ISP Connection34Troubleshooting a TCP/IP Network Using a Ping Utility35Testing the LAN Path to Your Router35Testing the Path from Your Computer to a Remote Device36Restoring the Default Configuration and Password37Problems with Date and Time37Appendix A Technical Specifications39Appendix B Networks, Routing, and Firewall Basics41Related Publications41Basic Router Concepts41What is a Router?41Routing Information Protocol42IP Addresses and the Internet42Netmask44Subnet Addressing44Private IP Addresses47Single IP Address Operation Using NAT47MAC Addresses and Address Resolution Protocol49Related Documents49Domain Name Server49IP Configuration by DHCP50Internet Security and Firewalls50What is a Firewall?51Stateful Packet Inspection51Denial of Service Attack51Ethernet Cabling51Category 5 Cable Quality52Inside Twisted Pair Cables53Uplink Switches, Crossover Cables, and MDI/MDIX Switching54Appendix C Preparing Your Network57Preparing Your Computers for TCP/IP Networking57Configuring Windows 95, 98, and Me for TCP/IP Networking58Install or Verify Windows Networking Components58Enabling DHCP to Automatically Configure TCP/IP Settings60Selecting Windows’ Internet Access Method60Verifying TCP/IP Properties61Configuring Windows NT, 2000 or XP for IP Networking61Installing or Verifying Windows Networking Components61Verifying TCP/IP Properties62Configuring the Macintosh for TCP/IP Networking62MacOS 8.6 or 9.x62MacOS X63Verifying TCP/IP Properties for Macintosh Computers64Verifying the Readiness of Your Internet Account65Are Login Protocols Used?65What Is Your Configuration Information?65Obtaining ISP Configuration Information for Windows Computers66Obtaining ISP Configuration Information for Macintosh Computers67Restarting the Network68Appendix D Firewall Log Formats69Action List69Field List69Outbound Log69Inbound Log70Other IP Traffic70Router Operation71Other Connections and Traffic to this Router72DoS Attack/Scan72Access Block Site74All Web Sites and News Groups Visited74System Admin Sessions74Policy Administration LOG75Appendix E Wireless Networking Basics77Wireless Networking Overview77Infrastructure Mode77Ad Hoc Mode (Peer-to-Peer Workgroup)78Network Name: Extended Service Set Identification (ESSID)78Authentication and WEP Data Encryption78802.11 Authentication79Open System Authentication79Shared Key Authentication80Overview of WEP Parameters81Key Size82WEP Configuration Options83Wireless Channels83WPA Wireless Security84How Does WPA Compare to WEP?85How Does WPA Compare to IEEE 802.11i?86What are the Key Features of WPA Security?86WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS88WPA Data Encryption Key Management90Is WPA Perfect?92Product Support for WPA92Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged92Changes to Wireless Access Points93Changes to Wireless Network Adapters93Changes to Wireless Client Programs94Appendix F Virtual Private Networking95What is a VPN?95What is IPSec and How Does It Work?96IPSec Security Features96IPSec Components96Encapsulating Security Payload (ESP)97Authentication Header (AH)98IKE Security Association98Mode99Key Management100Understand the Process Before You Begin100VPN Process Overview101Network Interfaces and Addresses101Interface Addressing101Firewalls102Setting Up a VPN Tunnel Between Gateways102VPNC IKE Security Parameters104VPNC IKE Phase I Parameters104VPNC IKE Phase II Parameters105Testing and Troubleshooting105Additional Reading105Appendix G NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P107Configuration Template107Step-By-Step Configuration of FVS318 or FVM318 Gateway A108Step-By-Step Configuration of FWG114P Gateway B111Test the VPN Connection115Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328117Configuration Template117Using DDNS and Fully Qualified Domain Names (FQDN)118Step-By-Step Configuration of FVS318 or FVM318 Gateway A119Step-By-Step Configuration of FVS328 Gateway B123Test the VPN Connection127Glossary129List of Glossary Terms129Index137Size: 2.58 MBPages: 140Language: EnglishOpen manual
