Manual De UsuarioTabla de contenidosProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual1Contents7About This Manual13Conventions, Formats, and Scope13How to Use This Manual14How to Print this Manual14Revision History15Chapter 1 Introduction17Key Features17Dual WAN Ports for Increased Reliability or Outbound Load Balancing18Advanced VPN Support for Both IPsec and SSL18A Powerful, True Firewall with Content Filtering19Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support20Easy Installation and Management20Maintenance and Support21Package Contents21Front Panel Features22Rear Panel Features23Default IP Address, Login Name, and Password Location24Qualified Web Browsers24Chapter 2 Connecting the FVS336G to the Internet27Understanding the Connection Steps27Logging into the VPN Firewall Router28Navigating the Menus30Configuring the Internet Connections30Automatically Detecting and Connecting30Manually Configuring the Internet Connection34Configuring the WAN Mode (Required for Dual WAN)37Network Address Translation38Classical Routing38Configuring Auto-Rollover Mode39Configuring Load Balancing41Configuring Dynamic DNS (Optional)43Configuring the Advanced WAN Options (Optional)45Additional WAN Related Configuration47Chapter 3 LAN Configuration49Using the VPN Firewall as a DHCP server49Configuring the LAN Setup Options50Managing Groups and Hosts (LAN Groups)53Viewing the LAN Groups Database54Changing Group Names in the LAN Groups Database55Configuring DHCP Address Reservation56Configuring Multi Home LAN IP Addresses57Configuring Static Routes58Configuring Static Routes58Configuring Routing Information Protocol (RIP)60Chapter 4 Firewall Protection and Content Filtering63About Firewall Protection and Content Filtering63Using Rules to Block or Allow Specific Kinds of Traffic64About Services-Based Rules65Viewing the Rules69Order of Precedence for Rules70Setting the Default Outbound Policy70Creating a LAN WAN Outbound Services Rule71Creating a LAN WAN Inbound Services Rule72Inbound Rules Examples74Outbound Rules Example77Adding Customized Services77Setting Quality of Service (QoS) Priorities79Attack Checks80Blocking Internet Sites (Content Filtering)82Configuring Source MAC Filtering86Configuring IP/MAC Address Binding Alerts88Configuring Port Triggering89Setting a Schedule to Block or Allow Specific Traffic91Configuring a Bandwidth Profile92Configuring Session Limits94E-Mail Notifications of Event Logs and Alerts95Administrator Tips95Chapter 5 Virtual Private Networking Using IPsec97Considerations for Dual WAN Port Systems97Configuring an IPsec VPN Connection using the VPN Wizard100Creating a VPN Tunnel to a Gateway100Creating a VPN Tunnel Connection to a VPN Client104Managing VPN Tunnel Policies109About IKE109Managing IKE Policies109About the IKE Policy Table110VPN Policy110VPN Tunnel Connection Status112Creating a VPN Client Connection: VPN Client to FVS336G112Configuring the FVS336G113Configuring the VPN Client113Testing the Connection115Configuring Extended Authentication (XAUTH)115Configuring XAUTH for VPN Clients116User Database Configuration117RADIUS Client Configuration117Manually Assigning IP Addresses to Remote Users (ModeConfig)119Mode Config Operation119Configuring the VPN Firewall120Configuring the ProSafe VPN Client for ModeConfig123Configuring Keepalives and Dead Peer Detection125Configuring Keepalive125Configuring NetBIOS Bridging with VPN127Chapter 6 Virtual Private Networking Using SSL Connections129Understanding the Portal Options129Planning for SSL VPN130Creating the Portal Layout131Configuring Domains, Groups, and Users135Configuring Applications for Port Forwarding135Adding Servers136Adding A New Host Name137Configuring the SSL VPN Client138Configuring the Client IP Address Range139Adding Routes for VPN Tunnel Clients140Replacing and Deleting Client Routes140Using Network Resource Objects to Simplify Policies141Adding New Network Resources141Configuring User, Group, and Global Policies143Viewing Policies144Adding a Policy145Chapter 7 Managing Users, Authentication, and Certificates149Adding Authentication Domains, Groups, and Users149Creating a Domain149Creating a Group151Creating a New User Account152Setting User Login Policies154Managing Certificates156Viewing and Loading CA Certificates157Viewing Active Self Certificates158Obtaining a Self Certificate from a Certificate Authority159Managing your Certificate Revocation List (CRL)162Chapter 8 Router and Network Management165Performance Management165Bandwidth Capacity165Features That Reduce Traffic166Features That Increase Traffic169Using QoS to Shift the Traffic Mix172Tools for Traffic Management172Changing Passwords and Administrator Settings172Enabling Remote Management Access174Using the Command Line Interface176Using an SNMP Manager177Configuration File Management179Upgrading the Firmware181Configuring Date and Time Service182Chapter 9 Monitoring System Performance185Enabling the Traffic Meter185Activating Notification of Events and Alerts188Viewing Firewall Logs190Viewing Router Configuration and System Status191Monitoring the Status of WAN Ports193Monitoring Attached Devices194Reviewing the DHCP Log196Monitoring Active Users196Viewing Port Triggering Status197Monitoring VPN Tunnel Connection Status198Reviewing the VPN Logs199Chapter 10 Troubleshooting201Basic Functions201Power LED Not On202LEDs Never Turn Off202LAN or WAN Port LEDs Not On202Troubleshooting the Web Configuration Interface203Troubleshooting the ISP Connection204Troubleshooting a TCP/IP Network Using a Ping Utility205Testing the LAN Path to Your VPN Firewall205Testing the Path from Your PC to a Remote Device206Restoring the Default Configuration and Password207Problems with Date and Time207Using the Diagnostics Utilities208Appendix A Default Settings and Technical Specifications211Appendix B Related Documents215Appendix C Network Planning for Dual WAN Ports217What You Will Need to Do Before You Begin217Cabling and Computer Hardware Requirements219Computer Network Configuration Requirements219Internet Configuration Requirements220Where Do I Get the Internet Configuration Parameters?220Internet Connection Information Form221Overview of the Planning Process222Inbound Traffic222Virtual Private Networks (VPNs)222The Roll-over Case for Firewalls With Dual WAN Ports223The Load Balancing Case for Firewalls With Dual WAN Ports223Inbound Traffic224Inbound Traffic to Single WAN Port (Reference Case)224Inbound Traffic to Dual WAN Port Systems224Virtual Private Networks (VPNs)226VPN Road Warrior (Client-to-Gateway)227VPN Gateway-to-Gateway230VPN Telecommuter (Client-to-Gateway Through a NAT Router)233Index237Tamaño: 6 MBPáginas: 245Language: EnglishManuales abiertas