Guide D’ExploitationTable des matièresReference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P1Contents5Chapter 1 About This Manual15Audience, Conventions, Scope15How to Use this Manual16How to Print this Manual17Chapter 2 Introduction19Key Features of the FWG114P19Full Routing on Both the Broadband and Serial Ports20802.11g and 802.11b Wireless Networking20Virtual Private Networking21A Powerful, True Firewall with Content Filtering21Security22Autosensing Ethernet Connections with Auto Uplink22Extensive Protocol Support22Easy Installation and Management23Package Contents24The FWG114P Front Panel25The FWG114P Rear Panel26Chapter 3 Connecting the FWG114P to the Internet27What You Will Need Before You Begin27Cabling and Computer Hardware Requirements27Computer Network Configuration Requirements27Internet Configuration Requirements28Where Do I Get the Internet Configuration Parameters?28Record Your Internet Connection Information29Connecting the FWG114P Wireless Firewall/Print Server30Verify That Basic Requirements Are Met30Basic Setup Troubleshooting Tips35FWG114P Setup Wizard Auto Detection35Wizard-Detected Login Account Setup36Wizard-Detected Dynamic IP Account Setup38Wizard-Detected Fixed IP Account Setup39How to Configure the Serial Port as the Primary Internet Connection40Testing Your Internet Connection42Manually Configuring Your Internet Connection43How to Manually Configure the Primary Internet Connection44Chapter 4 Wireless Configuration47Observing Performance, Placement, and Range Guidelines47Implementing Appropriate Wireless Security48Understanding Wireless Settings49Default Factory Settings53Before You Change the SSID and WEP Settings54How to Set Up and Test Basic Wireless Connectivity55How to Restrict Wireless Access by MAC Address56How to Configure WEP57How to Configure WPA58How to Configure WPA-PSK59Chapter 5 Serial Port Configuration61Configuring a Serial Port Modem62Basic Requirements for Serial Port Modem Configuration62How to Configure a Serial Port Modem62Configuring Auto-Rollover63Basic Requirements for Auto-Rollover63How to Configure Auto-Rollover63Configuring Dial-in on the Serial Port64Basic Requirements for Dial-in65How to Configure Dial-in65Configuring LAN-to-LAN Settings66Basic Requirements for LAN-to-LAN Connections66How to Configure LAN-to-LAN Connections66Chapter 6 Firewall Protection and Content Filtering69Firewall Protection and Content Filtering Overview69Using the Block Sites Menu to Screen Content69Services and Rules Regulate Inbound and Outbound Traffic71Defining a Service71Using Inbound/Outbound Rules to Block or Allow Services72Examples of Using Services and Rules to Regulate Traffic74Inbound Rules (Port Forwarding)74Example: Port Forwarding to a Local Public Web Server75Example: Port Forwarding for Videoconferencing76Example: Port Forwarding for VPN Tunnels when NAT is Off76Outbound Rules (Service Blocking or Port Filtering)77Outbound Rule Example: Blocking Instant Messaging78Other Rules Considerations78Order of Precedence for Rules79Rules Menu Options79Using a Schedule to Block or Allow Content or Traffic80Setting the Time Zone81Getting E-Mail Notifications of Event Logs and Alerts81Viewing Logs of Web Access or Attempted Web Access84What to Include in the Event Log85Chapter 7 Print Server87Printing Options87For Windows XP and 2000, Use TCP/IP LPR Printing88For Windows 95/98/Me, Use the Netgear Printer Port Driver91Printing from the Macintosh94Windows Printer Port Management95Troubleshooting the Print Server97Chapter 8 Virtual Private Networking101Overview of FWG114P Policy-Based VPN Configuration101Using Policies to Manage VPN Traffic102Using Automatic Key Management102IKE Policies’ Automatic Key and Authentication Management103VPN Policy Configuration for Auto Key Negotiation106VPN Policy Configuration for Manual Key Exchange109Using Digital Certificates for IKE Auto-Policy Authentication114Certificate Revocation List (CRL)114Walk-Through of Configuration Scenarios on the FWG114P115How to Use the VPN Wizard to Configure a VPN Tunnel115VPNC Scenario 1: Gateway to Gateway with Preshared Secrets119Scenario 1: FWG114P to FWG114P with Preshared Secrets120How to Check VPN Connections124VPNC Scenario 2: Gateway-to-Gateway with Certificates125Scenario 2: FWG114P to FWG114P with Certificates126Netgear VPN Client to FWG114P132Configuration Profile132Step-By-Step Configuration of FWG114P Gateway133Step-By-Step Configuration of the Netgear VPN Client138Testing the VPN Connection145From the Client PC to the FWG114P145From the FWG114P to the Client PC146Monitoring the PC VPN Connection146Viewing the FWG114P VPN Status and Log Information147Chapter 9 Maintenance149Viewing Wireless Firewall/Print Server Status Information149Viewing a List of Attached Devices153Upgrading the Router Software154Configuration File Management154Restoring and Backing Up the Configuration155Erasing the Configuration156Changing the Administrator Password156Chapter 10 Advanced Configuration157Using the WAN Setup Options157How to Configure Dynamic DNS159Using the LAN IP Setup Options161Configuring LAN TCP/IP Setup Parameters161Using the Router as a DHCP server163Using Address Reservation163Configuring Static Routes164Enabling Remote Management Access166Using Universal Plug and Play (UPnP)167Advanced Wireless Settings168Chapter 11 Troubleshooting171Basic Functioning171Power LED Not On171LEDs Never Turn Off172LAN or Internet Port LEDs Not On172Troubleshooting the Web Configuration Interface173Troubleshooting the ISP Connection174Troubleshooting a TCP/IP Network Using a Ping Utility175Testing the LAN Path to Your Router175Testing the Path from Your Computer to a Remote Device176Restoring the Default Configuration and Password177Problems with Date and Time177Appendix A Technical Specifications179Appendix B Networks, Routing, and Firewall Basics181Related Publications181Basic Router Concepts181What is a Router?181Routing Information Protocol182IP Addresses and the Internet182Netmask184Subnet Addressing184Private IP Addresses187Single IP Address Operation Using NAT187MAC Addresses and Address Resolution Protocol189Related Documents189Domain Name Server189IP Configuration by DHCP190Internet Security and Firewalls190What is a Firewall?191Stateful Packet Inspection191Denial of Service Attack191Ethernet Cabling191Category 5 Cable Quality192Inside Twisted Pair Cables193Uplink Switches, Crossover Cables, and MDI/MDIX Switching194Appendix C Preparing Your Network197Preparing Your Computers for TCP/IP Networking197Configuring Windows 95, 98, and Me for TCP/IP Networking198Install or Verify Windows Networking Components198Enabling DHCP to Automatically Configure TCP/IP Settings200Selecting Windows’ Internet Access Method200Verifying TCP/IP Properties201Configuring Windows NT, 2000 or XP for IP Networking201Installing or Verifying Windows Networking Components201Verifying TCP/IP Properties202Configuring the Macintosh for TCP/IP Networking202MacOS 8.6 or 9.x202MacOS X203Verifying TCP/IP Properties for Macintosh Computers204Verifying the Readiness of Your Internet Account205Are Login Protocols Used?205What Is Your Configuration Information?205Obtaining ISP Configuration Information for Windows Computers206Obtaining ISP Configuration Information for Macintosh Computers207Restarting the Network208Appendix D Firewall Log Formats209Action List209Field List209Outbound Log209Inbound Log210Other IP Traffic210Router Operation211Other Connections and Traffic to this Router212DoS Attack/Scan212Access Block Site214All Web Sites and News Groups Visited214System Admin Sessions214Policy Administration LOG215Appendix E Wireless Networking Basics217Wireless Networking Overview217Infrastructure Mode217Ad Hoc Mode (Peer-to-Peer Workgroup)218Network Name: Extended Service Set Identification (ESSID)218Authentication and WEP Data Encryption218802.11 Authentication219Open System Authentication219Shared Key Authentication220Overview of WEP Parameters221Key Size222WEP Configuration Options223Wireless Channels223WPA Wireless Security224How Does WPA Compare to WEP?225How Does WPA Compare to IEEE 802.11i?226What are the Key Features of WPA Security?226WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS228WPA Data Encryption Key Management230Is WPA Perfect?232Product Support for WPA232Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged232Changes to Wireless Access Points233Changes to Wireless Network Adapters233Changes to Wireless Client Programs234Appendix F Virtual Private Networking235What is a VPN?235What is IPSec and How Does It Work?236IPSec Security Features236IPSec Components236Encapsulating Security Payload (ESP)237Authentication Header (AH)238IKE Security Association238Mode239Key Management240Understand the Process Before You Begin240VPN Process Overview241Network Interfaces and Addresses241Interface Addressing241Firewalls242Setting Up a VPN Tunnel Between Gateways242VPNC IKE Security Parameters244VPNC IKE Phase I Parameters244VPNC IKE Phase II Parameters245Testing and Troubleshooting245Additional Reading245Appendix G NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P247Configuration Template247Step-By-Step Configuration of FVS318 or FVM318 Gateway A248Step-By-Step Configuration of FWG114P Gateway B251Test the VPN Connection255Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328257Configuration Template257Using DDNS and Fully Qualified Domain Names (FQDN)258Step-By-Step Configuration of FVS318 or FVM318 Gateway A259Step-By-Step Configuration of FVS328 Gateway B263Test the VPN Connection267Glossary269List of Glossary Terms269Index277Taille: 7,3 MoPages: 280Language: EnglishOuvrir le manuel
