사용자 설명서차례Reference Manual for the ProSafe VPN Firewall FVS318v31Product and Publication Details4Contents5Chapter 1 About This Manual13Audience, Scope, Conventions, and Formats13How to Use This Manual14How to Print this Manual15Chapter 2 Introduction17Key Features of the VPN Firewall17A Powerful, True Firewall with Content Filtering18Security18Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support19Easy Installation and Management20Maintenance and Support20Package Contents21The FVS318v3 Front Panel21The FVS318v3 Rear Panel22NETGEAR-Related Products23NETGEAR Product Registration, Support, and Documentation23Chapter 3 Connecting the Firewall to the Internet25Prepare to Install Your FVS318v3 ProSafe VPN Firewall25First, Connect the FVS318v325Now, Configure the FVS318v3 for Internet Access28Troubleshooting Tips30Overview of How to Access the FVS318v3 VPN Firewall32How to Log On to the FVS318v3 After Configuration Settings Have Been Applied33How to Bypass the Configuration Assistant34Using the Smart Setup Wizard35How to Manually Configure Your Internet Connection36Chapter 4 Firewall Protection and Content Filtering39Firewall Protection and Content Filtering Overview39Block Sites40Using Rules to Block or Allow Specific Kinds of Traffic41Inbound Rules (Port Forwarding)43Inbound Rule Example: A Local Public Web Server43Inbound Rule Example: Allowing a Videoconference from Restricted Addresses44Considerations for Inbound Rules44Outbound Rules (Service Blocking)45Outbound Rule Example: Blocking Instant Messenger45Order of Precedence for Rules46Default DMZ Server46Respond to Ping on Internet WAN Port47Services48Using a Schedule to Block or Allow Specific Traffic50Time Zone51Getting E-Mail Notifications of Event Logs and Alerts52Viewing Logs of Web Access or Attempted Web Access54Syslog55Chapter 5 Basic Virtual Private Networking57Overview of VPN Configuration58Client-to-Gateway VPN Tunnels58Gateway-to-Gateway VPN Tunnels58Planning a VPN59VPN Tunnel Configuration61How to Set Up a Client-to-Gateway VPN Configuration61Step 1: Configuring the Client-to-Gateway VPN Tunnel on the FVS318v362Step 2: Configuring the NETGEAR ProSafe VPN Client on the Remote PC65Monitoring the Progress and Status of the VPN Client Connection72Transferring a Security Policy to Another Client74Exporting a Security Policy74Importing a Security Policy75How to Set Up a Gateway-to-Gateway VPN Configuration76Procedure to Configure a Gateway-to-Gateway VPN Tunnel77VPN Tunnel Control82Activating a VPN Tunnel82Start Using a VPN Tunnel to Activate It82Using the VPN Status Page to Activate a VPN Tunnel82Activate the VPN Tunnel by Pinging the Remote Endpoint83Verifying the Status of a VPN Tunnel85Deactivating a VPN Tunnel86Using the Policy Table on the VPN Policies Page to Deactivate a VPN Tunnel86Using the VPN Status Page to Deactivate a VPN Tunnel87Deleting a VPN Tunnel88Chapter 6 Advanced Virtual Private Networking89Overview of FVS318v3 Policy-Based VPN Configuration89Using Policies to Manage VPN Traffic90Using Automatic Key Management90IKE Policies’ Automatic Key and Authentication Management91VPN Policy Configuration for Auto Key Negotiation93VPN Policy Configuration for Manual Key Exchange97Using Digital Certificates for IKE Auto-Policy Authentication101Certificate Revocation List (CRL)102Walk-Through of Configuration Scenarios on the FVS318v3102VPN Consortium Scenario 1: Gateway-to-Gateway with Preshared Secrets103FVS318v3 Scenario 1: FVS318v3 to Gateway B IKE and VPN Policies104How to Check VPN Connections109Testing the Gateway A FVS318v3 LAN and the Gateway B LAN109FVS318v3 Scenario 2: FVS318v3 to FVS318v3 with RSA Certificates110Chapter 7 Maintenance117Viewing VPN Firewall Status Information117Viewing a List of Attached Devices121Upgrading the Firewall Software121Configuration File Management123Backing Up the Configuration123Restoring the Configuration123Erasing the Configuration124Changing the Administrator Password124Chapter 8 Advanced Configuration125How to Configure Dynamic DNS125Using the LAN IP Setup Options126Configuring LAN TCP/IP Setup Parameters127Using the Firewall as a DHCP server128Using Address Reservation129Configuring Static Routes129Static Route Example131Enabling Remote Management Access131Chapter 9 Troubleshooting135Basic Functioning135Power LED Not On135LEDs Never Turn Off136LAN or Internet Port LEDs Not On136Troubleshooting the Web Configuration Interface137Troubleshooting the ISP Connection138Troubleshooting a TCP/IP Network Using a Ping Utility139Testing the LAN Path to Your Firewall139Testing the Path from Your PC to a Remote Device140Restoring the Default Configuration and Password141Problems with Date and Time141Appendix A Technical Specifications143Appendix B Network, Routing, and Firewall Basics145Related Publications145Basic Router Concepts145What is a Router?146Routing Information Protocol146IP Addresses and the Internet146Netmask148Subnet Addressing149Private IP Addresses151Single IP Address Operation Using NAT152MAC Addresses and Address Resolution Protocol153Related Documents153Domain Name Server153IP Configuration by DHCP154Internet Security and Firewalls154What is a Firewall?155Stateful Packet Inspection155Denial of Service Attack155Ethernet Cabling155Category 5 Cable Quality156Inside Twisted Pair Cables157Uplink Switches, Crossover Cables, and MDI/MDIX Switching158Appendix C Virtual Private Networking161What is a VPN?161What Is IPSec and How Does It Work?162IPSec Security Features162IPSec Components162Encapsulating Security Payload (ESP)163Authentication Header (AH)164IKE Security Association164Mode165Key Management166Understand the Process Before You Begin166VPN Process Overview167Network Interfaces and Addresses167Interface Addressing167Firewalls168VPN Tunnel Between Gateways168VPNC IKE Security Parameters170VPNC IKE Phase I Parameters170VPNC IKE Phase II Parameters171Testing and Troubleshooting171Additional Reading171Appendix D Preparing Your Network173Preparing Your Computers for TCP/IP Networking173Configuring Windows 95, 98, and Me for TCP/IP Networking174Install or Verify Windows Networking Components174Enabling DHCP to Automatically Configure TCP/IP Settings176Selecting Windows’ Internet Access Method178Verifying TCP/IP Properties178Configuring Windows NT4, 2000 or XP for IP Networking179Install or Verify Windows Networking Components179Enabling DHCP to Automatically Configure TCP/IP Settings180DHCP Configuration of TCP/IP in Windows XP180DHCP Configuration of TCP/IP in Windows 2000182DHCP Configuration of TCP/IP in Windows NT4185Verifying TCP/IP Properties for Windows XP, 2000, and NT4187Configuring the Macintosh for TCP/IP Networking188MacOS 8.6 or 9.x188MacOS X188Verifying TCP/IP Properties for Macintosh Computers189Verifying the Readiness of Your Internet Account190Are Login Protocols Used?190What Is Your Configuration Information?190Obtaining ISP Configuration Information for Windows Computers191Obtaining ISP Configuration Information for Macintosh Computers192Restarting the Network193Appendix E VPN Configuration of NETGEAR FVS318v3195Case Study Overview195Gathering the Network Information195Configuring the Gateways196Activating the VPN Tunnel199The FVS318v3-to-FVS318v3 Case200Configuring the VPN Tunnel200Viewing and Editing the VPN Parameters203Initiating and Checking the VPN Connections205The FVS318v3-to-FVS318v2 Case207Configuring the VPN Tunnel207Viewing and Editing the VPN Parameters210Initiating and Checking the VPN Connections212The FVS318v3-to-FVL328 Case214Configuring the VPN Tunnel214Viewing and Editing the VPN Parameters217Initiating and Checking the VPN Connections219The FVS318v3-to-VPN Client Case221Client-to-Gateway VPN Tunnel Overview221Configuring the VPN Tunnel222Initiating and Checking the VPN Connections230Glossary233List of Glossary Terms233Numeric233A233B234C234D235E236G236I236L238M238P239Q240R240S241T241U241W241크기: 6.25메가바이트페이지: 242Language: English매뉴얼 열기