Справочник ПользователяСодержаниеFVS338 ProSafe VPN Firewall 50 Reference Manual1Contents7About This Manual13Conventions, Formats and Scope13How to Use This Manual14How to Print this Manual14Revision History15Chapter 1 Introduction17Key Features17Full Routing on Both the Broadband and Serial WAN Ports18A Powerful, True Firewall with Content Filtering18Security18Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support19Trend Micro Integration20Easy Installation and Management20Maintenance and Support21Package Contents21Router Hardware Components21Router Front Panel22Router Rear Panel23Rack Mounting Hardware24Factory Default Login24Chapter 2 Connecting the FVS338 to the Internet27Connecting the VPN Firewall to Your Network27Logging in to the VPN Firewall27Configuring your Internet Connection28Setting the Router’s MAC Address (Advanced Options)33Manually Configuring Your Internet Connection35Programming the Traffic Meter (if Desired)38Configuring the WAN Mode41Configuring Dynamic DNS (If Needed)42Chapter 3 LAN Configuration45Configuring Your LAN (Local Area Network)45Using the VPN Firewall as a DHCP Server45Configuring Multi-Home LAN IPs48Managing Groups and Hosts49Creating the Network Database49Setting Up Address Reservation52Configuring Static Routes52Static Route Example53RIP Configuration54Enabling Trend Micro Antivirus Enforcement56Chapter 4 Firewall Protection and Content Filtering59About Firewall Security59Using Rules to Block or Allow Specific Kinds of Traffic59Services-Based Rules60Order of Precedence for Firewall Rules64Setting LAN WAN Rules65LAN WAN Outbound Services Rules66LAN WAN Inbound Services Rules67Attack Checks68Inbound Rules Examples70Outbound Rules Example - Blocking Instant Messenger74Adding Customized Services75Specifying Quality of Service (QoS) Priorities77Setting a Schedule to Block or Allow Traffic78Setting Block Sites (Content Filtering)79Enabling Source MAC Filtering81Setting Up Port Triggering82E-Mail Notifications of Event Logs and Alerts85Administrator Information89Chapter 5 Virtual Private Networking91Dual WAN Port Systems91Setting up a VPN Connection using the VPN Wizard92Creating a VPN Tunnel to a Gateway92Creating a VPN Tunnel Connection to a VPN Client93IKE Policies94IKE Policy Operation94IKE Policy Table95VPN Policies95VPN Policy Operation96VPN Policy Table96VPN Tunnel Connection Status97Creating a VPN Gateway Connection: Between FVS338 and FVX53898Configuring the FVS33898Configuring the FVX538101Testing the Connection102Creating a VPN Client Connection: VPN Client to FVS338102Configuring the FVS338103Configuring the VPN Client104Testing the Connection109Extended Authentication (XAUTH) Configuration110Configuring XAUTH for VPN Clients111User Database Configuration112RADIUS Client Configuration113Manually Assigning IP Addresses to Remote Users (ModeConfig)115ModeConfig Operation116Setting Up ModeConfig116Configuring the ProSafe VPN Client for ModeConfig120Certificates123Trusted Certificates (CA Certificates)123Self Certificates124Managing your Certificate Revocation List (CRL)127Chapter 6 Router and Network Management129Performance Management129VPN Firewall Features That Reduce Traffic129VPN Firewall Features That Increase Traffic132Using QoS to Shift the Traffic Mix135Tools for Traffic Management135Administration135Changing Passwords and Settings135Enabling Remote Management Access137Using a SNMP Manager139Settings Backup and Firmware Upgrade140Setting the Time Zone143Monitoring the Router144Enabling the Traffic Meter144Setting Login Failures and Attacks Notification146Monitoring Attached Devices148Viewing Port Triggering Status149Viewing Router Configuration and System Status150Monitoring WAN Ports Status151Monitoring VPN Tunnel Connection Status152VPN Logs153DHCP Log153Performing Diagnostics154Chapter 7 Troubleshooting157Basic Functions157Power LED Not On157LEDs Never Turn Off158LAN or Internet Port LEDs Not On158Troubleshooting the Web Configuration Interface158Troubleshooting the ISP Connection160Troubleshooting a TCP/IP Network Using a Ping Utility161Testing the LAN Path to Your Firewall161Testing the Path from Your PC to a Remote Device162Restoring the Default Configuration and Password163Problems with Date and Time163Appendix A Default Settings and Technical Specifications165Appendix B Related Documents169Index171Размер: 5,0 МБСтраницы: 178Язык: EnglishПросмотреть
Справочное РуководствоСодержаниеFVS338 ProSafe VPN Firewall 50 Reference Manual1Contents7About This Manual13Conventions, Formats and Scope13How to Use This Manual14How to Print this Manual14Revision History15Chapter 1 Introduction17Key Features17Full Routing on Both the Broadband and Serial WAN Ports18A Powerful, True Firewall with Content Filtering18Security18Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support19Trend Micro Integration20Easy Installation and Management20Maintenance and Support21Package Contents21Router Hardware Components21Router Front Panel22Router Rear Panel23Rack Mounting Hardware24Factory Default Login24Chapter 2 Connecting the FVS338 to the Internet27Connecting the VPN Firewall to Your Network27Logging in to the VPN Firewall27Configuring your Internet Connection28Setting the Router’s MAC Address (Advanced Options)33Manually Configuring Your Internet Connection35Programming the Traffic Meter (if Desired)38Configuring the WAN Mode41Configuring Dynamic DNS (If Needed)42Chapter 3 LAN Configuration45Configuring Your LAN (Local Area Network)45Using the VPN Firewall as a DHCP Server45Configuring Multi-Home LAN IPs48Managing Groups and Hosts49Creating the Network Database49Setting Up Address Reservation52Configuring Static Routes52Static Route Example53RIP Configuration54Enabling Trend Micro Antivirus Enforcement56Chapter 4 Firewall Protection and Content Filtering59About Firewall Security59Using Rules to Block or Allow Specific Kinds of Traffic59Services-Based Rules60Order of Precedence for Firewall Rules64Setting LAN WAN Rules65LAN WAN Outbound Services Rules66LAN WAN Inbound Services Rules67Attack Checks68Inbound Rules Examples70Outbound Rules Example - Blocking Instant Messenger74Adding Customized Services75Specifying Quality of Service (QoS) Priorities77Setting a Schedule to Block or Allow Traffic78Setting Block Sites (Content Filtering)79Enabling Source MAC Filtering81Setting Up Port Triggering82E-Mail Notifications of Event Logs and Alerts85Administrator Information89Chapter 5 Virtual Private Networking91Dual WAN Port Systems91Setting up a VPN Connection using the VPN Wizard92Creating a VPN Tunnel to a Gateway92Creating a VPN Tunnel Connection to a VPN Client93IKE Policies94IKE Policy Operation94IKE Policy Table95VPN Policies95VPN Policy Operation96VPN Policy Table96VPN Tunnel Connection Status97Creating a VPN Gateway Connection: Between FVS338 and FVX53898Configuring the FVS33898Configuring the FVX538101Testing the Connection102Creating a VPN Client Connection: VPN Client to FVS338102Configuring the FVS338103Configuring the VPN Client104Testing the Connection109Extended Authentication (XAUTH) Configuration110Configuring XAUTH for VPN Clients111User Database Configuration112RADIUS Client Configuration113Manually Assigning IP Addresses to Remote Users (ModeConfig)115ModeConfig Operation116Setting Up ModeConfig116Configuring the ProSafe VPN Client for ModeConfig120Certificates123Trusted Certificates (CA Certificates)123Self Certificates124Managing your Certificate Revocation List (CRL)127Chapter 6 Router and Network Management129Performance Management129VPN Firewall Features That Reduce Traffic129VPN Firewall Features That Increase Traffic132Using QoS to Shift the Traffic Mix135Tools for Traffic Management135Administration135Changing Passwords and Settings135Enabling Remote Management Access137Using a SNMP Manager139Settings Backup and Firmware Upgrade140Setting the Time Zone143Monitoring the Router144Enabling the Traffic Meter144Setting Login Failures and Attacks Notification146Monitoring Attached Devices148Viewing Port Triggering Status149Viewing Router Configuration and System Status150Monitoring WAN Ports Status151Monitoring VPN Tunnel Connection Status152VPN Logs153DHCP Log153Performing Diagnostics154Chapter 7 Troubleshooting157Basic Functions157Power LED Not On157LEDs Never Turn Off158LAN or Internet Port LEDs Not On158Troubleshooting the Web Configuration Interface158Troubleshooting the ISP Connection160Troubleshooting a TCP/IP Network Using a Ping Utility161Testing the LAN Path to Your Firewall161Testing the Path from Your PC to a Remote Device162Restoring the Default Configuration and Password163Problems with Date and Time163Appendix A Default Settings and Technical Specifications165Appendix B Related Documents169Index171Размер: 5,0 МБСтраницы: 178Язык: EnglishПросмотреть
Дополнительное РуководствоСодержаниеSummary1Procedure1Using the VPN Wizard to Create a VPN Policy1Verifying the IKE and VPN policy2Modifying the Remote Endpoint Address3Setting the Remote Endpoint Address for a Manually Created VPN Policy4Conclusion4Размер: 77,2 КБСтраницы: 5Язык: EnglishПросмотреть
СправочникСодержаниеReference Manual for the ProSafe VPN Firewall 50 FVS3381Product and Publication Details6Contents7Chapter 1 About This Manual15Audience, Scope, Conventions, and Formats15How to Use This Manual16How to Print this Manual17Chapter 2 Introduction19Key Features of the VPN Firewall19Full Routing on Both the Broadband and Serial WAN Ports20A Powerful, True Firewall with Content Filtering20Security21Autosensing Ethernet Connections with Auto Uplink21Extensive Protocol Support21Easy Installation and Management22Maintenance and Support23Package Contents23The Router’s Front Panel24The Router’s Rear Panel25The Router’s IP Address, Login Name, and Password26Default Factory Settings27NETGEAR Related Products27Chapter 3 Network Planning29Overview of the Planning Process29Single or Multiple Exposed Hosts29Virtual Private Networks (VPNs)29The Fail-over Case for Routers With Dual WAN Ports30Single or Multiple Exposed Hosts30Single Exposed Host31Single Exposed Host: Single WAN Port (Reference Case)31Single Exposed Host: Dual WAN Ports for Improved System Reliability31Multiple Exposed Hosts32Multiple Exposed Hosts: Single WAN Port (Reference Case)32Multiple Exposed Hosts: Dual WAN Ports for Improved System Reliability32Virtual Private Networks (VPNs)33VPN Road Warrior (Client-to-Gateway)34VPN Road Warrior: Single Gateway WAN Port (Reference Case)34VPN Road Warrior: Dual Gateway WAN Ports for Improved System Reliability35VPN Gateway-to-Gateway36VPN Gateway-to-Gateway: Single Gateway WAN Ports (Reference Case)36VPN Gateway-to-Gateway: Dual Gateway WAN Ports for Improved System Reliability37VPN Telecommuter (Client-to-Gateway Through a NAT Router)38VPN Telecommuter: Single Gateway WAN Port (Reference Case)39VPN Telecommuter: Dual Gateway WAN Ports for Improved System Reliability39Chapter 4 Connecting the FVS338 to the Internet41What You Will Need Before You Begin41LAN Hardware Requirements41LAN Configuration Requirements41Internet Configuration Requirements42Where Do I Get the Internet Configuration Parameters?42Worksheet for Recording Your Internet Connection Information43Connecting the FVS338 to Your LAN44How to Connect the FVS338 to Your LAN44Configuring for a Wizard-Detected Login Account47Configuring for a Wizard-Detected Dynamic IP Account48Configuring for a Wizard-Detected Fixed IP (Static) Account49Configuring a Serial Port as the Primary Internet Connection49How to Configure the Serial Port for an Internet Connection49Testing Your Internet Connection53Manually Configuring Your Internet Connection54How to Manually Configure the Primary Internet Connection55Configure Dynamic DNS (If Needed)56Configure the WAN Options (If Needed)58Chapter 5 Serial Port Configuration61Configuring a Serial Port Modem61Basic Requirements for Serial Port Modem Configuration61How to Configure a Serial Port Modem62Configuring Auto-Rollover63Basic Requirements for Auto-Rollover63How to Configure Auto-Rollover63Chapter 6 LAN Configuration65Using the LAN IP Setup Options65Configuring LAN TCP/IP Setup Parameters66Using the Firewall as a DHCP server68Using Address Reservation69Multi Home LAN IPs70DMZ Setup70Exposed Host (Software DMZ)71One-to-One NAT Mapping72Configuring Static Routes74Chapter 7 Firewall Protection and Content Filtering77Firewall Protection and Content Filtering Overview77Using Rules to Block or Allow Specific Kinds of Traffic77Services-Based Rules80Inbound Rules (Port Forwarding)81Outbound Rules (Service Blocking)85Customized Services88Quality of Service (QoS) Priorities90Managing Groups and Hosts92Using a Schedule to Block or Allow Specific Traffic94Time Zone96Block Sites96Source MAC Filtering99Port Triggering100Getting E-Mail Notifications of Event Logs and Alerts102Syslog105Viewing Logs of Web Access or Attempted Web Access105Administrator Information107Chapter 8 Virtual Private Networking109Fully Qualified Domain Names109Creating a VPN Connection: Between FVX538 and FVS338109Configuring the FVX538110Configuring the FVS338114Testing the Connection116Creating a VPN Connection: Netgear VPN Client to FVS338116Configuring the FVS338117Configuring the VPN Client117Testing the Connection125Chapter 9 Router and Network Management127Performance Management127Bandwidth Capacity127VPN Firewall Features That Reduce Traffic128Service Blocking128Block Sites130Source MAC Filtering130VPN Firewall Features That Increase Traffic130Port Forwarding131Port Triggering132Exposed Hosts133VPN Tunnels133Using QoS to Shift the Traffic Mix133Tools for Traffic Management134Administrator Access Authorization134Changing the Administrator Password and Login Timeout134Enabling Remote Management Access135Event Alerts137WAN Port Rollover137Traffic Limits Reached137Login Failures and Attacks138Monitoring140Viewing VPN Firewall Status and Time Information140Firewall Status140Time Information142WAN Ports144WAN Port Connection Status144Dynamic DNS Status145Internet Traffic Information145LAN Ports and Attached Devices146Known PCs and Devices146DHCP Log148Port Triggering Status148Firewall149VPN Tunnels151SNMP153Diagnostics153Configuration File Management155Restoring and Backing Up the Configuration156Upgrading the Firewall Software156Erasing the Configuration (Factory Defaults Reset)157Chapter 10 Troubleshooting159Basic Functioning159Power LED Not On159LEDs Never Turn Off160LAN or Internet Port LEDs Not On160Troubleshooting the Web Configuration Interface161Troubleshooting the ISP Connection162Troubleshooting a TCP/IP Network Using a Ping Utility163Testing the LAN Path to Your Firewall163Testing the Path from Your PC to a Remote Device164Restoring the Default Configuration and Password165Problems with Date and Time165Appendix A Technical Specifications167Appendix B Network, Routing, Firewall, and Basics169Related Publications169Basic Router Concepts169What is a Router?170Routing Information Protocol170IP Addresses and the Internet170Netmask172Subnet Addressing173Private IP Addresses175Single IP Address Operation Using NAT176MAC Addresses and Address Resolution Protocol177Related Documents177Domain Name Server178IP Configuration by DHCP178Internet Security and Firewalls178What is a Firewall?179Stateful Packet Inspection179Denial of Service Attack179Ethernet Cabling179Category 5 Cable Quality180Inside Twisted Pair Cables181Uplink Switches, Crossover Cables, and MDI/MDIX Switching182Appendix C Preparing Your Network185Preparing Your Computers for TCP/IP Networking185Configuring Windows 95, 98, and Me for TCP/IP Networking186Install or Verify Windows Networking Components186Enabling DHCP to Automatically Configure TCP/IP Settings188Selecting Windows’ Internet Access Method190Verifying TCP/IP Properties190Configuring Windows NT4, 2000 or XP for IP Networking191Install or Verify Windows Networking Components191Enabling DHCP to Automatically Configure TCP/IP Settings192DHCP Configuration of TCP/IP in Windows XP192DHCP Configuration of TCP/IP in Windows 2000194DHCP Configuration of TCP/IP in Windows NT4197Verifying TCP/IP Properties for Windows XP, 2000, and NT4199Configuring the Macintosh for TCP/IP Networking200MacOS 8.6 or 9.x200MacOS X200Verifying TCP/IP Properties for Macintosh Computers201Verifying the Readiness of Your Internet Account202Are Login Protocols Used?202What Is Your Configuration Information?202Obtaining ISP Configuration Information for Windows Computers203Obtaining ISP Configuration Information for Macintosh Computers204Restarting the Network205Appendix D Virtual Private Networking207What is a VPN?207What Is IPSec and How Does It Work?208IPSec Security Features208IPSec Components208Encapsulating Security Payload (ESP)209Authentication Header (AH)210IKE Security Association210Mode211Key Management212Understand the Process Before You Begin212VPN Process Overview213Network Interfaces and Addresses213Interface Addressing213Firewalls214Setting Up a VPN Tunnel Between Gateways214VPNC IKE Security Parameters216VPNC IKE Phase I Parameters216VPNC IKE Phase II Parameters217Testing and Troubleshooting217Additional Reading217Glossary219List of Glossary Terms219Numeric219A220B220C221D221E222G223I223L225M225P226Q227R227S227T228U228W228Размер: 5,8 МБСтраницы: 230Язык: EnglishПросмотреть