Справочник ПользователяСодержаниеProSafe VPN Firewall 200 FVX538 Reference Manual1Contents7About This Manual13Conventions, Formats and Scope13How to Use This Manual14How to Print this Manual14Revision History15Chapter 1 Introduction17Key Features17Dual WAN Ports for Increased Reliability or Outbound Load Balancing18A Powerful, True Firewall with Content Filtering18Security Features19Autosensing Ethernet Connections with Auto Uplink19Extensive Protocol Support19Trend Micro Integration20Easy Installation and Management20Maintenance and Support21Package Contents21Router Front Panel22Router Rear Panel24Rack Mounting Hardware25The Router’s IP Address, Login Name, and Password25Default Log In Settings26Chapter 2 Connecting the FVX538 to the Internet29Logging into the VPN Firewall29Configuring the Internet Connections to Your ISPs30Setting the Router’s MAC Address33Manually Configuring Your Internet Connection33Programming the Traffic Meter (if Desired)35Configuring the WAN Mode (Required for Dual WAN)38Setting Up Auto-Rollover Mode39Setting Up Load Balancing41Configuring Dynamic DNS (If Needed)43Configuring the Advanced WAN Options (If Needed)46Chapter 3 LAN Configuration49Using the Firewall as a DHCP server49Configuring the LAN Setup Options50Configuring Multi Home LAN IPs52Managing Groups and Hosts (LAN Groups)54Creating the Network Database54Setting Up Address Reservation57Configuring and Enabling the DMZ Port58Static Routes60Configuring Static Routes60Routing Information Protocol (RIP)61Static Route Example63Enabling Trend Micro Antivirus Enforcement63Chapter 4 Firewall Protection and Content Filtering67Using Rules to Block or Allow Specific Kinds of Traffic67Services-Based Rules68Order of Precedence for Rules73Setting LAN WAN Rules73Setting DMZ WAN Rules76Setting LAN DMZ Rules78Attack Checks80Inbound Rules Examples82Outbound Rules Example86Adding Customized Services87Setting Quality of Service (QoS) Priorities89Setting a Schedule to Block or Allow Specific Traffic90Setting Block Sites (Content Filtering)91Enabling Source MAC Filtering93Port Triggering94E-Mail Notifications of Event Logs and Alerts97Administrator Tips101Chapter 5 Virtual Private Networking103Dual WAN Port Systems103Setting up a VPN Connection using the VPN Wizard105Creating a VPN Tunnel to a Gateway106Creating a VPN Tunnel Connection to a VPN Client109VPN Tunnel Policies112IKE Policy112VPN Policy114VPN Tunnel Connection Status115Creating a VPN Gateway Connection: Between FVX538 and FVS338116Configuring the FVX538116Configuring the FVS338121Testing the Connection122Creating a VPN Client Connection: VPN Client to FVX538122Configuring the FVX538122Configuring the VPN Client124Testing the Connection128Certificate Authorities129Generating a Self Certificate Request130Uploading a Trusted Certificate132Managing your Certificate Revocation List (CRL)132Extended Authentication (XAUTH) Configuration133Configuring XAUTH for VPN Clients134User Database Configuration136RADIUS Client Configuration137Manually Assigning IP Addresses to Remote Users (ModeConfig)139Mode Config Operation139Configuring the VPN Firewall140Configuring the ProSafe VPN Client for ModeConfig143Chapter 6 Router and Network Management149Performance Management149Bandwidth Capacity149VPN Firewall Features That Reduce Traffic150VPN Firewall Features That Increase Traffic153Using QoS to Shift the Traffic Mix155Tools for Traffic Management156Administration156Changing Passwords and Settings156Enabling Remote Management Access158Using a SNMP Manager159Settings Backup and Firmware Upgrade161Setting the Time Zone164Monitoring the Router165Enabling the Traffic Meter165Setting Login Failures and Attacks Notification167Monitoring Attached Devices168Viewing Port Triggering Status170Viewing Router Configuration and System Status171Monitoring WAN Ports Status172Monitoring VPN Tunnel Connection Status173VPN Logs174DHCP Log175Performing Diagnostics175Chapter 7 Troubleshooting179Basic Functions179Power LED Not On179LEDs Never Turn Off180LAN or Internet Port LEDs Not On180Troubleshooting the Web Configuration Interface180Troubleshooting the ISP Connection182Troubleshooting a TCP/IP Network Using a Ping Utility183Testing the LAN Path to Your Firewall183Testing the Path from Your PC to a Remote Device184Restoring the Default Configuration and Password185Problems with Date and Time185Appendix A Default Settings and Technical Specifications187Appendix B Related Documents191Appendix C Network Planning for Dual WAN Ports193What You Will Need to Do Before You Begin193Cabling and Computer Hardware Requirements195Computer Network Configuration Requirements195Internet Configuration Requirements195Where Do I Get the Internet Configuration Parameters?196Internet Connection Information Form197Overview of the Planning Process198Inbound Traffic198Virtual Private Networks (VPNs)198The Roll-over Case for Firewalls With Dual WAN Ports199The Load Balancing Case for Firewalls With Dual WAN Ports199Inbound Traffic200Inbound Traffic to Single WAN Port (Reference Case)200Inbound Traffic to Dual WAN Port Systems200Virtual Private Networks (VPNs)202VPN Road Warrior (Client-to-Gateway)203VPN Gateway-to-Gateway206VPN Telecommuter (Client-to-Gateway Through a NAT Router)209Index213Размер: 7,4 МБСтраницы: 222Язык: EnglishПросмотреть