Netgear FVS336G-300NAS Specifications Page 403
- Page / 693
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Set Up Virtual Private Networking With IPSec Connections
403
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv3
General
Policy Name A descriptive name of the IKE policy for identification and management purposes.
This example uses ModeConfigAME_Sales.
Note: The name is not supplied to the remote VPN endpoint.
Direction / Type Responder is automatically selected when you select the Mode Config record in
the Mode Config Record section. This ensures that the VPN firewall responds to
an IKE request from the remote endpoint but does not initiate one.
Exchange Mode Aggressive mode is automatically selected when you select the Mode Config
record in the Mode Config Record section.
Local
Select Local Gateway Select a WAN interface from the menu to specify the WAN interface for the local
gateway.
Identifier Type From the menu, select FQDN.
Note: Mode Config requires that the VPN firewall (that is, the local endpoint) is
defined by an FQDN.
Identifier Enter an FQDN for the VPN firewall. This example uses router.com.
Remote
Identifier Type From the menu, select FQDN.
Note: Mode Config requires that the remote endpoint is defined by an FQDN.
Identifier Enter the FQDN for the remote endpoint. This must be an FQDN that is not used
in any other IKE policy. This example uses client.com.
IKE SA Parameters
Encryption Algorithm To negotiate the security association (SA), from the menu, select the 3DES
algorithm.
Authentication
Algorithm
From the menu, select the SHA-1 algorithm to be used in the VPN header for the
authentication process.
Authentication Method Select Pre-shared key as the authentication method, and enter a key in the
Pre-shared key field.
Pre-shared key A key with a minimum length of 8 characters and no more than 49 characters. Do
not use a double quote (''), single quote ('), or space in the key. This example uses
H8!spsf3#JYK2!.
Diffie-Hellman (DH)
Group
The DH Group sets the strength of the algorithm in bits. From the menu, select
Group 2 (1024 bit).
SA-Lifetime (sec) The period in seconds for which the IKE SA is valid. When the period times out,
the next rekeying occurs. The default setting is 28800 seconds (eight hours).
However, for a Mode Config configuration, NETGEAR recommends 3600 seconds
(one hour).
Setting Description
- ProSAFE Dual WAN Gigabit SSL 1
- Firewall 1
- Compliance 2
- Trademarks 2
- Revision History 2
- Contents 3
- Key Features and Capabilities 13
- Security Features 16
- Extensive Protocol Support 16
- Maintenance and Support 17
- Package Contents 18
- Hardware Features 18
- Back Panel 20
- DEFAULT ACCESS 21
- Login Requirements 22
- IPv4 Requirements 24
- IPv6 Requirements 24
- WAN Settings 28
- Complete these tasks: 29
- Classical Routing 31
- IPv4 Internet Connection 32
- Protocol Binding 50
- Method for IPv4 Interfaces 56
- Secondary IPv4 WAN Addresses 60
- Dynamic DNS 63
- Configure Dynamic DNS 63
- Managing Advanced WAN Options 66
- Change a QoS Profile 82
- IPv6 Network 87
- IPv6 Routing Mode 88
- Enable the IPv6 Routing Mode 89
- Connection Automatically 90
- 6to4 Tunnel 101
- ISATAP Tunnel 103
- Configure an ISATAP Tunnel 104
- Change an ISATAP Tunnel 105
- Stateless IP/ICMP Translation 108
- Interfaces 112
- What to Do Next 114
- IPv4 LANs and VLANs 116
- Port-Based VLANs 117
- Assign VLAN Profiles 117
- DHCP Servers 119
- DHCP Relay 120
- DNS Proxy 120
- LDAP Servers 120
- Add a VLAN Profile 121
- 7. Click the Add button 122
- Change a VLAN Profile 125
- Network Database 133
- DHCP Address Reservation 134
- Manage the Network Database 134
- IPv4 DMZ 141
- Manage Static IPv4 Routing 145
- Add a Static IPv4 Route 146
- 9. Click the Apply button 147
- Change a Static IPv4 Route 148
- IPv4 Static Route Example 152
- Manage the IPv6 LAN 154
- Delegation for the LAN 156
- Setting Description 162
- IPv6 LAN Setup 162
- 10. Click the Apply button 163
- Your settings are saved 163
- Add an IPv6 LAN Address Pool 169
- Add Advertisement Prefixes 176
- IPv6 DMZ 185
- Add an IPv6 DMZ Address Pool 201
- Manage Static IPv6 Routing 205
- Change a Static IPv6 Route 207
- 9. Click the Delete button 209
- Customize Firewall Protection 210
- Firewall Protection 211
- Firewall Rules Overview 212
- Default LAN WAN Rules 212
- Default DMZ WAN Rules 213
- Default LAN DMZ Rules 213
- Number of Rules Supported 213
- Categories of Service 213
- Order of Precedence 214
- Settings for Inbound Rules 219
- Add LAN WAN Rules 225
- Add DMZ WAN Rules 235
- Add LAN DMZ Rules 244
- To manage an existing rule: 253
- Examples of Firewall Rules 254
- WAN Rules screen 256
- Addresses 257
- Single LAN User 262
- LAN WAN Rules screen 265
- Site on the Internet 266
- Manage VPN Pass-Through 271
- VPN Pass-Through 272
- Set Limits for IPv4 Sessions 274
- Multicast Pass-Through 278
- Manage Firewall Objects 281
- Firewall Objects 282
- Manage Customized Services 282
- Services Overview 283
- Add a Customized Service 283
- Change a Customized Service 284
- Service Groups Overview 286
- Add a Service Group 287
- Change a Service Group 288
- IP Address Groups Overview 290
- Add an IP Address Group 290
- Change an IP Address Group 292
- Define a Schedule 294
- IPv4 QoS Profiles Overview 296
- Add an IPv4 QoS Profile 296
- Change an IPv4 QoS Profile 298
- Bandwidth Profiles Overview 301
- Change a Bandwidth Profile 304
- Protect Your Network 307
- Manage Content Filtering 308
- Enable Source MAC Filtering 314
- Manage IP/MAC Bindings 316
- Change an IPv4/MAC Binding 319
- Number of Dropped Packets 321
- Change an IPv6/MAC Binding 324
- Manage Port Triggering 327
- Add a Port Triggering Rule 328
- Change a Port Triggering Rule 330
- To enable UPnP: 332
- With IPSec Connections 335
- Dual WAN Port Systems 336
- Configurations 337
- IPSec VPN Wizard Overview 338
- 8. Click the Apply button 342
- Client-to-Gateway Tunnels 347
- 4. Click the Next button 353
- ProSAFE VPN Client 357
- 5. Click the Save button 359
- 8. Click the Save button 360
- 12. Click the Save button 362
- Information 363
- IKE Policies 369
- View the IKE Policies 369
- To view the IKE policies: 370
- Manually Add an IKE Policy 371
- IPv6 settings are identical 373
- Change an IKE Policy 378
- VPN Policies Overview 381
- View the VPN Policies 382
- Manually Add a VPN Policy 384
- Change a VPN Policy 389
- Mode Config Overview 397
- 14. Click the Apply button 404
- Operation 405
- Change a Mode Config Record 413
- Configure Keep-Alives 415
- Dead Peer Detection 417
- Manage the PPTP Server 420
- Item Description 423
- Manage the L2TP Server 424
- L2TP Server Configuration 425
- SSL VPN Portals Overview 429
- SSL VPN Wizard Overview 431
- WARNING: 433
- Domains on page 492 437
- 10. Click the Next button 437
- Disconnect Active Users 447
- Portal Layouts Overview 451
- Create a Portal Layout 451
- Change a Portal Layout 454
- To change a portal layout: 455
- SSL VPN Clients Overview 462
- Network Objects Overview 470
- Add an SSL Network Resource 471
- Add Resource Addresses 473
- SSL Policies Overview 476
- View SSL VPN Policies 477
- VPN Certificates 490
- VPN Firewall’s Authentication 491
- Accounts 492
- Add an Authentication Domain 493
- Manage Authentication Groups 498
- Add an Authentication Group 499
- Manage User Accounts 502
- User Accounts Overview 503
- Add a User Account 504
- Change a User Account 506
- Configure Login Policies 508
- To change a password: 515
- VPN Certificates Overview 517
- Upload a CA Certificate 518
- Remove a CA Certificate 520
- View Self-Signed Certificates 524
- To remove one or more CSRs: 525
- To remove one or more CRLs: 528
- Figure 12. Security alert 529
- Optimize Performance and 530
- Manage Your System 530
- Performance Management 531
- Features That Reduce Traffic 532
- Content Filtering 533
- Source MAC Filtering 534
- Port Triggering 536
- DMZ Port 536
- Exposed Hosts 536
- VPN, L2TP, and PPTP Tunnels 536
- Setting QoS Priorities 537
- Assigning Bandwidth Profiles 537
- Remote Access 538
- Configure Remote Access 539
- To access the CLI: 541
- SNMP Overview 542
- Change an SNMP Configuration 544
- Manage the Configuration File 550
- Back Up Settings 551
- Restore Settings 552
- Upgrade the Firmware 554
- Monitor System Access and 561
- Performance 561
- 11. Click the Apply button 567
- Configure and Activate Logs 571
- Enable the Syslogs 575
- View the DNS Logs 578
- View the NTP Logs 579
- View the System Status 586
- View the VLAN Status 594
- View the IPv6 Tunnel Status 595
- View the VPN Logs 597
- Connection 598
- View the Attached Devices 603
- View the DHCP Log 605
- All log entries are removed 606
- Use the Diagnostics Utilities 608
- Trace a Route 610
- Look Up a DNS Address 612
- Display the Routing Tables 612
- Capture Packets in Real Time 613
- Check the WAN IP Address 619
- Interface 626
- WAN Ports 628
- Planning Overview 629
- Planning for Inbound Traffic 634
- Reliability 640
- Log Message Terms 646
- System Log Messages 646
- Login and Logout 647
- System Startup 648
- Firewall Restart 648
- ICMP Redirect Logs 649
- Multicast and Broadcast Logs 650
- Load Balancing 650
- Auto-Rollover 650
- PPP Logs 652
- • PPTP idle time-out logs 653
- • PPP authentication logs 653
- IPSec VPN Logs 654
- SSL VPN Logs 659
- Routing Logs 660
- LAN to WAN Logs 661
- LAN to DMZ Logs 661
- DMZ to WAN Logs 661
- WAN to LAN Logs 661
- Other Event Logs 662
- Source MAC Filter Logs 663
- Bandwidth Limit Logs 663
- DHCP Logs 664
- Two-Factor Authentication 665
- Two-Factor Authentication 666
- 7. Click the Login button 669
- You are logged in 669
- Specifications 670
- Factory Default Settings 671
- Numerics 679
© 2020, manymanuals.com. All rights reserved. | 2.768 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals