Netgear SRX5308 Specifications Page 243
- Page / 357
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Network and System Management
243
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Using four WAN ports in load balancing mode increases the bandwidth capacity of the WAN
side of the VPN firewall, but there is no backup in case one of the WAN ports fails. When
such a failure occurs, the traffic that would have been sent on the failed WAN port is diverted
to another WAN port that is still working, thus increasing its load. However, there is one
exception: Traffic that is bound by protocol to the WAN port that failed is not diverted.
Features That Reduce Traffic
You can adjust the following features of the VPN firewall in such a way that the traffic load on
the WAN side decreases:
• LAN WAN outbound rules (also referred to as service blocking)
• DMZ WAN outbound rules (also referred to as service blocking)
• Content filtering
• Source MAC filtering
LAN WAN Outbound Rules and DMZ WAN Outbound Rules (Service Blocking)
You can control specific outbound traffic (from LAN to WAN and from the DMZ to WAN). The
LAN WAN Rules screen and the DMZ WAN Rules screen list all existing rules for outbound
traffic. If you have not defined any rules, only the default rule is listed. The default rule allows
all outgoing traffic. Any outbound rule that you create restricts outgoing traffic and therefore
decreases the traffic load on the WAN side.
WARNING!
This feature is for advanced administrators only! Incorrect
configuration might cause serious problems.
Each rule lets you specify the desired action for the connections that are covered by the rule:
• BLOCK always
• BLOCK by schedule, otherwise allow
• ALLOW always
• ALLOW by schedule, otherwise block
The following section summarizes the various criteria that you can apply to outbound rules in
order to reduce traffic. For more information about outbound rules, see Outbound Rules
(Service Blocking) on page 83. For detailed procedures on how to configure outbound rules,
see Set LAN WAN Rules on page 91 and Set DMZ WAN Rules on page 95.
When you define outbound firewall rules, you can further refine their application according to
the following criteria:
• Services. You can specify the services or applications to be covered by an outbound
rule. If the desired service or application does not appear in the list, you need to define it
- ProSafe Gigabit Quad WAN 1
- SSL VPN Firewall SRX5308 1
- Technical Support 2
- Trademarks 2
- Statement of Conditions 2
- Revision History 2
- Contents 3
- Chapter 3 LAN Configuration 4
- Chapter 4 Firewall Protection 4
- Key Features and Capabilities 10
- Introduction 11
- Security Features 12
- Extensive Protocol Support 12
- Maintenance and Support 13
- Package Contents 14
- Hardware Features 14
- Figure 1 15
- Table 1. LED descriptions 15
- Rear Panel 16
- Figure 3 17
- Using the Rack-Mounting Kit 18
- Internet 19
- Log In to the VPN Firewall 20
- Figure 5 21
- Figure 6 22
- Figure 9 24
- Figure 10 25
- Figure 11 26
- Figure 12 27
- Figure 13 28
- Figure 14 29
- Figure 15 30
- Figure 16 31
- Table 5. DNS server settings 31
- Configure the WAN Mode 32
- Configure Classical Routing 33
- Configure Auto-Rollover Mode 34
- Figure 18 35
- Configure Load Balancing 37
- Figure 20 38
- Figure 21 39
- To edit a protocol binding: 40
- Configure Dynamic DNS 42
- To configure DDNS: 43
- Figure 23 44
- Figure 24 45
- Configure WAN QoS Profiles 46
- Figure 25 47
- Figure 26 48
- Figure 27 50
- To edit a QoS profile: 51
- To delete a QoS profile: 51
- Figure 28 52
- What to Do Next 54
- LAN Configuration 55
- Port-Based VLANs 56
- Figure 29 57
- VLAN DHCP Options 58
- Configure a VLAN Profile 59
- Figure 31 60
- To edit a VLAN profile: 64
- Figure 32 65
- Figure 33 66
- Manage the Network Database 68
- Figure 35 70
- Figure 36 71
- Set Up Address Reservation 72
- Figure 37 73
- Manage Routing 75
- Configure Static Routes 76
- Figure 40 78
- Static Route Example 80
- Administrator Tips 82
- Services-Based Rules 83
- Order of Precedence for Rules 90
- Set LAN WAN Rules 91
- Figure 42 92
- Figure 43 93
- Figure 44 94
- Set DMZ WAN Rules 95
- Figure 46 96
- Figure 47 97
- Set LAN DMZ Rules 98
- Figure 49 99
- Figure 50 100
- Inbound Rules Examples 101
- Figure 52 102
- Figure 53 103
- Firewall Protection 104
- Outbound Rules Example 105
- Attack Checks 106
- Figure 56 107
- Set Session Limits 109
- To enable ALG for SIP: 111
- Figure 58 111
- Add Customized Services 112
- To edit a service: 113
- Figure 60 113
- Create IP Groups 114
- Figure 62 115
- To edit an IP group: 115
- To delete an IP group: 115
- To create a QoS profile: 116
- Figure 63 117
- Figure 64 117
- Create Bandwidth Profiles 118
- Figure 65 119
- Figure 66 120
- To set a schedule: 121
- Figure 67 122
- Content Filtering 123
- Figure 68 125
- Enable Source MAC Filtering 126
- Figure 69 127
- Set Up IP/MAC Bindings 128
- Figure 70 129
- Configure Port Triggering 130
- Figure 71 131
- Figure 72 132
- Figure 73 133
- Virtual Private Networking 134
- Using IPSec Connections 134
- Configurations 136
- Figure 77 137
- Figure 78 138
- Figure 79 139
- Figure 80 140
- Figure 81 140
- Figure 82 141
- Figure 83 143
- Figure 84 144
- Figure 85 145
- Figure 86 145
- Figure 87 146
- Figure 88 146
- Figure 89 148
- Figure 90 149
- Figure 91 149
- Figure 92 150
- Figure 93 151
- Figure 94 153
- Figure 95 154
- Information 155
- Figure 97 156
- Figure 98 156
- Figure 99 156
- Figure 100 156
- Figure 101 157
- Figure 102 157
- To view the IPSec VPN logs: 158
- Logs screen in view.: 158
- Manage IPSec VPN Policies 159
- IKE Policies Screen 160
- Figure 105 161
- Configure VPN Policies 165
- VPN Policies Screen 166
- To manually add a VPN policy: 168
- Figure 106 on page 166) 168
- To edit a VPN policy: 172
- User Database Configuration 174
- RADIUS Client Configuration 174
- Figure 108 175
- Mode Config Operation 176
- Figure 109 177
- Figure 110 178
- Figure 111 180
- Operation 183
- Figure 112 184
- Figure 114 185
- Figure 113 185
- Figure 115 186
- Figure 116 188
- Figure 117 189
- Figure 118 190
- Figure 119 190
- Figure 120 191
- Configure Keep-alives 192
- Configure Dead Peer Detection 193
- Figure 123 195
- Using SSL Connections 196
- Create the Portal Layout 198
- Figure 124 199
- Figure 125 200
- To edit a portal layout: 201
- Add Servers and Port Numbers 202
- Figure 126 203
- Add a New Host Name 204
- Configure the SSL VPN Client 205
- Figure 127 206
- VPN tunnel clients 207
- Setting Description 207
- Add New Network Resources 208
- To edit a resource: 209
- Figure 129 209
- View Policies 211
- Add a Policy 212
- Figure 131 213
- To edit an SSL VPN policy: 216
- Figure 132 217
- Figure 133 217
- Figure 134 218
- To view the SSL VPN Logs: 218
- Figure 135 218
- Certificates 219
- To create a domain: 220
- Figure 136 221
- Figure 137 221
- Edit Domains 223
- Create and Delete Groups 224
- Figure 138 225
- Edit Groups 226
- Configure User Accounts 227
- Figure 141 228
- Set User Login Policies 229
- Figure 143 230
- Figure 144 232
- To modify user settings: 233
- Figure 145 233
- Manage Digital Certificates 234
- Certificates Screen 235
- Manage CA Certificates 236
- Figure 147 237
- Figure 149 239
- To delete one or more SCRs: 240
- To delete one or more CRLs: 241
- Network and System Management 242
- Features That Reduce Traffic 243
- Source MAC Filtering 245
- Port Triggering 246
- DMZ Port 247
- Exposed Hosts 247
- VPN Tunnels 247
- Assign QoS Profiles 247
- System Management 248
- Figure 151 249
- Figure 152 249
- Figure 153 251
- Manage the SNMP Configuration 254
- Figure 155 255
- Manage the Configuration File 256
- Back Up Settings 257
- Restore Settings 258
- Figure 158 260
- Monitoring System Access and 263
- Performance 263
- Figure 159 264
- Enable the LAN Traffic Meter 266
- Figure 161 267
- Figure 162 267
- Figure 163 269
- Figure 164 270
- View Status and Log Screens 274
- View the Router Status Screen 275
- Figure 166 276
- Figure 167 277
- View the VLAN Status 280
- Figure 168 281
- Figure 169 282
- Figure 170 282
- View the VPN Logs 283
- To view the SSL VPN log: 284
- Figure 174 285
- Figure 175 286
- View Attached Devices 287
- View the DHCP Log 288
- Use the Diagnostics Utilities 289
- Look Up a DNS Address 290
- Display the Routing Table 290
- Reboot the VPN Firewall 291
- Capture Packets 291
- Figure 180 292
- Basic Functioning 294
- LAN or WAN Port LEDs Not On 295
- Problems with Date and Time 300
- Specifications 302
- Inbound Traffic 311
- Figure 185 312
- Figure 186 312
- Virtual Private Networks 313
- Figure 188. f 314
- Figure 189 314
- Figure 190 315
- Figure 191 315
- VPN Gateway-to-Gateway 316
- Figure 194 317
- Figure 195 317
- Figure 196 318
- Figure 197 318
- Figure 198 319
- Figure 199 320
- Figure 200 320
- Figure 201 321
- Table 81. Log message terms 322
- System Log Messages 323
- Login/Logout 324
- System Startup 324
- Firewall Restart 325
- IPSec Restart 325
- WAN Status 326
- Auto-Rollover 327
- PPP Logs 328
- • PPTP Idle Timeout Logs 329
- Resolved DNS Names 330
- VPN Log Messages 330
- SSL VPN Logs 335
- Routing Logs 336
- LAN to DMZ Logs 337
- DMZ to WAN Logs 337
- WAN to LAN Logs 337
- DMZ to LAN Logs 337
- Other Event Logs 338
- DHCP Logs 339
- Two-Factor Authentication 341
- Figure 202 343
- Figure 203 343
- Figure 204 344
- Notification of Compliance 345
- Numerics 347
© 2020, manymanuals.com. All rights reserved. | 0.159 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals