Netgear FVS114 User Manual Page 90
- Page / 212
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Reference Manual for the ProSafe VPN Firewall FVS114
6-2 Advanced Virtual Private Networking
202-10098-01, April 2005
Using Policies to Manage VPN Traffic
You create policy definitions to manage VPN traffic on the FVS114. There are two kinds of
policies:
• IKE Policies: Define the authentication scheme and automatically generate the encryption
keys. As an alternative option, to further automate the process, you can create an IKE policy
that uses a trusted certificate authority to provide the authentication while the IKE policy still
handles the encryption.
• VPN Policies: Apply the IKE policy to specific traffic that requires a VPN tunnel. Or, you can
create a VPN policy that does not use an IKE policy but in which you manually enter all the
authentication and key parameters.
Since VPN policies use IKE policies, you define the IKE policy first. The FVS114 also allows you
to manually input the authentication scheme and encryption key values. In the case of manual key
management there will not be any IKE policies.
In order to establish secure communication over the Internet with the remote site you need to
configure matching VPN policies on both the local and remote FVS114 VPN Firewalls. The
outbound VPN policy on one end must match to the inbound VPN policy on other end, and vice
versa.
When the network traffic enters into the FVS114 from the LAN network interface, if there is no
VPN policy found for a type of network traffic, then that traffic passes through without any
change. However, if the traffic is selected by a VPN policy, then the IPSec authentication and
encryption rules are applied to it as defined in the VPN policy.
By default, a new VPN policy is added with the least priority, that is, at the end of the VPN policy
table.
Using Automatic Key Management
The most common configuration scenarios will use IKE policies to automatically manage the
authentication and encryption keys. Based on the IKE policy, some parameters for the VPN tunnel
are generated automatically. The IKE protocols perform negotiations between the two VPN
endpoints to automatically generate required parameters.
Some organizations will use an IKE policy with a Certificate Authority (CA) to perform
authentication. Typically, CA authentication is used in large organizations that maintain their own
internal CA server. This requires that each VPN gateway have a certificate from the CA. Using
CAs reduces the amount of data entry required on each VPN endpoint.
- Reference Manual for the 1
- ProSafe VPN Firewall 1
- Contents 5
- Chapter 1 13
- About This Manual 13
- How to Use This Manual 14
- How to Print this Manual 15
- 1-4 About This Manual 16
- Chapter 2 17
- Introduction 17
- Security 18
- Extensive Protocol Support 19
- Maintenance and Support 20
- Package Contents 21
- The FVS114 Rear Panel 22
- NETGEAR-Related Products 23
- Documentation 23
- 2-8 Introduction 24
- Chapter 3 25
- Internet 26
- VPN Firewall 27
- Computer 27
- Troubleshooting Tips 30
- VPN firewall router 31
- Using the Smart Setup Wizard 34
- Chapter 4 39
- Firewall Protection and 39
- Content Filtering 39
- Block Sites 40
- Figure 4-2: Rules menu 42
- Order of Precedence for Rules 48
- Services 49
- Figure 4-9: Schedule page 51
- Time Zone 52
- Figure 4-10: E-mail menu 53
- Figure 4-11: Logs menu 55
- Table 4-2. Log action buttons 56
- Chapter 5 57
- VPN Tunnel 58
- Remote PC 65
- 22.23.24.25 would be used 67
- Figure 5-25: Remote IP 78
- VPN Tunnel Control 82
- and then click OK 84
- Deactivating a VPN Tunnel 86
- Deleting a VPN Tunnel 88
- Chapter 6 89
- 202-10098-01, April 2005 100
- VPN Consortium Scenario 1: 103
- How to Check VPN Connections 109
- Chapter 7 117
- Maintenance 117
- 7-2 Maintenance 118
- Maintenance 7-5 121
- Configuration File Management 122
- Backing Up the Configuration 123
- Restoring the Configuration 123
- Erasing the Configuration 123
- Diagnostics 124
- Maintenance 7-9 125
- Figure 7-8: Diagnostics menu 125
- 7-10 Maintenance 126
- Chapter 8 127
- Advanced Configuration 127
- Default DMZ Server 128
- How to Configure Dynamic DNS 129
- Advanced Configuration 8-5 131
- 8-6 Advanced Configuration 132
- Using Address Reservation 133
- Configuring Static Routes 134
- Static Route Example 136
- 8-12 Advanced Configuration 138
- Advanced Configuration 8-13 139
- Figure 8-8: UPnP menu 139
- UPnP devices 140
- Chapter 9 141
- Troubleshooting 141
- LEDs Never Turn Off 142
- Troubleshooting 9-3 143
- 9-6 Troubleshooting 146
- Problems with Date and Time 147
- 9-8 Troubleshooting 148
- Appendix A 149
- Technical Specifications 149
- VCCI Class B 150
- EN 55 022 (CISPR 22), Class B 150
- Appendix B 151
- IP Addresses and the Internet 152
- Subnet Addressing 155
- Table B-2. Netmask formats 156
- Private IP Addresses 157
- Related Documents 159
- Domain Name Server 159
- IP Configuration by DHCP 160
- Ethernet Cabling 161
- Category 5 Cable Quality 162
- Inside Twisted Pair Cables 163
- Appendix C 167
- Virtual Private Networking 167
- IPSec Security Features 168
- IPSec Components 168
- Authentication Header (AH) 170
- IKE Security Association 170
- Key Management 172
- VPN Process Overview 173
- VPN Tunnel Between Gateways 174
- VPN Tunnel Negotiation Steps 175
- VPNC IKE Security Parameters 176
- Testing and Troubleshooting 177
- Additional Reading 177
- Appendix D 179
- Preparing Your Network 179
- D-2 Preparing Your Network 180
- Preparing Your Network D-5 183
- Verifying TCP/IP Properties 184
- Preparing Your Network D-7 185
- 8. Then, restart your PC 186
- Preparing Your Network D-9 187
- D-10 Preparing Your Network 188
- Preparing Your Network D-11 189
- D-12 Preparing Your Network 190
- Preparing Your Network D-13 191
- Properties button 192
- 3. Type ipconfig /all 193
- MacOS 8.6 or 9.x 194
- 4. Click Save 195
- Are Login Protocols Used? 196
- 4. Select the IP Address tab 197
- 5. Select the Gateway tab 197
- Computers 198
- Restarting the Network 199
- D-22 Preparing Your Network 200
- Glossary 201
- 12 Glossary 212
Related products and manuals for Routers Netgear FVS114
Routers Netgear GA511 User's Guide
(44 pages)
(44 pages)
Routers Netgear DGND4000 User Manual
(160 pages)
(160 pages)
Routers Netgear WGR826V User Manual
(164 pages)
(164 pages)
Routers Netgear DM602 User Manual
(66 pages)
(66 pages)
Routers Netgear 802.11n User Manual
(26 pages)
(26 pages)
Routers Netgear DG834GV User Manual
(34 pages)
(34 pages)
Routers Netgear RP614 User Manual
(107 pages)
(107 pages)
Routers Netgear 762S User's Guide
(78 pages)
(78 pages)
Routers Netgear FVS318v3 User Manual
(242 pages)
(242 pages)
Routers Netgear WNR2000v3 User Manual
(42 pages)
(42 pages)
Routers Netgear RP614 v4 User Manual
(68 pages)
(68 pages)
Routers Netgear WN2000RPTv1 User's Guide
(31 pages)
(31 pages)
Routers Netgear N750 User Manual
(104 pages)
(104 pages)
Routers Netgear WNDR3400 User Manual
(48 pages)
(48 pages)
Routers Netgear JNR1010 User Manual
(103 pages)
(103 pages)
Routers Netgear KWGR614 User Manual
(14 pages)
(14 pages)
Routers Netgear DGND3300 User Manual
(177 pages)
(177 pages)
Routers Netgear MR814 v3 User Manual
(162 pages)
(162 pages)
Routers Netgear 8-Port User Manual
(3 pages)
(3 pages)
Routers Netgear WGT624v4 User Manual
(26 pages)
(26 pages)
© 2020, manymanuals.com. All rights reserved. | 0.071 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals