Netgear SRX5308 User Manual Page 314
- Page / 460
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
Manage Users, Authentication, and VPN Certificates
314
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
both the IPSec VPN certificate repository and the SSL VPN certificate repository. However, if
the defined purpose is for IPSec VPN only, the certificate is uploaded only to the IPSec VPN
certificate repository.
The VPN firewall uses digital certificates to au
thenticate connecting VPN gateways or clients,
and to be authenticated by remote entities. A digital certificate that authenticates a server, for
example, is a file that contains the following elements:
• A public
encryption key to be used by clients for encrypting messages to the server.
• Information id
entifying the operator of the server.
• A dig
ital signature confirming the identity of the operator of the server. Ideally, the
signature is from a trusted third party whose identity can be verified.
You can obtain a digital certificate from a well-kno
wn commercial certification authority (CA)
such as Verisign or Thawte, or you can generate and sign your own digital certificate.
Because a commercial CA takes steps to verify the identity of an applicant, a digital certificate
from a commercial CA provides a strong assurance of the server’s identity. A self-signed
digital certificate triggers a warning from most browsers because it provides no protection
against identity theft of the server.
The VPN firewall contains a self-signed digital cert
ificate from NETGEAR. This certificate can
be downloaded from the VPN firewall login screen for browser import. However, NETGEAR
recommends that you replace this digital certificate with a digital certificate from a well-known
commercial CA prior to deploying the VPN firewall in your network.
VPN Certificates Screen
To display the Certificates screen, select VPN > Certificates. Because of the large size of
this screen, and because of the way the information is presented, the Certificates screen is
divided and presented in this manual in three figures (Figure 208 on
page 315, Figure 210 on
page 317, and Figure 212 o
n page 320).
The Certificates screen lets you view the currently loade
d digital certificates, upload a new
digital certificate, and generate a certificate signing request (CSR). The VPN firewall typically
holds two types of digital certificates:
• CA
certificates. Each CA issues its own digital certificate to validate communication with
the CA and to verify the validity of digital certificates that are signed by the CA.
• Self-sign
ed certificates. The digital certificates that are issued to you by a CA to identify
your device.
The Certificates screen contains four tables that a
re explained in detail in the following
sections:
• T
rusted Certificates (CA Certificate) table. Contains the trusted digital certificates that
were issued by CAs and that you uploaded (see Manage VPN CA Certificates on this
page).
• Active Sel
f Certificates table. Contains the self-signed certificates that were issued by
CAs and that you uploaded (see Manage VPN Self-Signed Certificates on p
age 316).
- ProSafe Gigabit Quad WAN 1
- SSL VPN Firewall SRX5308 1
- Technical Support 2
- Trademarks 2
- Statement of Conditions 2
- Revision History 2
- Contents 4
- Chapter 3 LAN Configuration 5
- Chapter 10 Troubleshooting 8
- Introduction 11
- Key Features and Capabilities 12
- Security Features 14
- Extensive Protocol Support 15
- Package Contents 16
- Hardware Features 17
- Table 1. LED descriptions 18
- Rear Panel 19
- Use the Rack-Mounting Kit 20
- Log In to the VPN Firewall 21
- Figure 6 22
- Figure 8 24
- Figure 9 24
- Complete these tasks: 27
- Configure the IPv4 WAN Mode 28
- Classical Routing 29
- Figure 11 30
- Figure 12 31
- Figure 13 33
- Figure 14 33
- Figure 15 34
- Figure 16 35
- Figure 17 36
- Figure 18 37
- Figure 19 38
- Figure 20 40
- Figure 21 41
- Figure 22 42
- To edit a protocol binding: 43
- Figure 23 44
- Configure Dynamic DNS 48
- To configure DDNS: 49
- Figure 25 50
- Figure 26 50
- Figure 27 53
- Connection 54
- Figure 29 55
- Figure 30 56
- Figure 31 57
- Figure 32 58
- Figure 33 59
- Figure 34 60
- Figure 35 61
- Figure 36 64
- Figure 37 65
- Figure 38 65
- To edit an ISATAP tunnel: 66
- Figure 39 66
- To configure SIIT: 67
- Figure 40 67
- Figure 41 68
- Figure 42 68
- Figure 43 69
- WARNING: 71
- SMTP might restart 71
- Configure WAN QoS Profiles 72
- Figure 44 73
- Figure 45 74
- Figure 46 76
- What to Do Next 78
- Port-Based VLANs 80
- Figure 47 81
- VLAN DHCP Options 82
- Configure a VLAN Profile 83
- Figure 48 84
- Figure 49 84
- To edit a VLAN profile: 88
- Figure 51 90
- Manage the Network Database 92
- Figure 52 93
- Figure 53 95
- Figure 54 96
- Manage the IPv6 LAN 97
- DHCPv6 Server Options 98
- Configure the IPv6 LAN 99
- LAN Configuration 100
- IPv6 LAN Address Pools 101
- Figure 56 102
- To add an IPv6 prefix: 103
- Figure 57 103
- To edit a prefix: 103
- Figure 58 105
- Figure 59 107
- Default VLAN 108
- DMZ Port for IPv4 Traffic 110
- Figure 61 111
- DMZ Port for IPv6 Traffic 113
- Figure 62 114
- IPv6 DMZ Address Pools 116
- Figure 64 119
- Figure 65 121
- Manage Static IPv4 Routing 122
- Figure 66 123
- Figure 67 123
- Figure 68 125
- Manage Static IPv6 Routing 127
- Figure 69 128
- Figure 70 128
- Firewall Protection 130
- Administrator Tips 131
- Order of Precedence for Rules 139
- Configure LAN WAN Rules 140
- Figure 72 141
- Figure 73 142
- IPv4 LAN WAN Outbound Rules 143
- IPv6 LAN WAN Outbound Rules 144
- Figure 76 145
- IPv6 LAN WAN Inbound Rules 146
- Configure DMZ WAN Rules 147
- Figure 78 148
- Figure 79 149
- Figure 80 150
- Figure 81 151
- Figure 82 152
- Configure LAN DMZ Rules 153
- Figure 84 154
- Figure 85 155
- Figure 86 156
- Figure 87 157
- Figure 88 158
- Examples of Firewall Rules 159
- Addresses 160
- Figure 91 161
- Figure 92 162
- Figure 93 163
- Single LAN User 164
- Site on the Internet 165
- Attack Checks 166
- IPv6 Attack Checks 168
- Set Limits for IPv4 Sessions 169
- 4. Click Apply 170
- to save your settings 170
- To enable ALG for SIP: 171
- Figure 100 171
- Add Customized Services 172
- Figure 101 173
- To edit a service: 173
- Create IP Groups 174
- Figure 104 175
- To edit an IP group: 175
- Create Bandwidth Profiles 176
- Profile screen displays: 177
- To create a QoS profile: 179
- Figure 107 179
- 4. Click Appl 180
- Configure Content Filtering 181
- Figure 109 183
- To set a schedule: 185
- Figure 110 185
- Enable Source MAC Filtering 186
- Set Up IP/MAC Bindings 187
- IPv4/MAC Bindings 188
- To edit an IP/MAC binding: 189
- Figure 113 189
- IPv6/MAC Bindings 190
- Figure 115 191
- Configure Port Triggering 192
- Figure 116 193
- Figure 117 194
- To configure UPnP: 194
- Figure 118 194
- Virtual Private Networking 196
- Configurations 198
- Figure 122 199
- Figure 123 200
- Figure 124 202
- Figure 125 202
- Figure 126 203
- Figure 127 203
- Figure 128 204
- Figure 129 205
- Figure 130 206
- Figure 131 206
- Figure 132 207
- Figure 133 209
- Figure 134 210
- Figure 135 211
- Figure 136 211
- Figure 137 212
- Figure 138 212
- Figure 139 214
- Figure 140 215
- Figure 141 215
- Figure 142 216
- 6. Click the Advan 217
- Figure 144 219
- Figure 145 220
- Information 221
- Figure 147 222
- Figure 148 222
- Figure 149 222
- Figure 150 222
- Figure 151 223
- Figure 152 223
- To display the IPSec VPN log: 224
- Manage IPSec VPN Policies 225
- Figure 154 226
- Figure 155 227
- Manage VPN Policies 231
- VPN Policies Screen 232
- To edit a VPN policy: 239
- User Database Configuration 241
- Figure 159 242
- Mode Config Operation 244
- Figure 160 245
- Figure 161 245
- Table 53 on page 228 248
- Figure 163 252
- Figure 164 252
- Figure 165 253
- 6. Click the 254
- Figure 167 256
- Figure 168 257
- Figure 169 258
- Figure 170 258
- Figure 171 259
- Configure Keep-Alives 260
- Configure Dead Peer Detection 261
- Figure 173 262
- Configure the PPTP Server 263
- View the Active PPTP Users 264
- Configure the L2TP Server 265
- View the Active L2TP Users 266
- Using SSL Connections 268
- Create the Portal Layout 270
- Figure 181 272
- To edit a portal layout: 274
- Add Servers and Port Numbers 275
- Add a New Host Name 276
- Configure the SSL VPN Client 277
- Add New Network Resources 281
- Figure 185 282
- To edit network resources: 282
- Figure 186 283
- View Policies 285
- To add an SSL VPN policy: 286
- To edit an SSL VPN policy: 289
- Figure 192 291
- Figure 193 291
- Figure 194 292
- Figure 195 293
- To display the SSL VPN log: 293
- Figure 196 293
- VPN Certificates 294
- VPN firewall 295
- Configure Domains 296
- Figure 198 297
- Configure Groups 300
- Create Groups 301
- Edit Groups 302
- Configure User Accounts 303
- Figure 201 304
- Figure 202 304
- Set User Login Policies 306
- Figure 204 307
- Figure 205 309
- Figure 206 310
- Figure 207 312
- VPN Certificates Screen 314
- Manage VPN CA Certificates 315
- Figure 209 316
- Figure 211 318
- To delete one or more SCRs: 319
- To delete one or more CRLs: 320
- Network and System Management 321
- Features That Reduce Traffic 322
- Content Filtering 324
- Source MAC Filtering 324
- Port Triggering 326
- DMZ Port 326
- Exposed Hosts 327
- VPN, L2TP, and PPTP Tunnels 327
- Set QoS Priorities 327
- Assign Bandwidth Profiles 327
- System Management 328
- Figure 213 329
- Figure 214 329
- About Remote Access 333
- To access the CLI: 334
- Figure 217 335
- Figure 218 336
- Figure 219 337
- Figure 220 338
- Manage the Configuration File 339
- Back Up Settings 340
- Restore Settings 340
- Upgrade the Firmware 342
- Figure 222 344
- Figure 223 348
- Figure 224 350
- Figure 225 350
- Figure 226 351
- Figure 227 351
- Figure 228 353
- Figure 229 354
- Figure 230 358
- Figure 231 358
- Configure Gateway 1 at Site 1 359
- Configure Gateway 2 at Site 2 360
- View Status Screens 361
- Router Status Screen 362
- Router Statistics Screen 364
- Detailed Status Screen 365
- VLAN Status Screen 368
- Tunnel Status Screen 369
- Figure 237 370
- Figure 238 371
- Figure 239 371
- View the VPN Logs 372
- Figure 242 373
- Figure 243 373
- View the WAN Port Status 374
- Figure 245 375
- Figure 246 375
- IPv6 WAN Port Status 376
- Figure 248 377
- View the Attached Devices 378
- View the DHCP Log 379
- Diagnostics Utilities 380
- Send a Ping Packet 381
- Trace a Route 381
- Look Up a DNS Address 382
- Display the Routing Tables 382
- Capture Packets in Real Time 382
- Figure 253 383
- To reboot the VPN firewall: 383
- Troubleshooting 384
- Basic Functioning 385
- LAN or WAN Port LEDs Not On 386
- Figure 254 390
- Figure 255 391
- Figure 256 391
- Figure 257 394
- Specifications 396
- Ports (IPv4 Only) 404
- Figure 259 408
- Inbound Traffic 409
- Figure 261 410
- Figure 262 410
- Virtual Private Networks 411
- Figure 264 412
- Figure 265 412
- Figure 266 413
- Figure 267 413
- Figure 268 414
- Figure 269 414
- VPN Gateway-to-Gateway 415
- Figure 271 416
- Figure 272 416
- Figure 273 417
- Figure 274 417
- Figure 275 418
- Figure 276 418
- Figure 277 419
- 0.140254 sec 421
- Login/Logout 422
- System Startup 422
- Firewall Restart 423
- IPSec Restart 423
- WAN Status 424
- Auto-Rollover 425
- PPP Logs 426
- • PPTP Idle Timeout Logs 427
- Resolved DNS Names 428
- VPN Log Messages 428
- SSL VPN Logs 433
- Routing Logs 434
- LAN to WAN Logs 435
- LAN to DMZ Logs 435
- DMZ to WAN Logs 435
- WAN to LAN Logs 435
- Other Event Logs 436
- DHCP Logs 437
- Table 142. DHCP logs 438
- Two-Factor Authentication 439
- Figure 278 441
- Figure 279 441
- Figure 280 442
- NETGEAR Wired Products 443
- Additional Copyrights 445
- Numerics 447
Related products and manuals for Routers Netgear SRX5308
Routers Netgear FVL328 User Manual
(9 pages)
(9 pages)
Routers Netgear WN1000RP Installation Guide
(20 pages)
(20 pages)
Routers Netgear RP614v4 User Manual
(68 pages)
(68 pages)
Routers Netgear WG111v3 User's Guide
(54 pages)
(54 pages)
Routers Netgear DG834GV v2 User Manual
(106 pages)
(106 pages)
Routers Netgear LG2200D User's Guide
(135 pages)
(135 pages)
Routers Netgear WG511v2 User Manual
(56 pages)
(56 pages)
Routers Netgear RANGEMAX WNDR3300 User Manual
(134 pages)
(134 pages)
Routers Netgear N300 User Manual
(142 pages)
(142 pages)
Routers Netgear WGM124 User Manual
(105 pages)
(105 pages)
Routers Netgear CG814WG V3 User Manual
(64 pages)
(64 pages)
Routers Netgear DM602 User Manual
(66 pages)
(66 pages)
Routers Netgear FVG318 User Manual
(176 pages)
(176 pages)
Routers Netgear 790S User's Guide
(106 pages)
(106 pages)
Routers Netgear WPN311 User Manual
(87 pages)
(87 pages)
Routers Netgear STM150 User Manual
(704 pages)
(704 pages)
Routers Netgear WNR2000 User Manual
(134 pages)
(134 pages)
© 2020, manymanuals.com. All rights reserved. | 0.437 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals