Netgear UTM5 User Manual Page 243
- Page / 484
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Virtual Private Networking Using IPsec Connections 7-31
v1.0, January 2010
4. Click Apply to save your changes. The modified IKE policy is displayed in the List of IKE
Policies table.
Managing VPN Policies
You can create two types of VPN policies. When you use the VPN Wizard to create a VPN policy,
only the Auto method is available.
• Manual. You manually enter all settings (including the keys) for the VPN tunnel on the UTM
and on the remote VPN endpoint. No third party server or organization is involved.
• Auto. Some settings for the VPN tunnel are generated automatically by using the IKE
(Internet Key Exchange) protocol to perform negotiations between the two VPN endpoints
(the local ID endpoint and the remote ID endpoint). You still must manually enter all settings
on the remote VPN endpoint (unless the remote VPN endpoint also has a VPN Wizard).
In addition, a Certificate Authority (CA) can also be used to perform authentication (see
“Managing Digital Certificates” on page 9-17). To use a CA, each VPN gateway must have a
certificate from the CA. For each certificate, there is both a public key and a private key. The
public key is freely distributed, and is used by any sender to encrypt data intended for the receiver
(the key owner). The receiver then uses its private key to decrypt the data (without the private key,
decryption is impossible). The use of certificates for authentication reduces the amount of data
entry that is required on each VPN endpoint.
The VPN Policies Screen
The VPN Policies screen allows you to add additional policies—either Auto or Manual—and to
manage the VPN policies already created. You can edit policies, enable or disable policies, or
delete them entirely. The rules for VPN policy use are:
1. Traffic covered by a policy is automatically sent via a VPN tunnel.
2. When traffic is covered by two or more policies, the first matching policy is used. (In this
situation, the order of the policies is important. However, if you have only one policy for each
remote VPN endpoint, then the policy order is not important.)
3. The VPN tunnel is created according to the settings in the security association (SA).
4. The remote VPN endpoint must have a matching SA, otherwise it refuses the connection.
To access the VPN Policies screen:
1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE
Policies screen in view.
- ProSecure Unified Threat 1
- Management (UTM) 1
- Appliance Reference Manual 1
- Additional Copyrights 3
- Contents 7
- About This Manual 17
- How to Print This Manual 18
- Revision History 18
- Chapter 1 19
- Introduction 19
- Key Features and Capabilities 20
- Outbound Load Balancing 21
- A Powerful, True Firewall 22
- Security Features 23
- Extensive Protocol Support 24
- Maintenance and Support 25
- Model Comparison 25
- 1-8 Introduction 26
- Figure 1-1 26
- Package Contents 27
- Hardware Features 28
- Introduction 1-11 29
- Table 1-2. LED Descriptions 29
- Rear Panel 30
- Introduction 1-13 31
- Figure 1-4 31
- Figure 1-5 31
- 1-14 Introduction 32
- Figure 1-6 32
- Using the Rack-Mounting Kit 33
- 1-16 Introduction 34
- Chapter 2 35
- Your Network 35
- Logging In to the UTM 36
- Figure 2-1 37
- Figure 2-2 38
- Figure 2-4 40
- Figure 2-5 40
- Figure 2-6 41
- Figure 2-7 42
- Figure 2-8 45
- Figure 2-9 48
- Figure 2-10 50
- Figure 2-11 52
- Figure 2-12 53
- Figure 2-13 55
- Figure 2-15 58
- Verifying Proper Installation 60
- Figure 2-17 61
- What to Do Next 62
- Chapter 3 63
- Figure 3-1 65
- Figure 3-2 65
- Figure 3-3 66
- Setting the UTM’s MAC Address 67
- Figure 3-4 68
- Figure 3-5 68
- Models Only) 71
- WAN Mode screen displays 74
- Figure 3-9 77
- Figure 3-10 80
- Configuring Dynamic DNS 81
- Figure 3-11 82
- Figure 3-12: 83
- Figure 3-13 84
- Chapter 4 87
- LAN Configuration 87
- 4-2 LAN Configuration 88
- LAN Configuration 4-3 89
- Figure 4-1 89
- VLAN DHCP Options 90
- LAN Configuration 4-5 91
- Configuring a VLAN Profile 92
- LAN Configuration 4-7 93
- Figure 4-3 93
- 4-8 LAN Configuration 94
- LAN Configuration 4-9 95
- 4-10 LAN Configuration 96
- LAN Configuration 4-11 97
- Figure 4-4 97
- 4-12 LAN Configuration 98
- Managing the Network Database 99
- 4-14 LAN Configuration 100
- Figure 4-5 100
- LAN Configuration 4-15 101
- 4-16 LAN Configuration 102
- Figure 4-6 102
- Figure 4-7 103
- LAN Configuration 4-17 103
- 4-18 LAN Configuration 104
- LAN Configuration 4-19 105
- Figure 4-8 105
- 4-20 LAN Configuration 106
- Table 4-3. DMZ Setup Settings 106
- LAN Configuration 4-21 107
- Managing Routing 108
- Configuring Static Routes 109
- 4-24 LAN Configuration 110
- To enable and configure RIP: 111
- 4-26 LAN Configuration 112
- Static Route Example 113
- 4-28 LAN Configuration 114
- Chapter 5 115
- Firewall Protection 115
- Administrator Tips 116
- Services-Based Rules 117
- 5-4 Firewall Protection 118
- Firewall Protection 5-5 119
- 5-6 Firewall Protection 120
- Firewall Protection 5-7 121
- 5-8 Firewall Protection 122
- Firewall Protection 5-9 123
- 5-10 Firewall Protection 124
- Order of Precedence for Rules 125
- Setting LAN WAN Rules 126
- Firewall Protection 5-13 127
- 5-14 Firewall Protection 128
- Figure 5-3 128
- Setting DMZ WAN Rules 129
- 5-16 Firewall Protection 130
- Figure 5-5 130
- Firewall Protection 5-17 131
- Figure 5-6 131
- 5-18 Firewall Protection 132
- Figure 5-7 132
- Setting LAN DMZ Rules 133
- 5-20 Firewall Protection 134
- Figure 5-9 134
- Firewall Protection 5-21 135
- Figure 5-10 135
- Inbound Rules Examples 136
- Firewall Protection 5-23 137
- Figure 5-12 137
- 5-24 Firewall Protection 138
- Figure 5-13 138
- Firewall Protection 5-25 139
- Outbound Rules Example 140
- Attack Checks 141
- 5-28 Firewall Protection 142
- Figure 5-16 142
- Firewall Protection 5-29 143
- Setting Session Limits 144
- Firewall Protection 5-31 145
- Adding Customized Services 146
- Firewall Protection 5-33 147
- Figure 5-19 147
- 5-34 Firewall Protection 148
- Table 5-6. Services Settings 148
- Figure 5-20 148
- Firewall Protection 5-35 149
- 5-36 Firewall Protection 150
- Figure 5-21 150
- Figure 5-22 150
- Firewall Protection 5-37 151
- Creating Bandwidth Profiles 152
- Profile screen displays 153
- 5-40 Firewall Protection 154
- Firewall Protection 5-41 155
- Figure 5-25 155
- Enabling Source MAC Filtering 156
- Firewall Protection 5-43 157
- Figure 5-26 157
- Setting up IP/MAC Bindings 158
- Firewall Protection 5-45 159
- Figure 5-27 159
- Configuring Port Triggering 160
- Firewall Protection 5-47 161
- Figure 5-28 161
- 5-48 Firewall Protection 162
- Figure 5-29 162
- Firewall Protection 5-49 163
- Figure 5-30 163
- 5-50 Firewall Protection 164
- Firewall Protection 5-51 165
- Figure 5-31 165
- 5-52 Firewall Protection 166
- Chapter 6 167
- Configuring E-mail Protection 169
- Figure 6-1 170
- Figure 6-2 171
- E-mail Content Filtering 174
- Figure 6-3 175
- Figure 6-4 179
- Figure 6-5 181
- Figure 6-6 183
- Figure 6-7 186
- Configuring Web Malware Scans 187
- Figure 6-8 188
- Configuring Web URL Filtering 196
- Figure 6-12 197
- HTTPS Scan Settings 200
- Figure 6-14 201
- Figure 6-15 202
- Specifying Trusted Hosts 203
- Figure 6-16 204
- Configuring FTP Scans 205
- Figure 6-17 206
- Table 6-12. FTP Scan Settings 206
- Figure 6-18 208
- Figure 6-19 208
- Setting Scanning Exclusions 210
- Figure 6-20 211
- Chapter 7 213
- Virtual Private Networking 213
- Using IPsec Connections 213
- Configurations 215
- Figure 7-3 216
- Figure 7-4 217
- Figure 7-5 218
- Figure 7-6 220
- Figure 7-7 220
- Figure 7-8 221
- Figure 7-9 222
- Figure 7-10 224
- Figure 7-11 225
- Figure 7-12 225
- Editor menu 226
- Figure 7-13 227
- Testing the VPN Connection 229
- Figure 7-15 230
- Figure 7-16 231
- Figure 7-17 231
- Figure 7-18 232
- Viewing the UTM IPsec VPN Log 233
- Managing IPsec VPN Policies 234
- Managing IKE Policies 235
- Figure 7-20 236
- Figure 7-21 238
- Managing VPN Policies 243
- Figure 7-22 244
- Figure 7-23 246
- User Database Configuration 252
- RADIUS Client Configuration 252
- Figure 7-24 253
- Mode Config Operation 255
- Figure 7-25 256
- Figure 7-26 257
- UTM’s default LAN subnet is 258
- Figure 7-27 259
- Figure 7-28 263
- Figure 7-29 265
- Configuring Keepalives 268
- Figure 7-32 270
- Figure 7-33 271
- Chapter 8 273
- Using SSL Connections 273
- Figure 8-1 274
- Figure 8-2 275
- Figure 8-4 279
- Figure 8-5 281
- Settings 282
- Figure 8-6 283
- Figure 8-7 285
- Figure 8-8 287
- Figure 8-9 287
- Viewing the UTM SSL VPN Log 288
- Figure 8-11 289
- Creating the Portal Layout 290
- Figure 8-12 291
- Figure 8-13 292
- Figure 8-14 295
- Figure 8-15 298
- Figure 8-16 301
- Figure 8-18 305
- Chapter 9 311
- Configuring Domains 312
- Figure 9-1 313
- Figure 9-2 314
- Figure 9-3 317
- Configuring User Accounts 319
- Figure 9-5 320
- Figure 9-6 321
- Table 9-4. Add User Settings 321
- Setting User Login Policies 322
- Figure 9-8 323
- Figure 9-9 325
- Figure 9-10 326
- Managing Digital Certificates 327
- Managing CA Certificates 329
- Managing Self Certificates 330
- Figure 9-12 331
- Table 9-7 332
- Requests table 333
- Figure 9-14 334
- Chapter 10 337
- Network and System Management 337
- Features That Reduce Traffic 338
- System Management 345
- Figure 10-1 346
- Figure 10-2 346
- Figure 10-3 348
- Using an SNMP Manager 350
- Table 10-1. SNMP Settings 351
- Figure 10-5 352
- Updating the Firmware 354
- Figure 10-6 355
- Figure 10-7 358
- Figure 10-8 360
- Chapter 11 363
- Figure 11-1 364
- Figure 11-2 366
- Figure 11-3 367
- Figure 11-4 369
- Figure 11-5 373
- Table 11-4. Alerts Settings 373
- Figure 11-6 375
- Information 378
- Viewing Status Screens 382
- Port section 384
- Viewing Active VPN Users 386
- Figure 11-14 387
- Figure 11-15 388
- Figure 11-16 388
- Viewing the WAN Ports Status 389
- Figure 11-18 390
- Figure 11-19 390
- Status Informations 391
- Figure 11-20 392
- Figure 11-21 392
- Querying the Logs 394
- Figure 11-23 396
- Figure 11-24 403
- Figure 11-25 404
- Using Diagnostics Utilities 405
- Chapter 12 411
- Basic Functioning 412
- LAN or WAN Port LEDs Not On 413
- Figure 12-1 419
- Problems with Date and Time 420
- Using Online Support 420
- Figure 12-2 421
- Figure 12-3 422
- Appendix A 423
- Appendix B 427
- (Dual-WAN Port Models Only) 427
- Figure B-2 432
- Inbound Traffic 433
- Figure B-4 434
- Figure B-5 434
- Figure B-6 435
- Figure B-7 436
- Figure B-8 436
- Figure B-9 437
- Figure B-10 438
- Figure B-11 438
- VPN Gateway-to-Gateway 439
- Figure B-13 440
- Figure B-14 440
- Figure B-15 441
- Figure B-16 441
- Figure B-17 442
- Figure B-18 443
- Figure B-19 443
- Figure B-20 444
- Appendix C 445
- System Log Messages 446
- Service Logs 447
- Login/Logout 448
- Firewall Restart 448
- IPsec Restart 448
- WAN Status 449
- Load-Balancing Mode 450
- PPP Logs 451
- • PPPoE Idle-Timeout Logs 451
- • PPTP Idle-Timeout Logs 452
- • PPP Authentication Logs 452
- Traffic Metering Logs 453
- Unicast Logs 453
- Invalid Packet Logging 454
- Spam Logs 457
- Traffic Logs 458
- Virus Logs 458
- E-mail Filter Logs 458
- IPS Logs 459
- Port Scan Logs 459
- Routing Logs 460
- WAN to LAN Logs 461
- DMZ to LAN Logs 461
- WAN to DMZ Logs 461
- Appendix D 463
- Two Factor Authentication 463
- D-2 Two Factor Authentication 464
- Two Factor Authentication D-3 465
- Figure D-1 465
- Figure D-2 465
- D-4 Two Factor Authentication 466
- Figure D-3 466
- Appendix E 467
- Related Documents 467
- E-2 Related Documents 468
- Numerics 469
- Index-10 478
- Index-11 479
- Index-12 480
- Index-13 481
- Index-14 482
- Index-15 483
- Index-16 484
Related products and manuals for Routers Netgear UTM5
Routers Netgear R7000-100PAS Datasheet
(6 pages)
(6 pages)
Routers Netgear R6250-100GRS Datasheet
(5 pages)
(5 pages)
Routers Netgear WNDRMAC-100NAS Datasheet
(2 pages)
(2 pages)
Routers Netgear RP114 Datasheet
(154 pages)
(154 pages)
Routers Netgear FVS124GNA Datasheet
(2 pages)
(2 pages)
Routers Netgear AC750 User Manual
(159 pages)
(159 pages)
Routers Netgear R6220 User Manual
(160 pages)
(160 pages)
Routers Netgear D6100 User Manual
(221 pages)
(221 pages)
Routers Netgear MR814FS Datasheet
(2 pages)
(2 pages)
Routers Netgear D3600-100UKS User Manual
(202 pages)
(202 pages)
Routers Netgear WNR2000-200UKS User Manual
(113 pages)
(113 pages)
Routers Netgear EX7000 User Manual
(76 pages)
(76 pages)
Routers Netgear AC1600 User Manual
(292 pages)
(292 pages)
Routers Netgear D500 Installation Guide
(2 pages)
(2 pages)
Routers Netgear D7000 User Manual
(22 pages)
(22 pages)
Routers Netgear R8000 User Manual
(174 pages)
(174 pages)
Routers Netgear WGT624FS Datasheet
(2 pages)
(2 pages)
Routers Netgear R6100 User Manual
(122 pages)
(122 pages)
Routers Netgear EX6200 User Manual
(124 pages)
(124 pages)
© 2020, manymanuals.com. All rights reserved. | 0.244 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals