Presentation is loading. Please wait.

Presentation is loading. Please wait.

NETGEAR CONFIDENTIAL FVX538 ProSafe VPN Firewall 200.

Published byAron Simon Modified over 9 years ago

Similar presentations

Presentation on theme: "NETGEAR CONFIDENTIAL FVX538 ProSafe VPN Firewall 200."— Presentation transcript:

1 NETGEAR CONFIDENTIAL FVX538 ProSafe VPN Firewall 200

2 NETGEAR CONFIDENTIAL Main Features 8 10/100 ports and 1 gigabit LAN port. One console port. SNMP support (optimized for NMS100) – SNMPv2. QoS traffic prioritization. Hardware DMZ. Security co-processor for optimized throughput performance, 90+ Mbps WAN-LAN and up to 100 Mbps 3DES throughput. SPI Firewall and multi-NAT. Support 200 VPN tunnels. Includes VPN client software with 5-users license. Rack-mountable. Future upgradability to SSL VPN, IDS, Anti-virus, anti-spam and anti-spyware security measures.

3 NETGEAR CONFIDENTIAL ProSafe Firewalls Comparison

4 NETGEAR CONFIDENTIAL Front Panel

5 NETGEAR CONFIDENTIAL Rear Panel

6 NETGEAR CONFIDENTIAL Bottom Label

7 NETGEAR CONFIDENTIAL Console - CLI

8 NETGEAR CONFIDENTIAL GUI

9 NETGEAR CONFIDENTIAL http://192.168.1.1 Username: admin Password: password

10 NETGEAR CONFIDENTIAL WAN Setup – WAN 1 ISP

11 NETGEAR CONFIDENTIAL Setup Wizard

12 NETGEAR CONFIDENTIAL WAN Status

13 NETGEAR CONFIDENTIAL WAN Setup – WAN 2 ISP

14 NETGEAR CONFIDENTIAL WAN Setup - Mode

15 NETGEAR CONFIDENTIAL WAN Setup – Protocol Binding

16 NETGEAR CONFIDENTIAL WAN Setup - Options 28Kbps to 100Mbps

17 NETGEAR CONFIDENTIAL WAN Setup – Dynamic DNS

18 NETGEAR CONFIDENTIAL WAN Setup – Traffic Meter

19 NETGEAR CONFIDENTIAL WAN Setup – Traffic Meter Statistic by Protocol

20 NETGEAR CONFIDENTIAL Security – Groups and Hosts

21 NETGEAR CONFIDENTIAL Security – Groups and Hosts Add

22 NETGEAR CONFIDENTIAL Security – Groups and Hosts Edit Group Names

23 NETGEAR CONFIDENTIAL Security – Source MAC Filter

24 NETGEAR CONFIDENTIAL Security – Block Sites

25 NETGEAR CONFIDENTIAL Security – Rules

26 NETGEAR CONFIDENTIAL Security – Rules – Outbound Services

27 NETGEAR CONFIDENTIAL Security – Rules – Inbound Services

28 NETGEAR CONFIDENTIAL Security - Services

29 NETGEAR CONFIDENTIAL Security - Schedule

30 NETGEAR CONFIDENTIAL Security – Logs and Emails

31 NETGEAR CONFIDENTIAL Security – View Log

32 NETGEAR CONFIDENTIAL Security – Logs and Emails Email Logs and Syslog

33 NETGEAR CONFIDENTIAL VPN – VPN Wizard Box-to-box

34 NETGEAR CONFIDENTIAL VPN – VPN Wizard Box-to-box Result:

35 NETGEAR CONFIDENTIAL VPN – VPN Wizard Client-to-box

36 NETGEAR CONFIDENTIAL VPN – VPN Wizard Client-to-box

37 NETGEAR CONFIDENTIAL VPN – VPN Status

38 NETGEAR CONFIDENTIAL VPN – IKE Policies

39 NETGEAR CONFIDENTIAL VPN – IKE Policies - Add

40 NETGEAR CONFIDENTIAL VPN – VPN Policies

41 NETGEAR CONFIDENTIAL VPN – VPN Policies – Add Auto Policy

42 NETGEAR CONFIDENTIAL VPN – VPN Policies – Add Manual Policy

43 NETGEAR CONFIDENTIAL VPN - CAs

44 NETGEAR CONFIDENTIAL VPN - Certificates

45 NETGEAR CONFIDENTIAL VPN - CRL

46 NETGEAR CONFIDENTIAL Maintenance – Router Status

47 NETGEAR CONFIDENTIAL Maintenance – Router Status Show Statistics

48 NETGEAR CONFIDENTIAL Maintenance – Set Password

49 NETGEAR CONFIDENTIAL Maintenance – Remote management

50 NETGEAR CONFIDENTIAL Maintenance - SNMP

51 NETGEAR CONFIDENTIAL Maintenance - Diagnostics

52 NETGEAR CONFIDENTIAL Maintenance – Backup Settings

53 NETGEAR CONFIDENTIAL Maintenance – Router Upgrade

54 NETGEAR CONFIDENTIAL Advanced – LAN Setup

55 NETGEAR CONFIDENTIAL Advanced – LAN Setups Multi-Home LAN IP Setups

56 NETGEAR CONFIDENTIAL Advanced – DMZ Setups

57 NETGEAR CONFIDENTIAL Port Triggering Once configured, operation is as follows: 1. A PC makes an outgoing connection using a port number defined in the Port Triggering table. 2. This Router records this connection, opens the INCOMING port or ports associated with this entry in the Port Triggering table, and associates them with the PC. 3. The remote system receives the PCs request, and responds using a different port number. 4. This Router matches the response to the previous request, and forwards the response to the PC. (Without Port Triggering, this response would be treated as a new connection request rather than a response. As such, it would be handled in accordance with the Port Forwarding rules.)

58 NETGEAR CONFIDENTIAL Port Triggering Note Only 1 PC can use a "Port Triggering" application at any time. After a PC has finished using a "Port Triggering" application, there is a "Time-out" period before the application can be used by another PC. This is required because this Router cannot be sure when the application has terminated. Normally for games and chat.

59 NETGEAR CONFIDENTIAL Advanced – Port Triggering

60 NETGEAR CONFIDENTIAL Advanced – Static Routes

61 NETGEAR CONFIDENTIAL Knowledge Base / Documentation

62 NETGEAR CONFIDENTIAL Troubleshooting

63 NETGEAR CONFIDENTIAL FAQ#1 How does the FVX538 support QoS? The FVS538 prioritizes the routing of a packet through the router according to the TOS bit in the packet’s layer3 header. For a particular service, you can override the packet’s specified priority by selecting a different priority in the Services menu, Inbound rules or Outbound Rules. Changing the priority setting will affect the priority given to the packet by the router, but will not actually alter the TOS bits in the packet.

64 NETGEAR CONFIDENTIAL FAQ#2 When I use load balancing through two ISPs, I have problems sending email, getting DNS, or using my ISP’s news server. When your ISP provides services such as email, DNS, or newsgroups, it may require that requests for service originate from an IP address within its domain. If you require one of these services from a particular ISP, you should use your router’s Protocol Binding feature to make sure your requests always use the WAN port connected to that ISP.

65 NETGEAR CONFIDENTIAL FAQ#3 My ISP has provided me with a range of public IP addresses. How can I assign them to servers behind the FVX538? When you configure the ISP Settings of your router, assign one IP address as the WAN address to be used by your PCs as the main NAT address for general traffic. In the DMZ Setup menu, you can assign the additional public IP addresses to individual PCs on either your LAN or DMZ (if you have activated port 8 as your DMZ port). To allow inbound traffic to reach one of these PCs, you must create an Inbound Rule for the desired service and set the rule’s Destination Address to the public IP address assigned to that PC.

66 NETGEAR CONFIDENTIAL FAQ#4 My ISP has provided me with a range of public IP addresses. How can I assign them to servers behind the FVX538? When you configure the ISP Settings of your router, assign one IP address as the WAN address to be used by your PCs as the main NAT address for general traffic. In the DMZ Setup menu, you can assign the additional public IP addresses to individual PCs on either your LAN or DMZ (if you have activated port 8 as your DMZ port). To allow inbound traffic to reach one of these PCs, you must create an Inbound Rule for the desired service and set the rule’s Destination Address to the public IP address assigned to that PC. (This feature cannot be used when load balancing is selected.)

67 NETGEAR CONFIDENTIAL FAQ#5 Is the VPN policy created by the VPN Wizard compatible to other Netgear VPN routers? The VPN Wizard will create a compatible configuration with our other products when using fixed IP addresses. When using FQDN, some modifications will be necessary after running the wizard. Please refer to our VPN application notes for detailed information.

68 NETGEAR CONFIDENTIAL Known Issues at initial release VPN performance is low (about 25M). Can’t make VPN using WAN2 when PPPoE. Dynamic DNS configuration does not save. Sometimes DHCP server stop after change LAN IP. Need to reboot. VPN wizard not compatible with other models when using FQDN. Policy generated need to be edited in order to work with FVS328, FVL328. Upon fail-over, no alert or log entry occurs to notify user. DMZ Setup – user must visit Groups and Hosts menu first before PC will display. VPN status menu – connect and drop button do not work. VPN in PPPoE environment – can’t ping gateway’s LAN IP. VPN policies created with VPN Wizard will not work if the remote side is FQDN.

69 NETGEAR CONFIDENTIAL Known issues at initial release Statistics window does not correctly show line up or down. Always said WAN port is up. The LED is correct. CLI not supported, won’t save settings (READ-only). Console get Linux OS shell. Need to type “cli” to login. Separate KB articles. Can access CLI/GUI by telnet using guest/password, can’t change password. Client-to-box VPN – need to append one to three characters after policy name. Logging entries are not useful. Sometimes last VPN policy does not appear in menu. Setup Wizard and Apply button can’t reliably detect or apply in DHCP ISP environment. Dynamic or static. Manual setup works. Load-balancing protocol binding does not work. Bind an application to a particular WAN.

70 NETGEAR CONFIDENTIAL Known issue at initial release Disabling a VPN policy does not drop an active tunnel. Can’t edit VPN policy to change LAN subnet. An attempt to access a blocked site is not logged.

71 NETGEAR CONFIDENTIAL Fixes with firmware v1.6.12 VPN throughput increased. Number of simultaneous sessions increased. Guest password can now be changed separately. Default gateway is now shown in routing table. Fixed: When WAN2 is primary and in PPPoE mode, VPN tunnel can’t pass trafic. Fixed: VPN traffic stops under heavy traffic. Remove One-to-one NAT table and Exposed Host, since these functions can be performed with inbound rules.

Download ppt "NETGEAR CONFIDENTIAL FVX538 ProSafe VPN Firewall 200."

Similar presentations

DSL-2730B, DSL-2740B, DSL-2750B.

DSL-2730B, DSL-2740B, DSL-2750B.
1 Basic Installation and GUI Tech 130. 2 Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.

1 Basic Installation and GUI Tech Basic Installation and GUI : Objectives  Installing the Quadro  Configuring the Quadro  Installing IP phones.
DSL-2870B How to Change ADSL Username and Password in your modem router How to Change Wireless Channel in your modem router How to Open Ports in your modem.

DSL-2870B How to Change ADSL Username and Password in your modem router How to Change Wireless Channel in your modem router How to Open Ports in your modem.
11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Remote Viewing Setup DVR & IP Video Devices

Remote Viewing Setup DVR & IP Video Devices
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.

Hands-On Microsoft Windows Server 2003 Administration Chapter 11 Administering Remote Access Services.
Wi-Fi Structures.

Wi-Fi Structures.
Advanced Routers Opening Ports

Advanced Routers Opening Ports
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
DVG-N5402SP.

DVG-N5402SP.
TEW-691GR Training TEW-691GR Training TEW-691GR 450Mbps Wireless N Gigabit Router.

TEW-691GR Training TEW-691GR Training TEW-691GR 450Mbps Wireless N Gigabit Router.
Technical Training: DIR-615

Technical Training: DIR-615
Technical Training: DAP-1360 Wireless N Access Point DAP-1360.

Technical Training: DAP-1360 Wireless N Access Point DAP-1360.
NetComm Wireless VPN Functionality Feature Spotlight.

NetComm Wireless VPN Functionality Feature Spotlight.
DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.

DrayTek VPN Solution. Outline What is VPN What does VPN Do Supported VPN Protocol How Many Tunnels does Vigor Support VPN Application Special VPN Application.

Similar presentations

Ads by Google