Netgear orporated FVM318 Users Manual
Reference Manual for the
Model FVM318 Cable/DSL
ProSafe Wireless VPN
Security Firewall
Reference Manual
NETGEAR, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
Phone 1-888-NETGEAR
SM-FVM318NA-0
October 2002
FEDERAL COMMUNICATIONS COMMISSION
INTERFERENCE STATEMENT
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to Part 15 of the FCC Rules. These limits are designed
to provide reasonable protection against harmful interference in a residential
installation. This equipment generates, uses and can radiate radio frequency
energy and, if not installed and used in accordance with the instructions, may
cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this
equipment does cause harmful interference to radio or television reception,
which can be determined by turning the equipment off and on, the user is
encouraged to try to correct the interference by one or more of the following
measures:
-- Reorient or relocate the receiving antenna.
-- Increase the separation between the equipment and receiver.
-- Connect the equipment into an outlet on a circuit different from that to which
the receiver is connected.
-- Consult the dealer or an experienced radio/TV technician for help.
CAUTION:
Any changes or modifications not expressly approved by the grantee of this
device could void
the user's authority to operate the equipment.
FCC RF Radiation Exposure Statement
This equipment complies with FCC RF radiation exposure limits set forth for an
uncontrolled environment. This equipment should be installed and operated with
a minimum distance of 20cm between the radiator and your body.
© 2002 by NETGEAR, Inc. All rights reserved.
Trademarks
NETGEAR and Auto Uplink are trademar ks or registered trademarks of Netgear, Inc.
Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corpor at io n.
Other brand and product names are registered trademarks or trademarks of their respective holders.
Statement of Conditions
In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to
make changes to the products described in this document without notice.
NETGEAR does not assume any liabi l ity that may occur due to the use or applicat ion of the product(s) or circuit
layout(s) described herein.
Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice
This equipment has b een tested and found to comply with the limit s for a Class B digital device, pursuant to
part 15 of the FCC Rules. These limits are designed to provide reasonable protecti on against harmful interference in a
residential inst allation. This equipment generates, uses, a nd can radiate radio frequency energy and, if not installed and
used in accordance with the inst ructions, m ay caus e harmful inte rference to radio c ommunic ations. Ho wever, there is no
guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to
radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try
to correct the interference by one or more of the following measures:
• Reorient or relocate the receiving an t enna.
• Increase the separation between the equipment and receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
• Consult the dealer or an experienced radio/TV technician for help .
EN 55 022 Declaration of Conformance
This is to certify that the FVM318 Cable/ DSL ProSafe Wireless VPN Security Firewall is shielded against the
generation of radio interference in accordance with the application of Council Directive 89/336/EEC, Article 4a.
Conformity is declared by the application of EN 55 022 Class B (CISPR 22).
ii
Bestätigung des Herstellers/Importeurs
Es wird hiermit bestätigt, daß dasFVM318 Cab le/DSL ProSafe Wireless VPN Securit y Firewall gemäß der im
BMPT-AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben
einiger Geräte (z.B . Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die
Anmerkungen in der Betriebsanleitung.
Das Bundesamt für Zulassungen in der Telekommunikation wur de davon unterrich tet, daß dieses Gerät auf den Markt
gebracht wurde und es ist berechtigt, die Serie auf die Erfüllung der Vorschriften hin zu überprüfen.
Certificate of the Manufacturer/Importer
It is hereby certified that the FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall has been suppressed
accordance with the conditions set out in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. The operation of some
in
equipment (for example, test transm itt ers) i n accordance with the regulations may, however, be subject to certain
restrictions. Please refer to the notes in the operating instructions.
Federal Office for Telecommunications Approvals has been notified of the placing of this equipment on the market
and has been granted the right to test the series for compliance with the regulations.
Voluntary Control Council for Interference (VCCI) Statement
This equipment is in the second category (information eq uipment to be used in a residen tial area or an adjacent area
thereto) and conforms to the standards set by the Voluntary Control Council for Interference by Data Processing
Equipment and Electronic Office Machines aimed at preventing radio interference i n such residential areas.
When used near a radio or TV receiver, it may become the cause of radi o i nt erference.
Read instructions for correct handling.
Technical Support
Refer to the Support Information Card that shipped with your FVM318 Cable/DSL ProSafe Wireless VPN Security
Firewall.
World Wide Web
NETGEAR maintains a World Wide Web home page that you can access at the universal resource locat or (URL)
http://www.netgear.com. A direct connection to the Internet and a Web browser such as Internet Explorer
or Netscape are required.
iii
iv
Contents
Preface
About This Manual
Audience ..................... ............. ....... ............. ............. ............. ............ ............. ............. .1-xiii
Typographical Conventions ..........................................................................................1-xiii
Special Message Formats ........................................................................................... 1-xiv
Technical Support ........................................................................................................ 1-xiv
Chapter 1
Introduction
About the FVM318 ............. ...... ....... ...... ....... ...... ....... ...... ....... ...... ...... .............................1-1
Key Features ..................................................................................................................1-1
A Powerful, True Firewall .........................................................................................1-1
Content Filtering ............................. ....... ...................................................................1-2
Configurable Auto Uplink™ Ethernet Connection ....................................................1-2
Protocol Support ......................................................................................................1-2
Easy Installation and Management ..........................................................................1-3
What’s in the Box? ..........................................................................................................1-5
The Firewall’s Front Panel .................................................................................1-5
The Firewall’s Rear Panel ..................................................................................1-6
Chapter 2
Connecting the Firewall to the Internet
What You Will Need Before You Begin ...........................................................................2-1
LAN Hardware Requirements ..................................................................................2-1
Computer Requirements ....................... .............................................................2-1
Cable or DSL Modem Requirement ..................................................................2-1
LAN Configuration Requirements ............................................................................2-2
Internet Configuration Requirements .......................................................................2-2
Where Do I Get the Internet Configuration Parameters? ..................................2-2
Connecting the FVM318 firewall to Your LAN ................................................................2-4
Connecting the FVM318 firewall to the Internet .............................................................2-8
Contents v
Using the Smart Wizard to Auto-Detect Your Internet Connection Type ..................2-8
Manually Configuring Your Internet Connection .....................................................2-14
Configuring Wireless Connectivity ................................................................................2-17
Testing Your Internet Connection ..................................................................................2-21
Chapter 3
Protecting Your Network
Protecting Access to Your FVM318 firewall ....................................................................3-1
Configuring Basic Firewall Servic es .................. ....... ...... ....... ...... ...... ....... ...... ....... ...... ...3- 3
Blocking Functions, Keywords, Sites, and Services ................................................3-3
Block Services ......................... ....... ...... ....... ......................................................3-5
Setting Times and Scheduling Firewall Services ............................................................3-7
Chapter 4
Virtual Private Networking
Network to Network and Remote Computer to Network VPNs ......................................4-1
Planning a VPN ..............................................................................................................4-2
VPN Configuration Choices ...............................................................................4-2
Sample Network to Network VPN Tunnel Configuration Worksheet .................4-3
Using the VPN Connection ..............................................................................4-11
Configuring a Remote PC to Network VPN ..................................................................4-12
Sample PC to Network VPN Tunnel Configuration Worksheet .......................4-12
Check the VPN Connection .............................................................................4-21
Monitoring the PC to Network VPN Connection Using SafeNet Tools ............4-22
Deleting a Security Association ..............................................................................4-23
Manual Keying ..............................................................................................................4-24
Blank VPN Tunnel Configuration Worksheets ..............................................................4-26
Chapter 5
Managing Your Network
Network Management Information .................................................................................5-1
Viewing Router Status and Usage Statistics ............................................................5-1
Viewing Attached Devices ........................................................................................5-4
Viewing, Selecting, and Saving Logged Information ................................................5-5
Selecting What Information to Log ....................................................................5-6
Saving Log Files on a Server .. ....... ...... ....... ...... ....................................... ...... ...5-7
Examples of log messages ......................................................................................5-7
Activation and Administration ............................................................................5-7
vi Contents
Dropped Packets ...............................................................................................5-7
Enabling Security Event E-mail Notification ...................................................................5-8
Backing Up, Restoring, or Erasing Your Settings ...........................................................5-9
Running Diagnostic Utilities and Rebooting the Router ................................................5-12
Enabling Remote Management ....................................................................................5-13
Upgrading the Router’s Firmware .................................................................................5-14
Chapter 6
Wireless Configuration
Considerations For A Wireless Network .........................................................................6-1
Security ....................................................................................................................6-1
Placement and Range ..............................................................................................6-1
Wireless Settings ............................................................................................................6-2
Wireless Network Settings .......................................................................................6-3
Using the Wireless Card Access List to Restrict Wireless Access by MAC Address 6-4
Configuring Wired Equivalent Privacy (WEP) ..........................................................6-5
Chapter 7
Advanced Configuration
Configuring Advanced Security ......................................................................................7-1
Setting Up A Default DMZ Server ............................................................................7-1
Respond to Ping on Internet WAN Port ...................................................................7-2
Configuring LAN IP Settings ...........................................................................................7-2
LAN TCP/IP Setup ...................................................................................................7-2
MTU Size .................................................................................................................7-3
DHCP ................................ ................................................................. ......................7-4
Use router as DHCP server ...............................................................................7-4
Reserved IP addresses .....................................................................................7-5
Configuring Dynamic DNS .......................................................................................7-6
Using Static Routes ........................................................................................................7-8
Static Route Example ...............................................................................................7-8
Chapter 8
Troubleshooting
Basic Functions .... ...... ....... ...... ....... ................................................................................8-1
Power LED Not On ...................................................................................................8-2
Test LED Never Turns On or Test LED Stays On .....................................................8-2
Local or Internet Port Link LEDs Not On ..................................................................8-2
Contents vii
Troubleshooting the Web Configuration Interface ..........................................................8-4
Troubleshooting the ISP Connection ..............................................................................8-5
Troubleshooting a TCP/IP Network Using a Ping Utility .................................................8-6
Testing the LAN Path to Your Firewall ......................................................................8-6
Testing the Path from Your PC to a Remote Device ................................................8-7
Restoring the Default Configuration and Password ........................................................8-8
Using the Default Reset button ................................................................................8-8
Problems with Date and Time .........................................................................................8-9
Appendix A
Technical Specifications
Appendix B
Network, Routing, Firewall, and Wireless Basics
Related Publications ...................................................................................................... B-1
Basic Router Concepts ................... ...... ....... ...... ............................................. ............... B-1
What is a Router? ................................................................................................... B-2
Routing Information Protocol ................................................................................... B-2
IP Addresses and the Internet ................................................................................. B-2
Netmask ............................ ................................................................. ..................... B -4
Subnet Addressing .................................................................................................. B-5
Private IP Addresses ............................................................................................... B-7
Single IP Address Operation Using NAT ................................................................. B-8
MAC Addresses and Address Resolution Protocol ................................................. B-9
Related Documents ................................................................................................. B-9
Domain Name Server ............................................................................................ B-10
IP Configuration by DHCP .................................................................................... B-10
Ethernet Cabling ...........................................................................................................B-11
Uplink Switches and Crossover Cables .................................................................B-11
Cable Quality ......................................................................................................... B-12
Internet Security and Firewalls .................................................................................... B-12
What is a Firewall? ................................................................................................ B-12
Stateful Packet Inspection ..................................................................................... B-13
Denial of Service Attack ........................................................................................ B-13
Wireless Networking .................................................................................................... B-13
Wireless Network Configuration ............................................................................ B-13
Ad-hoc Mode (Peer-to-Peer Workgroup) ........................................................ B-14
viii Contents
Infrastructure Mode .... .................................................................................... B-14
Extended Service Set Identification (ESSID) ........................................................ B-14
Authentication and WEP Encryption ..................................................................... B-15
Wireless Channel Selection .................................................................................. B-15
Ethernet Cabling .......................................................................................................... B-17
Uplink Switches, Crossover Cables, and MDI/MDIX Switching ............................ B-17
Cable Quality ......................................................................................................... B-18
Appendix C
Preparing Your Network
Preparing Your Computers for TCP/IP Networking .......................................................C-1
Configuring Windows 95, 98, and ME for TCP/IP Networking ................................ C-2
Install or Verify Windows Networking Components ..........................................C-2
Enabling DHCP to Automatically Configure TCP/IP Settings ........................... C-4
Selecting Windows’ Internet Acce ss Metho d ........................ ....... ...... ....... ........C-4
Verifying TCP/IP Properties .............................................................................. C-5
Configuring Windows NT, 2000 or XP for IP Networking ........................................C-5
Install or Verify Windows Networking Components ..........................................C-5
Verifying TCP/IP Properties .............................................................................. C-6
Configuring the Macintosh for TCP/IP Networking ..................................................C-6
MacOS 8.6 or 9.x ............... ...... ....... ...... ............................................................C-6
MacOS X . ...... ....... ...... ....... ............................................................................... C-7
Verifying TCP/IP Properties for Macintosh Computers ..................................... C-8
Verifying the Readiness of Your Internet Account ......................................................... C-9
Are Login Protocols Used? .....................................................................................C-9
What Is Your Configuration Information? ................................................................C-9
Obtaining ISP Configuration Information for Windows Computers ................. C-10
Obtaining ISP Configuration Information for Macintosh Computers ............... C-11
Restarting the Network ................................................................................................ C-12
Glossary
Index
Contents ix
x Contents
List of Procedures
Procedure 2-1: Record Your Internet Connection Information ......................................2-3
Procedure 2-2: Connecting the Firewall to Your LAN ....................................................2-4
Procedure 2-3: Auto-Detecting Your Internet Connection Type ....................................2-9
Procedure 2-4: Wizard-Detected Login Account Setup ...............................................2-10
Procedure 2-5: Wizard-Detected Dynamic IP Account Setup .....................................2-11
Procedure 2-6: Wizard-Detected Fixed IP (Static) Account Setup ..............................2-13
Procedure 2-7: Manual Configuration .........................................................................2-14
Procedure 2-8: Serial Port Internet Connection Configuration ....................................2-17
Procedure 3-1: Changing the Built-In Password ...........................................................3-2
Procedure 3-1: Changing the Administrator Login Timeout ..........................................3-3
Procedure 3-2: Block Functions, Keywords, and Sites .................................................3-4
Procedure 3-3: Block Services ......................................................................................3-6
Procedure 3-4: Setting Yo ur Time Zone ........................................................................3-7
Procedure 3-5: Scheduling Firewall Services ................................................................3-9
Procedure 4-1: Configuring a Network to Network VPN Tunnel ....................................4-4
Procedure 4-2: Check the VPN Connection ................................................................4-11
Procedure 4-3: Configuring a Remote PC to Network VPN ........................................4-13
Procedure 4-4: Using Manual Keying as an Alternative to IKE ...................................4-24
Procedure 5-5: Backup the Configuration to a File .......................................................5-9
Procedure 5-6: Restore a Configuration from a File ....................................................5-11
Procedure 5-7: Erase the Configuration ......................................................................5-11
Procedure 5-8: Configure Remote Management ........................................................5-13
Procedure 5-1: Router Upgrade ..................................................................................5-14
Procedure 7-1: Configure LAN TCP/IP Setup ...............................................................7-6
Procedure 7-2: Configure Dynamic DNS ......................................................................7-7
Procedure 7-3: Configuring Static Routes .....................................................................7-9
xi
xii
Preface
About This Manual
Thank your for purchasi ng the NETGEAR™ FVM318 Cable/DSL ProSafe W ir eless VPN Secur ity
Firewall.
This manual describes the features of the firewall and provides installation and configuration
instructions.
Audience
This reference manu al assumes th at the reade r has int ermediate to advanced com puter and Intern et
skills. However, basic computer network, Internet, firewall, and VPN technologies tutorial
information is provided in the Appendices.
Typographical Conventions
This guide uses the following typographical conventions:
italics Book titles and UNIX file, command, and directory names.
courier font Screen text, user-typed command-line entries.
Initial Caps Menu titles and window and button names.
[Enter] Named keys in text are shown enclosed in square brackets. The notation
[Enter] is used for the Enter key and the Return key.
[Ctrl]+C Two or more keys that must be pressed simultaneously are shown in text
linked with a plus (+) sign.
ALL CAPS DOS file and directory names.
About This Manual xiii
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
Special Message Forma ts
This guide uses the following formats to highlight special messages:
Note: This format is used to highlight information of importance or special interest.
Procedure: This format is used to let you know that you are following a sequence of
steps required to complete a task.
Warning: This format is used to highligh t in for mat ion about the possibility of inj ur y or
equipment damage.
Danger: This format is used to alert you that there is the potential for incurring an
electrical shock if you mishandle the equipment.
Technical Support
For help with any technical issues, contact Customer Support at 1-888-NETGEAR, or visit us on
the Web at www.NETGEAR.com. The NETGEAR Web site includes an extensive knowledge
base, answers to frequently asked questions, and a means for submitting technical questions
online.
xiv About This Manual
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
About This Manual xv
Chapter 1
Introduction
This chapter describ es the f eatur es of t he NETGEAR FVM318 Cabl e/DSL Pro Safe Wireless VPN
Security Fir ewall.
About the FVM318
The FVM318 is a complete security solution that protects your network from attacks and
intrusions. Unlike s impl e Int ernet shar ing rou ters th at re ly on Net work Addr ess Translation (NAT)
for security, the FVM318 uses Stateful Packet Inspection for Denial of Service (DoS) attack
protection and intrusion detection. The 8-port FVM318 with auto fail-over connectivity through
the serial port provides highly reliable Internet access for up to 253 users.
Key Features
The FVM318 offers the following features.
A Powerful, True Firewall
Unlike simple Internet sharing NAT routers, the FVM318 is a true firewall, using stateful packet
inspection to defend against hacker attacks. Its firewall features include:
• Denial of Service (DoS) protection
Automatically detects and thwarts Denial of Service (DoS) attacks such a s Ping of Death,
SYN Flood, LAND Attack and IP Spoofing.
• Blocks unwanted traffic from the Internet to your LAN.
• Blocks access from your LAN to Internet locations or services that you specify as off-limits.
Introduction 1-1
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
• Logs security incidents
The FVM318 will log security events such as blocked incoming traffic, port scans, attacks,
and administrator logins. You can configure the firewall to email the log to you at specified
intervals. You can also configure the firewall to send immediate alert messages to your email
address or email pager whenever a significant event occurs.
Content Filtering
With its content filtering feature, the FVM318 prevents objectionable content from reaching your
PCs. The firewall allows you to control access to Internet content by screening for keywords
within Web addresses. You can configure the firewall to log and report attempts to access
objectionable Internet sites.
Configurable Auto Uplink™ Ethernet Connection
With its internal 8-port 10/100 switch, the FVM318 can connect to either a 10 Mbps standard
Ethernet network or a 10 0 Mbps Fast Etherne t net work . Both the l ocal LAN and the I ntern et WAN
interfaces are autosensing and capable of full-duplex or half-duplex operation.
The firewall incorporates Auto Uplin kTM technology. Each LOCAL Ethernet port will
automatically sense whether the Ethernet cable plugged into the port should have a ‘normal’
connection such as to a PC or an ‘uplin k’ connecti on such as to a switch or hub. Th at port wil l then
configure itself to the correct configuration. This feature also eliminates the need to worry about
crossover cables, as Auto Uplink will accommodate either type of cable to make the right
connection.
Protocol Support
The FVM318 supports the Transmissio n Co ntr ol Pr ot ocol /Internet Protocol (TCP/IP) and Routing
Information Protocol (RIP).
provides further information on TCP/IP.
• IP Address Sharing by NAT
The FVM318 allows severa l networke d PCs to sha re an Int ernet accoun t usin g only a si ngle IP
address, which may be statically or dynamically assigned by your Internet service provider
(ISP). This technique, known as Network Address Translation (NAT), allows the use of an
inexpensive single-user ISP account.
1-2 Introduction
Appendix B, “Network, Routing, Firewall, and Wireless Basics”
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
• Automatic Configuration of Attached PCs by DHCP
The FVM318 dynamically assigns network configuration information, including IP, gateway,
and domain name server (DNS) addresses, to atta ched PCs on the LAN using the Dynamic
Host Configuration Protocol (DHCP). This feature greatly simplifies configuration of PCs on
your local network.
• DNS Proxy
When DHCP is enabled and no DNS addresses are specified, the firewall provides its own
address as a DNS server to the attached PCs. The firewall obtains actual DNS addresses from
the ISP during connection setup and forwards DNS requests from the LAN.
• PPP over Ethernet (PPPoE)
PPP over Ethernet is a protocol for connecting remote hosts to the Internet over a DSL
connection by simulating a dial-up connection. This feature eliminates the need to run a login
program such as EnterNet or WinPOET on your PC.
• PPTP login support for European ISPs, BigPond login for Telstra cable in Australia.
•Dynamic DNS
Dynamic DNS services allow remote users to find your network using a domain name when
your IP address is not pe rman ent ly assigned. The firewall contai ns a client that can connect to
many popular Dynamic DNS services to register your dynamic IP address.
Easy Installation and Management
You can install, configure, and operate the FVM318 within minutes after connecting it to the
network. The following features simplify installation and management tasks:
• Browser-based management
Browser-based configuration allows you to easily configure your firewall from almost any
type of personal computer, such as Windows, Macintosh, or Linux. A user-friendly Setup
Wizard is provided and online help documentation is built into the browser-based Web
Management Interface.
• Smart Wizard
The firewall automatically senses the type of Internet connection, asking you only for the
information required for your type of ISP account.
• Auto fail-over connectivity through an analog or ISDN modem connected to the serial port
If the cable or DSL modem I ntern et c onnect ion f ails , aft er a wait ing f or a n amount o f time you
specify, the FVM318 can automatically establish a backup ISDN or dial-up Internet
connection via the serial port on the firewall.
Introduction 1-3
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
• Remote management
The firewall allows you to logi n t o the W eb Management Interface from a re mo te loc ati on vi a
the Internet. For security, you can limit remote management access to a specif ied remote IP
address or range of addresses, and you can choose a nonstandard port number.
• Remote Access Server connectivity vial the serial port
• Diagnostic functions
The firewall incorporates built-in diagnostic functions such as Ping, DNS lookup, and remote
reboot. These functi ons allow you to test Inter net conne ctivity and reboot the fi rewall. You can
use these diagnostic functions directly from the FVM318 when your are connect on the LAN
or when you are connected over the Internet via the remote management function.
• Visual monitoring
The firewall’s front panel LEDs provide an easy way to monitor its status and activity.
• Flash EPROM for firmware upgrade
• Regional support, including ISPs like Telstra DSL and BigPond or Deutsche Telekom.
1-4 Introduction
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
What’s in the Box?
The product package should contain the following items:
• FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
• AC power adapter
• Category 5 (CAT5) Ethernet cable
• FVM318 Resource CD, including:
— This manual
— Application Notes, Tools, and other helpful information
• Warranty and registration card
• Support information card
If any of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the
carton, including the original packing materials, in case you need to return the product for repair.
The Firewall’s Front Panel
The front panel of the FVM318 (Figure 1-1) contains status LEDs.
Figure 1-1: FVM318 Front Panel
You can use some of the LEDs to verify connections. Table 1-1 lists and describes each LED on
the front pa nel of the firewall.
Introduction 1-5
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
These LEDs are green when lit, except for the TEST LED, which is amber.
Table 1-1: LED Descriptions
Label Activity Description
POWER On Power is supplied to the firewall.
TEST On
Off
MODEM On/Blinking The port detected a link with the Internet WAN connection or
INTERNET
100 On/Blinking The Internet port is operating at 100 Mbps.
LINK/ACT (Activity) On/Blinking The port detected a link with the Internet WAN connection and is
LOCAL
100 On/Blinking The Local port is operating at 100 Mbps.
LINK/ACT
On/Blinking The Local port has detected a link with a LAN connection and is
(Link/Activity)
The system is initializing.
The system is ready and running.
Remote Access Server. Blinking indicates data transmission.
operating at 10 Mbps. Blinking indicates data transmission.
operating at 10 Mbps. Blinking indicates data transmission.
The Firewall’s Rear Panel
The rear panel of the FVM318 (Figure 1-2) contains the connections identified below.
MODEM
87654321
10/100M
INTERN ET
12VDCO.5A
LOCA L
Figure 1-2: FVM318 Rear Panel
Viewed from left to right, the rear pa nel contains the followin g elements:
• DB-9 serial port for modem connection
• Factory Default Reset push button
• Eight Local Ethernet RJ-45 ports for connecting the firewall to the local computers
• Internet WAN Ethernet RJ-45 port for connecting the firewall to a cable or DSL modem
• AC power adapter input
1-6 Introduction
Chapter 2
Connecting the Firewall to the Internet
This chapter describes how to set up the firewall on your Local Area Network (LAN), connect to
the Internet, perform basic configuration of your FVM318 Cable/DSL ProSafe Wireless VPN
Security Firewall using the Setup Wizard, or how to manually configure your Internet connection.
What You Will Need Before You Begin
You need to prepare these three things before you can connect your firewall to the Internet:
1. A computer properly connected to the firewall as explained below.
2. Active Internet service such as that provided by a DSL or Cable modem account.
3. The Internet Service Provider (ISP) configuration information for your DSL or Cable modem
account.
LAN Hardware Requirements
The FVM318 firewall connects to your LAN via twisted-pair Ethernet cables.
Computer Requirements
To use the FVM318 firewall on your network, each computer must have an installed Ethernet
Network Interface Card (NIC) and an Ethernet cable. If the computer will connect to your network
at 100 Mbps, you must use a Category 5 (CAT5) cable such as the one provide d with your fire wall.
Cable or DSL Modem Requirement
The cable modem or DSL modem must provide a standard 10 Mbps 10BASE-T or 100 Mbps
100BASE-T Ethernet interface.
Connecting the Firewall to the Internet 2-1
Reference Manual for the Model FVM318 Cable/DSL ProSafe Wireless VPN Security Firewall
LAN Configuration Requirements
For the initial connection to the Inter net and configuration of your firewall, you will need to
connect a computer to the firewal l which is set to automa ti cally get its TCP/IP configurati on fr om
the firewall via DHCP.
Note: Please refer to Appendix C, "Preparing Your Network" for assistance with DHCP
configuration.
Internet Configuration Requirements
Depending on how your ISP set up your Internet account, you will need one or more of these
configuration parameters to connect your firewall to the Internet:
• Host and Domain Names
• ISP Login Name and Password
• ISP Domain Name Server (DNS) Addresses
• Fixed or Static IP Address
Where Do I Get the Internet Configuration Parameters?
There are several ways you can gather the required Internet connection information.
• Your ISP should have provided you with all the inf orma ti on ne eded to connect to the Inte rne t.
If you cannot locate this information, you can ask your ISP to provide it or you can try one of
the options below.
• If you have a computer already connected using the active Internet access account, you can
gather the configuration information from that computer.
• For Windows 95/98/ME, open the Network control panel, select the TCP/IP entry for the
Ethernet adapter, and click Properties.
• For Windows 2000/XP, open the Local Area Network Connecti on, select the TCP/IP entry
for the Ethernet adapter, and click Properties.
• For Macintosh computers, open the TCP/IP or Network control panel.
• You may also refer to the FR328S Resource CD for the NETGEAR Router ISP Guide which
provides Internet connection information for many ISPs.
Once you locate your Internet configu ration par ameters , you may want to rec ord them on the page
below according to the instructions in
page 2-3.
2-2 Connecting the Firewall to the Internet
“Record Your Internet Connection Information” on
Loading...