Netgear FWG114Pv2 FWG114Pv2 Reference Manual

Netgear FWG114Pv2 - Wireless Firewall With USB Print Server Manual

Get Netgear FWG114Pv2 - Wireless Firewall With USB Print Server PDF manuals and user guides View all Netgear FWG114Pv2 manuals
Add to My Manuals
Save this manual to your list of manuals

Netgear FWG114Pv2 manual content summary:

  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 1
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 201-10301-02 May 2005 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 2
    installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions Conformance This is to certify that the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 is shielded against the generation of radio
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 3
    be subject to certain restrictions. Please refer to the notes in the operating instructions. Federal Office for Telecommunications Approvals has Publication Part Number: FWG114P v2 May 2005 wireless access point ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Business English 201-
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 4
    iv 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 5
    Manual 1-2 How to Print this Manual 1-3 Chapter 2 Introduction Key Features of the FWG114P v2 2-1 Full Routing on Both the Broadband and Serial Ports 2-2 802.11g and 802.11b Wireless Networking 2-2 Virtual Private Networking 2-3 Wireless Multimedia (WMM) Support 2-3 A Powerful, True Firewall
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 6
    the FWG114P v2 Wireless Firewall/Print Server 3-4 Verify That Basic Requirements Are Met 3-4 Basic Setup Troubleshooting Tips 3-10 FWG114P v2 Setup Wizard Auto Detection 3-10 Wizard-Detected Login Account Setup 3-11 Wizard-Detected Dynamic IP Account Setup 3-13 Wizard-Detected Fixed IP Account
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 7
    Viewing Logs of Web Access or Attempted Web Access 6-16 What to Include in the Event Log 6-17 Chapter 7 Print Server Printing Options ...7-1 For Windows XP and 2000, Use TCP/IP LPR Printing 7-2 For Windows 95/98/Me, Use the Netgear Printer Port Driver 7-6 Printing from the Macintosh 7-9 Windows
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 8
    45 From the FWG114P v2 to the Client PC 8-46 Monitoring the PC VPN Connection 8-46 Viewing the FWG114P v2 VPN Status and Log Information 8-47 Chapter 9 Maintenance Viewing Wireless Firewall/Print Server Status Information 9-1 Viewing a List of Attached Devices 9-6 Upgrading the Router Software
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 9
    LAN TCP/IP Setup Parameters 10-5 Using the Router as a DHCP server 10-7 Using Address Reservation 10-7 Configuring Static Routes 10-8 Enabling Remote Management Access 10-10 Using Universal Plug and Play (UPnP 10-11 Advanced Wireless Settings 10-12 Chapter 11 Troubleshooting Basic Functioning
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 10
    Addresses B-7 Single IP Address Operation Using NAT B-7 MAC Addresses and Address Resolution Protocol B-9 Related Documents B-9 Domain Name Server B-9 IP Configuration by DHCP B-10 Internet Security and Firewalls B-10 What is a Firewall B-11 Stateful Packet Inspection B-11 Denial of Service
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 11
    Restarting the Network C-12 Appendix D Firewall Log Formats Action List ...D-1 Field List ...D-1 Outbound Log ...D-1 Inbound Log ...D-2 Other IP Traffic ...D-2 Router Operation ...D-3 Other Connections and Traffic to this Router D-4 DoS Attack/Scan ...D-4 Access Block Site ...D-6 All Web Sites and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 12
    for WPA E-16 Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged ...... E-16 Changes to Wireless Access Points E-17 Changes to Wireless Network Adapters E-17 Changes to Wireless Client Programs E-18 Appendix F Virtual Private Networking What is a VPN? ...F-1 What is IPSec and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 13
    Appendix H NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 Configuration Template H-1 Using DDNS and Fully Qualified Domain Names (FQDN H-2 Step-By-Step Configuration of FVS318 or FVM318 Gateway A H-3 Step-By-Step Configuration of FVS328 Gateway B H-7 Test the VPN Connection H-11
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 14
    xiv Contents 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 15
    written for the FWG114P v2 Wireless Firewall/Print Server according to these specifications: Table 1-2. Manual Scope Product Version Manual Publication Date ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 May 2005 Note: Product updates are available on the NETGEAR, Inc. Web site
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 16
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 How to Use This Manual The HTML version of this manual includes the following: • Buttons, and , for browsing forwards or backwards through the manual one page at a time •A button that displays the table
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 17
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 How to Print this Manual To print this manual you can choose one of the following several options, according to your needs. • Printing a Page in the HTML View. Each page in the HTML version of the manual is
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 18
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 1-4 About This Manual 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 19
    on time-of-day, Web site addresses and address keywords, and share high-speed cable/DSL Internet access for up to 253 personal computers. With minimum setup, you can install and use the router within minutes. The FWG114P v2 Wireless Firewall/Print Server provides the following features: • 802.11g
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 20
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Flash memory for firmware upgrade. • NAT off (classical routing). Full Routing on Both the Broadband and Serial Ports You can install, configure, and operate the FWG114P v2 to take full advantage of a variety
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 21
    networks or clients. Its VPN features include: • Support for up to 2 simultaneous VPN connections. • Support for industry standard VPN protocols. The ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 supports standard keying methods (Manual or IKE), standard authentication methods
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 22
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Logs security incidents. The FWG114P v2 will log security events, such as blocked incoming traffic, port scans, attacks, and administrator logins. You can configure the router to e-mail the log to you at
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 23
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Extensive Protocol Support The FWG114P v2 Wireless Firewall/Print Server supports the Transmission Control Protocol/ Internet Protocol (TCP/IP) and Routing Information Protocol (RIP). • The ability to enable or
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 24
    remote management access to a specified remote IP address or range of addresses, and you can choose a nonstandard port number. • Visual monitoring. The FWG114P v2 Wireless Firewall/Print Server's front panel LEDs provide an easy way to monitor its status and activity. • Regional support, including
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 25
    the following items: • ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2. • AC power adapter. • Category 5 (Cat 5) Ethernet cable. • FWG114P Installation Guide (201-10301-01). • Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P (SW-10023-03), including
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 26
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 2-1. Label POWER TEST PRINTER ACT ALERT LED Descriptions Activity On On Off Description Power is supplied to the firewall. The system is initializing. The system is ready and running. On Blinking On (
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 27
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 MODEM USB LO CA L 4 3 2 10/100M 1 IN TER N ET 12VDC, 1.0A Figure 1-2: FWG114P v2 Rear Panel Viewed from left to right, the rear panel contains the following features: • Wireless antenna. • DB-9 serial
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 28
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2-10 201-10301-02, May 2005 Introduction
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 29
    how to set up the router on your local area network (LAN) and connect to the Internet. You will find out how to configure your ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 for Internet access using the Setup Wizard, or how to manually configure your Internet connection. What
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 30
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 For the initial connection to the Internet and configuration of your router, you will need to connect a computer to the router that is set to automatically get its TCP/IP configuration from the router via DHCP.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 31
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Record Your Internet Connection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and password are case sensitive and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 32
    have your broadband Internet service settings handy. • The computer is configured to obtain an IP address automatically via DHCP. For instructions on how to do this, please see the Reference Manual on the Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P (SW-10023-03
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 33
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 c. Securely insert the Ethernet cable from your broadband modem into the Internet port (B) on the FWG114P v2. Internet Port MODEM USB BLOCAL 4 3 2 10/100M 1 IN TER N ET 12VDC, 1.0A Broadband modem
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 34
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. RESTART YOUR NETWORK IN THE CORRECT SEQUENCE Warning: Failure to restart your network in the correct sequence could prevent you from connecting to the Internet. a.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 35
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. LOG IN TO THE WIRELESS FIREWALL/PRINT SERVER a. From your PC, launch your Internet browser. Because you are not yet connected to the Internet, your browser will display a page not found message. b. Connect
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 36
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 d. After logging in to the router, you will see the login result page. Figure 3-7: Login Result page 3-8 Connecting the FWG114P v2 to the Internet 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 37
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 4. RUN THE SETUP WIZARD TO CONNECT TO THE INTERNET Figure 3-8: Setup Wizard a. You are now connected to the router. If you do not see the menu above, click the Setup Wizard link on the upper left of the main
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 38
    turned NAT off and are managing the IP addresses directly. For instructions on these configuration settings, please see the Reference Manual on the Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P (SW-10023-03). FWG114P v2 Setup Wizard Auto Detection There are two
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 39
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Fixed IP address assignment Next, the Setup Wizard will report which connection type it has discovered, and then display the appropriate configuration menu. If the Setup Wizard finds no connection, you will be
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 40
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Note: You will no longer need to launch the ISP's login program on your computer in order to access the Internet. When you start an Internet application, your firewall will automatically log you in. 3. The Idle
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 41
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Wizard-Detected Dynamic IP Account Setup If the Setup Wizard determines that your Internet service account uses Dynamic IP assignment, you will be directed to the menu shown in Figure 3-10 below: Figure 3-10:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 42
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 If your ISP allows access from only one specific computer's Ethernet MAC address, select "Use this MAC address." The firewall will then capture and use the MAC address of the computer that you are now using. You
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 43
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 1. Enter your assigned IP Address, Subnet Mask, and the IP Address of your ISP's gateway router. This information should have been provided to you by your ISP. You will need the configuration parameters from
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 44
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 3-12: Serial Internet Connection configuration menu c. Fill in the ISDN or analog ISP Internet configuration parameters as appropriate: • For a Dial-up Account, enter the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 45
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Note: You can validate modem string settings by first connecting the modem directly to a computer, establishing a connection to your ISP, and then copying the modem
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 46
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Manually Configuring Your Internet Connection You can manually configure your firewall using the menu below, or you can allow the Setup Wizard to determine your configuration as described in the previous
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 47
    NAT will reboot the router and reset all the FWG114P v2 configuration settings to the factory default. Disable NAT only if you plan to install the FWG114P v2 in a setting where you will be manually administering the IP address space on the LAN side of the router. 5. Internet IP Address: If your ISP
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 48
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 7. Router's MAC Address: This section determines the Ethernet MAC address that will be used by the firewall on the Internet port. Some ISPs will register the Ethernet MAC address of the network interface card in
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 49
    based on the physical placement of the FWG114P v2 Wireless Firewall/Print Server. The latency, data throughput performance, and notebook power consumption also vary depending on your configuration choices. For best results, place your wireless firewall/print server: • Near the center of the area in
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 50
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Implementing Appropriate Wireless Security Note: Indoors, computers can connect to wireless networks at ranges of 300 feet or more. Such distances allow others outside of your area to access your network.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 51
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • WPA/WPA2 with Radius or WPA/WPA2-PSK. Wi-Fi Protected Access (WPA and WPA2) data encryption provides data security. The very strong authentication along with dynamic per frame rekeying of WPA and WPA2 make it
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 52
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Wireless Network. The station name of the FWG114P v2. - Wireless Network Name (SSID). The SSID is also known as the wireless network name. Enter a value of up to 32 alphanumeric characters. In a setting where
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 53
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 To restrict access based on MAC addresses, click the Set up Access List button and update the MAC access control list. • Security Options - Disable: No data encryption is used. - WEP (Wired Equivalent Privacy):
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 54
    install the FWG114P v2 Wireless Firewall/Print Server, use the procedures below to customize any of the settings to better meet your networking needs. FEATURE SSID RF Channel Access Point SSID broadcast Wireless Card Access List for Access Point Connections WEP Security Authentication Type DEFAULT
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 55
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Before You Change the SSID and WEP Settings Take the following steps: For a new wireless network, print or copy this form and fill in the configuration parameters. For an existing wireless network, the person
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 56
    . The default SSID is NETGEAR. Note: The characters are case sensitive. An access point always functions in infrastructure mode. The SSID for any wireless device communicating with the access point must match the SSID configured in the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 57
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 7. Click Apply to save your changes. Note: If you are configuring the FWG114P v2 from a wireless computer and you change the wireless firewall/print server's SSID, channel, or security settings, you will lose
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 58
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 4. Click Add to open the Wireless Card Access Setup menu. You can select a device from the list of available wireless cards the FWG114P v2 has discovered in your area, or you can manually enter the MAC address
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 59
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-5: Wireless Settings menu (WEP) 3. Select WEP on the pulldown menu. The WEP options menu will open. 4. Choose the Authentication Type and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 60
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - WEP Keys: If using WEP, you can manually or automatically program the four data encryption keys. These values must be identical on all PCs and Access Points in your network. • Automatic Key Generation (
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 61
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-6: Wireless Settings menu (WPA with Radius) 3. Select WPA with Radius on the pulldown menu. The WPA with Radius menu will open.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 62
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Radius Port: Enter the port number used for connecting to the Radius Server. • Shared Key: Enter the desired value for the Shared Key. This must match the value used on the Radius server. • Radius Accounting:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 63
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-7: Wireless Settings menu (WPA2 with Radius) 3. Select WPA2 with Radius on the pulldown menu. The WPA2 with Radius menu will open.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 64
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Secondary Radius Server Name/IP Address: This field is optional. If you have a Secondary Radius Server on your LAN, enter its name or IP address here. • Radius Port: Enter the port number used for connecting
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 65
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-8: Wireless Settings menu (WPA and WPA2 with Radius) 3. Select WPA and WPA2 with Radius on the pulldown menu. The WPA and WPA2 with Radius
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 66
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Secondary Radius Server Name/IP Address: This field is optional. If you have a Secondary Radius Server on your LAN, enter its name or IP address here. • Radius Port: Enter the port number used for connecting
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 67
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-9: Wireless you can change the default value. 7. Click Apply to save your settings. Wireless Configuration 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 68
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 How to Configure WPA2-PSK Note: Not all wireless adapters support WPA2. Furthermore, client software is required on the client. Windows XP and Windows 2000 with Service Pack 3 do include the client software that
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 69
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 4. Select the desired Encryption method. For WPA2-PSK, the only option is AES. 5. Enter the pre-shared key in the Passphrase field. Enter a word or
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 70
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click Wireless Settings in the main menu of the FWG114P v2. Figure 4-11: Wireless Settings menu (WPA-PSK If desired, you can change the default value. 7. Click Apply to save your settings. 4-22 201-10301-02,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 71
    your broadband service. • Dial-in Dial-in lets a single remote computer connect to the FWG114P v2 through the serial port to gain access to LAN resources or a remote access server. • LAN-to-LAN LAN-to-LAN enables direct communications between two FWG114P v2 wireless firewall/ print servers to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 72
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Configuring a Serial Port Modem You can configure a serial port modem for any of the features described above. Be sure you have prepared the basic requirements listed below, then follow the 'how to' procedure.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 73
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - For dial-up, "Standard Modem" should work in most cases. Otherwise, select your modem from the list. - If your modem is not on the list,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 74
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 5-2: Auto-Rollover configuration menu 3. Configure the Auto-Rollover settings. 4. Click Apply for the changes to take effect. Configuring Dial-in on the Serial Port Dial-in lets a single remote computer
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 75
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Basic Requirements for Dial-in Dial-in requires these elements: 1. A broadband connection to the FWG114P v2. 2. An analog phone line. 3. A serial modem properly configured and attached to the DB9 connector on
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 76
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Configuring LAN-to-LAN Settings LAN-to-LAN enables direct communications between two FWG114P v2 wireless firewall/print servers. 6HULDO&RQQHFWLRQ )LUHZDOO$ )LUHZDOO% Á?aM?™a +Á.?wjËo 8‰ÁjjÄÄˉÁj
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 77
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 5-5: LAN-to-LAN configuration menu 3. Configure the LAN-to-LAN settings. Note: The LAN subnet address of each FWG114P v2 must be different. 4. Click Apply for the changes to take effect. Serial Port
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 78
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 5-8 Serial Port Configuration 201-10301-02, May 2005M-10207-01, Reference Manual v2
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 79
    The ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 provides you with Web content filtering options, plus browsing activity reporting and instant alerts via e-mail. Parents and network administrators can establish restricted access policies based on time-of-day, Web addresses, and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 80
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Web addresses • Web address keywords These options are discussed below. The Keyword Blocking menu is shown here. Figure 6-1: Block Sites menu To enable filtering, click the checkbox next to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 81
    will be identified by an IP address, you should configure that computer with a fixed or reserved IP address. Services and Rules Regulate Inbound and Outbound Traffic The ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 firewall lets you regulate what ports are available to the various
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 82
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The service numbers for many common protocols are defined by the Internet Engineering Task Force (IETF) and published in RFC1700, "Assigned Numbers." Service numbers for other applications are typically chosen
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 83
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 These default rules are shown in the Rules table of the Rules menu in Figure 6-2: Figure 6-2: Rules menu You can define additional rules that will specify exceptions to the default rules. By adding custom
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 84
    see how you combine Services and Rules to regulate how the TCP/IP protocols are used on your firewall to enable either blocking or allowing specific Internet traffic on your wireless firewall/print server. Inbound Rules (Port Forwarding) Because the FWG114P v2 uses Network Address Translation (NAT
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 85
    of the computer. Attempts by local computers to access the server using the external WAN IP address will fail. Remember that allowing inbound services opens holes in your FWG114P v2 Wireless Firewall/ Print Server. Only enable those ports that are necessary for your network. Following are two
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 86
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 This rule is shown in Figure 6-3. Example: Port Forwarding for Videoconferencing If you want to allow incoming videoconferencing to be initiated from a restricted range of outside IP addresses, such as from a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 87
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 6-5: Service example: port forwarding for VPN when NAT is Off In the example shown in Figure 6-5, UDP port 500 connections are defined as the IPSec service. Figure 6-6: Inbound rule example: VPN IPSec
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 88
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • IP address of the Internet site being contacted (destination address) • Time of day • Type of service being requested (service port number) Outbound Rule Example: Blocking Instant Messaging If you want to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 89
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu. For any traffic attempting to pass through the firewall, the packet information is subjected to the rules in
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 90
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Using a Schedule to Block or Allow Content or Traffic If you enabled content filtering in the Block Sites menu, or if you defined an outbound
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 91
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Note: Enter the values in 24 have finished configuring this menu. Setting the Time Zone The FWG114P v2 Wireless Firewall/Print Server uses the Network Time Protocol (NTP) to obtain the current time and date from
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 92
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 6-9: E-mail menu • Turn e-mail notification on. Select this check box if you want to receive e-mail logs and alerts from the router. • Send alerts and logs by e-mail. If you enable e-mail notification,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 93
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - If a Denial of Service attack is detected. - If a Port Scan is detected. - If a user on your LAN attempts to access address. After the log is sent, the log is cleared from the router's memory. If the router
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 94
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Viewing Logs of Web Access or Attempted Web Access The router will log security-related events, such as denied incoming and outgoing service requests, hacker probes, and administrator logins. If you enable
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 95
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Log IP packets which are not TCP, UDP, or ICMP) is logged. • Router operation (start up, get time, etc.) - If checked, Router operations, such as starting up and getting the time from the Internet Time Server
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 96
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Enable one of these three options, as required: • Disable - select this if you do not have a Syslog server. • Broadcast on LAN - the Syslog data is broadcast, rather than sent to a specific Syslog server. Use
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 97
    LAN IP address of the FWG114P v2. • For Windows 95/98/Me, NT4.0, 2000, and XP: Netgear Printer Port Driver - Install the Netgear Printer Port Driver on Each computer. - After installing the Print Port Driver from the Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 98
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 For Windows XP and 2000, Use TCP/IP LPR Printing Follow these instructions to set up TCP/IP printing on your Windows XP and 2000 PCs. Install the FWG114P v2, connect your printer to the USB port on the FWG114P
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 99
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Complete the Add Standard TCP/IP Printer Port Wizard. a. Click Next to proceed with the Add Standard TCP/IP Printer Port Wizard. The Add Port screen will display. b. From the Add Port screen, enter 192.168.0.1,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 100
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Identify the printer connected to FWG114P v2 USB printer port. a. From the Install Printer Software screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 101
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Note: If two long files are sent to the printer at once, Windows will pop up a print failure error message. This message can be ignored. The file will print once the printer finishes printing the first file.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 102
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 For Windows 95/98/Me, Use the Netgear Printer Port Driver Follow these instructions to set up the Netgear Printer Port Drive on Windows 9x PCs. Install the Netgear Printer Port Driver and configuration utility
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 103
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Set up the Netgear printer port driver. a. Click Finish when the Installation Wizard is done. The Printer Port Setup utility displays, and queries the network to locate the print server in the FWG114P v2. After
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 104
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Identify the printer connected to the FWG114P v2 USB printer port. a. From the Add Printer Wizard screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 105
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Print a test page to verify successful printing on your network. a. Upon completion of the Add Printer Wizard, print a test page. - From the Windows Start menu, select Setup > Printers. - Highlight the printer
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 106
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 6. In the LPR Printer Selection box, click Change... 7. In the Printer Address field, type the name or IP address of the FWG114P v2 Wireless Firewall/Print Server. The IP address will usually be 192.168.0.1. You
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 107
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 7-1: Print Port Configuration menu Items shown on this screen are as follows: • Port If desired, click Browse Device to select a different device. The Select Device Port button supports multi-port models
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 108
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Troubleshooting the Print Server Note: When the TCP/IP LPR configuration is used, if two long files are sent to the printer at once, Windows will pop up a print failure error message. This message can be ignored
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 109
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 c. For Network Path or Queue, enter a dummy value, such as \\123, as shown below. Select NO for "Do you print from MS-DOS-based programs?". d. Click Next. Figure 7-2: Windows Add Printer Wizard e. The printer
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 110
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 g. Right-click the new printer and select Properties. Then select the Details tab, as shown below. Figure 7-3: Windows Printer Properties h. Click the Add Port button. On the resulting screen, select Other,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 111
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 k. Click OK to return to the Printers folders, and right-click on the new printer. Make sure that the Work Offline option is NOT checked. l. From the printer Properties page, General tab, print a test page to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 112
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 7-16 201-10301-02, May 2005 Print Server
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 113
    features of the FWG114P v2 Wireless Firewall/Print Server. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer. The FWG114P v2 supports 2 VPN tunnels. Overview of FWG114P v2 Policy-Based VPN Configuration The FWG114P v2 uses state-of-the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 114
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Using Policies to Manage VPN Traffic You create policy definitions to manage VPN traffic on the FWG114P v2. There are two kinds of policies: • IKE Policies: Define the authentication scheme and automatically
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 115
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 IKE Policies' Automatic Key and Authentication Management Click the IKE Policies link from the VPN section of the main menu, and then click the Add button of the IKE Policies screen to display the IKE Policy
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 116
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The IKE Policy Access is selected, the "Exchange Mode" MUST be "Aggressive," and the 'Identities' below (both Local and Remote) MUST be "Name." On the matching VPN Policy, the IP address of the remote VPN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 117
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 8-1. IKE Policy Configuration Fields Field Description Remote These parameters apply to the target remote FWG114P v2, VPN gateway, or VPN client. Remote Identity Type Use this field to identify the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 118
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 VPN Policy Configuration for Auto Key Negotiation An already defined IKE policy is required for VPN - Auto Policy configuration. From the VPN Policies section of the main menu, you can navigate to the VPN - Auto
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 119
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The VPN Auto Policy fields are defined in the following table. Table 8-1. VPN Auto Policy Configuration Fields Field Description General These settings identify this policy and determine its major
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 120
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 8-1. VPN Auto Policy Configuration Fields Field Description Traffic Selector These settings determine if and when a VPN tunnel will be established. If network traffic meets all criteria, then a VPN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 121
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 8-1. VPN Auto Policy Configuration Fields : • MD5 is the default. • SHA1 is more secure. NETBIOS Enable Check this if you wish NETBIOS traffic to be forwarded over the VPN tunnel. The NETBIOS protocol
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 122
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 8-4: VPN - Manual Policy Menu 8-10 201-10301-02, May 2005 Virtual Private Networking
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 123
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The VPN Manual Policy fields are defined in the following table. Table 8-1. VPN Manual Policy Configuration Fields Field Description General These settings identify this policy and determine its major
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 124
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 8-1. VPN Manual Policy Configuration Fields Field Description SPI - Incoming Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN : • MD5 is the default. • SHA1 is more
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 125
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 8-1. VPN Manual Policy Configuration Fields Field Description Encryption Algorithm If you enable ESP Encryption, then select the Encryption Algorithm: • DES is the default be forwarded over the VPN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 126
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Using Digital Certificates for IKE Auto-Policy Authentication Digital certificates are strings generated using encryption and authentication schemes which cannot be duplicated by anyone without access to the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 127
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Walk-Through of Configuration Scenarios on the FWG114P v2 There are a variety of configurations you might implement with the FWG114P v2. The scenarios listed below illustrate typical configurations you might use
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 128
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 8-5: VPN Wizard Start Screen 2. Fill in the Connection Name, pre-shared key, and select the type of target end point, and click Next to proceed. Figure 8-6: Connection Name and Remote IP Type 8-16 201-
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 129
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. Fill in the IP Address or FQDN for the target VPN endpoint WAN connection and click Next. Figure 8-7: Remote IP 4. Identify the IP addresses at the target endpoint which can use this tunnel, and click Next.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 130
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 8-9: VPN Wizard Summary To view the VPNC recommended authentication and encryption Phase 1 and Phase 2 settings the VPN Wizard used, click the "here" link. 5. Click Done to complete the configuration
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 131
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 VPNC Scenario 1: Gateway to Gateway with Preshared Secrets The following is a typical gateway-to-gateway VPN that uses a preshared secret for authentication. 10.5.6.0/24 172.23.9.0/24 Gateway A Internet
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 132
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Scenario 1: FWG114P v2 to FWG114P v2 with Preshared Secrets Note: This scenario assumes all ports are open on the FWG114P v2. You can verify this by reviewing the security settings as seen in the "Rules menu" on
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 133
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 c. From the main menu Advanced section, click on the LAN IP Setup link. Figure 8-13: LAN IP configuration menu d. Configure the LAN IP address according to the settings above and click Apply to save your
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 134
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. Set up the IKE Policy illustrated below on the FWG114P v2. a. From the main menu VPN section, click on the IKE Policies link, and then click the Add button to display the screen below. Figure 8-14: Scenario
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 135
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 4. Set up the FWG114P v2 VPN -Auto Policy illustrated below. a. From the main menu VPN section, click on the VPN Policies link, and then click on the Add Auto Policy button. WAN IP address LAN IP addresses
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 136
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 How to Check VPN Connections You can test connectivity and view VPN status information on the FWG114P v2. 1. To test connectivity between the Gateway A FWG114P v2 LAN and the Gateway B LAN, follow these steps:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 137
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 VPNC Scenario 2: Gateway-to-Gateway with Certificates The following is a typical gateway-to-gateway VPN address 22.23.24.25. Gateway B's LAN interface address 1024 bits) • Perfect forward secrecy for rekeying •
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 138
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Selectors for all IP protocols, all ports, between 10.5.6.0/24 and 172.23.9.0/24, using IPv4 subnets Scenario 2: FWG114P v2 to FWG114P v2 with Certificates The following is a typical gateway-to-gateway VPN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 139
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 b. Click the Generate Request button to display the screen illustrated in Figure 8-17 below. . FWG114P Optional - IP Address. If you use "IP type" in the IKE policy, you should input the IP Address here.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 140
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - E-mail Address. You can enter your e-mail address here. d. Click the Next button to continue. The FWG114P v2 generates a Self Certificate Request as shown below. Highlight, copy and paste this data into a text
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 141
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 c. When you have finished gathering the Self Certificate Request data, click the Done button. You will return to the Certificates screen where your pending "FWG114P v2 From the main menu VPN section, click on the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 142
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 f. You will now see the "FWG114P v2" entry in the Active Self Certificates table and the pending "FWG114P v2" Self Certificate Request is gone, as illustrated below. FWG1 Figure 8-20: Self Certificates table 7.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 143
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Now, the traffic from devices within the range of the LAN subnet addresses on FWG114P v2 allowed to use the VPN tunnels managed by IKE policies which use this CA. Note: You must update the CRLs regularly in
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 144
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Netgear VPN Client to FWG114P v2 Follow these procedures to configure a VPN tunnel from a NETGEAR ProSafe VPN Client to an FWG114P v2. This case study follows the Virtual Private Network Consortium (VPNC)
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 145
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 /$1,3  1HWZRUN$GGUHVVHV *DWHZD\ Á?aM?™a +Á.?wjËo 8‰ÁjjÄÄˉÁj jÁÜjÁ 3:5 $&7 7(67 $/(57 02).4%2 $&7 $/(57 -/$%-   /1.$&7 ).4%2.%4   ,/#!, #  8¤¤|+   /1.$&7 7,!.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 146
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click IKE Policies under the VPN menu and click Add on the IKE Policies Menu. Figure 8-23: NETGEAR FWG114P v2 IKE Policy Configuration - Enter a descriptive name for the policy in the Policy Name field.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 147
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - From the Remote Identity drop-down box, select Fully Qualified Domain Name. - Type VPNclient in the Remote Identity Data. This will also be entered in the VPN Client My Identity ID Type fields, as seen in "My
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 148
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. Click the VPN Policies link under the VPN category on the left side of the main menu. This will take you to the VPN Policies Menu page. Click Add Auto Policy. This will open a new screen titled VPN - Auto
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 149
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - From the Remote VPN Endpoint Address Type drop-down box, select IP Address. - Type 0.0.0.0 as the Address Data of the client because we are assuming the remote PC will have a dynamically assigned IP address.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 150
    the Netgear VPN Client Note: The Netgear ProSafe VPN Client has the ability to "Import" a predefined configuration profile. The FWG114P V2.SPD file on the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 151
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 1. Install the Netgear VPN Client Software on the PC. Note: Before installing the Netgear VPN Client software, be sure to turn off any virus protection or firewall software you may be running on your PC. • You
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 152
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Note: If the configuration settings on this screen are not available for editing, go to the Options menu, select Secure, and Specified Options to enable
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 153
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 b. Click Pre-Shared Key. In this example, the Select Phase 1 Negotiation Mode menu, select Aggressive Mode. - Select the Enable Perfect Forward Secrecy (PFS) check box. - In the PFS Key Group drop-down list,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 154
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 5. Configure the Connection Security Policy In this step, you will provide the authentication (IKE Phase 1) settings, and the key exchange (Phase 2) settings. The setting choices
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 155
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 8-32: Connection Security Policy Key Exchange (Phase 2) b. Configure the Key Exchange (Phase 2). • Expand the Key Exchange (Phase 2) heading, and click on Proposal 1. • For this
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 156
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 6. Configure the Global Policy Settings. the VPN client information, your PC will automatically open the VPN connection when you attempt to access any IP addresses in the range of the remote VPN router's LAN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 157
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Testing the VPN Connection You can test the VPN connection in several ways: • From the client PC to the FWG114P v2 • From the FWG114P v2 to the client PC These procedures are explained below. Note: Virus
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 158
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 To test the connection to a computer connected to the FWG114P v2, simply ping the IP address of that computer. Once connected, you can open a browser on the remote PC and enter the LAN IP Address of the FWG114P
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 159
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 A sample Connection Monitor screen for a different connection is shown below: Figure 8-35: Connection Monitor screen In this example the following connection options apply: • The FWG114P v2 has a public IP WAN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 160
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The FWG114P v2 VPN Status screen for a successful connection is shown below: Figure 8-36: FWG114P v2 VPN Status screen 8-48 201-10301-02, May 2005 Virtual Private Networking
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 161
    how to use the maintenance features of your ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2. These features are accessed via the Main Menu Maintenance heading. Viewing Wireless Firewall/Print Server Status Information The Router Status menu provides status and usage information. From
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 162
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 9-1: Router Status screen The Router Status screen shows the following parameters: Table 9-1. Status Fields Field System Name Firmware Version Description The System Name assigned to the router. The
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 163
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 9-1. Status Fields Field Printer Status WAN Port MAC Address IP Address DHCP IP Subnet Mask Domain Name Server LAN Port MAC Address IP Address DHCP IP Subnet Mask Wireless Port Name (SSID) Region
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 164
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 9-1. Status Fields Field Modem Dial-In Internet Access Lan-to-LAN Description The status of the modem port. The status of the Dial-In port. The status of the serial Internet connection. The status of
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 165
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Log action buttons are described in Table 9-2. Table 9-2. Field Renew Connection Status action buttons Description Click the Renew button to renew the DHCP lease. Click "Show Statistics" to display router
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 166
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 9-1. Router Statistics Fields (continued) Field Serial Up Time Poll Interval Description The time elapsed since this port acquired the link. Specifies the intervals at which the statistics are updated
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 167
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Upgrading the Router Software The routing software of the FWG114P v2 Wireless Firewall/Print Server is stored in FLASH memory, and can be upgraded as new software is released by NETGEAR. Upgrade files can be
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 168
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 From the Main Menu of the browser interface, Settings Backup menu allow you to save and retrieve a file containing your router's configuration settings. To save your settings, click Backup. Your browser will extract
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 169
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Erasing the Configuration It is sometimes desirable to restore the router to a known blank condition. This can be done by using the Erase function, which will restore all factory settings. After an erase, the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 170
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 9-10 201-10301-02, May 2005 Maintenance
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 171
    ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2. These features can be found under the Advanced heading in the Main Menu of the browser interface. Using the WAN Setup Options The first feature category under the Advanced heading is WAN Setup. This menu allows configuration of a DMZ
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 172
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Normally, this option is Enabled, so that an Internet connection will be made automatically whenever Internet-bound traffic is detected. In locations where Internet access is billed by the minute, if this causes
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 173
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Setting the MTU Size The default service, which will allow you to register your domain to their IP address, and will forward traffic directed to your domain to your frequently-changing IP address. The router
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 174
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. Access the website of one of the dynamic DNS service providers whose names appear in the 'Select Service Provider' box, and register for an account. For example, for dyndns.org, go to www.dyndns.org. 4.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 175
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services, such as DHCP and RIP. From the Main Menu of the browser
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 176
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 These addresses are part of the IETF-designated private address range for use in private networks, and should be suitable in most applications. If your network has a requirement to use a different IP addressing
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 177
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 178
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. Type the MAC Address of the computer or server. (Tip: If the computer is already present on your network, you can copy its MAC address from the Attached Devices menu and paste it here.) 4. Click Apply to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 179
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure 10-3. Static Route Entry and Edit Menu 2. Type a route name for this static route in the Route Name box. (This is for identification purpose
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 180
    Access Using the Remote Management page, you can allow a user or users on the Internet to configure, upgrade and check the status of your FWG114P v2 Wireless Firewall/Print Server. Note: Be sure to change the router's default configuration password to a very secure password. The ideal password
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 181
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 b. To allow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and ending IP address to define the allowed range. c. To allow access from a single IP address on the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 182
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Turn UPnP On: UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is enabled. If disabled, the router will not allow any device to automatically control the resources
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 183
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 These settings normally do not need to be changed. • WMM support WMM (Wireless Multimedia) is a subset of the 802.11e standard. WMM allows wireless traffic to have a range of priorities, depending on the kind of
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 184
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 10-14 201-10301-02, May 2005 Advanced Configuration
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 185
    chapter gives information about troubleshooting your ProSafe Wireless 802.11g Firewall/ Print Server Model FWG114P v2. After each problem description, instructions are provided to help you diagnose and solve the problem. Basic Functioning After you turn on power to the router, the following sequence
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 186
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 LEDs Never Turn Off When the router is turned on, the LEDs turns on for about 10 seconds and then turns off. If all the LEDs stay on, there is a fault within the router. If all LEDs are still on one minute after
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 187
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Troubleshooting the Web Configuration Interface If you are unable to access the router's Web Configuration interface from a computer on your local network, check the following: • Check the Ethernet connection
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 188
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Troubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a WAN IP address from the ISP. Unless you have been assigned a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 189
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 OR Configure your router to spoof your computer's MAC address. This can be done in the Basic Settings menu. Refer to "Manually Configuring Your Internet Connection" on page 3-18. If your router can obtain an IP
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 190
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message: Request timed out If the path is not functioning correctly, you could have one of the following problems:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 191
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - Your ISP could be rejecting the Ethernet MAC addresses of all but one of your PCs. Many broadband ISPs restrict access by only allowing traffic from the MAC address of your broadband modem, but some ISPs
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 192
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 11-8 201-10301-02, May 2005 Troubleshooting
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 193
    for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2. Network Protocol and Standards Compatibility Data and Routing Protocols: TCP/IP, RIP-1, RIP-2, DHCP PPP over Ethernet (PPPoE) VPN Protocols: IPSec, SHA-1, MD5, DES, 3DES, ESP, DH1, DH2 Tunnels: Power Adapter 2 IPSec
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 194
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Electromagnetic Emissions For North America and Australia For Japan For Europe Interface Specifications LAN: WAN: Printer: Serial: Wireless Data Encoding: FCC Part 15 Class B VCCI Class B EN 300 328, EN 301
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 195
    IP networks, routing, and firewalls expense, Internet access is usually router chooses the best path for forwarding network traffic. Routers vary in performance and scale, number of routing protocols supported, and types of physical WAN connection they support. Networks, Routing, and Firewall
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 196
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Routing Information Protocol One of the protocols used by a router to build and maintain a picture of the network is the Routing Information Protocol (RIP). Using RIP, routers periodically update one another and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 197
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Class A Network Class B Node Network Class C Node Network Node Figure 11-1: Three Main Address Classes The five address classes are: • Class A Class A addresses can have up to 16,777,214 hosts on a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 198
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 This addressing structure allows IP addresses to uniquely identify each physical network and each node on each physical network. For each unique value of the network portion of the address, the base address of
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 199
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Subnet addressing allows us to split one IP network address into smaller multiple physical networks known as subnetworks. Some of the node numbers are used as a subnet number instead. A Class B address gives us
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 200
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The following table lists the additional subnet mask bits in dotted-decimal notation. To /8 /16 /24 /25 /26 /27 /28 /29 /30 /31 /32 B-6 Networks, Routing, and Firewall Basics 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 201
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 NETGEAR strongly recommends that you configure all hosts on a LAN segment to use the same netmask for the following reasons: • So that hosts recognize local IP broadcast packets. When a device broadcasts to its
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 202
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The router accomplishes this address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Internet. The internal LAN IP addresses can be either private
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 203
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 MAC Addresses and Address Resolution Protocol An IP address alone cannot be used to deliver data from one LAN device to another. To send data between LAN devices, you must convert the IP address of the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 204
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 When a PC accesses a resource by its descriptive name, it first contacts a DNS server to obtain the IP address of the resource. The PC sends the desired message using the IP address. Many large organizations,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 205
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 What is a Firewall? A firewall is a device that protects one network from another, while allowing communication between the two. A firewall incorporates the functions of the NAT router, while adding features for
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 206
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 . Table B-1. UTP Ethernet cable wiring, straight-through Pin Wire cm) of untwist in the wire pair is allowed at any termination point. A twisted pair Ethernet network operating at 10 Mbits/second (10BASE-T)
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 207
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Inside Twisted Pair Cables For two devices Computers and workstation adapter cards are usually media-dependent interface ports, called MDI or uplink ports. Most repeaters and switch ports are configured as media
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 208
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure B-3: Category 5 UTP mechanisms. Most hubs provide an Uplink switch which will exchange the pairs on one port, allowing that port to be connected to another hub using a normal Ethernet cable. The second
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 209
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The FWG114P v2 Wireless Firewall/Print Server incorporates Auto UplinkTM technology (also called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable plugged into the port
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 210
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 B-16 Networks, Routing, and Firewall Basics 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 211
    Wireless 802.11g Firewall/Print Server Model FWG114P v2 and how to verify the readiness of broadband Internet service from an Internet service provider (ISP). Note: If an ISP technician configured your computer during the installation of a broadband modem, or if you configured it using instructions
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 212
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 In your IP network, each PC and the firewall must be assigned unique IP addresses. Each PC must also have certain other IP configuration information, such as a subnet mask (netmask), a domain name server (DNS)
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 213
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 214
    internal DHCP server of the FWG114P v2 Wireless Firewall/Print Server. To use DHCP with the recommended default addresses, follow these steps: 1. Connect all computers to the firewall, then restart the firewall and allow it to boot. 2. On each attached PC, open the Network control panel (refer to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 215
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 5. Uncheck all boxes in the LAN Internet Configuration screen and click Next. 6. Proceed to the end of the Wizard. Verifying TCP/IP Properties After your PC is configured and has rebooted, you can check the TCP/
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 216
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 5. Verify that 'Client for Microsoft Networks' and 'Internet Protocol (TCP/IP)' are present. If not, select Install and add them. 6. Select 'Internet Protocol (TCP/IP)', click Properties, and verify that "Obtain
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 217
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The TCP/IP Control Panel opens: 2. From the "Connect via" box, select your Macintosh's Ethernet interface. 3. From the "Configure" box, select Using DHCP Server. You can leave the DHCP Client ID box empty. 4.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 218
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Verifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel. From the Apple menu,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 219
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Verifying the Readiness of Your Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable modem
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 220
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • An IP address and subnet mask • A gateway IP address, which is the address of the ISP's router • One or more domain name server (DNS) IP addresses • Host name and domain suffix For example, your account's
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 221
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 If an IP address appears under Installed Gateways, write down the address. This is the ISP's gateway address. Select the address and then click Remove to remove the gateway address. 6. Select the DNS
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 222
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Restarting the Network Once you have set up your computers to work with the firewall, you must reset the network for the devices to be able to communicate correctly. Restart any computer that is connected to the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 223
    prior to being forwarded and/or replied to. : Log's date and time : Event is that access the device or access other host via the device : Packet type pass Firewall : IP address in the packet : Port in the packet
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 224
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The format is: [Fri, 2003-12-05 22:19:42] - UDP Packet - Source:172.31.12.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 225
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The format is: < = "VPN Packet" PKT_TYPE = "GRE", "AH", "ESP", "IP packet [Type Field: Num]", "IPSEC" ACTION = "Forward", "Drop" Router Operation Operations that the router initiates are
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 226
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Other Connections and Traffic to this Router The format Destination: 10.10.10.4,1765 LAN - [Receive] [Fri, 2003-12-05 22:07:11] - IP Packet [Type Field:8], from 20.97.173.18 to 172.31.12.157 - [Drop] Notes:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 227
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 30] - IP Packet - Source:227.113.223 Destination:192.168.0.1,20[FTP Data] ,WAN [Reset] - [SYN Flood] [Fri, 2003-12 Forward] Notes: PKT_TYPE = "TCP", "UDP", "ICMP", "Proto: Number" Firewall Log Formats D-5 201-10301-02,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 228
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Access Block Site If keyword blocking is enabled and a keyword is specified, attempts to access a site whose URL contains a specified keyword are logged. The format is <
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 229
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The format is: [Fri, 2003-12-05 21:07:43] - Administrator login successful - IP:192.168.0.10 [Fri, 2003-12-05 21:09:
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 230
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 D-8 Firewall Log Formats 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 231
    Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11b and 802.11g standards for wireless LANs (WLANs). On an 802.11b or
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 232
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 233
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Shared Key. With Shared Key authentication, only those PCs that possess the correct authentication key can join the network. By default, IEEE 802.11 wireless devices operate in an Open System network. Wired
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 234
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. The access point authenticates the station. 3. The station associates with the access point and joins the network. This process is illustrated below. 2SHQ6\VWHP $XWKHQWLFDWLRQ6WHSV 
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 235
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 6KDUHG.H XWKHQWLFDWLRQ6WHSV 
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 236
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Key Size The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit. The 64-bit WEP data encryption method allows for a five-character (40-bit) input. Additionally,
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 237
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 WEP Configuration Options The WEP settings must match on all 802.11 devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between access points
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 238
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table E-2: 802.11b/g Radio Frequency Channels necessary, as these three channels do not overlap. WPA Wireless Security Wi-Fi Protected Access (WPA) is a specification of standards-based, interoperable
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 239
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 WPA offers the following benefits: • Enhanced data Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 240
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 How Does WPA Compare to IEEE 802.11i? WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 241
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 242
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 WPA Authentication: Enterprise-level User Authentication via 802.1x/EAP and RADIUS Wireless LAN WPA enabled wireless client with "supplicant" WPA enabled Access Point using pre-shared key or 802.1x Figure
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 243
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Client with a WPAenabled wireless adapter and supplicant (Win XP, Funk, Meetinghouse) For example, a WPA-enabled AP For example, a RADIUS server 1 2 3 4 6 5 7 Figure E-4: 802.1x Authentication Sequence
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 244
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 3. The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 245
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Temporal Key Integrity Protocol (TKIP) WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 246
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Is WPA Perfect? WPA is not without its vulnerabilities. Specifically, it is susceptible to denial of service (DoS) attacks. If the access point receives two data packets that fail the message integrity code (MIC
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 247
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Changes to Wireless Access Points Wireless access points must have their firmware updated to support the following: • The new WPA information element To advertise their support of WPA, wireless APs send the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 248
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Microsoft has worked with many wireless vendors to embed the WPA firmware update in the wireless adapter driver. So, to update your Microsoft Windows wireless client, all you have to do is obtain the new WPA-
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 249
    Service, network performance, and inexpensive technologies, such as DSL. But one of the most important advances has been in Virtual Private Networking (VPN intended recipient has access. The term VPN was originally used to describe a secure connection over the Internet. Today, however, VPN is also
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 250
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • Remote Access: Remote access enables telecommuters and mobile workers to access e-mail and business applications. A dial-up connection to an organization's modem pool is one method of access for remote workers
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 251
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • the intended receiver. ESP also provides all encryption services in IPSec. Encryption translates a readable message for the payload and not for the IP header. Figure F-1: Original packet and packet
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 252
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 The ESP header is inserted into the packet between the IP IP HDR represents the IP header and includes both source and destination IP addresses secure VPNs, as well as define SAs within the VPN to support
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 253
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Mode SAs operate using modes. A mode is The IP header is not changed. After the packet is processed with IPSec, the new IP packet contains the old IP header (with the source and destination IP addresses
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 254
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Key Management IPSec uses the Internet Key Exchange (IKE) protocol to facilitate and automate the SA setup and the exchange of keys between parties transferring data. Using keys ensures that only the sender and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 255
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 VPN Process Overview Even though IPSec is standards-based, each vendor has its own set of terms and procedures for implementing the standard. Because of these
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 256
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Table 5-3. WAN (Internet/Public) and LAN (Internal/Private) Addressing Gateway Gateway A Gateway A Gateway B Gateway B LAN or WAN LAN (Private) WAN (Public) LAN (Private) WAN (Public) VPNC Example Address
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 257
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 A B Figure F-5: VPN Tunnel SA The SA contains all the information necessary for gateway A to negotiate a secure and encrypted communication stream with gateway B. This communication is often referred to as a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 258
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. IKE Phase I. a. The two and exchanged, the IPSec SAs are ready to protect user data between the two VPN gateways. 4. Data transfer. Data is transferred between IPSec peers based on the IPSec parameters
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 259
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 VPNC IKE Phase II Parameters The IKE Phase 2 parameters used in Scenario 1 are: • TripleDES • SHA-1 • ESP tunnel mode • MODP group 1 • Perfect forward secrecy for rekeying • SA lifetime of 28800
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 260
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 • [RFC 791] Internet Protocol The Internet IP Security Domain of Interpretation for ISAKMP, November 1998. • [RFC 2474] K. Nichols, S. Blake, F. Baker, D. Black, Definition of the Differentiated Services Field (
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 261
    -Gateway A FVS318 firmware version A1.4 or 2.0; FVM318 firmware version 1.1 NETGEAR-Gateway B FWG114P with firmware version 2 Release 2 IP Addressing: NETGEAR-Gateway A Static IP address NETGEAR-Gateway B Static IP address NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 G-1 201-10301
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 262
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 10.5.6.0/24 VPNC Example Network Interface Addressing 172.23.9.0/24 LAN IP 10.5.6.1 Gateway A 14.15.16.17 WAN IP 22.23.24.25 WAN IP Gateway B LAN IP 172.23.9.1 Figure G-1: Addressing and Subnet Used
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 263
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 2. Click the VPN Settings link on the left side of the Settings management GUI. Click the radio button of the first available VPN leg (all 8 links are available in the example). Click the Edit button below. This
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 264
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - Choose a subnet from local address from the "Tunnel can access" pull-down menu. - Type the starting LAN IP Address of Gateway B (172.23.9.1 in our example) in the Local IP Remote LAN Start IP Address field. -
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 265
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Step-By-Step Configuration of FWG114P Gateway B 1. Log in to the NETGEAR FVS328 labeled Gateway B as in the illustration. Out of the box, the FVS328 is set for its default LAN address of http://192.168.0.1, with
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 266
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure G-6: NETGEAR FVS328 IKE Policy Configuration - Part 2 - From the Encryption Algorithm drop-down box, select 3DES. - From the Authentication Algorithm drop-down box, select MD5. - From the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 267
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure G-8: NETGEAR FVS328 VPN - Auto Policy (part 1) - Enter a unique name to identify this policy. This name is not supplied to the remote VPN endpoint. In our example we have used to318 as the Policy Name.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 268
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - Type the LAN Subnet Mask of Gateway B (255.255.255.0 in our example) in the Local IP Subnet Mask field. Figure G-9: NETGEAR FWG114P v2 VPN - Auto Policy (part 2) - From the Traffic Selector Remote IP drop-
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 269
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure G-10: NETGEAR FWG114P v2 VPN Policies Menu (Post Configuration) 6. When the screen returns to the VPN Policies, make sure the Enable check box is selected. Click the Apply button. Test the VPN Connection
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 270
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 G-10 NETGEAR VPN Configuration FVS318 or FVM318 to FWG114P v2 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 271
    to FVS328 This appendix provides a case study on how to configure a VPN tunnel between a NETGEAR FVS318 or FVM318 to a FWG114P v2 using a Fully Qualified Domain Name (FQDN) to resolve the public address of one or both routers. The configurations screens and settings for the FVS318 and FVM318 are
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 272
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 10.5.6.0/24 VPNC Example Network Interface Addressing 172.23.9.0/24 LAN IP 10.5.6.1 Gateway A WAN IP FQDN netgear.dydns.org WAN IP 22.23.24.25 Gateway B LAN IP 172.23.9.1 Figure H-1: Addressing and
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 273
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 DynDNS service. Gateway B will use the DDNS Service Provider when establishing a VPN tunnel. In order to establish VPN connectivity Gateway A must be configured to use Dynamic DNS, and Gateway B must be
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 274
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 4. Select the Use a dynamic DNS service radio button for the service you are using. In this example we are using www.DynDNS.org as the service provider. - Type the Host Name that your dynamic DNS service
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 275
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure H-4: NETGEAR FVS318 VPN Settings (part 1) - Main Mode - In the Connection Name box, enter in a unique name for the VPN tunnel to be configured between the NETGEAR devices. For this example we have used
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 276
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 - Type the finishing LAN IP Address of Gateway B (0.0.0.0 in our example) in the Local IP Remote LAN Finish IP Address field. - Type the LAN Subnet Mask of Gateway B (255.255.255.0 in our example) in the Remote
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 277
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Step-By-Step Configuration of FVS328 Gateway B 1. Log in to the NETGEAR FVS328, labeled Gateway B in the illustration. Out of the box, the FVS328 is set for its default LAN address of http://192.168.0.1, with
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 278
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure H-7: NETGEAR FVS328 IKE Policy NETGEAR FWG114P v2 IKE Policies (Post Configuration) The FVS318 IKE Policy is now displayed in the IKE Policies page. 4. Click the VPN Policies link under the VPN
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 279
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure H-9: NETGEAR FVS328 VPN - Auto Policy (part 1) - Enter a unique name to identify this policy. This name is not supplied to the remote VPN endpoint. In our example we have used to318 as the Policy Name.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 280
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure H-10: NETGEAR FVS328 VPN - Auto Policy (part 2) - From the Traffic Selector Remote IP drop-down box, select Subnet address. - Type the starting LAN IP Address of Gateway A (10.5.6.1 in our example) in
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 281
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Figure H-11: NETGEAR FVS328 VPN Policies Menu (Post Configuration) 6. When the screen returns to the VPN Policies, make sure the Enable check box is selected. Click the Apply button. Test the VPN Connection 1.
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 282
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 H-12 NETGEAR VPN Configuration FVS318 or FVM318 with FQDN to FVS328 201-10301-02, May 2005
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 283
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Glossary Use the list below to find definitions for technical terms used in this manual. 802.11 Standard 802.11, or IEEE 802.11, is a type of radio technology used for wireless will allow access points to
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 284
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 802.11e Standard 802.11e is a proposed IEEE standard to define quality of service (QoS) mechanisms for wireless gear that gives support to bandwidth-sensitive applications such as voice and video. 802.11g
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 285
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 A bridge connects devices that all use the same kind of protocol. A router can connect networks that use differing protocols. It also reads the addresses included in the packets and routes them to the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 286
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 ISA bus Wi-Fi radios. Client devices usually communicate with hub devices like access points and gateways. Collision avoidance A network node characteristic for proactively detecting that it can transmit a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 287
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 DNS (Domain Name System) A program that translates URLs to IP addresses by accessing a database maintained on a collection of Internet servers. The program works behind the scenes to facilitate surfing the Web
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 288
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Gateway In the wireless world, a gateway is an access point with additional software capabilities such as providing NAT and DHCP. Gateways may also provide VPN support, roaming, firewalls, various levels of
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 289
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 IP (Internet Protocol) address A 32-bit number that identifies each sender or receiver of information that is sent across the Internet. An IP address has two parts: an identifier of a particular network on the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 290
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 In a wireless mesh example, each of the spheres below represent a mesh router. Corporate servers and printers may be shared by attaching to each mesh router. For wireless access to the mesh, an access point
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 291
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 PHY defines parameters such as data rates, modulation method, signaling parameters, transmitter/receiver synchronization, etc. Within an actual radio implementation, the PHY corresponds to the
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 292
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Satellite broadband A wireless high-speed Internet connection provided by satellites. Some satellite broadband connections are two-way-up and down. Others are one-way, with the satellite providing a
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 293
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 For example, when a web page is downloaded from a web server, the TCP program layer in that server divides the file into packets, numbers the packets, and then forwards them individually to the IP program layer
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 294
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 node equipped with WEP. Warchalkers also draw identifiers above the symbols to indicate the password that can be used to access the node, which can easily be obtained with sniffer software. As a recent
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 295
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 with the benefit of easier administration and use. This is similar to 802.1x support and requires a RADIUS server in order to implement. The Wi-Fi Alliance will call this, 'WPA-Enterprise.' One variation of WPA
  • Netgear FWG114Pv2 | FWG114Pv2 Reference Manual - Page 296
    Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2 Wi-Fi Protected Access in "Mixed Mode" Deployment In a large network with many clients, a likely scenario is that access points will be upgraded before all the Wi-Fi clients. Some access points may operate in a
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
201-10301-02, May 2005
201-10301-02
May 2005
NETGEAR
, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
Reference Manual for the
ProSafe Wireless 802.11g
Firewall/Print Server
Model FWG114P v2