Home » Netgear Manuals » Wireless » Netgear SRXN3205 » Manual Viewer

Netgear SRXN3205 SRXN3205 Reference Manual - Page 101

E-Mail Notifications of Event Logs and Alerts, Administrator Tips, Firewall Logs & E-mail

UPC - 606449057461

Add to My Manuals
Save this manual to your list of manuals

Page 101 highlights

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - Protocol: Indicates the network protocol (i.e. HTTP, FTP, etc.) used by the device to connect to the VPN firewall. - Int. Port (Internal Port): Indicates if any internal ports are opened by the UPnP device. - Ext. Port (External Port): Indicates if any external ports are opened by the UPnP device. - IP Address: List the IP address of the UPnP device accessing the VPN firewall. E-Mail Notifications of Event Logs and Alerts The Firewall Logs can be configured to log and then e-mail denial of access, general attack information, and other information to a specified e-mail address. For example, your VPN firewall will log security-related events such as: accepted and dropped packets on different segments of your LAN; denied incoming and outgoing service requests; hacker probes and login attempts; and other general information based on the settings you input on the Firewall Logs & E-mail menu. In addition, if you have set up Content Filtering on the Block Sites screen (see "Setting Block Sites (Content Filtering)" on page 5-18), a log will be generated when someone on your network tries to access a blocked site. To configure e-mail or syslog notification, or to view the logs, see "Activating Notification of Events and Alerts" on page 11-3. Administrator Tips Consider the following operational items: 1. As an option, you can enable remote management if you have to manage distant sites from a central location (see "Enabling Remote Management Access" on page 9-10). 2. Although rules are the basic way of managing the traffic through your system (see "Using Rules & Services to Block or Allow Traffic" on page 5-2), you can further refine your control with the following optional features of the firewall: • Groups and hosts (see "Managing Groups and Hosts (LAN Groups)" on page 3-4) • Services (see "Services-Based Rules" on page 5-2) • Schedules (see "Setting Schedules to Block or Allow Traffic" on page 5-17) • Block sites (see "Setting Block Sites (Content Filtering)" on page 5-18) • Source MAC filtering (see "Enabling Source MAC Filtering (Address Filter)" on page 5- 20) • Port triggering (see "Enabling Port Triggering" on page 5-23) Firewall Security and Content Filtering v1.0, October 2008 5-27

Section	Page
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual	1
Contents	7
About This Manual	13
Conventions, Formats, and Scope	13
How to Use This Manual	14
How to Print this Manual	14
Revision History	15
Chapter 1 Introduction	17
Key Firewall Features	17
A Powerful, True Firewall with Content Filtering	18
Autosensing Ethernet Connections with Auto Uplink	18
Extensive Protocol Support	19
Advanced VPN Support for Both IPsec and SSL	19
Wireless Networking Features	20
Easy Installation and Management	21
System Requirements	21
Package Contents	22
Front Panel Features	22
Rear Panel Features	24
Default IP Address, Login Name, and Password Location	25
Qualified Web Browsers	25
Chapter 2 Connecting to the Internet (WAN)	27
Understanding the Connection Steps	27
Logging into the VPN Firewall	28
Navigating the Menus	29
Configuring the Internet Connection (WAN)	29
Automatically Detecting and Connecting	29
Manually Configuring the Internet Connection	32
Configuring the WAN Mode	36
Configuring Dynamic DNS	37
Configuring the Advanced WAN Options (Optional)	38
Additional WAN Related Configuration	40
Chapter 3 LAN Configuration	41
Configuring the LAN Setup Options	41
Using the VPN Firewall as a DHCP Server	43
Configuring DHCP Address Reservation	44
Managing Groups and Hosts (LAN Groups)	44
Viewing the LAN Groups Database	45
Adding Devices to the LAN Groups Database	46
Changing Group Names in the LAN Groups Database	47
Configuring Multi Home LAN IP Addresses	48
Configuring Static Routes	50
Configuring Routing Information Protocol (RIP)	51
Chapter 4 Wireless Configuration	55
Wireless Equipment Placement and Range Guidelines	56
Understanding SRXN3205 Wireless Security Options	56
Basic Wireless Setup (No Security)	58
Completing Wireless Setup (No Security)	59
Configuring 802.11b/g/n Wireless Settings	59
Testing Wireless Connectivity (No Security)	60
Wireless Security Types and Settings	62
SSID and WEP/WPA Settings Setup Form	63
Configuring WEP	65
Configuring WPA-PSK	66
Configuring WPA2-PSK	66
Configuring WPA-PSK and WPA2-PSK	67
Configuring WPA with RADIUS	67
Verifying Wireless Connectivity (Security)	70
Deploying the firewall	70
Advanced Wireless Settings	71
Configuring Advanced Wireless Settings	71
Restricting Wireless Access by MAC Address	72
Chapter 5 Firewall Security and Content Filtering	75
About Firewall Security and Content Filtering	75
Using Rules & Services to Block or Allow Traffic	76
Services-Based Rules	76
Viewing the Firewall Rules	81
Order of Precedence for Rules	81
Setting the Outbound Policy	81
Creating a LAN WAN Outbound Services Rule	82
Creating a LAN WAN Inbound Services Rule	82
Attack Checks	84
Inbound Rules Examples	85
Outbound Rules Example	88
Enabling Session Limits	88
Adding Customized Services	89
Setting Quality of Service (QoS) Priorities	90
Setting Schedules to Block or Allow Traffic	91
Setting Block Sites (Content Filtering)	92
Enabling Source MAC Filtering (Address Filter)	94
IP/MAC Binding Tab	95
Enabling Port Triggering	97
Bandwidth Profile	98
UPnP (Universal Plug and Play)	100
E-Mail Notifications of Event Logs and Alerts	101
Administrator Tips	101
Chapter 6 Virtual Private Networking Using IPsec	103
Using the VPN Wizard for Client and Gateway Configurations	103
Creating Gateway to Gateway VPN Tunnels with the Wizard	104
Creating a Client to Gateway VPN Tunnel with the Wizard	106
Viewing or Modifying IKE and VPN Policy Settings	107
Creating a VPN Client to SRXN3205 Connection	109
Configuring the SRXN3205	109
Configuring the VPN Client	110
Testing the Connection	113
Managing VPN Tunnel Policies	113
About IKE	114
Managing IKE Policies	114
About the IKE Policy Table	115
VPN Policy	117
VPN Tunnel Connection Status	118
Manually Assigning IP Addresses to Remote Users (ModeConfig)	119
Mode Config Operation	119
Configuring the VPN Firewall	119
Configuring the ProSafe VPN Client for ModeConfig	122
Extended Authentication (XAUTH) Configuration	124
Configuring XAUTH for VPN Clients	125
User Database Configuration	126
RADIUS Client Configuration	126
Chapter 7 Virtual Private Networking Using SSL	129
Understanding the Portal Options	129
Planning for SSL VPN	130
Creating the Portal Layout	131
Configuring Domains, Groups, and Users	135
Configuring Applications for Port Forwarding	135
Adding Servers	135
Adding A New Host Name	137
Configuring the SSL VPN Client	137
Configuring the Client IP Address Range	139
Adding Routes for VPN Tunnel Clients	140
Replacing and Deleting Client Routes	140
Using Network Resource Objects to Simplify Policies	141
Adding New Network Resources	141
Configuring User, Group, and Global Policies	142
Viewing Policies	143
Adding a Policy	144
Chapter 8 Managing Users, Authentication, and Certificates	147
Adding Authentication Domains, Groups, and Users	147
Creating a Domain	147
Creating a Group	149
Creating a New User Account	150
Setting User Login Policies	151
Managing Certificates	154
Viewing and Loading CA Certificates	154
Viewing Active Self Certificates	155
Obtaining a Self Certificate from a Certificate Authority	156
Managing your Certificate Revocation List (CRL)	159
Chapter 9 Firewall and Network Management	161
Performance Management	161
Bandwidth Capacity	161
Features that Reduce Traffic	162
Features that Increase Traffic	165
Using QoS to Shift the Traffic Mix	167
Tools for Traffic Management	168
Changing Passwords and Administrator Settings	168
Enabling Remote Management Access	170
Using an SNMP Manager	171
Settings Backup and Firmware Upgrade	173
Configuring Time Zone Settings	175
Chapter 11 Monitoring System Performance	177
Enabling the Traffic Meter	177
Activating Notification of Events and Alerts	179
Viewing Firewall Logs	182
Viewing Router Configuration and System Status	183
Monitoring the WAN Port Status	184
Monitoring Attached Devices	185
Reviewing the DHCP Log	186
Monitoring Active Users	187
Viewing Port Triggering Status	188
Monitoring VPN Tunnel Connection Status	189
Reviewing the VPN Logs	190
Chapter 12 Troubleshooting	191
Basic Functions	191
Power LED Not On	192
LEDs Never Turn Off	192
LAN or WAN Port LEDs Not On	192
Troubleshooting the Web Configuration Interface	192
Troubleshooting the ISP Connection	194
Troubleshooting a TCP/IP Network Using a Ping Utility	195
Testing the LAN Path to Your VPN Firewall	195
Testing the Path from Your PC to a Remote Device	196
Restoring the Default Configuration and Password	197
Problems with Date and Time	197
Diagnostics Functions	198
Appendix A Default Settings and Technical Specifications	201
Default Settings	201
Technical Specifications	203
Appendix B Related Documents	207

Match case Limit results 1 per page

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

Firewall Security and Content Filtering

5-27

v1.0, October 2008

–

Protocol: Indicates the network protocol (i.e. HTTP, FTP, etc.) used by the device to

connect to the VPN firewall.

–

Int. Port (Internal Port): Indicates if any internal ports are opened by the UPnP device.

–

Ext. Port (External Port): Indicates if any external ports are opened by the UPnP device.

–

IP Address: List the IP address of the UPnP device accessing the VPN firewall.

E-Mail Notifications of Event Logs and Alerts

The Firewall Logs can be configured to log and then e-mail denial of access, general attack

information, and other information to a specified e-mail address. For example, your VPN firewall

will log security-related events such as: accepted and dropped packets on different segments of

your LAN; denied incoming and outgoing service requests; hacker probes and login attempts; and

other general information based on the settings you input on the

Firewall Logs & E-mail

menu. In

addition, if you have set up Content Filtering on the Block Sites screen (see

“Setting Block Sites

(Content Filtering)” on page 5-18

), a log will be generated when someone on your network tries to

access a blocked site.

To configure e-mail or syslog notification, or to view the logs, see

“Activating Notification of

Events and Alerts” on page 11-3

Administrator Tips

Consider the following operational items:

As an option, you can enable remote management if you have to manage distant sites from a

central location (see

“Enabling Remote Management Access” on page 9-10

Although rules are the basic way of managing the traffic through your system (see

“Using

Rules & Services to Block or Allow Traffic” on page 5-2

), you can further refine your control

with the following optional features of the firewall:

•

Groups and hosts (see

“Managing Groups and Hosts (LAN Groups)” on page 3-4

)

•

Services (see

“Services-Based Rules” on page 5-2

)

•

Schedules (see

“Setting Schedules to Block or Allow Traffic” on page 5-17

)

•

Block sites (see

“Setting Block Sites (Content Filtering)” on page 5-18

)

•

Source MAC filtering (see

“Enabling Source MAC Filtering (Address Filter)” on page 5-

)

•

Port triggering (see

“Enabling Port Triggering” on page 5-23

)