Netgear FVS336G-300NAS Especificaciones Pagina 376
- Pagina / 693
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Set Up Virtual Private Networking With IPSec Connections
376
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv3
Diffie-Hellman (DH)
Group
The DH Group sets the strength of the algorithm in bits. The higher the group, the
more secure the exchange. From the menu, select the strength:
• Group 1 (768 bit).
• Group 2 (1024 bit). This is the default setting.
• Group 5 (1536 bit).
Note: Ensure that the DH group is configured identically on both sides.
SA-Lifetime (sec) The period in seconds for which the IKE SA is valid. When the period times out,
the next rekeying occurs. The default is 28800 seconds (eight hours).
Enable Dead Peer
Detection
Select a radio button to specify whether Dead Peer Detection (DPD) is enabled:
• No. This feature is disabled. This is the default setting.
• Yes. This feature is enabled. When the VPN firewall detects an IKE
connection failure, it removes the IPSec and IKE SA and forces a
reestablishment of the connection. You must specify the detection period in
the Detection Period field and the maximum number of times that the VPN
firewall attempts to reconnect in the Reconnect after failure count field.
Note: For more information, see Manage Keep-Alives and Dead Peer Detection
on page 414.
Detection Period The period in seconds between consecutive DPD R-U-THERE messages, which
are sent only when the IPSec traffic is idle.
Reconnect after failure
count
The maximum number of DPD failures before the VPN firewall tears down the
connection and then attempts to reconnect to the peer. The default is 3 failures.
Extended Authentication
XAUTH Configuration Select a radio button to specify whether Extended Authentication (XAUTH) is
enabled and, if enabled, which device is used to verify user account information:
• None. XAUTH is disabled. This the default setting.
• Edge Device. The VPN firewall functions as a VPN concentrator on which
one or more gateway tunnels terminate. The authentication modes that are
available for this configuration are User Database, RADIUS PAP, or RADIUS
CHAP.
• IPSec Host. The VPN firewall functions as a VPN client of the remote
gateway. In this configuration, the VPN firewall is authenticated by a remote
gateway with a user name and password combination.
Note: For more information about XAUTH and its authentication modes, see
Enable and Configure Extended Authentication for VPN Clients on page 392.
Setting Description
- ProSAFE Dual WAN Gigabit SSL 1
- Firewall 1
- Compliance 2
- Trademarks 2
- Revision History 2
- Contents 3
- Key Features and Capabilities 13
- Security Features 16
- Extensive Protocol Support 16
- Maintenance and Support 17
- Package Contents 18
- Hardware Features 18
- Back Panel 20
- DEFAULT ACCESS 21
- Login Requirements 22
- IPv4 Requirements 24
- IPv6 Requirements 24
- WAN Settings 28
- Complete these tasks: 29
- Classical Routing 31
- IPv4 Internet Connection 32
- Protocol Binding 50
- Method for IPv4 Interfaces 56
- Secondary IPv4 WAN Addresses 60
- Dynamic DNS 63
- Configure Dynamic DNS 63
- Managing Advanced WAN Options 66
- Change a QoS Profile 82
- IPv6 Network 87
- IPv6 Routing Mode 88
- Enable the IPv6 Routing Mode 89
- Connection Automatically 90
- 6to4 Tunnel 101
- ISATAP Tunnel 103
- Configure an ISATAP Tunnel 104
- Change an ISATAP Tunnel 105
- Stateless IP/ICMP Translation 108
- Interfaces 112
- What to Do Next 114
- IPv4 LANs and VLANs 116
- Port-Based VLANs 117
- Assign VLAN Profiles 117
- DHCP Servers 119
- DHCP Relay 120
- DNS Proxy 120
- LDAP Servers 120
- Add a VLAN Profile 121
- 7. Click the Add button 122
- Change a VLAN Profile 125
- Network Database 133
- DHCP Address Reservation 134
- Manage the Network Database 134
- IPv4 DMZ 141
- Manage Static IPv4 Routing 145
- Add a Static IPv4 Route 146
- 9. Click the Apply button 147
- Change a Static IPv4 Route 148
- IPv4 Static Route Example 152
- Manage the IPv6 LAN 154
- Delegation for the LAN 156
- Setting Description 162
- IPv6 LAN Setup 162
- 10. Click the Apply button 163
- Your settings are saved 163
- Add an IPv6 LAN Address Pool 169
- Add Advertisement Prefixes 176
- IPv6 DMZ 185
- Add an IPv6 DMZ Address Pool 201
- Manage Static IPv6 Routing 205
- Change a Static IPv6 Route 207
- 9. Click the Delete button 209
- Customize Firewall Protection 210
- Firewall Protection 211
- Firewall Rules Overview 212
- Default LAN WAN Rules 212
- Default DMZ WAN Rules 213
- Default LAN DMZ Rules 213
- Number of Rules Supported 213
- Categories of Service 213
- Order of Precedence 214
- Settings for Inbound Rules 219
- Add LAN WAN Rules 225
- Add DMZ WAN Rules 235
- Add LAN DMZ Rules 244
- To manage an existing rule: 253
- Examples of Firewall Rules 254
- WAN Rules screen 256
- Addresses 257
- Single LAN User 262
- LAN WAN Rules screen 265
- Site on the Internet 266
- Manage VPN Pass-Through 271
- VPN Pass-Through 272
- Set Limits for IPv4 Sessions 274
- Multicast Pass-Through 278
- Manage Firewall Objects 281
- Firewall Objects 282
- Manage Customized Services 282
- Services Overview 283
- Add a Customized Service 283
- Change a Customized Service 284
- Service Groups Overview 286
- Add a Service Group 287
- Change a Service Group 288
- IP Address Groups Overview 290
- Add an IP Address Group 290
- Change an IP Address Group 292
- Define a Schedule 294
- IPv4 QoS Profiles Overview 296
- Add an IPv4 QoS Profile 296
- Change an IPv4 QoS Profile 298
- Bandwidth Profiles Overview 301
- Change a Bandwidth Profile 304
- Protect Your Network 307
- Manage Content Filtering 308
- Enable Source MAC Filtering 314
- Manage IP/MAC Bindings 316
- Change an IPv4/MAC Binding 319
- Number of Dropped Packets 321
- Change an IPv6/MAC Binding 324
- Manage Port Triggering 327
- Add a Port Triggering Rule 328
- Change a Port Triggering Rule 330
- To enable UPnP: 332
- With IPSec Connections 335
- Dual WAN Port Systems 336
- Configurations 337
- IPSec VPN Wizard Overview 338
- 8. Click the Apply button 342
- Client-to-Gateway Tunnels 347
- 4. Click the Next button 353
- ProSAFE VPN Client 357
- 5. Click the Save button 359
- 8. Click the Save button 360
- 12. Click the Save button 362
- Information 363
- IKE Policies 369
- View the IKE Policies 369
- To view the IKE policies: 370
- Manually Add an IKE Policy 371
- IPv6 settings are identical 373
- Change an IKE Policy 378
- VPN Policies Overview 381
- View the VPN Policies 382
- Manually Add a VPN Policy 384
- Change a VPN Policy 389
- Mode Config Overview 397
- 14. Click the Apply button 404
- Operation 405
- Change a Mode Config Record 413
- Configure Keep-Alives 415
- Dead Peer Detection 417
- Manage the PPTP Server 420
- Item Description 423
- Manage the L2TP Server 424
- L2TP Server Configuration 425
- SSL VPN Portals Overview 429
- SSL VPN Wizard Overview 431
- WARNING: 433
- Domains on page 492 437
- 10. Click the Next button 437
- Disconnect Active Users 447
- Portal Layouts Overview 451
- Create a Portal Layout 451
- Change a Portal Layout 454
- To change a portal layout: 455
- SSL VPN Clients Overview 462
- Network Objects Overview 470
- Add an SSL Network Resource 471
- Add Resource Addresses 473
- SSL Policies Overview 476
- View SSL VPN Policies 477
- VPN Certificates 490
- VPN Firewall’s Authentication 491
- Accounts 492
- Add an Authentication Domain 493
- Manage Authentication Groups 498
- Add an Authentication Group 499
- Manage User Accounts 502
- User Accounts Overview 503
- Add a User Account 504
- Change a User Account 506
- Configure Login Policies 508
- To change a password: 515
- VPN Certificates Overview 517
- Upload a CA Certificate 518
- Remove a CA Certificate 520
- View Self-Signed Certificates 524
- To remove one or more CSRs: 525
- To remove one or more CRLs: 528
- Figure 12. Security alert 529
- Optimize Performance and 530
- Manage Your System 530
- Performance Management 531
- Features That Reduce Traffic 532
- Content Filtering 533
- Source MAC Filtering 534
- Port Triggering 536
- DMZ Port 536
- Exposed Hosts 536
- VPN, L2TP, and PPTP Tunnels 536
- Setting QoS Priorities 537
- Assigning Bandwidth Profiles 537
- Remote Access 538
- Configure Remote Access 539
- To access the CLI: 541
- SNMP Overview 542
- Change an SNMP Configuration 544
- Manage the Configuration File 550
- Back Up Settings 551
- Restore Settings 552
- Upgrade the Firmware 554
- Monitor System Access and 561
- Performance 561
- 11. Click the Apply button 567
- Configure and Activate Logs 571
- Enable the Syslogs 575
- View the DNS Logs 578
- View the NTP Logs 579
- View the System Status 586
- View the VLAN Status 594
- View the IPv6 Tunnel Status 595
- View the VPN Logs 597
- Connection 598
- View the Attached Devices 603
- View the DHCP Log 605
- All log entries are removed 606
- Use the Diagnostics Utilities 608
- Trace a Route 610
- Look Up a DNS Address 612
- Display the Routing Tables 612
- Capture Packets in Real Time 613
- Check the WAN IP Address 619
- Interface 626
- WAN Ports 628
- Planning Overview 629
- Planning for Inbound Traffic 634
- Reliability 640
- Log Message Terms 646
- System Log Messages 646
- Login and Logout 647
- System Startup 648
- Firewall Restart 648
- ICMP Redirect Logs 649
- Multicast and Broadcast Logs 650
- Load Balancing 650
- Auto-Rollover 650
- PPP Logs 652
- • PPTP idle time-out logs 653
- • PPP authentication logs 653
- IPSec VPN Logs 654
- SSL VPN Logs 659
- Routing Logs 660
- LAN to WAN Logs 661
- LAN to DMZ Logs 661
- DMZ to WAN Logs 661
- WAN to LAN Logs 661
- Other Event Logs 662
- Source MAC Filter Logs 663
- Bandwidth Limit Logs 663
- DHCP Logs 664
- Two-Factor Authentication 665
- Two-Factor Authentication 666
- 7. Click the Login button 669
- You are logged in 669
- Specifications 670
- Factory Default Settings 671
- Numerics 679
© 2020, manymanuals.es. Todos los derechos reservados | 1.727 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales