1. Manuals
  2. Brands
  3. NETGEAR Manuals
  4. Network Router
  5. DGFV338 - ProSafe Wireless ADSL Modem VPN Firewall...
  6. Reference manual

NETGEAR DGFV338 ProSafe Reference Manual

Prosafe wireless adsl modem vpn firewall router
Hide thumbs Also See for DGFV338 ProSafe:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Configuration Manual, Installation Manual
DGFV338 ProSafe
Wireless ADSL Modem
VPN Firewall Router
Reference Manual
NETGEAR, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
May 2008
202-10161-03
v1.0

Advertisement

Table of Contents
loading

Related Manuals for NETGEAR DGFV338 ProSafe

Summary of Contents for NETGEAR DGFV338 ProSafe

  • Page 1 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA May 2008 202-10161-03 v1.0...

  • Page 2: Technical Support

    In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
  • Page 3 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Away from potential sources of interference, such as PCs, large metal surfaces, microwaves, and 2.4 GHz cordless phones. • In an elevated location such as a high shelf that is near the center of the wireless coverage area for all mobile devices.
  • Page 4 Hereby, NETGEAR Inc., declares that this Radiolan is in compliance with the essential requirements and other relevant provisions of Directive 1999/5/EC. Español Por medio de la presente NETGEAR Inc. declara que el Radiolan cumple con los [Spanish] requisitos esenciales y cualesquiera otras disposiciones aplicables o exigibles de la Directiva 1999/5/CE.
  • Page 5 [Swedish] väsentliga egenskapskrav och övriga relevanta bestämmelser som framgår av direktiv 1999/5/EG. Íslenska Hér með lýsir NETGEAR Inc. yfir því að Radiolan er í samræmi við grunnkröfur og aðrar [Icelandic] kröfur, sem gerðar eru í tilskipun 1999/5/EC. Norsk NETGEAR Inc. erklærer herved at utstyret Radiolan er i samsvar med de grunnleggende [Norwegian] krav og øvrige relevante krav i direktiv 1999/5/EF.
  • Page 6 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual European Spectrum Usage Rules - Effective April 11, 2006 5.25-5.35 5.47-5.725 (GHz) 5.15-5.25 (GHz) 2.4-2.4835 (GHz) (GHz) Channels: Channels: 1 to 13 Country Channels: Channels: 100,104,108,112,116, 36,40,44,48 (Except Where Noted)
  • Page 7 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Additional Copyrights Copyright (c) 2001, Dr Brian Gladman <brg@gladman.uk.net>, Worcester, UK. All rights reserved. TERMS Redistribution and use in source and binary forms, with or without modification, are permitted subject to the following conditions: 1.
  • Page 8 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Open SSL Copyright (c) 1998-2000 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions * are met: 1.
  • Page 9 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Copyright (C) 1990, RSA Data Security, Inc. All rights reserved. License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing this software or this function.
  • Page 10 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Product and Publication Details Model Number: DGFV338 Publication Date: May 2008 Product Family: Wireless Firewall Product Name: ProSafe Wireless ADSL Modem VPN Firewall Router Home or Business Product: Business Language:...

  • Page 11: Table Of Contents

    Contents About This Manual Conventions, Format and Scope ..................xvii How to Use This Manual ....................xviii How to Print this Manual ....................xviii Chapter 1 Introduction Key Features of the ProSafe DGFV338 .................1-1 Full Routing on Both the ADSL and 10/100 WAN Port ..........1-2 A Powerful, True Firewall with Content Filtering ............1-2 Security ........................1-3 Virtual Private Networking (VPN) ................1-3...
  • Page 12 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Automatically Detecting the ADSL ISP Connection ..........2-6 Automatically Detecting the Ethernet ISP Connection ..........2-7 Manually Configuring the ADSL ISP Connection .............2-8 Manually Configuring the Ethernet ISP Connection ..........2-9 Configuring Advanced Options for the ISP Connections ..........2-12 Configuring the ADSL Settings ................2-12...
  • Page 13 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Chapter 4 Security and Firewall Protection Firewall Protection and Content Filtering Overview ............4-1 Using Rules to Block or Allow Specific Kinds of Traffic ..........4-2 About Service Based Rules ..................4-2 Outbound Rules (Service Blocking) .................4-4 Inbound Rules (Port Forwarding) ................4-7...
  • Page 14 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Creating a VPN Client Connection: VPN Client to DGFV338 ........5-16 Configuring the DGFV338 ..................5-16 Configuring the VPN Client ..................5-18 Testing the Connection ...................5-22 Certificate Authorities ....................5-23 Generating a Self Certificate Request ..............5-24 Uploading a Trusted Certificate ................5-26...
  • Page 15 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual WAN Ports ......................6-14 Internet Traffic ......................6-15 LAN Ports and Attached Devices ................6-17 Firewall Security .....................6-19 VPN Tunnels ......................6-21 Using an SNMP Manager .....................6-22 Configuration File Management ...................6-24 Upgrading the Router and DSL Firmware ..............6-26 Configuring Date and Time Service ................6-28...
  • Page 16 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Using the Diagnostics Utilities ..................8-8 Appendix A Default Settings and Technical Specifications Default Factory Settings ....................A-1 Technical Specifications ....................A-3 Appendix B Related Documents Index Contents v1.0, May 2008...

  • Page 17: About This Manual

    About This Manual The DGFV338 ProSafe™ Wireless ADSL Modem VPN Firewall Router Reference Manual describes how to install, configure and troubleshoot the ProSafe Wireless ADSL Modem VPN Firewall Router. The information is this manual is intended for readers with intermediate computer and Internet skills.

  • Page 18: How To Use This Manual

    • button to access the full NETGEAR, Inc. online knowledge base for the product model. • Links to PDF versions of the full manual and individual chapters.
  • Page 19 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual – Click the PDF of This Chapter link at the top right of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window.
  • Page 20 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual About This Manual v1.0, May 2008...

  • Page 21: Introduction

    Chapter 1 Introduction This chapter describes the features of the ProSafe™ Wireless ADSL Modem VPN Firewall Router, including: • the minimum prerequisites for installation (“System Requirements” on page 1-5) • what’s in the box (“Package Contents” on page 1-6) • a description of the front and back panels (“Hardware Description”...

  • Page 22: Full Routing On Both The Adsl And 10/100 Wan Port

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Easy, web-based setup for installation and management. • URL keyword Content Filtering and Site Blocking Security. • Quality of Service (QoS) support for traffic prioritization. • Extensive Protocol Support.

  • Page 23: Security

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Security The ProSafe DGFV338 is equipped with several features designed to maintain security, as described in this section. • PCs Hidden by NAT. NAT opens a temporary path to the Internet for requests originating from the local network.

  • Page 24: Extensive Protocol Support

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The firewall incorporates Auto Uplink technology. Each Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a “normal” connection such as to a PC or an “uplink” connection such as to a switch or hub. That port will then configure itself to the correct configuration.

  • Page 25: Maintenance And Support

    Visual monitoring. The front panel LEDs of the ProSafe DGFV338 provide an easy way to monitor its status and activity. Maintenance and Support NETGEAR offers the following features to help you maximize your use of the ProSafe DGFV338: • Flash memory for firmware upgrade •...

  • Page 26: Package Contents

    • Warranty and Support Information Card. If any of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in case you need to return the firewall for repair. Hardware Description This section describes the front and rear hardware functions of the wireless firewall.
  • Page 27 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 1-1 The table below describes each item on the front panel and its operation. Table 0-1. Object Descriptions Nos. LEDs Activity Description Power - 1 On (Green) Power is supplied to the gateway Power is not supplied to the gateway.

  • Page 28: Router Rear Panel

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 0-1. Object Descriptions (continued) Nos. LEDs Activity Description Local Link/Act LED LEDs On (Green) The LAN port has detected a link with a connected Ethernet device. Blinking (Green) Data is being transmitted or received by the LAN port.

  • Page 29: Router Login Factory Defaults

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Router Login Factory Defaults Check the label on the bottom of the DGFV338’s enclosure if you forget the following factory default information: • IP Address: http://192.168.1.1 to reach the Web-based GUI from the LAN •...

  • Page 30: Placement For Wireless Performance

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 1-5 For a complete list of the factory default settings of your ProSafe DGFV338, see Appendix A, “Default Settings and Technical Specifications”. Placement for Wireless Performance Note: Failure to follow these guidelines can result in significant performance degradation or inability to wirelessly connect to the wireless firewall.

  • Page 31: Basic Installation And Configuration

    ProSafe Wireless ADSL Modem VPN Firewall Router Installation Guide on your Resource CD or to the NETGEAR Website for an online electronic copy. 2. Restart your network in the correct sequence. It is important to follow the correct order in which you restart your network —...

  • Page 32: Using Adsl Microfilters (Optional)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Log into the DGFV338. After logging in, you are ready to set up and configure your wireless firewall. You can also change your password and enable remote management at this time.

  • Page 33: Logging In

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • One-Line Microfilter. A simple microfilter provides an interface filter between your telephone and the phone jack as shown in Figure 2-1. Each device such as a telephone, fax machine, answering machine, or caller ID display requires an ADSL microfilter..

  • Page 34: Configuring The Adsl Port

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Connect to the wireless firewall by typing http://192.168.1.1 in the address field of your browser (such as Internet Explorer or Mozilla Firefox). The login screen will display. Figure 2-3 2.

  • Page 35: Configuring Your Internet Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To configure the ADSL line settings: 1. Contact your ADSL service provider and ask whether your multiplexing method is VC- BASED or LLC-BASED and what VPI and VCI values are used. The most common multiplexing method is LLC-based.

  • Page 36: Automatically Detecting The Adsl Isp Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual You can configure the Internet connections manually or by using the Auto Detect feature of the DGFV338. Automatically Detecting the ADSL ISP Connection Note: The Auto Detect feature detects the ISP settings on an ADSL WAN port that has a working ADSL modem line connection.

  • Page 37: Automatically Detecting The Ethernet Isp Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Automatically Detecting the Ethernet ISP Connection To automatically configure your Ethernet ISP settings and connect to the Internet: 1. Go to the Ethernet ISP Settings screen by selecting the primary menu option Network Configuration, then the sub-menu option WAN Settings.

  • Page 38: Manually Configuring The Adsl Isp Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 2-1. Internet Service Connection Methods Connection Method Data Required for Configuration DHCP (Dynamic IP) No data is required. Static (Fixed) IP Supplied by your ISP: your unique Internet IP address, your Subnet Mask, the ISP’s Gateway IP Address, and one or two DNS Addresses.

  • Page 39: Manually Configuring The Ethernet Isp Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Domain Name: Name of your ISP’s domain or your domain name if your ISP has assigned one (optional). • Idle Timeout: To keep the connection always on, select Keep Connected. To logout after the connection is idle for a period of time, select Idle Time and, in the Timeout field, enter the number of minutes to wait before disconnecting.
  • Page 40 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual ISP. If your ISP assigns you one or more exclusive Static IP addresses, then you must provide a specific fixed address for Static IP. The types of data you will need are highlighted in Table 2-1 connection method, and explained in more detail below.
  • Page 41 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual – Other (PPPoE): If you have installed log in software such as WinPoET or Enternet, then your connection type is PPPoE. Select this option and configure the following fields: •...

  • Page 42: Configuring Advanced Options For The Isp Connections

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 5. Click Apply to save your settings. Click Test to verify that the connection is active. Note: At this point in the configuration process, you should have an active connection to the Internet through the Ethernet connection to an external broadband modem.

  • Page 43: Configuring The Adsl Advanced Options

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To configure the ADSL settings: 1. Click the ADSL Settings link at the top of the ADSL ISP Settings screen. The ADSL Settings screen will display. Figure 2-7 2. Configure your ADSL Settings. If you don’t know your settings, contact your ISP. These parameters must be submitted to correctly establish a DSL connection on the WAN interface: a.

  • Page 44: Configuring The Ethernet Advanced Options

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 2-8 2. Enter the MTU Size. The MTU (Maximum Transmit Unit) is the size of the largest packet that can be sent over the network. The standard MTU value for Ethernet networks is usually 1500 Bytes and for PPPoE connections, it is 1492 Bytes.
  • Page 45 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Select the Advanced link at the top of the Ethernet ISP Settings screen. The4 Ethernet Advanced Options screen will display. Figure 2-9 2. Enter the MTU Size. The MTU (Maximum Transmit Unit) is the size of the largest packet that can be sent over the network.

  • Page 46: Configuring The Wan Mode

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 5. Click Apply to save your settings. Note: You can also set up the traffic meter for the Ethernet ISP, if desired, at this time. “Programming the Traffic Meter” on page 2-22.

  • Page 47: Choosing The Wan Failure Method

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Auto-Rollover using WAN port. If you have configured both the ADSL ISP and Ethernet ISP WAN ports of the DGFV338, you can select Auto-Rollover for increased system reliability. In Auto-Rollover mode, you select one WAN interface to be the primary Internet connection and the other is a backup connection in case the primary connection fails.

  • Page 48: Configuring The Wan Mode Settings

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Failover after. The WAN interface is considered down after the configured number of sequential queries have been sent without a response from the DNS server or from the ping destination.

  • Page 49: Configuring Dynamic Dns

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Select Ping to this IP address and enter an IP address. 5. (Optional) You can change the Test Period and Failover count. The default time to roll over after the primary WAN interface fails is 2 minutes (a 30 second test period with a minimum of four sequential failed tests).
  • Page 50 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To configure Dynamic DNS: 1. Select Network Configuration from the main menu and Dynamic DNS from the submenu. The Dynamic DNS Configuration screen will display. Figure 2-11 Tabs are available for several DDNS service providers, each with its own parameters.
  • Page 51 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual a. Enter the account information for the service you have chosen (for example, user name, password, key, or domain). b. If your DDNS provider allows the use of wild cards in resolving your URL, you may select the Use wildcards check box to activate this feature.

  • Page 52: Programming The Traffic Meter

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Programming the Traffic Meter The traffic meter is useful when an ISP charges by traffic volume over a given period of time or if you want to look at traffic types over a period of time. The fields are described in Table 2-2.
  • Page 53 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 2-2. Traffic Meter Parameters Parameter Description Enable Traffic Meter Check this if you wish to record the volume of Internet traffic passing through the Router's WAN1 or WAN2 port.WAN1 or WAN2 can be selected through the drop down menu, the entire configuration is specific to each wan interface.
  • Page 54 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To Program the Traffic Meter (if desired): 1. Select Monitoring from the main menu and Traffic Meter from the submenu. The default ADSL screen shown in Figure 2-12 will display.

  • Page 55: Wireless Configuration

    For further information on wireless networking, refer to Appendix B, “Related Documents” for a link to resource material on the NETGEAR website. Note: Incorrect wireless configuration can result in significant performance degradation, inability to wirelessly connect to the wireless firewall, or exposing your network to intruders.

  • Page 56: Understanding The Wireless Security Features

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Understanding the Wireless Security Features Note: Indoors, computers can connect to wireless networks at ranges of 300 feet or more. Such distances allow others outside of your area to access your network.
  • Page 57 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual – WEP — Wired Equivalent Privacy (WEP) data encryption provides moderate data security. WEP Shared Key authentication and WEP data encryption, while weaker than newer security protocols, will block all but the most determined eavesdropper.

  • Page 58: Understanding The Wireless Settings

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Understanding the Wireless Settings This section describes the wireless network settings and security features of the Wireless Settings menu. To access the Wireless Settings menu, select Network Configuration from the main menu and Wireless Settings from the submenu.

  • Page 59: Wireless Network

    The SSID should be changed from the default (NETGEAR) to a descriptive name for your network. Choose a name of up to 32 alphanumeric characters with no spaces.

  • Page 60: Wireless Security Type

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Enable Wireless Access Point. To enable the wireless network, you must check this box. If you do not intend to use the wireless feature of the DGFV338, leave the box unchecked. The default is unchecked (the access point is disabled).

  • Page 61: Configuring Your Wireless Settings

    Figure 3-3). 2. Enter your Wireless Network Name (SSID). The default SSID is NETGEAR, but NETGEAR strongly recommends that you change your Network Name to a different value. It can be up to 32 alphanumeric characters and is case sensitive.
  • Page 62 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 6. Check the Enable Wireless Access Point radio button to turn on the wireless radio. Figure 3-3 To configure the wireless security settings on your ProSafe DGFV338: 1. Select the Wireless Security Type option you will use for your Wireless Network. The options are described in “Wireless Network”...

  • Page 63: Configuring Wep

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Note: Make sure your wireless adapters support the wireless security method you have chosen. Consult the product document for your wireless adapter and wireless client software for instructions on configuring the wireless security settings.

  • Page 64: Configuring Wpa-Psk

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 3-4 d. Select the key to be used as the default key by checking the radio button. (Data transmissions are always encrypted using the default key.) For a full explanation of WEP options, as defined by the IEEE 802.11 wireless communication standard, see the document “Wireless Communications”...

  • Page 65: Configuring Wpa2-Psk

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. From the Wireless Security Type section, select WPA. WPA with PSK will be selected by default. Figure 3-5 2. Select the Data Encryption mode: AES or TKIP (TKIP is the default).

  • Page 66: Configuring Wpa-Psk And Wpa2-Psk

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. From the Wireless Security Type section, select the WPA2 radio button. By default WPN with PSK will be selected and Encryption will be set to AES. Figure 3-6 2. Enter the preshared Passphrase (Network Key).The 256-bit key used for encryption is generated from the Passphrase.

  • Page 67: Configuring Wpa With Radius

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. From the Wireless Security Type section, select WPA and WPA2. By default, WPA with PSK is selected and Encryption will be set to TKIP+AES. Figure 3-7 2. Enter the Passphrase (Network Key).The 256-bit key used for encryption is generated from the Passphrase.

  • Page 68: Configuring Wpa2 With Radius

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Choose the WPA radio button. Figure 3-8 2. Then select RADIUS from the WPA with pull down menu. Data Encryption will be set to TKIP by default. 3. Enter the following in the RADIUS Server Settings section: a.

  • Page 69: Configuring Wpa And Wpa2 With Radius

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. In the Wireless Security Type section, select the WPA2 radio button. Figure 3-9 2. Then select RADIUS from the WPA with pull down menu. By default, Data Encryption will be set to AES.
  • Page 70 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. In the Wireless Security Type section, select the WPA and WPA2 radio button. Figure 3-10 2. Then select RADIUS from the WPA with pull down menu. By default, Data Encryption will be set to TKIP+AES.

  • Page 71: Configuring The Access Control List

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Configuring the Access Control List The Access Control List restricts wireless devices by their MAC addresses from joining the wireless network. When you enable access control, the ProSafe DGFV338 only accepts connections from wireless devices whose MAC addresses appear on the trusted access control list.
  • Page 72 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The Trusted Wireless Stations table contains the MAC addresses of wireless devices that will be allowed to connect to this DGFV338 when the Access Control List is enabled. If you have not entered any MAC addresses, this table will be empty.

  • Page 73: Configuring The Wireless Advanced Options

    The Wireless Advanced Options settings are intended for administrator use and should be used with caution and only as directed by NETGEAR. To reach the Wireless Advanced Options menu, click the Advanced link at the top of the Wireless Settings screen.

  • Page 74: Wep And Wpa/Wpa2 Wireless Security Check List Form

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • RTS Threshold — The Request to Send Threshold is the packet size that determines if the CSMA/CD (Carrier Sense Multiple Access with Collision Detection) mechanism or the CSMA/CA mechanism should be used for packet transmission. With the CSMA/CD transmission mechanism, the transmitting station sends out the actual packet as soon as it has waited for the silence period.
  • Page 75 • SSID. The Service Set Identification (SSID) identifies the wireless local area network. NETGEAR is the default DGFV338 SSID. However, you may customize it by using up to 32 alphanumeric characters. Write your customized SSID on the line below. ________________________________________________ Note: All wireless nodes in the same network must be configured with the same SSID: •...
  • Page 76 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3-22 Wireless Configuration v1.0, May 2008...

  • Page 77: Firewall Protection And Content Filtering Overview

    Chapter 4 Security and Firewall Protection This chapter describes how to use the Security features of the ProSafe Wireless ADSL Modem VPN Firewall Router to protect your network. These features can be found by selecting Security from the main menu of the browser interface. This chapter includes the following sections: •...

  • Page 78: Using Rules To Block Or Allow Specific Kinds Of Traffic

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The ProSafe DGFV338 also provides Web Content filtering—by Domain name (Web sites) and by Keyword Blocking. Browsing activity reporting and instant alerts via e-mail provide reports on Content Filtering activities. You can establish restricted access policies based on time-of-day, specific Web Components, Web sites and Web address keywords.
  • Page 79 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Quality of service (QoS) priorities. Each service has its own native priority that impacts its quality of performance and tolerance for jitter or delays. You can change this QoS priority if desired to change the traffic mix through the system.

  • Page 80: Outbound Rules (Service Blocking)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Outbound Rules (Service Blocking) The DGFV338 allows you to block the use of certain Internet services by PCs on your network. This is called service blocking or port filtering. The default policy can be changed to block all outbound traffic and enable only specific services to pass through the router.
  • Page 81 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 4-1. Outbound Rules (continued) Item Description QoS Priority Specifies the priority of a service which, in turn, determines the quality of that service for the traffic passing through the firewall. By default, the priority shown is that of the selected service.
  • Page 82 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Click Apply to create your policy. The new service policy will display in the Outbound Services table. Figure 4-3 Note: See “Blocking Internet Sites” on page 4-21 “Configuring Source MAC Filtering”...

  • Page 83: Inbound Rules (Port Forwarding)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 4-4 Inbound Rules (Port Forwarding) Because the DGFV338 uses Network Address Translation (NAT), your network presents only one IP address to the Internet and outside users cannot directly address any of your local computers.
  • Page 84 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 0-1. Inbound Rules (continued) Item Description Schedule Select the desired time schedule (Schedule1, Schedule2, or Schedule3) that will be used by this rule (see “Setting a Schedule for Firewall Rules” on page 4-31).
  • Page 85 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Note: Some residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location.
  • Page 86 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Click Apply. The new rule will be listed in the Inbound Services table. Figure 4-6 To make changes to an existing inbound service rule: 1. In the Action column adjacent to the rule, click the button for the desired actions: •...
  • Page 87 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Inbound Rule Example: A Local Public Web Server If you host a public Web server on your local network, you can define a rule to allow inbound Web (HTTP) requests from any outside IP address to the IP address of your Web server at any time of day.
  • Page 88 This application note describes how to configure multi-NAT to support multiple public IP addresses on one WAN interface of a NETGEAR ProSafe Wireless ADSL Modem VPN Firewall Router. By creating an inbound rule, we will configure the firewall to host an additional public IP addresses and associate this address with a Web server on the LAN.
  • Page 89 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. From the Service pull-down menu, (see Figure 4-9), select the HTTP service for a Web server. Figure 4-9 4. From the Action pull-down menu, select ALLOW always. 5. For Send to LAN Server, enter the local IP address of your Web server PC.
  • Page 90 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Your rule will now appear in the Inbound Services table of the Rules menu (see Figure 4-10). This rule is different from a normal inbound port forwarding rule in that the Destination box contains an IP Address other than your normal WAN IP Address.

  • Page 91: Considerations For Inbound Rules

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Select ANY protocol and Allow Always (or Allow by Schedule) 2. Place rule below all other inbound rules by clicking the down icon Figure 4-11 Considerations for Inbound Rules The DHCP setup and how the PCs access the server’s LAN address impact the Inbound Rules.

  • Page 92: Order Of Precedence For Rules

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Order of Precedence for Rules As you define new rules, they are added to the tables in the Rules menu, as shown in Figure 4-12: Figure 4-12 For any traffic attempting to pass through the firewall, the packet information is subjected to the rules in the order shown in the LAN WAN Rules Table, beginning at the top and proceeding to the default rules at the bottom.
  • Page 93 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Although the DGFV338 already holds a list of many service port numbers, you are not limited to these choices. Use the Services menu to add additional services and applications to the list for use in defining firewall rules.

  • Page 94: Setting Quality Of Service (Qos) Priorities

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Setting Quality of Service (QoS) Priorities The QoS setting determines the priority of a service, which in turn determines the quality of that service for the traffic passing through the firewall. You can change the QoS Priority only for Outbound Services, as shown in the outbound rule configuration menu.

  • Page 95: Attack Checks

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Minimize-Delay: Used when the time required for the packet to reach the destination must be fast (low link latency). The IP packets for this service priority are marked with a TOS value of...
  • Page 96 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual If flood checking is enabled, the DGFV338 will not accept more than 20 simultaneous, active UDP connections from a single computer on the LAN. – Disable Ping Reply on LAN Ports—To prevent the DGFV338 from responding to Ping requests from the LAN, click this checkbox.

  • Page 97: Blocking Internet Sites

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Blocking Internet Sites To restrict internal LAN users from access to certain sites on the Internet, you can use the DGFV338’s Web Components filtering and Key Word Blocking. By default, both are disabled; all requested traffic from any Web site is allowed.
  • Page 98 If you enter a domain name in the Trusted Domains box, keyword filtering will be bypassed. For example, if you entered www.netgear.com, keyword filtering will be bypassed for this domain; however, Web Components filtering still applies.
  • Page 99 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 4-16 To block keywords or Internet domains: 2. Select Yes to enable Content Filtering. 3. Click Apply to activate the menu controls. 4. Select any Web Components you wish to block and click Apply.

  • Page 100: Configuring Source Mac Filtering

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 5. Select the groups to which Keyword Blocking will apply, then click Enable to activate Keyword blocking (or disable to deactivate Keyword Blocking). 6. Enter your list of blocked Keywords or Domain Names in the Blocked Keyword fields. After each entry, click Add.

  • Page 101: Configuring Ip/Mac Address Binding Alerts

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual A valid MAC address is six colon-separated pairs of hexadecimal digits (0 to 9 and a to f). For example: 01:23:45:ab:cd:ef. Figure 4-17 5. Click Apply. The specified MAC addresses will be added to the filter list.
  • Page 102 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 2. Select the IP/MAC Binding tab to display the IP/MAC Binding menu. Figure 4-18 The IP/MAC Bindings table displays existing bindings. 3. In the Email IP/MAC Violations frame, check the Yes radio button to enable IP/MAC address binding enforcement and alerts.

  • Page 103: Configuring Port Triggering

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Check the box adjacent to the binding to be deleted and click delete, or • Click select all to select all the bindings and click delete. Configuring Port Triggering Port triggering allows some applications to function correctly that would otherwise be partially blocked by the firewall when the router is in NAT mode.
  • Page 104 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • After a PC has finished using a port triggering application, there is a time-out period before the application can be used by another PC. This is required because the DGFV338 cannot be sure when the application has terminated.

  • Page 105: Enabling Universal Plug And Play (Upnp)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 7. Click Add. The port triggering rule will be added to the Port Triggering Rules table. To edit a port triggering rule: • Click the edit button adjacent to the port triggering rule to be edited.
  • Page 106 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Advertisement Time To Live. The time to live for the advertisement is measured in hops (steps) for each UPnP packet sent. A hop is the number of steps allowed to propagate for each UPnP advertisement before it disappears.

  • Page 107: Setting A Schedule For Firewall Rules

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Modify the default Advertisement Period and Advertisement Time to Live settings, if desired. The defaults are 30 minutes and 4 hops, respectively. 4. Click Apply to save the new settings. Devices attached to the router can now use the router resources.

  • Page 108: Configuring A Bandwidth Profile

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Select the time of day radio button: either All Day to limit access completely for the selected days, or Specific Times to limit access for a period during the selected days.
  • Page 109 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Select Security from the main menu and Bandwidth Profile from the submenu. The Bandwidth Profile menu will display. Figure 4-22 The List of Bandwidth Profiles displays existing profiles. 2. To create a new bandwidth profile, click add. The Add Bandwidth Profile menu will display.

  • Page 110: Configuring Session Limits

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To edit a bandwidth profile: • Click the edit button adjacent to the bandwidth profile to be edited. To delete a bandwidth profile: • Check the box adjacent to the bandwidth profile to be deleted and click delete, or •...

  • Page 111: Event Logs And Alerts

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 5. In the pull-down menu, select whether you will limit sessions by percentage or by absolute number. The percentage is computed based on the total connection capacity of the device.When setting a limit based on absolute number, note that some protocols (for example, FTP and RSTP) create two sessions per connection.
  • Page 112 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 4-25 The Log Options section will display the Log Identifier field, a mandatory field to identify the log messages. This ID is appended to log messages. 2. From the Routing Logs section, check the boxes of the Accepted Packets and/or Dropped packets you want to log.
  • Page 113 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. From the System Logs section, check the boxes of the System Log events you want to track and record: • Change of Time by NTP: Logs a message when the system time changes after a request to a Network Time server.

  • Page 114: Security And Administrator Management

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To disable authentication, select the No Authentication box. • Respond to Identd from SMTP Server: Check this box to configure the router to respond to an IDENT request from the SMTP server.

  • Page 115: Virtual Private Networking

    Chapter 5 Virtual Private Networking This chapter describes how to use the virtual private networking (VPN) features of the ProSafe DGFV338. VPN tunnels provide secure, encrypted communications between your local network and a remote network or computer. This chapter includes the following sections: •...

  • Page 116: Using The Vpn Wizard

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 5-1. IP addressing requirements for VPNs in dual WAN port systems Configuration and WAN IP address Rollover Mode Dedicated Mode VPN Telecommuter Fixed FQDN required Allowed (FQDN optional) (client-to-gateway through a...
  • Page 117 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 4. Check the radio button for the WAN interface that will act as one end of this VPN tunnel: ADSL or WAN Ethernet. 5. Enter the Remote WAN IP Address or Internet Name of the gateway you want to connect •...
  • Page 118 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 9. Click Apply to save your settings. The VPN Policies screen will display showing the policy “Offsite” as enabled. Click Edit in the Action column adjacent to the policy to confirm your policy settings.
  • Page 119 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-2 You can also view the status of your IKE Policies by clicking the IKE Policies tab. The IKE Policies screen will display. Then view or edit the parameters of the “Offsite” policy by clicking Edit in the Action column adjacent to the policy.

  • Page 120: Vpn Tunnel Policies

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-3 VPN Tunnel Policies When you use the VPN Wizard to set up a VPN tunnel, both a VPN Policy and an IKE Policy are established and populated in both Policy Tables. The name you selected as the VPN Tunnel connection name during Wizard setup identifies both the VPN Policy and IKE Policy.
  • Page 121 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Managing IKE Policies IKE Policies are activated when: 1. The VPN Policy Selector determines that some traffic matches an existing VPN Policy. If the VPN policy is of type “Auto”, then the Auto Policy Parameters defined in the VPN Policy are accessed which specify which IKE Policy to use.

  • Page 122: Vpn Policy

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Encr. Encryption Algorithm used for the IKE SA. The default setting using the VPN Wizard is 3DES. (This setting must match the Remote VPN.) • Auth. Authentication hashing algorithm used for the IKE SA. The default setting using the VPN Wizard is SHA1.

  • Page 123: Vpn Tunnel Connection Status

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 4. The remote VPN Endpoint must have a matching SA, or it will refuse the connection. VPN Policy Table Only one Client Policy may configured at a time (noted by an “*” next to the policy name). The Policy Table contains the following fields: •...

  • Page 124: Creating A Vpn Gateway Connection: Dgfv338 To Fvx538

    Creating a VPN Gateway Connection: DGFV338 to FVX538 This section describes how to configure a gateway-to-gateway VPN connection between a NETGEAR FVX538 VPN Firewall and the ProSafe Wireless ADSL Modem VPN Firewall Router. Using each firewall's VPN Wizard, we will create a set of policies (IKE and VPN) that will allow the two firewalls to connect from locations with fixed IP addresses.
  • Page 125 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 7. Enter the WAN IP address of the remote FVX538 and then enter the WAN IP address of the local DGFV338. (Both local and remote ends must define the address as either an IP address or a FQDN.
  • Page 126 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-5 To view the VPN Policy parameters: 1. Click Edit in the Action column adjacent to the “to_fvx” policy. The Edit VPN Policy screen will display, as shown in Figure 5-6.
  • Page 127 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-6 To view the IKE Policy Configuration parameters: 1. Select the IKE Policies tab. The IKE Policies table will display. Virtual Private Networking 5-13 v1.0, May 2008...

  • Page 128: Configuring The Fvx538

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 2. Select “to_fvx” and click Edit. It should not be necessary to make any changes) Figure 5-7 Configuring the FVX538 To configure the FVX538 VPN Wizard: 5-14 Virtual Private Networking...

  • Page 129: Testing The Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Select VPN from the main menu and VPN Wizard from the submenu. The VPN Wizard screen will display. 2. Check the Gateway radio button for the type of VPN tunnel connection.

  • Page 130: Creating A Vpn Client Connection: Vpn Client To Dgfv338

    If more PCs are to be connected, an additional policy or policies must be created. Each PC will use the NETGEAR ProSafe VPN Client software. Since the PC's IP address is assumed to be dynamic and unknown, the PC must always be the initiator of the connection.
  • Page 131 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-9 6. Enter he remote WAN’s IP Address or Internet Name and then enter the local WAN’s IP Address or Internet Name. In this example, we are using their FQDNs. (Both the local and remote addresses must be of the same type—either both must be FQDN or both must be an IP...

  • Page 132: Configuring The Vpn Client

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Configuring the VPN Client From a PC with the NETGEAR Prosafe VPN Client installed, you can configure a VPN client policy to connect to the DGFV338. To configure your VPN client: 1.
  • Page 133 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual to_dgfv dgfv_local.com Figure 5-11 7. In the left frame, click My Identity. 8. From the Select Certificate pull-down menu, select None. 9. From the ID Type pull-down menu, select Domain Name.
  • Page 134 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual to_dgfv dgfv_remote.com Figure 5-12 5. Before leaving the My Identity menu, click Pre-Shared Key. 6. Click Enter Key and then enter your preshared key, and click OK. This key will be shared by all users of the DGFV338 policy “home”.
  • Page 135 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 8. For the Phase 1 Negotiation Mode, check the Aggressive Mode radio button. 9. PFS should be enabled, and Enable Replay Detection should be enabled. Figure 5-14 10. In the left frame, expand Authentication (Phase 1) and select Proposal 1. The Proposal 1 fields should mirror those in the following figure.

  • Page 136: Testing The Connection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 11. In the left frame, expand Key Exchange (Phase 2) and select Proposal 1. The fields in this proposal should also mirror those in the following figure. No changes should be necessary.

  • Page 137: Certificate Authorities

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 2. For additional status and troubleshooting information, right-click on the VPN client icon Logs and Connection Status screens in the DGFV338. Figure 5-17 Certificate Authorities Digital Self Certificates are used to authenticate the identity of users and systems, and are issued by various CAs (Certification Authorities).

  • Page 138: Generating A Self Certificate Request

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The Active Self Certificates table shows the Certificates issued to you by the various CAs (Certification Authorities), and available for use. For each Certificate, the following data is listed: •...
  • Page 139 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-18 • Domain Name – If you have a Domain name, you can enter it here. Otherwise, you should leave this field blank. • E-mail Address – Enter your e-mail address in this field.

  • Page 140: Uploading A Trusted Certificate

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 6. Copy the contents of the Data to supply to CA text box into a file, including all of the data contained in “----BEGIN CERTIFICATE REQUEST---” and “---END CERTIFICATE REQUEST---”Click Done. You will return to the Certificate screen and your Request details will be displayed in the Self Certificates Requests table showing a Status of “Waiting for...

  • Page 141: Configuring Extended Authentication (Xauth)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 2. Click Certificates in the submenu. 3. The VPN | Certificates menu is displayed showing the Certificate Revocation Lists (CRL) table at the bottom of the screen. Figure 5-19: The CRL table lists your active CAs and their critical release dates: •...

  • Page 142: Configuring Xauth For Vpn Clients

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Edge Device. If this is selected, the router is used as a VPN concentrator where one or more gateway tunnels terminate. If this option is chosen, you must specify the authentication type to be used in verifying credentials of the remote VPN gateways: User Database, RADIUS-PAP, or RADIUS-CHAP.

  • Page 143: User Database Configuration

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 4. In the Extended Authentication section, select either Edge Device or IPSec Host: • Select Edge Device to use this DGFV338 as a VPN concentrator where one or more gateway tunnels terminate. From the Authentication Type pull-down menu, specify one...

  • Page 144: Radius Client Configuration

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 4. Click Add. The User Name will be added to the Configured Users table. Figure 5-21 To edit the user name or password: 1. Click Edit opposite the user’s name. The Edit User screen will display.
  • Page 145 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-22 3. Enter the Primary RADIUS Server IP address. 4. Enter a Secret Phrase. Transactions between the client and the RADIUS server are authenticated using a shared secret phrase, so the same Secret Phrase must be configured on both client and server.

  • Page 146: Manually Assigning Ip Addresses To Remote Vpn Users (Modeconfig)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 9. Click Reset to cancel any changes and revert to the previous settings. 10. Click Apply to save the settings. Note: Selection of the Authentication Protocol, usually PAP or CHAP, is configured on the individual IKE policy screens.

  • Page 147: Configuring The Prosafe Dgfv338

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Configuring the ProSafe DGFV338 Two menus must be configured—the Mode Config menu and the IKE Policies menu. To configure the Mode Config menu: 1. From the main menu, select VPN, and then select Mode Config from the submenu. The Mode Config screen will display.
  • Page 148 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-23 To configure an IKE Policy: 1. From the main menu, select VPN. The IKE Policies screen will display showing the current policies in the List of IKE Policies Table.
  • Page 149 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual a. Enter a description name in the Policy Name Field such as “salesperson”. This name will be used as part of the remote identifier in the VPN client configuration. b. Set Direction/Type to Responder.

  • Page 150: Configuring The Prosafe Vpn Client For Modeconfig

    10. Click Apply. The new policy will appear in the IKE Policies Table (a sample policy is shown below) Figure 5-24 Configuring the ProSafe VPN Client for ModeConfig From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN client connection. To configure the client PC: 5-36 Virtual Private Networking v1.0, May 2008...
  • Page 151 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Right-click the VPN client icon in the Windows toolbar. In the upper left of the Policy Editor window, click the New Policy editor icon. a. Give the connection a descriptive name such as “modecfg_test” (this name will only be used internally).
  • Page 152 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual d. Under Virtual Adapter pull-down menu, select Preferred. The Internal Network IP Address should be 0.0.0.0. Note: If no box is displayed for Internal Network IP Address, go to Options/ Global Policy Settings, and check the box for “Allow to Specify Internal...
  • Page 153 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 5-27 5. Click on Key Exchange (Phase 2) on the left-side of the menu and select Proposal 1. Enter the values to match your configuration of the ProSafe DGFV338 ModeConfig Record menu. (The SA Lifetime can be longer, such as 8 hours (28800 seconds)).

  • Page 154: Configuring Keepalives And Dead Peer Detection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To test the connection: 1. Right-click on the VPN client icon in the Windows toolbar and select Connect. The connection policy you configured will appear; in this case “My Connections\modecfg_test”.

  • Page 155: Configuring Dead Peer Detection

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. In the General menu frame of the Edit VPN Policy menu, locate the keepalive configuration settings, as shown in Figure 5-29: Figure 5-29 4. Click the Yes radio button to Enable Keepalive.

  • Page 156: Configuring Netbios Bridging With Vpn

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. In the IKE SA Parameters menu frame of the Edit IKE Policy menu, locate the Dead Peer Detection configuration settings, as shown in Figure 5-30. Figure 5-30 4. Click the Yes radio button to Enable Dead Peer Detection.
  • Page 157 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. In the General menu frame of the Edit VPN Policy menu, click the Enable NetBIOS check box, as shown in Figure 5-31. Figure 5-31 4. Click Apply at the bottom of the menu.
  • Page 158 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 5-44 Virtual Private Networking v1.0, May 2008...

  • Page 159: Router And Network Management

    Chapter 6 Router and Network Management This chapter describes how to use the network management features of your ProSafe Wireless ADSL Modem VPN Firewall Router. The DGFV338 offers many tools for managing the network traffic to optimize its performance. You can also control administrator access, be alerted to important events requiring prompt action, monitor the firewall status, perform diagnostics, upgrade firmware, and manage the firewall configuration file.
  • Page 160 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Block sites • Source MAC filtering Service Blocking Note: This feature is for Advanced Administrators only! Incorrect configuration will cause serious problems. You can control specific outbound traffic (i.e., from LAN to WAN and from DMZ to WAN).
  • Page 161 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Services. You can specify the desired Services or applications to be covered by this rule. If the desired service or application does not appear in the list, you must define it using the Services menu (see “Services”...

  • Page 162: Features That Increase Traffic

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Keyword (and domain name) blocking – You can specify up to 32 words that, should they appear in the Web site name (i.e., URL) or in a newsgroup name, will cause that site or newsgroup to be blocked by the wireless firewall.
  • Page 163 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Port Forwarding The firewall always blocks DoS (Denial of Service) attacks. A DoS attack does not attempt to steal data or damage your PCs, but overloads your Internet connection so you can not use it (i.e., the service is unavailable).
  • Page 164 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual – Any: The rule applies to all Internet IP address. – Single address: The rule applies to a single Internet IP address. – Address range: The rule is applied to a range of Internet IP addresses.

  • Page 165: Using Qos To Shift The Traffic Mix

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual VPN Tunnels The wireless firewall permits up to 50 VPN tunnels at a time. Each tunnel requires extensive processing for encryption and authentication. Chapter 5, “Virtual Private Networking” for the procedure on how to use this feature.

  • Page 166: Changing The Passwords And Login Time-Out

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Changing the Passwords and Login Time-out The default passwords for the firewall’s Web Configuration Manager is password. NETGEAR recommends that you change this password to a more secure password. To change the password: 1.

  • Page 167: Enabling Remote Management Access

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The password and time-out values you entered will revert back to password and 5 minutes, respectively, after a factory default reset. Enabling Remote Management Access Using the Remote Management page, you can allow an administrator on the Internet to configure, upgrade, and check the status of your ProSafe DGFV338.
  • Page 168 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Specify which external addresses will be allowed to access the firewall’s remote management. Note: For enhanced security, restrict access to as few external IP addresses as practical. a. To allow access from any IP address on the Internet, select Everyone.

  • Page 169: Using The Command Line Interface

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Tip: If you are using a dynamic DNS service such as TZO, you can always identify the IP address of your DGFV338 by running tracert from the Windows Start menu Run option. For example, tracert your DGFV338.mynetgear.net and you will see the IP address your ISP...

  • Page 170: Traffic Limits Reached

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Traffic Limits Reached Figure 6-3 shows the Internet Traffic screen that is invoked by clicking Internet Traffic under WAN Setup on the Main Menu bar. The ADSL and Ethernet ports are programmed separately. A WAN port shuts down once its traffic limit is reached when this feature is enabled.
  • Page 171 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 6-4 Table 6-1. Router Status Item Description System Name This is the Account Name that you entered in the Basic Settings page. Firmware Version This is the current software the router is using. This will change if you upgrade your router.

  • Page 172: Wan Ports

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 6-1. Router Status (continued) Item Description LAN Port Information These are the current settings for MAC address, IP address, DHCP role and Subnet Mask that you set in the LAN IP Setup page. DHCP can be either Server or None.

  • Page 173: Internet Traffic

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To check Dynamic DNS status: 1. Select Network Configuration from the main menu and Dynamic DNS from the submenu. The Dynamic DNS Configuration screen will display. 2. Check the DNS provider radio box on the WAN port for which you have service.
  • Page 174 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 6-6 6-16 Router and Network Management v1.0, May 2008...

  • Page 175: Lan Ports And Attached Devices

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual LAN Ports and Attached Devices Known PCs and Devices The Known PCs and Devices table contains a table of all IP devices that the firewall has discovered on the local network. This screen is accessible from the Administration main menu and the LAN Groups submenu.
  • Page 176 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The Known PCs and Devices table lists all current entries in the Network Database. For each PC or device, the following data is displayed. Table 6-2. Known PCs and Devices table...

  • Page 177: Firewall Security

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Port Triggering Status The Port Triggering Status screen is available from the Port Triggering screen accessible under Security on the main menu. Only one PC can use a Port Triggering application at any time. When the PC has finished using the application, a time-out period occurs before another PC can use the Port triggering.
  • Page 178 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Click to view logs Select the types of logs to email. Enable emailing of logs. Set a schedule to send email. logs. Enable Syslogs server. Figure 6-10 6-20 Router and Network Management...

  • Page 179: Vpn Tunnels

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To invoke the Log screen, click the View Log link on the Logs and E-mail screen. Figure 6-11 VPN Tunnels You can view the VPN Logs by selecting Monitoring on the main menu and VPN Logs on the submenu.

  • Page 180: Using An Snmp Manager

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Select VPN from the main menu and Connection Status from the submenu to display the status of IPSec connections. You can change the status of a connection; to either establish or drop the Security Association (SA).
  • Page 181 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The SNMP Configuration table lists the SNMP configurations by: • IP Address: The IP address of the SNMP manager. • Port: The trap port of the configuration. • Community: The trap community string of the configuration.

  • Page 182: Configuration File Management

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 3. Click Add to create the new configuration. The entry will display in the SNMP Configuration table. The SNMP System Info option arrow at the top of the tab opens the SNMP SysConfiguration menu that displays the SNMP System contact information available to the SNMP manager.
  • Page 183 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Revert to the factory default settings. • Upgrade the wireless firewall firmware from a saved file on your hard disk to use a different firmware version. Backup and Restore Settings To backup your settings: 1.

  • Page 184: Upgrading The Router And Dsl Firmware

    Upgrading the Router and DSL Firmware The latest versions of firewall and DSL firmware are available on the NETGEAR website. You can install router firmware or DSL firmware from the Settings Backup and Firmware Upgrade screen.
  • Page 185 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 4. Follow the To Upgrade steps to download your firmware. Note: The router firmware and the DSL firmware are separate files. Be sure to download the correct DSL firmware for your country or region.

  • Page 186: Configuring Date And Time Service

    4. Select a NTP Server option by checking one of the following radio boxes: • Use Default NTP Servers: The RTC is updated regularly by contacting a Netgear NTP server on the Internet. A primary and secondary (backup) server are preloaded.
  • Page 187 NTP Server in the Server 1 Name/IP Address field. You can enter the address of a backup NTP server in the Server 2 Name/IP Address field. If you select this option and leave either the Server 1 or Server 2 fields empty, they will be set to the default Netgear NTP servers.
  • Page 188 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 6-30 Router and Network Management v1.0, May 2008...

  • Page 189: Lan Configuration

    Chapter 7 LAN Configuration This chapter describes how to configure the advanced LAN features of your ProSafe Wireless ADSL Modem VPN Firewall Router. These features can be found by selecting Network Configuration from the primary menu and LAN Setup from the submenu of the browser interface.

  • Page 190: Configuring The Lan Setup Options

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The DGFV338 will deliver the following parameters to any LAN device that requests DHCP: • An IP Address from the range you have defined. • Subnet Mask. • Gateway IP Address (the DGFV338’s LAN IP address).
  • Page 191 DHCP server to LAN devices: a. Domain — (Optional) A domain name, such as netgear.com, that may be used for processes such as DNS lookups. b. Starting IP Address — The first of the contiguous addresses in the IP address pool.

  • Page 192: Managing Groups And Hosts

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Managing Groups and Hosts The DGFV338 automatically maintains a Network Database of all known PCs and network devices on the LAN. PCs and devices become known by the following methods: •...
  • Page 193 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual The Network Database is managed from the LAN Groups menu. To reach this menu, select Network Configuration from the main menu and LAN Setup from the submenu, then click the LAN Groups tab.

  • Page 194: Assigning A Host To A Group

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 7-1. Item Description Known PCs and This table lists all current entries in the Network Database. For each PC or Devices device, the following data is displayed. • Check box – Use this to select a PC for editing or deletion.

  • Page 195: Changing The Group Names

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To configure the group assignment of a device that already appears in the The Known PCs and Devices table: 1. Click the Edit button next to the device entry in the Known PCs and Devices table. The Edit Groups and Hosts menu appears.

  • Page 196: Reserving An Ip Address For A Host

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. From the top of the LAN Groups menu, click Edit Group Names to display the Network Database Group Names menu. Figure 7-4 2. Select the radio button next to the group name to be changed.

  • Page 197: Configuring Lan Multi-Homing

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 7-5 To reserve an IP address when manually entering a new host: 1. When entering the host information in Add Known PCs and Devices, select Reserved (DHCP Client) from the IP Address Type pull-down menu, as shown in Figure 7-5.
  • Page 198 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Multi-homing is managed from the LAN Multi-homing menu. To reach this menu, select Network Configuration from the main menu and LAN Setup from the submenu, then click the LAN Multi-homing tab.

  • Page 199: Configuring Static Routes And Rip

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 1. Click Edit in the Action column adjacent to the selected entry. The Edit Secondary LAN IP Setup screen will display. 2. Modify the IP Address and Subnet Mask fields and click Apply or click Reset to discard any changes and revert to the previous settings.
  • Page 200 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Figure 7-7 4. Select Active to make this route effective. 5. Select Private if you want to limit access to the LAN only. The private static route will not be advertised in RIP.

  • Page 201: Routing Information Protocol (Rip)

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Routing Information Protocol (RIP) RIP (Routing Information Protocol, RFC 2453) is an Interior Gateway Protocol (IGP) that is commonly used in internal networks (LANs). It allows a router to exchange its routing information automatically with other routers, and allows it to dynamically adjust its routing tables and adapt to changes in the network.

  • Page 202: Static Route Example

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • None – The DGFV338 neither broadcasts its route table nor does it accept any RIP packets from other routers. This effectively disables RIP. • Both – The DGFV338 broadcasts its routing table and also processes RIP information received from other routers.
  • Page 203 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual In this case you must define a static route, telling your DGFV338 that 172.16.0.0 should be accessed through the ISDN router at 192.168.1.100. In this example: • The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 172.16.x.x addresses.
  • Page 204 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual 7-16 LAN Configuration v1.0, May 2008...

  • Page 205: Troubleshooting

    Chapter 8 Troubleshooting This chapter gives information about troubleshooting your ProSafe Wireless ADSL Modem VPN Firewall Router. After each problem description, instructions are provided to help you diagnose and solve the problem. This chapter includes the following sections: • “Basic Functions” on page 8-1 •...

  • Page 206: Power Led Not On

    • Check that you are using the 12 V DC power adapter supplied by NETGEAR for this product. If the error persists, you have a hardware problem and should contact technical support.

  • Page 207: Troubleshooting The Web Configuration Interface

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Troubleshooting the Web Configuration Interface If you are unable to access the firewall’s Web Configuration interface from a PC on your local network, check the following: • Check the Ethernet connection between the PC and the firewall as described in the previous section.

  • Page 208: Troubleshooting The Isp Connection

    Web Configuration Manager. To check the WAN IP address: 1. Launch your browser and select an external site such as www.netgear.com 2. Access the Main Menu of the firewall’s configuration at http://192.168.1.1 3. Under the Management heading, select Router Status 4.

  • Page 209: Troubleshooting A Tcp/Ip Network Using A Ping Utility

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Your ISP may require a login program. Ask your ISP whether they require a PPP over Ethernet (PPPoE) or some other type of login. (If ADSL, ask if they require either a PPPoE or a PPPoA login.) •...

  • Page 210: Testing The Path From Your Pc To A Remote Device

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual To ping the firewall from a PC running Windows 95 or later: 1. From the Windows toolbar, click on the Start button and select Run. 2. In the field provided, type Ping followed by the IP address of the firewall, as in this example: ping 192.168.1.1...

  • Page 211: Restoring The Default Configuration And Password

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual • Check that your PC has the IP address of your firewall listed as the default gateway. If the IP configuration of your PC is assigned by DHCP, this information will not be visible in your PC’s Network Control Panel.

  • Page 212: Problems With Date And Time

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Problems with Date and Time The E-Mail menu in the Content Filtering section displays the current date and time of day. The ProSafe DGFV338 uses the Network Time Protocol (NTP) to obtain the current time from one of several Network Time Servers on the Internet.
  • Page 213 VPN gateway LAN will be sent over the VPN tunnel. Perform a DNS A DNS (Domain Name Server) converts the Internet name (e.g. www.netgear.com) to Lookup an IP address. If you need the IP address of a Web, FTP, Mail or other Server on the Internet, you can do a DNS lookup to find the IP address.
  • Page 214 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table 8-1. Diagnostics (continued) Item Description Reboot the Router Use this button to perform a remote reboot (restart). You can use this if the Router seems to have become unstable or is not operating normally.

  • Page 215: Default Settings And Technical Specifications

    Appendix A Default Settings and Technical Specifications Default Factory Settings You can use the reset button located on the front of your device to reset all settings to their factory defaults. This is called a hard reset. • To perform a hard reset, push and hold the reset button for approximately 10 seconds (until the TEST LED blinks rapidly).
  • Page 216 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table A-1. Default Configuration Settings (continued) Feature Default Behavior Lan IP Address 192.168.1.1 Subnet Mask 255.255.255.0 Gateway Address 0.0.0.0 RIP Direction None RIP Version Disabled RIP Authentication None DHCP Server...

  • Page 217: Technical Specifications

    DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table A-1. Default Configuration Settings (continued) Feature Default Behavior Output Power Full Access Point Disabled Authentication Type Open System Wireless Card Access List All wireless stations allowed a. Maximum Wireless signal rate derived from IEEE Standard 802.11 specifications. Actual throughput will vary.
  • Page 218 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Table A-2. Technical Specifications Specification Description Electromagnetic Emissions Meets requirements of: FCC Part 15 Class B VCCI Class B EN 55 022 (CISPR 22), Class B Interface Specifications LAN: 10BASE-T or 100BASE-Tx, RJ-45...

  • Page 219: Appendix B Related Documents

    Appendix B Related Documents This appendix provides links to reference documents you can use to gain a more complete understanding of the technologies used in your NETGEAR product. Document Link Internet Networking and http://documentation.netgear.com/reference/enu/tcpip/index.htm TCP/IP Addressing: Wireless http://documentation.netgear.com/reference/enu/wireless/index.htm Communications: Preparing a Computer for http://documentation.netgear.com/reference/enu/wsdhcp/index.htm...
  • Page 220 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Related Documents v1.0, May 2008...
  • Page 221 Index Numerics Beacon Interval 3-20 Block Sites 4-21 802.11b 3-5 reducing traffic 6-3 802.11g 3-5 Block Sites screen 4-22 Block TCP Flood 4-19 block traffic access with schedule 4-31 administrator and guest 6-7 remote management 6-9 Access Control List 3-7 Active Self Certificates 5-23 about 5-23 Add Mode Config Record screen 5-33...
  • Page 222 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual dual WAN ports 5-1 Dynamic DNS Data Encryption configuration of 2-19 AES 3-12, 3-15, 3-16 configuring 2-19 TKIP 3-14 status 6-15 Date Dynamic DNS screen 2-20 setting 6-28 DynDNS screen 2-20...
  • Page 223 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual FQDN 2-19 IPsec Host XAUTH, with ModeConfig 5-35 Fragmentation Length 3-20 ISP connection,troubleshooting 8-4 fully qualified domain name. See FQDN keepalive, VPN 5-40 Gateway VPN Tunnel creating 5-2 Keyword Blocking 4-21...
  • Page 224 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual about 7-9 example 4-6 multi home LAN IPs 7-9 Outbound Services field descriptions 4-4 multi-NAT 2-16 example 4-12 multiplexing method, ADSL 2-5 package contents 1-6 Password 2-8, 2-10 password 1-9...
  • Page 225 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual Rules Inbound 4-3 RADIUS Server Outbound 4-3 configuring 5-30 screen 4-3 RADIUS-CHAP 5-28, 5-29 rules AUTH, using with 5-28 blocking traffic 4-2 RADIUS-PAP 5-28 inbound 4-7 XAUTH, using with 5-28...
  • Page 226 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual configuring 6-23 Traffic Meter global access 6-23 field descriptions 2-23 host only access 6-23 programming 2-22 subnet access 6-23 traffic meter SNMP screen 6-23 programming 2-24 Source MAC Filtering 4-23...
  • Page 227 DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual configuring PC, example 5-18 wireless security options 3-2 VPN Wizard example 5-16 MAC Address restricting 3-2 SSID off 3-2 VPN Policies screen 5-4 WEP 3-3 VPN Policy WPA/WPA2 with RADIUS 3-3...

Table of Contents