Home > Netgear > Router > Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual

Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual

Download as PDF Print this page Share this page

Have a look at the manual Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

662

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

View all the pages

Add page 171 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
170 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu,
select the domain.
If you did not change the domain or were not assigned a domain, leave the menu
selection at geardomain.
5. Click the Login button.
The Router Status screen displays.
6. Select Network Configuration > LAN Settings.
The LAN Setup screen displays the IPv4 settings.
7. In the upper right, select the IPv6 radio button.
The LAN Setup screen displays the IPv6 settings.
8. In the List of IPv6 Address Pools table, click the Edit button for the address pool that you
want to change.
The LAN IPv6 Config screen displays.
9. Change the settings.
For information about the settings, see Add an IPv6 LAN Address Pool on page 168.
10. Click the Apply button.
Your settings are saved. The modified address pool displays in the List of IPv6 Address
Pools table on the LAN Setup screen.
Remove One or More IPv6 LAN Address Pools
The following procedure describes how you can remove one or more existing IPv6 LAN
address pools that you no longer need.
To remove one or more IPv6 LAN address pools:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.

Add page 172 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
171 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu,
select the domain.
If you did not change the domain or were not assigned a domain, leave the menu
selection at geardomain.
5. Click the Login button.
The Router Status screen displays.
6. Select Network Configuration > LAN Settings.
The LAN Setup screen displays the IPv4 settings.
7. In the upper right, select the IPv6 radio button.
The LAN Setup screen displays the IPv6 settings.
8. In the List of IPv6 Address Pools table, select the check box to the left of each address
pool that you want to remove, or click the Select All button to select all address pools.
9. Click the Delete button.
The selected address pools are removed from the List of IPv6 Address Pools table.
Manage the IPv6 Router Advertisement Daemon for the LAN
If you do not configure stateful DHCPv6 for the LAN but use stateless DHCPv6, you must
enable the Router Advertisement Deamon (RADVD).
This requirement applies to both a stateless DHCPv6 server without prefix delegation and a
stateless DHCPv6 server with prefix delegation.
If you enabled the ISP DHCPv6 server to assign a prefix through prefix delegation to the VPN
firewall (see
Use a DHCPv6 Server to Configure an IPv6 Internet Connection Automatically
on page 90), you do not need to add advertisement prefixes but have the option do so.
However, if you did not enable the ISP DHCPv6 server to assign a prefix through prefix
delegation to the VPN firewall, you must add advertisement prefixes.
The following sections provide information about managing the IPv6 RADVD for the LAN:
•IPv6 Router Advertisement Daemon for the LAN
•Configure the IPv6 Router Advertisement Daemon for the LAN
•View Automatically Added Advertisement Prefixes for the LAN and Manually Add
Advertisement Prefixes
•Change an Advertisement Prefix for the LAN
•Remove One or More Advertisement Prefixes for the LAN

Add page 173 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
172 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
IPv6 Router Advertisement Daemon for the LAN
The RADVD is an application that uses the Neighbor Discovery Protocol (NDP) to collect
link-local advertisements of IPv6 addresses and IPv6 prefixes in the LAN. The RADVD then
distributes this information in the LAN, which allows IPv6 clients to configure their own IPv6
address.
Hosts and routers in the LAN use NDP to determine the link-layer addresses and related
information of neighbors in the LAN that can forward packets on their behalf. The VPN
firewall periodically distributes router advertisements (RAs) throughout the LAN to provide
such information to the hosts and routers in the LAN. RAs include IPv6 addresses, types of
prefixes, prefix addresses, prefix lifetimes, the maximum transmission unit (MTU), and so on.
In addition to configuring the RADVD, you also must configure the prefixes that are
advertised in the LAN RAs.
The following table shows how the VPN firewall obtains information in the LAN if you
configure a stateless DHCPv6 server and the RADVD.
When the Managed flag is set in the RADVD, the DHCPv6 server can assign IP addresses
and the RADVD also assigns IP addresses in the sense that it provides information that
allows IPv6 clients to configure their own IPv6 address.
When the Other flag is set, the DHCPv6 server does not assign IP addresses but provides
DNS server and other configuration information only.
Configure the IPv6 Router Advertisement Daemon for the LAN
The following procedure describes how to configure the Router Advertisement Daemon
(RADVD) for the LAN.
To configure the RADVD for the LAN:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
Table 2. DHCPv6 and RADVD interaction in the LAN
Flags in the RADVDDHCPv6 Server ProvidesRADVD Provides
Managed RA flag is set.• IP address assignmenta
• DNS server and other configuration
information
a. Both the DHCPv6 server and the RADVD can assign IP addresses.
• IP address assignmenta
• Prefix
• Prefix length
• Gateway address
Other RA flag is set. DNS server and other configuration information• IP address assignment
• Prefix
• Prefix length
• Gateway address

Add page 174 to Favourites

image text

Enable zoom

							Configure the IPv6 LAN Settings 
173  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type 
your password.
For the default administrative account, the default user name is admin and the default 
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu, 
select the domain.
If you did not change the domain or were not assigned a domain, leave the menu 
selection at geardomain.
5. Click the Login button.
The Router Status screen displays.
6. Select Network Configuration > LAN Settings.
The LAN Setup screen displays the IPv4 settings.
7. In the upper right, select the IPv6 radio button. 
The LAN Setup screen displays the IPv6 settings. The following figure shows some 
examples.
8. Click the RADVD option arrow in the upper right.
The following figure shows some examples.

Add page 175 to Favourites

image text

Enable zoom

							Configure the IPv6 LAN Settings 
174 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
9. Enter the settings as described in the following table.
SettingDescription
RADVD Status From the RADVD Status menu, select Enable. The RADVD is enabled, and the 
RADVD fields are available.
The default selection is Disable. The RADVD is disabled, and the RADVD fields are 
masked out.
Advertise Mode Select the advertisement mode:
• Unsolicited Multicast. The VPN firewall advertises unsolicited multicast packets 
at a rate that is specified by the advertisement interval.
• Unicast only. The VPN firewall responds to unicast packet requests only. No 
unsolicited packets are advertised. Select this option for nonbroadcast multiple 
access (NBMA) links such as ISATAP.
Advertise Interval Enter the advertisement interval of unsolicited multicast packets in seconds. The 
minimum value is 10 seconds; the maximum value is 1800 seconds.
RA Flags Select what type of information the DHCPv6 server provides in the LAN:
• Managed. The DHCPv6 server is used for autoconfiguration of the IP address.
• Other. The DHCPv6 server is not used for autoconfiguration of the IP address, 
but other configuration information such as DNS information is available through 
the DHCPv6 server.
Note:Irrespective of the RA flag settings, the RADVD provides information about the 
prefix, prefix length, and gateway addresses and is also used for autoconfiguration of 
the IP address.

Add page 176 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
175 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
10. Click the Apply button.
Your settings are saved.
View Automatically Added Advertisement Prefixes for the LAN and Manually
Add Advertisement Prefixes
If you enabled the ISP DHCPv6 server to assign a prefix through prefix delegation to the VPN
firewall (see
Use a DHCPv6 Server to Configure an IPv6 Internet Connection Automatically
on page 90), you do not need to add advertisement prefixes but have the option do so.
If you did not enable the ISP DHCPv6 server to assign a prefix through prefix delegation to
the VPN firewall, you must add advertisement prefixes. You must configure the prefixes that
are advertised in the LAN router advertisements (RAs). For a 6to4 address, you must specify
only the site level aggregation identifier (SLA ID) and the prefix lifetime. For a global, local, or
ISATAP address, you must specify the prefix, prefix length, and prefix lifetime.
To view automatically added advertisement prefixes and add an advertisement prefix
for the LAN:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu,
select the domain.
Router Preference Select the VPN firewall’s preference in relation to other hosts and routers in the LAN:
• Low. The VPN firewall is treated as a nonpreferred router in the LAN.
• Medium. The VPN firewall is treated as a neutral router in the LAN.
• High. The VPN firewall is treated as a preferred router in the LAN.
MTU The maximum transmission unit (MTU) size for a packet in one transmission over a
link. The default setting is 1500.
Router Lifetime The router lifetime specifies how long the default route that was created as a result of
the router advertisement must remain valid.
Enter the router lifetime in seconds. This is the period that the advertised prefixes are
valid for route determination. The default period is 3600 seconds (one hour). The
minimum value is 30 seconds; the maximum value is 9000 seconds.
SettingDescription

Add page 177 to Favourites

image text

Enable zoom

							Configure the IPv6 LAN Settings 
176 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 
If you did not change the domain or were not assigned a domain, leave the menu 
selection at geardomain.
5. Click the Login button.
The Router Status screen displays.
6. Select Network Configuration > LAN Settings.
The LAN Setup screen displays the IPv4 settings.
7. In the upper right, select the IPv6 radio button. 
The LAN Setup screen displays the IPv6 settings. The following figure shows some 
examples.
8. Click the RADVD option arrow in the upper right. 
The following figure shows some examples.

Add page 178 to Favourites

image text

Enable zoom

							Configure the IPv6 LAN Settings 
177  ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
If you enabled the ISP DHCPv6 server to assign a prefix through prefix delegation to the 
VPN firewall (see 
Use a DHCPv6 Server to Configure an IPv6 Internet Connection 
Automatically on page 90), the advertisement prefixes that are based on the ISPs 
assignment are shown in the List of Prefixes to Advertise table. Advertisement prefixes 
that you add manually also show in the table.
9. Under the List of Prefixes to Advertise table, click the Add button.
The Add Advertise Prefixes screen displays.

Add page 179 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
178 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
10. Enter the settings as described in the following table.
11. Click the Apply button.
Your settings are saved. The new advertisement prefix is added to the List of Prefixes to
Advertise table on the RADVD screen for the LAN.
Change an Advertisement Prefix for the LAN
The following procedure describes how to change an existing advertisement prefix for the
LAN.
To change an advertisement prefix for the LAN:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu,
select the domain.
SettingDescription
IPv6 Prefix Type Select the IPv6 prefix type:
• 6to4. The prefix is for a 6to4 address. You must select a WAN interface from the
6to4Interface menu and complete the SLA ID field and Prefix Lifetime field. The
other fields are masked out.
• Global/Local/ISATAP. The prefix is for a global, local, or ISATAP address. This
must be a global prefix or a site-local prefix; it cannot be a link-local prefix. You
must complete the IPv6 Prefix field, IPv6 Prefix Length field, and Prefix
Lifetime field. The 6to4Interface menu and SLA ID field are masked out.
6to4Interface Select a WAN interface from the menu.
SLA ID Enter the site level aggregation identifier (SLA ID) for the 6to4 address prefix that
must be included in the advertisement.
IPv6 Prefix Enter the IPv6 prefix for the VPN firewall’s LAN that must be included in the
advertisement.
IPv6 Prefix Length Enter the IPv6 prefix length (typically 64) that must be included in the advertisement.
Prefix Lifetime The prefix lifetime specifies how long the IP address that was created as a result of
the router advertisement must remain valid.
Enter the prefix lifetime in seconds that must be included in the advertisement. The
minimum period is 0 seconds; the maximum period is 65536 seconds.

Add page 180 to Favourites

image text

Enable zoom

Configure the IPv6 LAN Settings
179 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2
If you did not change the domain or were not assigned a domain, leave the menu
selection at geardomain.
5. Click the Login button.
The Router Status screen displays.
6. Select Network Configuration > LAN Settings.
The LAN Setup screen displays the IPv4 settings.
7. In the upper right, select the IPv6 radio button.
The LAN Setup screen displays the IPv6 settings.
8. Click the RADVD option arrow in the upper right.
The RADVD screen for the LAN displays.
9. In the List of Prefixes to Advertise table, click the Edit button for the advertisement prefix
that you want to change.
The Add Advertisement Prefix screen displays.
10. Change the settings.
For information about the settings, see View Automatically Added Advertisement Prefixes
for the LAN and Manually Add Advertisement Prefixes on page 175.
11. Click the Apply button.
Your settings are saved. The modified advertisement prefix displays in the List of Prefixes
to Advertise table on the RADVD screen for the LAN.
Remove One or More Advertisement Prefixes for the LAN
The following procedure describes how to remove one or more advertisement prefixes that
you no longer need for the LAN.
To remove one or more advertisement prefixes for the LAN:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
4. If you changed the default domain or were assigned a domain, from the Domain menu,
select the domain.

All Netgear manuals Comments (0)

Related Manuals for Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual

Netgear Cm500 High Speed Cable Modem Docsis 3 0 User Manual
26 pages | Netgear Router
Netgear Cm400 High Speed Cable Modem Docsis 3 0 User Manual
24 pages | Netgear Router
Netgear Cm1000 Ultra High Speed Cable Modem Docsis 3 1 Ready User Manual
25 pages | Netgear Router
Netgear Centria Wndr4700 Wndr4720 Media Storage Router User Manual
140 pages | Netgear Router
Netgear C7100v High Speed Cable Modem Router User Manual
124 pages | Netgear Router
Netgear C7000 Nighthawk Ac1900 Wifi Cable Modem Router User Manual
110 pages | Netgear Router
Netgear C6900 High Speed Cable Modem Router User Manual
91 pages | Netgear Router
Netgear C6300 Ac1750 Wifi Cable Modem Router User Manual
102 pages | Netgear Router
Netgear C6250 Ac1600 Wifi Cable Modem Router User Manual
198 pages | Netgear Router
Netgear C6220 Docsis 3 0 High Speed Wifi Cable Modem Router User Manual
103 pages | Netgear Router
Netgear C3700 N600 Wifi Cable Modem Router User Manual
101 pages | Netgear Router