Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual
Have a look at the manual Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Optimize Performance and Manage Your System 549 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Administration > Settings Backup & Upgrade. The Settings Backup and Firmware Upgrade screen displays. 7. To the left of the Restore button, click the Browse button. 8. Locate and select the previously saved backup file (by default, FVS336GV2.cfg). WARNING: Once you start restoring settings, do not interrupt the process. Do not try to go online, turn off the VPN firewall, shut down the computer, or do anything else to the VPN firewall until the settings are fully restored. 9. Click the Restore button. A warning message might display and you might need to confirm that you want to restore the configuration. The VPN firewall reboots. During the reboot process, the Settings Backup and Firmware Upgrade screen might remain visible or a status message with a counter might show the number of seconds left until the reboot process is complete. The reboot process takes about 160 seconds. (If you can see the unit: The reboot process is complete when the Test LED on the front panel goes off.)
Optimize Performance and Manage Your System 550 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 Upgrade the Firmware You can install a different version of the VPN firewall firmware. For information about how to view the current version of the firmware that the VPN firewall is running, see Display an Overview of the VPN Firewall Addresses and Firmware Version on page 582. Note:In some cases, such as a major upgrade, it might be necessary to erase the configuration and manually reconfigure your VPN firewall after upgrading it. See the firmware release notes that NETGEAR makes available. To download a firmware version and upgrade the firmware: 1. Visit the NETGEAR website at http://support.netgear.com. 2. Navigate to the FVS336GV2 support page and click the Downloads tab. 3. Click the desired firmware version to reach the download page. Be sure to read the release notes on the download page before upgrading the VPN firewall’s software. 4. On your computer, launch an Internet browser. 5. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 6. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 7. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 8. Click the Login button. The Router Status screen displays. 9. Select Administration > Settings Backup & Upgrade. The Settings Backup and Firmware Upgrade screen displays.
Optimize Performance and Manage Your System 551 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 10. To the left of the Upgrade button, click the Browse button. 11. Follow the directions of your browser to locate and select the downloaded firmware file. WARNING: After you have started the firmware installation process, do not interrupt the process. Do not try to go online, turn off the VPN firewall, or do anything else to the VPN firewall until the VPN firewall has fully rebooted. 12. Click the Upload button. The upgrade process starts. During the upgrade process, the Settings Backup and Firmware Upgrade screen remains visible and a status bar shows the progress of the upgrade process. The upgrade process can take up to 10 minutes. When the status bar shows that the upgrade process is complete, it can take another 10 minutes before the VPN firewall reboots. (If you can see the unit: The reboot process is complete when the Test LED on the front panel goes off.) 13. When the reboot process is complete, log in to the VPN firewall again (see Step 4 through Step 8). 14. To verify the firmware version, select Monitoring. The Router Status screen displays, showing the new firmware version in the System Info section. Revert to Factory Default Settings To restore the factory default settings you can either use the Factory Defaults reset button or the web management interface. If you have lost the administration password, you must use the Factory Default reset button.
Optimize Performance and Manage Your System 552 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 WARNING: When you press the hardware Factory Defaults reset button or use the web management interface to reset the VPN firewall to factory default settings, all custom VPN firewall settings are erased. All firewall rules, VPN policies, LAN and WAN settings, and other settings are lost. Back up your settings if you intend to use them. Note:After you reboot with factory default settings, the VPN firewall’s password is password, and the LAN IP address is 192.168.1.1. The following sections provide information about reverting to factory default settings: •Revert to Factory Default Settings by Using the Factory Defaults Reset Button •Revert to Factory Default Settings by Using the Web Management Interface Revert to Factory Default Settings by Using the Factory Defaults Reset Button The following procedure describes how to use the Factory Defaults reset button on the back panel (see Back Panel on page 20) to reset the VPN firewall to the original factory defaults settings. To use the Factory Defaults reset button to reset the VPN firewall to the original factory defaults settings: 1. Using a sharp object, press and hold the Factory Defaults reset button on the back panel for about 8 seconds or until the Test LED lights and begins to blink. Note:Pressing the Factory Defaults reset button for a shorter period might cause the VPN firewall to reboot instead of resetting to factory defaults. 2. Release the Factory Defaults reset button. The VPN firewall reboots. The reboot process takes about 160 seconds. The reboot process is complete when the Test LED on the front panel turns off. Revert to Factory Default Settings by Using the Web Management Interface The following procedure describes how to use the web management interface to reset the VPN firewall to the original factory defaults settings. To use the web management interface to reset the VPN firewall to factory defaults settings: 1. On your computer, launch an Internet browser.
Optimize Performance and Manage Your System 553 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Administration > Settings Backup & Upgrade. The Settings Backup and Firmware Upgrade screen displays. WARNING: Once you start restoring the default settings, do not interrupt the process. Do not try to go online, turn off the VPN firewall, shut down the computer, or do anything else to the VPN firewall until the default settings are fully restored. 7. Click the Default button. The VPN firewall reboots. During the reboot process, the Settings Backup and Firmware Upgrade screen might remain visible or a status message with a counter might show the
Optimize Performance and Manage Your System 554 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 number of seconds left until the reboot process is complete. The reboot process takes about 160 seconds. (If you can see the unit: The reboot process is complete when the Test LED on the front panel turns off.) Configure Date and Time Service You can configure date, time, and NTP server designations. Network Time Protocol (NTP) is a protocol that is used to synchronize computer clock times in a network of computers. Setting the correct system time and time zone ensures that the date and time recorded in the VPN firewall logs and reports are accurate. Note:If you select the default NTP servers or if you enter a custom server FQDN, the VPN firewall determines the IP address of the NTP server by performing a DNS lookup. Before the VPN firewall can perform this lookup, you must configure a DNS server address (see Configure the IPv4 Internet Connection and WAN Settings on page 30). To set time, date, and NTP servers: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Administration > Time Zone. The Time Zone screen displays.
Optimize Performance and Manage Your System 555 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 The bottom of the screen displays the current weekday, date, time, time zone, and year. In the example in the previous figure, the following displays: Current Time: Wednesday, May 28, 2014, 01:03:52 (GMT +0000). 7. Enter the settings as described in the following table. SettingDescription Date/Time From the menu, select the local time zone in which the VPN firewall operates. The correct time zone is required for scheduling to work correctly. Automatically Adjust for Daylight Savings TimeIf you live in a region that observes daylight savings time, select the Automatically Adjust for Daylight Savings Time check box. By default, the check box is cleared. Resolve IPv6 address for serversSelect this check box to force the use of IPv6 addresses and FQDN (domain name) resolution in the Server 1 Name / IP Address and Server 2 Name / IP Address fields when you select the Use Custom NTP Servers radio button.
Optimize Performance and Manage Your System 556 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 8. Click the Apply button. Your settings are saved. Select NTP Mode In all three NTP modes, the VPN firewall functions both as a client and a server. The VPN firewall synchronizes its clock with the specified NTP server or servers and provides time service to clients. From the menu, select the NTP mode: • Authoritative Mode. The VPN firewall synchronizes its clock with the specified NTP server or servers on the Internet. If external servers are unreachable, the VPN firewall’s RTC provides time service to clients. In authoritative mode, you can enter a stratum value and set the date and time manually. • Sync to NTP Servers on Internet. The VPN firewall synchronizes its clock with the specified NTP server or servers on the Internet. If external servers are unreachable, the VPN firewall does not use its RTC. • Sync to NTP Servers on VPN. The VPN firewall synchronizes its clock with the specified NTP server on the VPN. If the server is unreachable, the VPN firewall does not use its RTC. You must select a VPN policy that enables the VPN firewall to contact the NTP server on the VPN. Select Stratum In authoritative mode, enter a stratum value, which indicates the distance from a reference clock. The default value is 10, which specifies an unsynchronized local clock and causes NTP to use the VPN firewall’s RTC when the specified NTP server is not available. Set date and time manuallyThis is an optional setting that is available in authoritative mode. Select the Set date and time manually check box to unmask the time (hour, minute, second), Day, Month, and Year fields. Enter the date and time. Select VPN Policy When the VPN firewall is configured to synchronize to an NTP server on the VPN, select the VPN policy from the menu. For information about configuring VPN policies, see Manage VPN Policies on page 378. NTP Servers (default or custom)Select an NTP server option: • Use Default NTP Servers. The VPN firewall regularly updates its RTC by contacting a default NETGEAR NTP server on the Internet. • Use Custom NTP Servers. The VPN firewall regularly updates its RTC by contacting one of two custom NTP servers (primary and backup), both of which you must specify in the fields that become available with this selection. Note:If you select the Use Custom NTP Servers option but leave either the Server 1 Name / IP Address or Server 2 Name / IP Address field blank, both fields are set to the default NETGEAR NTP servers. Note:A list of public NTP servers is available at http://support.ntp.org/bin/view/Servers/WebHome. NTP Servers (custom) In the Server 1 Name / IP Address field, enter the IP address or host name of the primary NTP server. In the Server 2 Name / IP Address field, enter the IP address or host name of the backup NTP server. SettingDescription
557 12 12. Monitor System Access and Performance This chapter describes the system-monitoring features of the VPN firewall. You can be alerted to important events such WAN traffic limits reached, login failures, and attacks. You can also view status information about the firewall, WAN ports, LAN ports, active VPN users and tunnels, and more. In addition, the diagnostics utilities are described. The chapter contains the following sections: •Configure and Enable the WAN IPv4 Traffic Meter •Manage the LAN IPv4 Traffic Meter •Manage Logging, Alerts, and Event Notifications •View the Status and Statistics of the VPN Firewall and Its Traffic Note:All log and report functions and some diagnostic functions require that you configure the email notification server. See Manage Logging, Alerts, and Event Notifications on page 567.
Monitor System Access and Performance 558 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 Configure and Enable the WAN IPv4 Traffic Meter If your ISP charges by traffic volume over a given period, or if you want to study traffic types over a period, you can activate the traffic meter for IPV4 traffic on a WAN interface. For information about displaying the Internet traffic that is measured by the WAN IPv4 traffic meter, see Display Internet Traffic by Type of Traffic. Note:When you enable the WAN IPv4 traffic meter, the performance of the VPN firewall might be affected slightly. To configure and monitor traffic limits for a WAN IPv4 interface: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Monitoring > Traffic Meter. The WAN Traffic Meter tabs display, with the WAN1 Traffic Meter screen in view. Note:The Internet Traffic Statistics section in the lower part displays statistics on Internet traffic through the WAN port. If you did not enable the traffic meter, these statistics are not available.