Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual
Have a look at the manual Netgear Netgar VPN FIrewall FVS336Gv2 Reference Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 137 Netgear manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Monitor System Access and Performance 569 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 8. Click the Apply button. Your settings are saved. Enable and Schedule Emailing of Logs Although you can view the logs onscreen, the VPN firewall provides the convenience of emailing the logs to a specific email address. To enable and schedule emailing of logs: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. System Logs Option Select which system events are logged: • Change of Time by NTP. Logs a message when the system time changes after a request from an NTP server. • Login Attempts. Logs a message when a login is attempted. Both successful and failed login attempts are logged. • Secure Login Attempts. Logs a message when a secure login is attempted. Both successful and failed secure login attempts are logged. • Reboots. Logs a message when the VPN firewall is rebooted through the web management interface. (No message is logged when you press the Factory Defaults reset button.) • All Unicast Traffic. Logs all incoming unicast packets. • All Broadcast/Multicast Traffic. Logs all incoming broadcast and multicast packets. • WAN Status. Logs WAN link status–related events. • Resolved DNS Names. Logs all resolved DNS names. • VPN. Logs all VPN negotiation messages. • DHCP Server. Logs all DHCP server messages. Other Event Logs Source MAC Filter Select this check box to log packets from MAC addresses that match the source MAC address filter settings. Session Limit Select this check box to log packets that are dropped because the session limit is exceeded. Bandwidth Limit Select this check box to log packets that are dropped because the bandwidth limit is exceeded. SettingDescription
Monitor System Access and Performance 570 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Monitoring > Firewall Logs & E-mail. The Firewall Logs & E-mail screen displays. The following figure shows the middle section only. 7. Enter the settings as described in the following table. SettingDescription Enable E-mail Logs In the Do you want logs to be emailed to you? section, select the Ye s radio button to enable the VPN firewall to email logs to a specified email address. Complete the fields on the right. By default, the No radio button is selected to prevent the logs from being emailed. E-Mail Server Address The IP address or Internet name of your ISP’s outgoing email SMTP server. Note:If you leave this field blank, the VPN firewall cannot send email logs and alerts. Return E-Mail Address The email address of the sender for email identification purposes. For example, enter [email protected].
Monitor System Access and Performance 571 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 8. Click the Apply button. Your settings are saved. Enable the Syslogs If you have a syslog server, you can enable the syslog of the VPN firewall. For information about sending syslogs from one site to another over a gateway-to-gateway VPN tunnel, see Send Syslogs over a VPN Tunnel Between Sites on page 576. To enable the syslogs: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. Send to E-Mail AddressThe email address to which the logs are sent. Typically, this is the email address of the administrator. Custom SMTP Port The port number of the SMTP server for the outgoing email. Select the SMTP server authentication for the outgoing email: • No Authentication. The SMTP server does not require authentication. • Login Plain. The SMTP server requires authentication with regular login. Specify the user name and password to be used for authentication. • CRAM-MD5. The SMTP server requires authentication with CRAM-MD5 login. Specify the user name and password to be used for authentication. Username The user name for SMTP server authentication. Password The password for SMTP server authentication. Respond to Identd from SMTP ServerTo respond to Ident protocol messages, select the Respond to Identd from SMTP Server check box. The Ident protocol is a relatively weak scheme to verify the sender of an email. (A common daemon program for providing the Ident service is Identd.) Send e-mail logs by Schedule Unit Enter a schedule for sending the logs. From the Unit menu, select one of the following: • Hourly. The VPN firewall sends logs every hour. • Daily. The VPN firewall sends logs daily. Specify the time and meridiem. • Weekly. The VPN firewall sends logs weekly. Specify the day, time, and meridiem. By default, the menu selection is Never and the VPN firewall does not send logs. Day From the Day menu, select the day on which the VPN firewall sends logs. Time From the Time menu, select the hour on which the VPN firewall sends logs and select either the a.m. or p.m. radio button. SettingDescription
Monitor System Access and Performance 572 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Monitoring > Firewall Logs & E-mail. The Firewall Logs & E-mail screen displays. The following figure shows the bottom section only. 7. Enter the settings as described in the following table. SettingDescription Enable SysLogs Do you want to enable syslog? To enable the VPN firewall to send logs to a specified syslog server, select the Ye s radio button. Complete the fields on the right. To prevent the logs from being sent, select the No radio button, which is the default setting.
Monitor System Access and Performance 573 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 8. Click the Apply button. Your settings are saved. View the Routing Logs, System Logs, and Other Event Logs You can view the routing logs, system logs, and other event logs onscreen. You can manually send the logs to an email address and clear the logs. To view the routing logs, system logs, and other event logs and send the logs to an email address or clear the logs: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. SysLog Server The IP address or FQDN of the syslog server. SysLog Severity All the logs with a severity that is equal to and above the severity that you specify are logged on the specified syslog server. For example, if you select LOG_CRITICAL as the severity, the logs with the severities LOG_CRITICAL, LOG_ALERT, and LOG_EMERG are logged. Select a syslog severity from the menu: • LOG DEBUG. Debug-level messages. • LOG INFO. Informational messages. • LOG NOTICE. Normal but significant conditions. • LOG WARNING. Warning conditions. • LOG ERROR. Error conditions. • LOG CRITICAL. Critical conditions. • LOG ALERT. An action must be taken immediately. • LOG EMERG. The VPN firewall is unusable. SettingDescription
Monitor System Access and Performance 574 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 6. Select Monitoring > Firewall Logs & E-mail. The Firewall Logs & E-mail screen displays. 7. Click the View Log option arrow in the upper right. The View Log screen displays the logs. 8. To send the logs to the email address that is specified on the Firewall Logs & E-mail screen, click the Send Log button. 9. To clear the logs, click the Clear Log button. 10. To refresh the information onscreen, click the Refresh Log button. View the DNS Logs The VPN firewall logs a message when a DNS address is resolved for a LAN host. You can view the DNS logs onscreen. To view the DNS logs or clear the DNS logs: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain.
Monitor System Access and Performance 575 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Monitoring > Firewall Logs & E-mail. The Firewall Logs & E-mail screen displays. 7. Click the DNS Logs option arrow in the upper right. The DNS Logs screen displays. 8. To clear the logs, click the Clear Log button. 9. To refresh the information onscreen, click the Refresh Log button. View the NTP Logs The VPN firewall logs a message when an NTP event occurs. You can view the NTP logs onscreen. To view the NTP logs or clear the NTP logs: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter the IP address that was assigned to the VPN firewall during the installation process. The VPN firewall factory default IP address is 192.168.1.1. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password.
Monitor System Access and Performance 576 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. 6. Select Monitoring > Firewall Logs & E-mail. The Firewall Logs & E-mail screen displays. 7. Click the NTP Logs option arrow in the upper right. The NTP Logs screen displays. 8. To clear the logs, click the Clear Log button. 9. To refresh the information onscreen, click the Refresh Log button. Send Syslogs over a VPN Tunnel Between Sites This section describes how to send syslogs from one site to another over a gateway-to-gateway VPN tunnel. The high-level steps that describe the actions that you must take to send syslogs from one site to another over a gateway-to-gateway VPN tunnel, that is, a VPN tunnel between two VPN firewalls: 1. At Site 1, set up a syslog server that is connected to Gateway 1. 2. At Site 1, set up a VPN tunnel between Gateway 1 and Gateway 2 at Site 2 (see Configure the VPN Tunnel on Gateway 1 at Site 1 on page 577). 3. At Site 1, change the remote IP address in the VPN policy on Gateway 1 to the WAN IP address of Gateway 2 at Site 2 (see Change the Remote IP Address in the VPN Policy on Gateway 1 at Site 1 on page 578).
Monitor System Access and Performance 577 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 4. At Site 2, set up a VPN tunnel between Gateway 2 and Gateway 1 at Site 1 (see Configure the VPN Tunnel on Gateway 2 at Site 2 on page 579) 5. At Site 2, change the local IP address in the VPN policy on Gateway 2 to the WAN IP address of Gateway 2 (see Change the Remote IP Address in the VPN Policy on Gateway 2 at Site 2 on page 580). 6. At Site 2, specify that Gateway 2 must send the syslogs to the syslog server at Site 1 (see On the Gateway at Site 2, Specify the Syslog Server on Site 1 on page 581). The sections listed describe Steps 2 through 6, using the topology that is described in the following table. After you have completed the steps, the VPN tunnel is established automatically and the syslogs are sent to the syslog server at Site 1. For information about verifying the VPN connection, see View the VPN Connection Status, L2TP Users, and PPTP Users on page 592. Configure the VPN Tunnel on Gateway 1 at Site 1 The following procedure describes how to set up a VPN tunnel at Site 1 between Gateway 1 at Site 1 and Gateway 2 at Site 2. To create a gateway-to-gateway VPN tunnel on Gateway 1 at Site 1 to Gateway 2 at Site 2, using the IPSec VPN wizard: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter 10.0.0.1 if you log in from the WAN or enter 192.168.10.0 if you log in from the LAN. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. Type of AddressGateway 1 at Site 1Gateway 2 at Site 2 WAN IP address 10.0.0.1 10.0.0.2 LAN IP address 192.168.10.0 192.168.20.0 LAN subnet mask 255.255.255.0 255.255.255.0 LAN IP address syslog server 192.168.10.2 Not applicable
Monitor System Access and Performance 578 ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv2 The Router Status screen displays. 6. Select VPN > IPSec VPN > VPN Wizard. The VPN Wizard screen displays. 7. Configure a gateway-to-gateway VPN tunnel using the following information: •Connection name. Any name of your choice •Pre-shared key. Any key of your choice •Remote WAN IP address. 10.0.0.2 •Local WAN IP address. 10.0.0.1 •Remote LAN IP address. 192.168.20.0 •Remote LAN subnet mask. 255.255.255.0 8. Click the Apply button. Your settings are saved. Change the Remote IP Address in the VPN Policy on Gateway 1 at Site 1 The following procedure describes how to change the remote IP address in the VPN policy on Gateway 1 at Site 1 to the WAN IP address of Gateway 2 at Site 2. To change the remote IP address in the VPN policy on Gateway 1 at Site 1: 1. On your computer, launch an Internet browser. 2. In the address field of your browser, enter 10.0.0.1 if you log in from the WAN or enter 192.168.10.0 if you log in from the LAN. The NETGEAR Configuration Manager Login screen displays. 3. In the Username field, type your user name and in the Password / Passcode field, type your password. For the default administrative account, the default user name is admin and the default password is password. 4. If you changed the default domain or were assigned a domain, from the Domain menu, select the domain. If you did not change the domain or were not assigned a domain, leave the menu selection at geardomain. 5. Click the Login button. The Router Status screen displays. Select VPN > IPSec VPN > VPN Policies. The VPN Policy screen displays. 6. Next to the policy name for the Gateway 1–to–Gateway 2 autopolicy, click the Edit button. The Edit VPN Policy screen displays.