Page 1 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA M-10177-01 Version 1.1 December 2003 December 2003, M-10177-01...
Page 2 In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
Page 3 Bestätigung des Herstellers/Importeurs Es wird hiermit bestätigt, daß das ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P gemäß der im BMPT-AmtsblVfg 243/1991 und Vfg 46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kann jedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.
Page 4 December 2003, M-10177-01...
Page 5: Table Of Contents
Cabling and Computer Hardware Requirements .............3-1 Computer Network Configuration Requirements .............3-1 Internet Configuration Requirements ...............3-2 Where Do I Get the Internet Configuration Parameters? .........3-2 Record Your Internet Connection Information ............3-3 Connecting the FWG114P Wireless Firewall/Print Server ..........3-4 How to Connect the FWG114P ................3-4 Contents M-10146-01...
Page 6 Connecting the FWG114P Wireless Firewall/Print Server to the Internet .......3-8 How to Auto-Detect Your Internet Connection Type ..........3-8 How to Complete the Wizard-Detected Login Account Setup ........3-10 How to Complete the Wizard-Detected Dynamic IP Account Setup ...... 3-11 How to Complete Wizard-Detected Fixed IP Account Setup .........3-13 How to Configure the Serial Port as the Primary Internet Connection ......3-14...
Page 7 Print Server Printing Options ......................7-1 For Windows XP and 2000, Use TCP/IP LPR Printing ...........7-2 For Windows 95/98/Me, Use the Netgear Printer Port Driver .........7-5 Printing from the Macintosh ....................7-8 Windows Printer Port Management ................7-9 Troubleshooting the Print Server .................. 7-11...
Page 8 Erasing the Configuration ..................8-8 Changing the Administrator Password ................8-8 Chapter 9 Advanced Configuration Using the WAN Setup Options ..................9-1 How to Configure Dynamic DNS ..................9-3 Using the LAN IP Setup Options ..................9-5 Configuring LAN TCP/IP Setup Parameters ............9-5 Using the Router as a DHCP server ................9-7 Using Address Reservation ..................9-7 Configuring Static Routes ....................9-8 Enabling Remote Management Access ...............9-10...
Page 9 Netmask ........................B-4 Subnet Addressing ....................B-5 Private IP Addresses ....................B-7 Single IP Address Operation Using NAT ............... B-8 MAC Addresses and Address Resolution Protocol ..........B-9 Related Documents ....................B-9 Domain Name Server .................... B-10 IP Configuration by DHCP ................... B-10 Internet Security and Firewalls ..................
Page 10 Verifying the Readiness of Your Internet Account ............C-18 Are Login Protocols Used? ................... C-18 What Is Your Configuration Information? .............. C-18 Obtaining ISP Configuration Information for Windows Computers ....... C-19 Obtaining ISP Configuration Information for Macintosh Computers ..... C-20 Restarting the Network ....................
Page 11 Index Contents M-10146-01...
Page 12 Contents M-10146-01...
Page 13: About This Manual
Congratulations on your purchase of the NETGEAR ® ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P. This chapter introduces important features of this manual. Audience, Conventions, Scope This reference manual assumes that the reader has basic-to-intermediate computer and Internet skills. However, basic computer network, Internet, firewall, and networking technology tutorial information is provided in the Appendices.
Page 14: How To Use This Manual
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P How to Use this Manual The HTML version of this manual includes a variety of navigation features as well as links to PDF versions of the full manual and individual chapters.
Page 15: How To Print This Manual
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P How to Print this Manual To print this manual you may choose one of the following several options, according to your needs. • Printing a “How To” Sequence of Steps in the HTML View. Use the Print button the upper right of the toolbar to print the currently displayed topic.
Page 16 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P About This Manual December 2003, M-10177-01...
Page 17: Introduction
Internet access for up to 253 personal computers. In addition to NAT, the built-in firewall protects you from hackers. With minimum setup, you can install and use the router within minutes. The FWG114P Wireless Firewall/Print Server provides the following features: •...
Page 18: Full Routing On Both The Broadband And Serial Ports
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Full Routing on Both the Broadband and Serial Ports You can install, configure, and operate the FWG114P to take full advantage of a variety of routing options on both the serial and broadband WAN ports, including: •...
Page 19: A Powerful, True Firewall With Content Filtering
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P A Powerful, True Firewall with Content Filtering Unlike simple Internet sharing NAT routers, the FWG114P is a true firewall, using stateful packet inspection to defend against hacker attacks. Its firewall features include: •...
Page 20: Autosensing Ethernet Connections With Auto Uplink
Internet service provider (ISP). This technique, known as NAT, allows the use of an inexpensive single-user ISP account. This feature can also be turned off completely for using the FWG114P in settings where you want to manage the IP address scheme of your organization.
Page 21: Easy Installation And Management
• Regional support, including ISPs like Telstra DSL and BigPond or Deutsche Telekom. Maintenance and Support NETGEAR offers the following features to help you maximize your use of the FWG114P Wireless Firewall/Print Server: • Flash memory for firmware upgrades •...
Page 22: Package Contents
— Application Notes and other helpful information. • Registration and Warranty Card. If any of the parts are incorrect, missing, or damaged, contact your NETGEAR dealer. Keep the carton, including the original packing materials, in case you need to return the router for repair. Introduction...
Page 23: The Fwg114P Front Panel
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The FWG114P Front Panel The front panel of the FWG114P Wireless Firewall/Print Server contains the status LEDs described below. You can use the LEDs to verify various operations. Viewed from left to right, Table 2-1 describes the LEDs on the front panel of the router.
Page 24 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table 2-1. LED Descriptions MODEM Blinking Data is being transmitted or received by the Modem port. LINK On (Amber) The port has detected a link with an attached device.
Page 25: The Fwg114P Rear Panel
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The FWG114P Rear Panel The rear panel of the FWG114P Wireless Firewall/Print Server contains the port connections listed below. LO CA L 10/100M IN TER N ET MODEM 12VDC, 1.0A...
Page 26 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 2-10 Introduction December 2003, M-10177-01...
Page 27: Connecting The Fwg114P To The Internet
This chapter describes how to set up the router on your local area network (LAN) and connect to the Internet. You will find out how to configure your ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P for Internet access using the Setup Wizard, or how to manually configure your Internet connection.
Page 28: Internet Configuration Requirements
• You may also refer to the FWG114P Resource CD for the NETGEAR Router ISP Guide which provides Internet connection information for many ISPs. Once you locate your Internet configuration parameters, you may want to record them on the page below.
Page 29: Record Your Internet Connection Information
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Record Your Internet Connection Information Print this page. Fill in the configuration parameters from your Internet Service Provider (ISP). ISP Login Name: The login name and password are case sensitive and must be entered exactly as given by your ISP.
Page 30: Connecting The Fwg114P Wireless Firewall/Print Server
Connecting the FWG114P Wireless Firewall/Print Server This section provides instructions for connecting the FWG114P Wireless Firewall/Print Server. Also, the Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P (SW-10023-01) included with your router contains an animated Installation Assistant to help you through this procedure.
Page 31 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Connect the Ethernet cable from the broadband modem to the FWG114P Internet port (A). LO CA L 10/100M IN TER N ET MODEM 12VDC, 1.0A FWG114P ProSafe 802.11g Wireless Firewall/Print Server...
Page 32 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Verify the following: • When your turn the router on, the power light goes on. • The router’s local lights are lit for any computers that are connected to it.
Page 33 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P A login window opens as shown here: Figure 3-5: Login window For security reasons, the firewall has its own user name and password. When prompted, enter admin for the firewall User Name and...
Page 34: Connecting The Fwg114P Wireless Firewall/Print Server To The Internet
ISP to connect to the Internet. If you choose not to use NAT, each computer on the LAN connected to the FWG114P must have a valid public IP address in the same subnet as the Wan port of the FWG114P. For more information on NAT, please see “Single IP Address Operation Using NAT”...
Page 35 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P When the Wizard launches, select Yes in the menu below to allow the firewall to automatically determine your connection. Figure 3-7: Setup Wizard Note: If you do not see the Setup Wizard, click the Setup Wizard link in the upper left to bring up this menu.
Page 36: How To Complete The Wizard-Detected Login Account Setup
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P How to Complete the Wizard-Detected Login Account Setup If the Setup Wizard determines that your Internet service account uses a login protocol such as PPP over Ethernet (PPPoE), you will be directed to a menu like the PPPoE menu in...
Page 37: How To Complete The Wizard-Detected Dynamic Ip Account Setup
Note: If you enter an address here, after you finish configuring the firewall, reboot your PCs so that the settings take effect. Click Apply to save your settings. Click Test to test your Internet connection. If the NETGEAR website does not appear within one minute, refer to Chapter 8, “Troubleshooting”.
Page 38 Note: DNS servers are required to perform the function of translating an Internet name such as www.netgear.com to a numeric IP address. For a fixed IP address configuration, you must obtain DNS server addresses from your ISP and enter them manually here. You should reboot your PCs after configuring the firewall for these settings to take effect.
Page 39: How To Complete Wizard-Detected Fixed Ip Account Setup
Note: DNS servers are required to perform the function of translating an Internet name such as www.netgear.com to a numeric IP address. For a fixed IP address configuration, you must obtain DNS server addresses from your ISP and enter them manually here. You should reboot your PCs after configuring the firewall for these settings to take effect.
Page 40: How To Configure The Serial Port As The Primary Internet Connection
Follow the steps below to configure a serial port Internet connection on your firewall. Connect the Firewall to your ISDN or dial-up modem Turn off your modem and connect the cable from the serial port of the FWG114P to the modem.
Page 41 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Figure 3-11: Serial Internet Connection configuration menu Fill in the ISDN or analog ISP Internet configuration parameters as appropriate: • For a Dial-up Account, enter the Account information. Check “Connect as required”...
Page 42: Testing Your Internet Connection
Note: You can validate modem string settings by first connecting the modem directly to a computer, establishing a connection to your ISP, and then copying the modem string settings from the computer configuration and pasting them into the FWG114P Modem Properties Initial String field. For more information on this procedure, please refer to the support area of the NETGEAR Web site.
Page 43: Manually Configuring Your Internet Connection
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Manually Configuring Your Internet Connection You can manually configure your firewall using the menu below, or you can allow the Setup Wizard to determine your configuration as described in the previous section.
Page 44: How To Manually Configure The Primary Internet Connection
Note: Disabling NAT will reboot the router and reset all the FWG114P configuration settings to the factory default. Disable NAT only if you plan to install the FWG114P in a setting where you will be manually administering the IP address space on the LAN side of the router.
Page 45 ISP. Or, select “Use This MAC Address” and enter it. Click Apply to save your settings. Click Test to test your Internet connection. If the NETGEAR website does not appear within one minute, refer to Chapter 8, “Troubleshooting.”...
Page 46 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 3-20 Connecting the FWG114P to the Internet December 2003, M-10177-01...
Page 47: Wireless Configuration
Observing Performance, Placement, and Range Guidelines In planning your wireless network, you should consider the level of security required. You should also select the physical placement of your FWG114P in order to maximize the network speed. For further information on wireless networking, refer to in Appendix D, “Wireless Networking...
Page 48: Implementing Appropriate Wireless Security
Restrict Access Based on MAC Address. You can allow only trusted PCs to connect so that unknown PCs cannot wirelessly connect to the FWG114P. Restricting access by MAC address adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed.
Page 49: Understanding Wireless Settings
Understanding Wireless Settings To configure the wireless settings of your FWG114P, click the Wireless link in the Setup section of the main menu. The wireless settings menu will appear, as shown below. Figure 4-2: Wireless Settings menu...
Page 50 SSID for that network. The FWG114P default SSID is: NETGEAR. — Region. This field identifies the region where the FWG114P can be used. It may not be legal to operate the wireless features of the wireless firewall/print server in a region other than one of those identified in this field.
Page 51 • WEP: If Shared or Open Network Authentication is enabled, you can manually or automatically program the four 64- or 128-bit WEP data encryption keys. Note: With Open Network Authentication and 64- or 128-bit WEP Data Encryption, the FWG114P does perform 64- or 128-bit data encryption but does not perform any authentication. Passphrase,...
Page 52: Default Factory Settings
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Default Factory Settings The FWG114P default factory settings shown below. You can restore these defaults with the Factory Default Restore button on the rear panel as seen in the illustration “FWG114P Rear Panel”...
Page 53: Before You Change The Ssid And Wep Settings
802.11b SSID, circle one: Open System or Shared Key Note: If you select shared key, the other devices in the network will not connect unless they are set to Shared Key as well and have the same keys used in the FWG114P. •...
Page 54: How To Set Up And Test Basic Wireless Connectivity
The SSID for any wireless device communicating with the access point must match the SSID configured in the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P. If they do not match, you will not get a wireless connection to the FWG114P. Set the Channel.
Page 55: How To Restrict Wireless Access By Mac Address
Program the wireless adapter of your PCs to have the same SSID that you configured in the FWG114P. Check that they have a wireless link and are able to obtain an IP address by DHCP from the wireless firewall/print server.
Page 56: How To Configure Wep
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P How to Configure WEP Note: When changing the wireless settings from a wireless computer, you will lose your wireless connection when you click Apply. You must then either configure your wireless adapter to match the new wireless settings or access the wireless firewall/print server from a wired computer to make any further changes.
Page 57: How To Configure Wpa-Psk
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Click the Wireless link in the Setup section of the main menu of the FWG114P. Choose WPA as the Network Authentication option. Click the Configure 802.1x button. Enter the RADIUS settings.
Page 58 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 4-12 Wireless Configuration December 2003, M-10177-01...
Page 59: Serial Port Configuration
(WAN), LAN, and serial network interfaces. Note: If you configure the serial port of the FWG114P as the primary Internet connection, you will not be able to configure the other serial port options. For instructions on configuring the serial port as the primary Internet connection, please see “Configuring a Serial Port as the Primary Internet...
Page 60: Configuring A Serial Port Modem
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Configuring a Serial Port Modem You can configure a serial port modem for any of the features described above. Be sure you have prepared the basic requirements listed below, then follow the ‘how to’ procedure.
Page 61: Configuring Auto-Rollover
Click Apply to save your settings. Configuring Auto-Rollover You can configure the serial port of the FWG114P to provide an auto-rollover backup connection for your broadband service. Be sure you have prepared the basic requirements listed below, then follow the ‘how to’ procedure.
Page 62: Configuring Dial-In On The Serial Port
Click Apply for the changes to take effect. Configuring Dial-in on the Serial Port Dial-in lets a single remote computer connect to the FWG114P through the serial port to gain access to LAN resources or a remote access server. Be sure you have prepared the basic requirements listed below, then follow the ‘how to’ procedure.
Page 63: Basic Requirements For Dial-In
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Basic Requirements for Dial-in Dial-in requires these elements: A broadband connection to the FWG114P. An analog phone line. A serial modem properly configured and attached to the DB9 connector on the serial port.
Page 64: Configuring Lan-To-Lan Settings
A serial modem properly configured and attached to the DB9 connector on the serial port. A broadband connection to one FWG114P for LAN-to-LAN auto-rollover Internet access. The LAN-to-LAN settings configured and applied to the two FWG114P wireless firewall/print servers. How to Configure LAN-to-LAN Connections Follow the steps below to configure a serial port LAN-to-LAN connection.
Page 65 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Figure 5-5: LAN-to-LAN configuration menu Configure the LAN-to-LAN settings. Note: The LAN subnet address of each FWG114P must be different. Click Apply for the changes to take effect. Serial Port Configuration...
Page 66 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Serial Port Configuration December 2003, M-10177-01M-10207-01, Reference Manual v2...
Page 67: Firewall Protection And Content Filtering
This chapter describes how to use the content filtering features of the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P to protect your network. These features can be found by clicking on the Content Filtering heading in the Main Menu of the browser interface.
Page 68: Blocking Sites
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Blocking Sites The FWG114P allows you to restrict access based on Web addresses and Web address keywords. Up to 255 entries are supported in the Keyword list. The Keyword Blocking menu is shown below: Figure 6-1: Block Sites menu To enable filtering, click the checkbox next to the type of filtering you want to enable.
Page 69: Using Rules To Block Or Allow Specific Kinds Of Traffic
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Keyword application examples: • If the keyword "XXX" is specified, the URL <http://www.badstuff.com/xxx.html> is blocked, as is the newsgroup alt.pictures.XXX. • If the keyword “.com” is specified, only websites with other domain suffixes (such as .edu or .gov) can be viewed.
Page 70 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P These default rules are shown in the Rules table of the Rules menu in Figure 6-2: Figure 6-2: Rules menu You can define additional rules that will specify exceptions to the default rules. By adding custom rules, you can block or allow access based on the service or application, source or destination IP addresses, and time of day.
Page 71: Inbound Rules (Port Forwarding)
Match - traffic of this type which matches the parameters and action will be logged. Inbound Rules (Port Forwarding) Because the FWG114P uses Network Address Translation (NAT), your network presents only one IP address to the Internet, and outside users cannot directly address any of your local computers.
Page 72: Inbound Rule Example: A Local Public Web Server
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Inbound Rule Example: A Local Public Web Server If you host a public Web server on your local network, you can define a rule to allow inbound Web (HTTP) requests from any outside IP address to the IP address of your Web server at any time of day.
Page 73: Considerations For Inbound Rules
Outbound Rules (Service Blocking) The FWG114P allows you to block the use of certain Internet services by PCs on your network. This is called service blocking or port filtering. You can define an outbound rule to block Internet access from a local computer based on: •...
Page 74: Outbound Rule Example: Blocking Instant Messenger
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Time of day • Type of service being requested (service port number) Outbound Rule Example: Blocking Instant Messenger If you want to block Instant Messenger usage by employees during working hours, you can create an outbound rule to block that application from any internal IP address to any external address according to the schedule that you have created in the Schedule menu.
Page 75: Rules Menu Options
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Rules Menu Options Use the Options checkboxes to enable the following: • Enable VPN Passthrough (IPSec, PPTP, L2TP) If LAN users need to use VPN (Virtual Private Networking) software on their computer, and connect to remote sites or servers, enable this checkbox.
Page 76: Services
1024 to 65535 by the authors of the application. Although the FWG114P already holds a list of many service port numbers, you are not limited to these choices. Use the Services menu to add additional services and applications to the list for use in defining firewall rules.
Page 77: Using A Schedule To Block Or Allow Specific Traffic
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Using a Schedule to Block or Allow Specific Traffic If you enabled content filtering in the Block Sites menu, or if you defined an outbound rule to use a schedule, you can set up a schedule for when blocking occurs or when access is restricted. The...
Page 78: Time Zone
Be sure to click Apply when you have finished configuring this menu. Time Zone The FWG114P Wireless Firewall/Print Server uses the Network Time Protocol (NTP) to obtain the current time and date from one of several Network Time Servers on the Internet. In order to localize the time for your log entries, you must specify your Time Zone: •...
Page 79: Getting E-Mail Notifications Of Event Logs And Alerts
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Getting E-Mail Notifications of Event Logs and Alerts In order to receive logs and alerts by e-mail, you must provide your e-mail information in the E-Mail subheading: Figure 6-7: E-mail menu •...
Page 80 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Tip: You used this information when you set up your e-mail program. If you cannot remember it, check the settings in your e-mail program. • Send E-mail alerts immediately. You can specify that logs are immediately sent to the specified e-mail address when any of the following events occur: –...
Page 81: Viewing Logs Of Web Access Or Attempted Web Access
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Viewing Logs of Web Access or Attempted Web Access The router will log security-related events such as denied incoming and outgoing service requests, hacker probes, and administrator logins. If you enable content filtering in the Block Sites menu, the Log page will also show you when someone on your network tries to access a blocked site.
Page 82: What To Include In Event Log
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Log entries are described in Table 6-1 Table 6-1. Log entry descriptions Field Description Date and Time The date and time the log entry was recorded. Description or The type of event and what action was taken if any.
Page 83: Enabling Syslog
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • All Web sites and news groups visited - If checked, all visited web sites and newsgroups are logged. • All Incoming TCP/UDP/ICMP traffic - If checked, all incoming TCP/UDP/ICMP connections and traffic is logged.
Page 84 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 6-18 Firewall Protection and Content Filtering December 2003, M-10177-01...
Page 85: Print Server
FWG114P. • For Windows 95/98/Me, NT4.0, 2000, and XP: Netgear Printer Port Driver — Install the Netgear Printer Port Driver on Each computer. — After installing the Print Port Driver from the Resource CD for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P (SW-10023-01) Windows users can print...
Page 86: For Windows Xp And 2000, Use Tcp/Ip Lpr Printing
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P For Windows XP and 2000, Use TCP/IP LPR Printing Follow these instructions to set up TCP/IP printing on your Windows XP and 2000 PCs. Install the FWG114P, connect your printer to the USB port on the FWG114P, and run the Windows Add Printer Wizard.
Page 87 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Complete the Add Standard TCP/IP Printer Port Wizard. Click Next to proceed with the Add Standard TCP/IP Printer Port Wizard. The Add Port screen will display. From the Add Port screen, enter 192.168.0.1, the FWG114P default LAN...
Page 88 Upon completion of the Add Printer Wizard, you will be prompted to print a test page. Check the printer attached to the FWG114P to see that the test page printed successfully If you are unable to print a test page, see “Troubleshooting the Print Server“...
Page 89: For Windows 95/98/Me, Use The Netgear Printer Port Driver
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P For Windows 95/98/Me, Use the Netgear Printer Port Driver Follow these instructions to set up the Netgear Printer Port Drive on Windows 9x PCs. Warning: If you are installing the Netgear...
Page 90 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Set up the Netgear printer port driver. Click Finish when the Installation Wizard is done. The Printer Port Setup utility displays, Netgear Printer Port Installation Wizard and queries the network to locate the Note: Under Windows95, you may receive print server in the FWG114P.
Page 91 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Identify the printer connected to the FWG114P USB printer port. From the Add Printer Wizard screen selection lists, find the manufacturer and model of the printer you connected to the USB port on the FWG114P.
Page 92: Printing From The Macintosh
– On the General tab page, click Print Test Page. Check the printer attached to the FWG114P to see that the test page printed successfully. If you are unable to print a test page, see “Troubleshooting the Print Server“ on page -11.
Page 93: Windows Printer Port Management
Windows. • If you change the printer attached to the FWG114P, run the Add Port program again and select the new printer. The options for the Print Port Driver are accessed via the Windows Port Settings button.
Page 94 Port If desired, click Browse Device to select a different device. The Select Device Port button supports multi-port models, but the FWG114P Wireless Firewall/Print Server is a single-port print server. The Port Name is shown in the Printer's Properties. •...
Page 95: Troubleshooting The Print Server
To remove an existing printer port installation: Open Start -> Settings -> Control Panel -> Add/Remove Programs. Look for an entry with a name like “NETGEAR ProSafe Firewall Router”, “NETGEAR Print Server”, "Print Server Driver" or "Print Server Port". Select this item, click Add/Remove, and confirm the deletion.
Page 96 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P For Network Path or Queue, enter a dummy value such as \\123, as shown below. Select NO for "Do you print for MS-DOS programs?". Click Next. Figure 7-2: Windows Add Printer Wizard The printer wizard will display a message stating that "The Network Printer is off-line".
Page 97 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Right-click the new printer and select Properties. Then select the Details tab, as shown below. Figure 7-3: Windows Printer Properties Click the Add Port button. On the resulting screen, select Other, then select the NETGEAR Print Server Port as the port to add.
Page 98 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Click OK to return to the Printers folders, and right-click on the new printer. Make sure that the Work Offline option is NOT checked. The new printer icon should no longer be grayed out, and the printer is ready for use.
Page 99: Maintenance
Chapter 8 Maintenance This chapter describes how to use the maintenance features of your ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P. These features are accessed via the Main Menu Maintenance heading. Viewing Wireless Firewall/Print Server Status Information The Router Status menu provides status and usage information. From the main menu of the browser interface, click on Maintenance, then select Router Status to view this screen.
Page 100 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The Router Status screen shows the following parameters: Table 8-1. Status Fields Field Description System Name The System Name assigned to the router. Firmware Version The router firmware version.
Page 101 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table 8-1. Status Fields Field Description Broadcast Name Identifies if the Name (SSID) is being broadcast. Serial Port Status The status of the serial port. Click the Details button to view the Serial Port Log, Port Status, Physical Link, PPP Link, PPP IP Address, Phone Line Speed, and Serial Line Speed.
Page 102 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table 8-1. Connection Status Fields (continued) Field Description Network Mask The WAN (Internet) Subnet Mask assigned to the router. Default Gateway The WAN (Internet) default gateway the router communicates with.
Page 103: Viewing A List Of Attached Devices
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table 8-1. Router Statistics Fields (continued) Field Description Collisions The number of collisions on this interface since reset or manual clear. Tx B/s The current transmission (outbound) bandwidth used on the interfaces.
Page 104: Upgrading The Router Software
The routing software of the FWG114P Wireless Firewall/Print Server is stored in FLASH memory, and can be upgraded as new software is released by NETGEAR. Upgrade files can be downloaded from Netgear's website. If the upgrade file is compressed (.ZIP file), you must first extract the binary file before sending it to the router.
Page 105: Restoring And Backing Up The Configuration
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P From the Main Menu of the browser interface, under the Maintenance heading, select the Settings Backup heading to bring up the menu shown below. Figure 8-5: Settings Backup menu Three options are available, and are described in the following sections.
Page 106: Erasing The Configuration
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Erasing the Configuration It is sometimes desirable to restore the router to a known blank condition. This can be done by using the Erase function, which will restore all factory settings. After an erase, the router's password will be password, the LAN IP address will be 192.168.0.1, and the router's DHCP client...
Page 107: Advanced Configuration
Advanced Configuration This chapter describes how to configure the advanced features of your ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P. These features can be found under the Advanced heading in the Main Menu of the browser interface. Using the WAN Setup Options The first feature category under the Advanced heading is WAN Setup.
Page 108 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. In locations where Internet access is billed by the minute, if this causes high connection costs, you can disable this setting.
Page 109: How To Configure Dynamic Dns
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Setting the MTU Size The default MTU size is usually fine. The normal MTU (Maximum Transmit Unit) value for most Ethernet networks is 1500 Bytes. For some ISPs, particularly those using PPPoE, you may need to reduce the MTU.
Page 110 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Access the website of one of the dynamic DNS service providers whose names appear in the ‘Select Service Provider’ box, and register for an account. For example, for dyndns.org, go to www.dyndns.org.
Page 111: Using The Lan Ip Setup Options
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Using the LAN IP Setup Options The second feature category under the Advanced heading is LAN IP Setup. This menu allows configuration of LAN IP services such as DHCP and RIP. From the Main Menu of the browser interface, under Advanced, click on LAN IP Setup to view the LAN IP Setup menu, shown below.
Page 112 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P These addresses are part of the IETF-designated private address range for use in private networks, and should be suitable in most applications. If your network has a requirement to use a different IP addressing scheme, you can make those changes in this menu.
Page 113: Using The Router As A Dhcp Server
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Using the Router as a DHCP server By default, the router will function as a DHCP (Dynamic Host Configuration Protocol) server, allowing it to assign IP, DNS server, and default gateway addresses to all computers connected to the router's LAN.
Page 114: Configuring Static Routes
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P In the IP Address box, type the IP address to assign to the computer or server. (choose an IP address from the router’s LAN subnet, such as 192.168.0.X) Type the MAC Address of the computer or server.
Page 115 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Figure 9-3. Static Route Entry and Edit Menu Type a route name for this static route in the Route Name box. (This is for identification purpose only.) Select Active to make this route effective.
Page 116: Enabling Remote Management Access
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Your company’s network is 134.177.0.0. When you first configured your router, two implicit static routes were created. A default route was created with your ISP as the gateway, and a second static route was created to your local network for all 192.168.0.x addresses.
Page 117: Using Universal Plug And Play (Upnp)
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P To allow access from a range of IP addresses on the Internet, select IP address range. Enter a beginning and ending IP address to define the allowed range. To allow access from a single IP address on the Internet, select Only this computer.
Page 118: Advanced Wireless Settings
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Turn UPnP On: UPnP can be enabled or disabled for automatic device configuration. The default setting for UPnP is enabled. If disabled, the router will not allow any device to automatically control the resources, such as port forwarding (mapping), of the router.
Page 119 Lets you restrict wireless connections according to a list of Trusted PCs MAC addresses. When the Trusted PCs Only radio button is selected, the FWG114P checks the MAC address of the wireless station and only allows connections to PCs identified on the trusted PCs list.
Page 120 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 9-14 Advanced Configuration December 2003, M-10177-01...
Page 121: Troubleshooting
• Check that you are using the 12 V DC power adapter supplied by NETGEAR for this product. If the error persists, you have a hardware problem and should contact technical support.
Page 122: Leds Never Turn Off
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P LEDs Never Turn Off When the router is turned on, the LEDs turns on for about 10 seconds and then turn off. If all the LEDs stay on, there is a fault within the router.
Page 123: Troubleshooting The Web Configuration Interface
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Troubleshooting the Web Configuration Interface If you are unable to access the router’s Web Configuration interface from a computer on your local network, check the following: • Check the Ethernet connection between the computer and the router as described in the previous section.
Page 124: Troubleshooting The Isp Connection
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Troubleshooting the ISP Connection If your router is unable to access the Internet, you should first determine whether the router is able to obtain a WAN IP address from the ISP. Unless you have been assigned a static IP address, your router must request an IP address from the ISP.
Page 125: Troubleshooting A Tcp/Ip Network Using A Ping Utility
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Configure your router to spoof your computer’s MAC address. This can be done in the Basic Settings menu. Refer to “Manually Configuring Your Internet Connection” on page 3-17. If your router can obtain an IP address, but your computer is unable to load any Web pages from the Internet: •...
Page 126: Testing The Path From Your Computer To A Remote Device
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Pinging <IP address> with 32 bytes of data If the path is working, you see this message: Reply from < IP address >: bytes=32 time=NN ms TTL=xxx If the path is not working, you see this message:...
Page 127: Restoring The Default Configuration And Password
The E-Mail menu in the Content Filtering section displays the current date and time of day. The FWG114P Wireless Firewall/Print Server uses the Network Time Protocol (NTP) to obtain the current time from one of several Network Time Servers on the Internet. Each entry in the log is stamped with the date and time of day.
Page 128 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P 10-8 Troubleshooting December 2003, M-10177-01...
Page 129: Technical Specifications
Appendix A Technical Specifications This appendix provides technical specifications for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P. Network Protocol and Standards Compatibility Data and Routing TCP/IP, RIP-1, RIP-2, DHCP Protocols: PPP over Ethernet (PPPoE) Power Adapter North America: 120V, 60 Hz, input...
Page 130 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Interface Specifications LAN: 10BASE-T or 100BASE-Tx, RJ-45 WAN: 10BASE-T or 100BASE-Tx Printer: USB v1.1 Serial: RS-232 male DB-9 connector Wireless Data Encoding: 802.11b: Direct Sequence Spread Spectrum (DSSS) 802.11g: Orthogonal Frequency Division Multiplexing (OFDM)
Page 131: Network, Routing, And Firewall Basics
Appendix B Network, Routing, and Firewall Basics This chapter provides an overview of IP networks, routing, and networking. Related Publications As you read this document, you may be directed to various RFC documents for further information. An RFC is a Request For Comment (RFC) published by the Internet Engineering Task Force (IETF), an open organization that defines the architecture and operation of the Internet.
Page 132: Routing Information Protocol
Routers vary in performance and scale, number of routing protocols supported, and types of physical WAN connection they support. The ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P is a small office router that routes the IP protocol over a single-user broadband connection.
Page 133 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P There are five standard classes of IP addresses. These address classes have different ways of determining the network and host sections of the address, allowing for different numbers of hosts on a network.
Page 134: Netmask
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Class D Class D addresses are used for multicasts (messages sent to many hosts). Class D addresses are in this range: 224.0.0.0 to 239.255.255.255. • Class E Class E addresses are for experimental use.
Page 135: Subnet Addressing
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Subnet Addressing By looking at the addressing structures, you can see that even with a Class C address, there are a large number of hosts per network. Such a structure is an inefficient use of addresses if each end of a routed link requires a different network number.
Page 136 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Note: The number 192.68.135.127 is not assigned because it is the broadcast address of the first subnet. The number 192.68.135.128 is not assigned because it is the network address of the second subnet.
Page 137: Private Ip Addresses
172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 Choose your private network number from this range. The DHCP server of the FWG114P Wireless Firewall/Print Server is preconfigured to automatically assign private addresses. Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines explained here.
Page 138: Single Ip Address Operation Using Nat
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Single IP Address Operation Using NAT In the past, if multiple PCs on a LAN needed to access the Internet simultaneously, you had to obtain a range of IP addresses from the ISP. This type of Internet account is more costly than a single-address account typically used by a single user with a modem, rather than a router.
Page 139: Mac Addresses And Address Resolution Protocol
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P This scheme offers the additional benefit of firewall-like protection because the internal LAN addresses are not available to the Internet through the translated connection. All incoming inquiries are filtered out by the router. This filtering can prevent intruders from probing your system.
Page 140: Domain Name Server
FWG114P Wireless Firewall/Print Server has the capacity to act as a DHCP server. The FWG114P Wireless Firewall/Print Server also functions as a DHCP client when connecting to the ISP. The firewall can automatically obtain an IP address, subnet mask, DNS server addresses, and a gateway address if the ISP provides this information by DHCP.
Page 141: What Is A Firewall
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P What is a Firewall? A firewall is a device that protects one network from another, while allowing communication between the two. A firewall incorporates the functions of the NAT router, while adding features for dealing with a hacker intrusion or attack.
Page 142: Category 5 Cable Quality
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table B-1. UTP Ethernet cable wiring, straight-through Wire color Signal Orange/White Transmit (Tx) + Orange Transmit (Tx) - Green/White Receive (Rx) + Blue Blue/White Green Receive (Rx) - Brown/White...
Page 143: Inside Twisted Pair Cables
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Inside Twisted Pair Cables For two devices to communicate, the transmitter of each device must be connected to the receiver of the other device. The crossover function is usually implemented internally as part of the circuitry in the device.
Page 144: Uplink Switches, Crossover Cables, And Mdi/Mdix Switching
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Figure B-3: Category 5 UTP Cable with Male RJ-45 Plug at Each End Note: Flat “silver satin” telephone cable may have the same RJ-45 plug. However, using telephone cable results in excessive collisions, causing the attached port to be partitioned or disconnected from the network.
Page 145 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The FWG114P Wireless Firewall/Print Server incorporates Auto Uplink technology (also called MDI/MDIX). Each LOCAL Ethernet port will automatically sense whether the Ethernet cable plugged into the port should have a normal connection (e.g. connecting to a computer) or an uplink connection (e.g.
Page 146 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P B-16 Network, Routing, and Firewall Basics December 2003, M-10177-01...
Page 147: Appendix C Preparing Your Network
Preparing Your Network This appendix describes how to prepare your network to connect to the Internet through the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P and how to verify the readiness of broadband Internet service from an Internet service provider (ISP).
Page 148: Configuring Windows 95, 98, And Me For Tcp/Ip Networking
“Appendix B, “Network, Routing, and Firewall Basics.” The FWG114P Wireless Firewall/Print Server is shipped preconfigured as a DHCP server. The firewall assigns the following TCP/IP configuration information automatically when the PCs are rebooted: •...
Page 149 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P You must have an Ethernet adapter, the TCP/IP protocol, and Client for Microsoft Networks. Note: It is not necessary to remove any other network components shown in the Network window in order to install the adapter, TCP/IP, or Client for Microsoft Networks.
Page 150: Enabling Dhcp To Automatically Configure Tcp/Ip Settings
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P If you need Client for Microsoft Networks: Click the Add button. Select Client, and then click Add. Select Microsoft. Select Client for Microsoft Networks, and then click OK. Restart your computer for the changes to take effect.
Page 151 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Verify the following settings as shown: • Client for Microsoft Network exists • Ethernet adapter is present • TCP/IP is present • Primary Network Logon is set to Windows logon Click on the Properties button.
Page 152: Selecting Windows' Internet Access Method
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • By default, the IP Address tab is open on this window. • Verify the following: Obtain an IP address automatically is selected. If not selected, click in the radio button to the left of it to select it.
Page 153: Configuring Windows Nt4, 2000 Or Xp For Ip Networking
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Type , and then click OK. winipcfg The IP Configuration window opens, which lists (among other things), your IP address, subnet mask, and default gateway. From the drop-down box, select your Ethernet adapter.
Page 154: Enabling Dhcp To Automatically Configure Tcp/Ip Settings
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Enabling DHCP to Automatically Configure TCP/IP Settings You will find there are many similarities in the procedures for different Windows systems when using DHCP to configure TCP/IP. The following steps will walk you through the configuration process for each of these versions of Windows.
Page 155 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Now you should be at the Local Area Network Connection Status window. This box displays the connection status, duration, speed, and activity statistics. • Administrator logon access rights are needed to use this window.
Page 156: Dhcp Configuration Of Tcp/Ip In Windows 2000
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Verify that the Obtain an IP address automatically radio button is selected. • Verify that Obtain DNS server address automatically radio button is selected. • Click the OK button.
Page 157 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Click on the My Network Places icon on the Windows desktop. This will bring up a window called Network and Dial-up Connections. • Right click on Local Area Connection and select Properties.
Page 158 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • With Internet Protocol (TCP/IP) selected, click on Properties to open the Internet Protocol (TCP/IP) Properties dialogue box. • Verify that • Obtain an IP address automatically is selected.
Page 159: Dhcp Configuration Of Tcp/Ip In Windows Nt4
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P DHCP Configuration of TCP/IP in Windows NT4 Once you have installed the network card, you need to configure the TCP/IP environment for Windows NT 4.0. Follow this procedure to configure TCP/IP with DHCP in Windows NT 4.0.
Page 160 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • Highlight the TCP/IP Protocol in the Network Protocols box, and click on the Properties button. C-14 Preparing Your Network December 2003, M-10177-01...
Page 161: Verifying Tcp/Ip Properties For Windows Xp, 2000, And Nt4
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • The TCP/IP Properties dialog box now displays. • Click the IP Address tab. • Select the radio button marked Obtain an IP address from a DHCP server. • Click OK. This completes the configuration of TCP/IP in Windows NT.
Page 162: Configuring The Macintosh For Tcp/Ip Networking
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P • The default gateway is 192.168.0.1 Type exit Configuring the Macintosh for TCP/IP Networking Beginning with Macintosh Operating System 7, TCP/IP is already installed on the Macintosh. On each networked Macintosh, you will need to configure TCP/IP to use DHCP.
Page 163: Verifying Tcp/Ip Properties For Macintosh Computers
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P If not already selected, select Built-in Ethernet in the Configure list. If not already selected, Select Using DHCP in the TCP/IP tab. Click Save. Verifying TCP/IP Properties for Macintosh Computers After your Macintosh is configured and has rebooted, you can check the TCP/IP configuration by returning to the TCP/IP Control Panel.
Page 164: Verifying The Readiness Of Your Internet Account
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Verifying the Readiness of Your Internet Account For broadband access to the Internet, you need to contract with an Internet service provider (ISP) for a single-user Internet access account using a cable modem or DSL modem. This modem must be a separate physical box (not a card) and must provide an Ethernet port intended for connection to a Network Interface Card (NIC) in a computer.
Page 165: Obtaining Isp Configuration Information For Windows Computers
As mentioned above, you may need to collect configuration information from your PC so that you can use this information when you configure the FWG114P Wireless Firewall/Print Server. Following this procedure is only necessary when your ISP does not dynamically supply the account information.
Page 166: Obtaining Isp Configuration Information For Macintosh Computers
As mentioned above, you may need to collect configuration information from your Macintosh so that you can use this information when you configure the FWG114P Wireless Firewall/Print Server. Following this procedure is only necessary when your ISP does not dynamically supply the account information.
Page 167: Restarting The Network
FWG114P Wireless Firewall/Print Server. After configuring all of your computers for TCP/IP networking and restarting them, and connecting them to the local network of your FWG114P Wireless Firewall/Print Server, you are ready to access and configure the firewall. Preparing Your Network...
Page 168 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P C-22 Preparing Your Network December 2003, M-10177-01...
Page 169: Wireless Networking Basics
This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P Wireless Firewall/Print Server conforms to the Institute of Electrical and Electronics Engineers (IEEE) 802.11b and 802.11g standards for wireless LANs (WLANs). On an 802.11b or g wireless link, data is encoded using direct-sequence spread-spectrum (DSSS) technology and is transmitted in the unlicensed radio spectrum at 2.5GHz.
Page 170: Ad Hoc Mode (Peer-To-Peer Workgroup
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Ad Hoc Mode (Peer-to-Peer Workgroup) In an ad hoc network, computers are brought together as needed; thus, there is no structure or fixed points to the network - each node can generally communicate with any other node. There is no Access Point involved in this configuration.
Page 171: 802.11 Authentication
The 802.11 standard defines several services that govern how two 802.11 devices communicate. The following events must occur before an 802.11 Station can communicate with an Ethernet network through an access point such as the one built in to the FWG114P: Turn on the wireless station.
Page 172: Shared Key Authentication
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The access point authenticates the station. The station associates with the access point and joins the network. This process is illustrated in below. Open System Authentication Steps Access Point (AP)
Page 173: Overview Of Wep Parameters
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Shared Key Authentication Steps Access Point 1) Authentication request sent to AP IN TER N ET W LA N LO CA L MODEL FVM318 2) AP sends challenge text...
Page 174: Key Size
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Key Size The IEEE 802.11 standard supports two types of WEP encryption: 40-bit and 128-bit. The 64-bit WEP data encryption method, allows for a five-character (40-bit) input. Additionally, 24 factory-set bits are added to the forty-bit input to generate a 64-bit encryption key. (The 24 factory-set bits are not user-configurable).
Page 175: Wep Configuration Options
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P WEP Configuration Options The WEP settings must match on all 802.11 devices that are within the same wireless network as identified by the SSID. In general, if your mobile clients will roam between access points, then all of the 802.11 access points and all of the 802.11 client adapters on the network must have the same...
Page 176: Wpa Wireless Security
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table D-2: 802.11b/g Radio Frequency Channels Channel Center Frequency Frequency Spread 2427 MHz 2414.5 MHz - 2439.5 MHz 2432 MHz 2419.5 MHz - 2444.5 MHz 2437 MHz 2424.5 MHz - 2449.5 MHz 2442 MHz 2429.5 MHz - 2454.5 MHz...
Page 177: How Does Wpa Compare To Wep
Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003. Existing Wi-Fi certified products will have one year to add WPA support or they will loose their Wi-Fi certification.
Page 178: How Does Wpa Compare To Ieee 802.11I
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P How Does WPA Compare to IEEE 802.11i? WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP.
Page 179 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured pass phrase on both the stations and the access point.
Page 180: Wpa Authentication: Enterprise-Level User Authentication Via 802.1X/Eap And Radius
WPA supports Extensible Authentication Protocol (EAP). For environments without a RADIUS infrastructure, WPA supports the use of a preshared key. Together, these technologies provide a framework for strong user authentication. Windows XP implements 802.1x natively, and several Netgear switch and wireless access point products support 802.1x. D-12...
Page 181 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Client with a WPA- enabled wireless adapter and supplicant (Win XP, Funk, For example, a For example, a Meetinghouse, etc.) WPA-enabled AP RADIUS server Figure D-4: 802.1x Authentication Sequence The AP sends Beacon Frames with WPA information element to the stations in the service set.
Page 182: Wpa Data Encryption Key Management
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point.
Page 183 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Temporal Key Integrity Protocol (TKIP) WPA uses TKIP to provide important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism.
Page 184: Is Wpa Perfect
Product Support for WPA Starting in August, 2003, NETGEAR, Inc. wireless Wi-Fi certified products will support the WPA standard. NETGEAR, Inc. wireless products that had their Wi-Fi certification approved before August, 2003 will have one year to add WPA so as to maintain their Wi-Fi certification.
Page 185: Changes To Wireless Access Points
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Changes to Wireless Access Points Wireless access points must have their firmware updated to support the following: • The new WPA information element To advertise their support of WPA, wireless APs send the beacon frame with a new 802.11 WPA information element that contains the wireless AP's security configuration (encryption algorithms and wireless security configuration information).
Page 186: Changes To Wireless Client Programs
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Microsoft has worked with many wireless vendors to embed the WPA firmware update in the wireless adapter driver. So, to update you Windows wireless client, all you have to do is obtain the new WPA-compatible driver and install the driver.
Page 187: Glossary
Glossary List of Glossary Terms Use the list below to find definitions for technical terms used in this manual. 10BASE-T IEEE 802.3 specification for 10 Mbps Ethernet over twisted pair wiring. 100BASE-Tx IEEE 802.3 specification for 100 Mbps Ethernet over twisted pair wiring. 802.1x 802.1x defines port-based, network access control used to provide authenticated network access and automated data encryption key management.
Page 188 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P ADSL Short for asymmetric digital subscriber line, a technology that allows data to be sent over existing copper telephone lines at data rates of from 1.5 to 9 Mbps when receiving data (known as the downstream rate) and from 16 to 640 Kbps when sending data (known as the upstream rate).
Page 189 .com, .edu, .uk, etc. For example, in the address mail.NETGEAR.com, mail is a server name and NETGEAR.com is the domain. Short for digital subscriber line, but is commonly used in reference to the asymmetric version of this technology (ADSL) that allows data to be sent over existing copper telephone lines at data rates of from 1.5...
Page 190 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Dynamic Host Configuration Protocol DHCP. An Ethernet protocol specifying how a centralized DHCP server can assign network configuration information to multiple DHCP clients. The assigned information includes IP addresses, DNS addresses, and gateway (router) addresses.
Page 191 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Internet Protocol The main internetworking protocol used in the Internet. Used in conjunction with the Transfer Control Protocol (TCP) to form TCP/IP. A communications network serving users within a limited area, such as one floor of a building.
Page 192 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P netmask Combined with the IP address, the IP Subnet Mask allows a device to know which other addresses are local to it, and which must be reached through a gateway or router.
Page 193 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P RADIUS Short for Remote Authentication Dial-In User Service, RADIUS is an authentication system. Using RADIUS, you must enter your user name and password before gaining access to a network. This information is passed to a RADIUS server, which checks that the information is correct, and then authorizes access.
Page 194 Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P A long distance link used to extend or connect remotely located local area networks. The Internet is a large WAN. Wired Equivalent Privacy is a data encryption protocol for 802.11b wireless networks.
Page 195 Index Numerics Daylight Savings Time 10-7 daylight savings time 6-12 802.11b D-1 Default DMZ Server 9-2 Denial of Service (DoS) protection 2-3 denial of service attack B-11 Account Name 3-10, 3-11, 3-18 DHCP B-10 Address Resolution Protocol B-9 DHCP Client ID C-16 ad-hoc mode D-2 DMZ 2-3, 9-2 Austria 3-18...
Page 196 gateway address C-20 MAC address 10-7, B-9 spoofing 3-12, 3-19, 10-5 Macintosh C-19 configuring for IP networking C-16 host name 3-10, 3-11, 3-18 DHCP Client ID C-16 network printing 7-1, 7-8 Obtaining ISP Configuration Information C-20 masquerading C-18 IANA MDI/MDI-X B-15, G-2 contacting B-2 MDI/MDI-X wiring B-14, G-5 IETF B-1...
Page 197 port filtering 6-7 port forwarding 6-5 Secondary DNS Server 3-11, 3-12, 3-13, 3-18 port forwarding behind NAT B-9 security 2-1, 2-3 port numbers 6-10 Serial 3-16, 5-2 PPP over Ethernet 2-4, C-18 serial 2-1, 2-9 PPPoE 2-4, 3-10, C-18 Serial Line Speed 8-3 PPTP 3-18 Serial Port Log 8-3 Primary DNS Server 3-11, 3-12, 3-13, 3-18...
Page 198 Universal Plug and Play 9-11 Uplink switch B-14 UPnP 9-11 USB C-18 USB 2.0 2-9 WEP D-3 Wi-Fi D-1 Windows, configuring for IP routing C-2, C-7 winipcfg utility C-6 WinPOET C-18 Wired Equivalent Privacy. See WEP Wireless Ethernet D-1 Wireless Security 4-2 Index...

NETGEAR FWG114P Reference Manual

Chapter 1 About this Manual

Chapter 2 Introduction

Chapter 3 Connecting the FWG114P to the Internet

Chapter 4 Wireless Configuration

Chapter 5 Serial Port Configuration

Chapter 6 Firewall Protection and Content Filtering

Chapter 7 Print Server

Chapter 8 Maintenance

Chapter 9 Advanced Configuration

Chapter 10 Troubleshooting

Appendix A

Technical Specifications

Appendix B Network, Routing, and Firewall Basics

Appendix C Preparing Your Network

Appendix D Wireless Networking Basics

Glossary

Quick Links

Troubleshooting

Related Manuals for NETGEAR FWG114P

Summary of Contents for NETGEAR FWG114P

Table of Contents