WIXLIB

ProSafe Wireless-N VPNFirewall SRXN3205Reference ManualNETGEAR, Inc.350 East Plumeria DriveSan Jose, CA 95134202-10416-02v1.0January 2010

2008–2010 by NETGEAR, Inc. All rights reserved.Technical SupportPlease refer to the support information card that shipped with your product. By registering your product athttp://www.netgear.com/register, we can provide you with faster expert technical support and timely notices ofproduct and software upgrades.NETGEAR, INC. Support InformationPhone: 1-888-NETGEAR, for US & Canada only. For other countries, see your Support information card.E-mail: support@netgear.comNorth American NETGEAR website: http://www.netgear.comTrademarksNETGEAR and the NETGEAR logo are registered trademarks and ProSafe is a trademark of NETGEAR, Inc.Microsoft, Windows, and Windows NT are registered trademarks of Microsoft Corporation. Other brand and productnames are registered trademarks or trademarks of their respective holders.Statement of ConditionsIn the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right tomake changes to the products described in this document without notice.NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuitlayout(s) described herein.Federal Communications Commission (FCC) Compliance Notice: Radio FrequencyNoticeThis equipment has been tested and found to comply with the limits for a Class B digital device, pursuant topart 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in aresidential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed andused in accordance with the instructions, may cause harmful interference to radio communications. However, there is noguarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference toradio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to tryto correct the interference by one or more of the following measures: Reorient or relocate the receiving antenna. Increase the separation between the equipment and receiver. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help.EU Regulatory Compliance StatementThe ProSafe Wireless-N VPN Firewall is compliant with the following EU Council Directives: 89/336/EEC and LVD73/23/EEC. Compliance is verified by testing to the following standards: EN55022 Class B, EN55024 and EN60950-1.For EU Declaration of Conformity please visit: http://kb.netgear.com/app/answers/detail/a id/11621/sno/0.iiv1.0, January 2010

Bestätigung des Herstellers/ImporteursEs wird hiermit bestätigt, daß das ProSafe Wireless-N VPN Firewall gemäß der im BMPT-AmtsblVfg 243/1991 und Vfg46/1992 aufgeführten Bestimmungen entstört ist. Das vorschriftsmäßige Betreiben einiger Geräte (z.B. Testsender) kannjedoch gewissen Beschränkungen unterliegen. Lesen Sie dazu bitte die Anmerkungen in der Betriebsanleitung.Das Bundesamt für Zulassungen in der Telekommunikation wurde davon unterrichtet, daß dieses Gerät auf den Marktgebracht wurde und es ist berechtigt, die Serie auf die Erfüllung der Vorschriften hin zu überprüfen.Certificate of the Manufacturer/ImporterIt is hereby certified that the ProSafe Wireless-N VPN Firewall has been suppressed in accordance with the conditionsset out in the BMPT-AmtsblVfg 243/1991 and Vfg 46/1992. The operation of some equipment (for example, testtransmitters) in accordance with the regulations may, however, be subject to certain restrictions. Please refer to the notesin the operating instructions.Federal Office for Telecommunications Approvals has been notified of the placing of this equipment on the marketand has been granted the right to test the series for compliance with the regulations.Voluntary Control Council for Interference (VCCI) StatementThis equipment is in the second category (information equipment to be used in a residential area or an adjacent areathereto) and conforms to the standards set by the Voluntary Control Council for Interference by Data ProcessingEquipment and Electronic Office Machines aimed at preventing radio interference in such residential areas.When used near a radio or TV receiver, it may become the cause of radio interference.Read instructions for correct handling.Additional CopyrightsAESCopyright (c) 2001, Dr Brian Gladman brg@gladman.uk.net , Worcester, UK.All rights reserved.TERMSRedistribution and use in source and binary forms, with or without modification, are permittedsubject to the following conditions:1. Redistributions of source code must retain the above copyright notice, this list ofconditions and the following disclaimer.2. Redistributions in binary form must reproduce the above copyright notice, this list ofconditions and the following disclaimer in the documentation and/or other materialsprovided with the distribution.3. The copyright holder's name must not be used to endorse or promote any productsderived from this software without his specific prior written permission.This software is provided 'as is' with no express or implied warranties of correctness or fitnessfor purpose.iiiv1.0, January 2010

Open SSLCopyright (c) 1998-2000 The OpenSSL Project. All rights reserved.Redistribution and use in source and binary forms, with or without modification, are permittedprovided that the following conditions * are met:1. Redistributions of source code must retain the above copyright notice, this list of conditionsand the following disclaimer.2. Redistributions in binary form must reproduce the above copyright notice, this list ofconditions and the following disclaimer in the documentation and/or other materialsprovided with the distribution.3. All advertising materials mentioning features or use of this software must display thefollowing acknowledgment: “This product includes software developed by the OpenSSLProject for use in the OpenSSL Toolkit. (http://www.openssl.org/)”4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse orpromote products derived from this software without prior written permission. For writtenpermission, please contact openssl-core@openssl.org.5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL"appear in their names without prior written permission of the OpenSSL Project.6. Redistributions of any form whatsoever must retain the following acknowledgment: "Thisproduct includes software developed by the OpenSSL Project for use in the OpenSSLToolkit (http://www.openssl.org/)"THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT AS IS'' AND ANYEXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THEIMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULARPURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITSCONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, ORPROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORYOF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDINGNEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THISSOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). Thisproduct includes software written by Tim Hudson (tjh@cryptsoft.com).MD5Copyright (C) 1990, RSA Data Security, Inc. All rights reserved.License to copy and use this software is granted provided that it is identified as the "RSA DataSecurity, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing thissoftware or this function. License is also granted to make and use derivative works providedthat such works are identified as "derived from the RSA Data Security, Inc. MD5 MessageDigest Algorithm" in all material mentioning or referencing the derived work.RSA Data Security, Inc. makes no representations concerning either the merchantability ofthis software or the suitability of this software for any particular purpose. It is provided "as is"without express or implied warranty of any kind.These notices must be retained in any copies of any part of this documentation and/orsoftware.ivv1.0, January 2010

PPPCopyright (c) 1989 Carnegie Mellon University. All rights reserved.Redistribution and use in source and binary forms are permitted provided that the abovecopyright notice and this paragraph are duplicated in all such forms and that anydocumentation, advertising materials, and other materials related to such distribution and useacknowledge that the software was developed by Carnegie Mellon University. The name ofthe University may not be used to endorse or promote products derived from this softwarewithout specific prior written permission.THIS SOFTWARE IS PROVIDED AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIEDWARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OFMERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.Zlibzlib.h -- interface of the 'zlib' general purpose compression library version 1.1.4, March 11th,2002. Copyright (C) 1995-2002 Jean-loup Gailly and Mark Adler.This software is provided 'as-is', without any express or implied warranty. In no event will theauthors be held liable for any damages arising from the use of this software. Permission isgranted to anyone to use this software for any purpose, including commercial applications,and to alter it and redistribute it freely, subject to the following restrictions:1. The origin of this software must not be misrepresented; you must not claim that you wrotethe original software. If you use this software in a product, an acknowledgment in theproduct documentation would be appreciated but is not required.2. Altered source versions must be plainly marked as such, and must not be misrepresentedas being the original software.3. This notice may not be removed or altered from any source distribution.Jean-loup Gailly: jloup@gzip.org; Mark Adler: madler@alumni.caltech.eduThe data format used by the zlib library is described by RFCs (Request for Comments) 1950to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate format)and rfc1952.txt (gzip format)Product and Publication DetailsModel Number:SRXN3205Publication Date:January 2010Product Family:VPN FirewallProduct Name:ProSafe Wireless-N VPN FirewallHome or Business Product:BusinessLanguage:EnglishPublication Part Number:202-10416-02Publication Version Number1.0vv1.0, January 2010

viv1.0, January 2010

ProSafe Wireless-N VPN Firewall SRXN3205 Reference ManualContentsProSafe Wireless-N VPN Firewall SRXN3205 Reference ManualAbout This ManualConventions, Formats, and Scope .xiiiHow to Print this Manual .xivRevision History .xivChapter 1IntroductionKey Features .1-1A Powerful, True Firewall with Content Filtering .1-2Autosensing Ethernet Connections with Auto Uplink .1-2Extensive Protocol Support .1-3Advanced VPN Support for Both IPsec and SSL .1-3Wireless Networking Features .1-4Easy Installation and Management .1-5System Requirements .1-5Package Contents .1-6Front Panel Features .1-6Rear Panel Features .1-8Default IP Address, Login Name, and Password Location .1-9Qualified Web Browsers .1-9Chapter 2Connecting to the Internet (WAN)Understanding the Connection Steps .2-1Logging into the VPN Firewall .2-2Navigating the Menus .2-3Configuring the Internet Connection (WAN) .2-4Automatically Detecting and Connecting .2-4Manually Configuring the Internet Connection .2-7viiv1.0, January 2010