Adding NetGear Prosafe 8-port Gigabit VPN Firewall to existing TimeCapsule Network

Similar Messages

• Netgear FVS336G VPN Firewall and BT HH3

  I am trying to put the FVS336G into my home network directly after the HH3 and before a netgear 16port switch. The 200+ pages netgear ref manual is not paticularly helpful and from what I have read/+online I can only have one DHCP Server on the network, currently that is the HH3. Can I disable DHCP Server on the HH3 and I assume bridge it to the FVS336G? I would like the FVS336G to act as the DHCP Server in the network and use the HH3 just as an ADSL Modem. Or do I dispense with the HH3 and just get a cheap ADSL modem? I purchased the FVS336G so that I could secure my network down better and use the VPN/SSL tunnelling to allow me to access my NAS when I am away from home on business.
  Any advice on putting a physical VPN Firewall router into the network would be appreciated.

  PPPoA is used for ADSL connections, and PPPoE is used for Infinity connections.
  If you used a separate ADSL modem to do the authentication, then authentication would not be needed on the Netgear, as the PPP session would already be up, however it would be a waste of money if you moved to Infinity.
  Meanwhile, you can still use the Netgear as an additional wireless access point if you want.
  There are some useful help pages here, for BT Broadband customers only, on my personal website.
  BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones.

• VPN - FireWall : do i need to keep port open ?

  hi,
  when i try to turn off AFP port in the firewall settings, i can't connect to the AFP server anymore even when i have a VPN session open.
  i was under the impression that connections going trough the VPN would not need to have their ports open in the firewall.
  is this normal or some setting are missing ?
  thanx for the help

  Sounds like you are not connecting to the AFP server through the VPN. Easy way to test this is connect VPN, mount a volume, and kill the VPN connection - if you still can access the volume, you are not connecting through the VPN.
  I'm assuming you are home or whatever and tell your VPN to connect, it does it's thing and shows you are connected, then you 'Connect to Server'. The AFP server (name or IP) you use needs to be a name or IP within the VPN.
  If your VPN is directly to the server 'myserver.com' which is also is your AFP server, you need to 'Connect' to the private net ip of your server that is in the same subnet you VPN server is assigning connections to.

• WRT54g with VPN Firewall

  Would like to configure the VPN firewall with my existing system.  I have Verizon DSL which involves the DSL modem and the Firewall.  I have the IP addresses of each.  How would I determine an appropriate IP address for the firewall.  Should the device be physically connected between the DSL modem and the router?  Advice sought

  The router has it's own firewall I would turn the firewall in the modem off or at very least put your computer in the DMZ of the modem so that it's firewall doesn't affect you. By default the router is already set to allow VPN connections using IPsec PPTP and L2TP Protocols. @ this point your router will still act as your firewall and you will be able to access VPN.
  Vista Ultimate 32 Bit
  AMD 64 X2 6400+ Black Edition
  4BG RAM
  1.18 Terabytes Of Hard Drive Space
  Acer 22inch Widescreen LCD
  Nvidia 8600 GT PCI E 512 DDR3
  WRT54G Router
  Netgear Gigabit Switch
  Motorola 2210 Modem

• RDS and Gateway issues: Cannot get remoteapps to run without opening port 3389 on firewall

  I am testing the setup of a small RDweb server to host QuickBooks for some remote sales users (4 users). For the most part, I have everything installed on one virtual server (using 2012r2 "Quick Start" session host deployment with the additional
  Licensing and Gateway server roles added to the same server).
  Everything works excellent with one exception. External clients cannot launch published apps without having port 3389 open on the firewall, even with the gateway role installed and the 'Deployment Properties' set to use the gateway. They can properly connect
  to the RDweb site and view the published apps. The only way it works is open the firewall port (at which time I can disable the gateway or leave it configured and it works either way). Internally, everything works accordingly. I have followed the steps outlined
  on many sites and have combed though the forum here to no avail.
  Error received (summarized but is a well documented error):
  remote desktop can't connect to the remote computer: 1- Your user account is not listed (it actually is) or 2- You might have specified the remote computer in NetBios format . . etc.
  This is an existing SBS 2011 environment with additional virtual servers setup to host QuickBooks as outlined below:
  Current setup:
  Used Quick Start to install Remote Desktop Services in hosted sessions mode
  Installed the additional roles for Licensing and Gateway server on same server
  Configured wild card public certificates on all four services (Connection Broker(2), Web Access and Gateway)
  Configured internal DNS to properly lookup our external FQDN of this server (ex. quickbooks.contoso.com points to quickbooks.contoso.local
  One thing I noticed (just now) when I launch a published app and the firewall has port 3389 closed, a dialog box pops up directly after launching the app that warns about running a RemoteApp program and mentions the Remote Computer and the Gateway Server
  as both the same (which it is); however, I would have assumed one would have listed the internal server's name while, instead, both are listed as the external FQDN. Either way, internal DNS should still allow it to properly route . . no? I don't know . . I'm
  sure I am just missing something in a routing configurations somewhere. The gateway service is not properly looking up the RDweb service and then seeming not routing the encapsulated RDP session through HTTPS. . .. is my guess . .
  I was reading about the "set published name" commandlet; however, I am not experiencing a certificate name mismatch; however, the certificate name does show up as *.contoso.com versus the actual name. I may just be grasping as straws now . . :)

  Ok, while I was in the server and looking over the BPA scans: "The Remote Desktop Gateway (RD Gateway) server Secure Sockets Layer (SSL) certificate may not have a valid certificate subject name." This may be due to it showing up as *.companyname.com
  versus quickbooks.companyname.com. Anyhow. .. on to the list of actions above:
  Changed RD RAP from "Select Active Directory" group to "Allow any network resource" and tested with port 3389 closed on firewall:
  Worked. Initially it did not as I had used a custom shortcut created from earlier; however, after logging into the RDweb site again, the application loaded fine now (after the RD RAP change)
  No error message appeared; however, I did notice that for a split second, the word Error did appear in the browser's tab title, but only very shortly. The app launch does take a bit longer too now (about 10-15 seconds, up from about 4 seconds with the port
  open). This, I could care less about so long as we are properly forwarding the traffic through the gateway.
  As for log entries, I had spend quite a bit of time in there and only had minor issues with loading user profile setting taking too long and policy settings preventing the redirection of USB devices. Looking again, no issues still. Just a bunch of informational
  entries where I would connect before (and disconnect) but only with the port on the firewall open; otherwise, there was not an entry corrolating to when I would receive an error before. Now though, I am connecting after the RD RAP change and logs are showing
  connections even with the port closed. These are in "operational", the "admin" log only shows the update to the RD RAP configuration.
  Yes, the LAN's DNS server does relay the lookup information for my public FQDN as the local LAN address. No need for a local host record.
  I have now added a new rule in our firewall to allow and forward UDP port 3391 traffic to the internal server hosting remote services
  Thank you very much for your assistance on this matter. The RD RAP rule was default built during the creation of this services. Why is the resource not cross-referencing AD security groups? I could have sworn I created a group for that . . .

• WRT54G - Is there anyway to add a separate VPN/Firewall device to complement this product

  I have a WRT54G v.2 device and I hate to throw it out.  My dilemma is that I'm in need of a VPN/Firewall device as well.  So I would like to know if there is a device that I can purchase from Linksys that will provide the VPN/Firewall features as a complement to my existing WRT54G?  I'd appreciate any info someone might be able to provide.
  Regards.

  Hi,
  you have options between the RV series of VPN routers and the BEFSX41 and the BEFVP41.however you will have to change your network a bit.Your main router will have to be either of the VPN routers.The DHCP of the wrt will have to be disabled and you will also need to change the ip of the wrt from 192.168.1.1 to 1962.168.1.2
  The connection will be.modem to internet port of the VPN router and then from port 1 of the VPN router to port 1 on the wrt.Do not use the internet ports of the wrt.

• Using NETGEAR ProSafe SRXN3205 router with OpenRea...

  I've just had my BT Infinity install completed this morning. I'd really like to use my existing NETGEAR ProSafe SRXN3205 router in conjunction with the OpenReach modem instead of the BT Home Hub 3.
  I'm struggling to get it to work. I've reset my NETGEAR to factory defaults, then entered the username "[email protected]" in the appropriate field on the NETGEAR's configuration.
  Still no joy. Anyone got this same setup and working and can offer some assistance?
  Solved!
  Go to Solution.

  Galexa wrote:
  Thanks. Unless anyone can tell me otherwise, I'm fairly sure that's what I've done. I've left everything else at the default configuration but added "[email protected]" as the username in appropriate field, and left the password blank. The status page on the router just shows "not yet connected" or some such phrase.
  Hi there,
  I'm using a Netgear WNR3500L and when I set up the connection, what I did was use the following:
  username: [email protected]
  password: [anything you like as long as it isn't left blank - I personally used "bt"]
  See below for a screenie.
  I hope this info helps.
  *** Edited to evict that pesky typo gremlin again! ***

• Wrong port numbers in firewall?

  Hey, I'm setting up Remote Desktop on my PowerMac G4 running Tiger, after having done the same successfully for my Mini. I couldn't get it to work, though, until I thought to double-click on the Remote Desktop firewall entry -- and saw that this machine is using TCP/UDP port 3283.
  Since that entry can't be edited, I added an entry for port 5900 and I'm up and running. My question, however, is why would this machine be using 3283 by default for Remote Desktop, instead of 5900?

  Ah! So something on the PowerMac -- perhaps a prior installation of Panther -- caused that firewall entry to have the older port numbers.
  Oh, BTW: I went back and deleted the entry I created, then added a VNC entry, which added the full range of ports that Remote Desktop needs on that machine.
  Thanks for your insight.
  Don

• How to enter a range of ports in the firewall

  Does anyone know the syntax of how to enter a range of ports in the firewall so I don't have to enter each individual number? 
  For instance, to open port 15000 to 15264, is it possible to type something like "15000 - 15264" instead each port followed by a comma?
  Thanks.

  Hi,
  In Tiger it is the same as the comma and dashes thing I listed for some routers.
  You can also click the Edit button in that pic I posted and look at which ports are listed (they will be greyed out on the Preset ones)
  Windows Sharing should list the SMB ports and the Printing ports.
  EDIT:
  Actually on this page where I listed how to set up iChat - SMB is a separate line.
  (Printing sharing may also list the Windows Print Sharing port)
  If those don't cover the Windows app you want to communicate with you will have to make your own Entry Like the Edit link I just inserted)
  10:37 PM      Friday; May 27, 2011
  Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
   G4/1GhzDual MDD (Leopard 10.5.8)
   MacBookPro 2Gb( 10.6.7)
   Mac OS X (10.6.7),
  "Limit the Logs to the Bits above Binary Images."  No, Seriously

• IE HTTP close (reset) - port reuse causing firewall issues

  Having an issue with some systems reusing the same TCP port number between sessions, causing the firewall to drop the connection.
  Internet Explorer is creating the HTTP socket connection to port 80. An ephemeral port (assigned by Windows) is bound to the local side of the connection. The first connection goes through just fine. The socket is
  closed/reset. However, the very next connection (hundreds of milliseconds later), is using the same ephemeral port, causing the firewall to discard the connection.
  I have tried setting TcpTimedWaitDelay in the registry but that did not help. Since the socket is being reset, it never goes into the TIME_WAIT state.
  Any suggestions? This does not happen consistently - on the order of 10s of times per day.
  Thanks!

  Problem is still occurring. Customer has built a new client system with MS-only software (no virus protection, etc.). Upgraded this system to IE9.  Problem is still occurring. Tried disabling NativeXMLHTTP option but no difference.
  Here is the ASP VBScript code that causes the error to appear:
  function SubmitPost(data,ErrHow)
  var d = new Date();
  return SendData('POST','TDMaster.asp?InstID=' + document.getElementById("tdInstance").value + '&UID=' + d.getTime(),data,ErrHow,0);
  //Returns valid version of MSXML
  function GetMSXML()
  var progIDs = ['Msxml2.XMLHTTP.6.0','Microsoft.XMLHTTP'];
          for (var i = 0; i < progIDs.length; i++) {
              try {
                  var http = new ActiveXObject(progIDs[i]);
                  return http;
              catch (ex) {
          return null;
  // Function that actually sends the data and returns the response
  // Format 0 = XML
  // Format 1 = Binary
  var http;
  var timedOut;
  function SendData(method,url,data,ErrHow,Format)
              http =  GetMSXML() ; 
              var ResultXML;
              var e;
              http.open(method, url, false);
              http.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
              http.setRequestHeader("Content-Length", data.length);
              try {
                          http.send(data);
                          if(Format == 0) {
                              return http.responseText;
                          } else {
                              return http.responseBody;
              } catch(e) {
                                  return CreateError(e.number, e, ErrHow);

• Opening a port in the firewall

  I want to be able to use pulptunes, but I need to be able to open a port in my firewall (15000), how do I go about this?

  erikagwen,
  Leopard has a new "Application Firewall." What this means for you is that it will automatically configure itself to allow your application to communicate, opening ports as needed, provided you authorize it to do so. When you first launch the application, the firewall will detect the "sockets" that it creates, and ask if you wish to allow it to accept outside requests.
  It is also likely that you are behind a router, which will be running its own firewall. For this, you'll need to first determine the ports involved, then check and follow your router's documentation for forwarding those ports to your computer.
  Scott

• Link srw2048 and linksys 8 port gigabit smart switch linking together

  Hi all,
  I would like to link my srw2048 in the my celler to the linksys 8port switch i have in the living room so my son can have lan parties. how would i configure this and will i need to make a crossover cable?
  Thanks in advance for any advice

  I don't see the need of configuring your SRW2048 switch for you to be able to connect your  8 port gigabit switch. Since these switches were both smart switch you can use either crossover or straight through cable for them to communicate with each other.

• SG300-28 28-Port Gigabit Managed Switch

  I've forgotten username & password of SG300-28 28-Port Gigabit Managed Switch. Is there any to recover them? but I don't want to lose configurations.

  Hi Anton,
  You can access boot menu and choose password recovery but this option is only accessible via serial console and after you see Cisco logo hit ESC button once. 
  Once you choose password recovery current password will be ignored during this current session only so the first thing you need to do is to change and save new password. You can use CLI for this:
  switch(config)#username cisco password cisco
  switch(config)#exit
  switch#wr
  and you should be ready to go :-)
  Aleksandra

• Opening of TCP/IP Port 53 in Firewall

  Hi ,
  I checked few SharePoint blogs which say for SharePoint 2013 need to open Port 53 in Firewall for "User Profile Synchronization Service(FIM)" to
  DNS server.
  - What user profile sync is been done between SP server and DNS server. isn't the user profile sync is from AD server ?
  pl see the link http://technet.microsoft.com/en-us/library/cc262849.aspx
  Thanks 
  Hari
  Hari

  thanks guys.
  My SP farm is in could and AD & DNS are in different cloud zone, hence firewall is in between.
  I am SP guy no much knowledge of firewall, DNS & AD. The cloud infra team has rejected the request to open port 53 to DNS server reason " This rule cannot be allowed
  as it will also cause functional issues for the Cloud VMs. Cloud VMs depends on Cloud internal DNS services to function. One method may be to consider if another AD/ DNS can be configured within G-Cloud as a VM. We apologize as we are unable to advise a solution,
  and even this needs to be submitted in this Pre-Qualification form for approval. Please note that Cloud VMs must not directly join the remote domain as this will cause the required DNS records to be missing."
  So I still this FIM to connect to AD-DS server or DNS server to fetch user information. 
  Thanks
  hari
  Hari

• IOS4 and VPN/Firewall routers

  Hello,
  I am trying to get VPN connection from iPhone and iPad(3G). I have tested Linksys (Cisco) RV042 -router. But I was told by Cisco that RV042 does not support connection from iPhone...
  So, I would like to ask which VPN/Firewall devices you have used succesfully with iPhone or iPad?
  Message was edited by: Sarnikorpi

  They will be like any other exam, three years valid towards any eligible path.