NETGEAR FVX538NA manual Configuring Xauth for VPN Clients

Page 134

ProSafe VPN Firewall 200 FVX538 Reference Manual

IPSec Host. If you want authentication by the remote gateway, enter a User Name and Password to be associated with this IKE policy. If this option is chosen, the remote gateway must specify the user name and password used for authenticating this gateway.

Note: If a RADIUS-PAP server is enabled for authentication, XAUTH will first check the local User Database for the user credentials. If the user account is not present, the router will then connect to a RADIUS server.

Configuring XAUTH for VPN Clients

Once the XAUTH has been enabled, you must establish user accounts on the Local Database to be authenticated against XAUTH, or you must enable a RADIUS-CHAP or RADIUS-PAP server.

Note: If you are modifying an existing IKE Policy to add XAUTH, if it is in use by a VPN Policy, the VPN policy must be disabled before you can modify the IKE Policy.

To enable and configure XAUTH:

1.Select VPN from the main menu and Policies from the submenu. The IKE Policies screen will display.

2.You can add XAUTH to an existing IKE Policy by clicking Edit adjacent to the policy to be modified or you can create a new IKE Policy incorporating XAUTH by clicking Add.

3.In the Extended Authentication section check the Edge Device radio box to use this router as a VPN concentrator where one or more gateway tunnels terminate. You then must specify the authentication type to be used in verifying credentials of the remote VPN gateways. (Either the User Database or RADIUS Client must be configured when XAUTH is enabled.)

4.In the Extended Authentication section, select the Authentication Type from the pull-down menu which will be used to verify user account information. Select

Edge Device to use this router as a VPN concentrator where one or more gateway tunnels terminate. When this option is chosen, you will need to specify the authentication type to be used in verifying credentials of the remote VPN gateways.

User Database to verify against the router’s user database. Users must be added through the User Database screen (see “User Database Configuration” on page 5-34).

5-32

Virtual Private Networking

v1.0, August 2006

Page 133 Page 135
Image 134
Page 133 Page 135
Contents ProSafe VPN Firewall FVX538 Reference Manual EU Regulatory Compliance Statement TrademarksStatement of Conditions Bestätigung des Herstellers/ImporteursVoluntary Control Council for Interference Vcci Statement Additional CopyrightsAugust MD5 Product and Publication Details Contents Chapter LAN Configuration Chapter Virtual Private Networking Chapter Router and Network Management Chapter Troubleshooting Index About This Manual Conventions, Formats and ScopeHow to Use This Manual How to Print this ManualRevision History Xvi Key Features Chapter IntroductionPowerful, True Firewall with Content Filtering Extensive Protocol Support Security FeaturesAutosensing Ethernet Connections with Auto Uplink Easy Installation and Management Trend Micro IntegrationPackage Contents Router Front Panel Object DescriptionsWAN Router Rear Panel Router’s IP Address, Login Name, and Password Rack Mounting HardwareDefault Log In Settings Enter http//192.168.1.1 as the URLProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Connecting the FVX538 to the Internet Logging into the VPN FirewallConfiguring the Internet Connections to Your ISPs Internet connection methods Connection Method Data RequiredInternet connection methods Setting the Router’s MAC Address Manually Configuring Your Internet ConnectionProSafe VPN Firewall 200 FVX538 Reference Manual Programming the Traffic Meter if Desired ProSafe VPN Firewall 200 FVX538 Reference Manual Traffic Meter Settings Parameter DescriptionConfiguring the WAN Mode Required for Dual WAN Setting Up Auto-Rollover Mode ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Load Balancing ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Dynamic DNS If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual Ddns links Configuring the Advanced WAN Options If Needed ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Chapter LAN Configuration Using the Firewall as a Dhcp serverConfiguring the LAN Setup Options ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Multi Home LAN IPs ProSafe VPN Firewall 200 FVX538 Reference Manual Managing Groups and Hosts LAN Groups Creating the Network DatabaseProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Up Address Reservation Configuring and Enabling the DMZ Port Check the Do you want to enable DMA Port? radio boxProSafe VPN Firewall 200 FVX538 Reference Manual Configuring Static Routes Static RoutesRouting Information Protocol RIP ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Trend Micro Antivirus Enforcement Static Route ExampleProSafe VPN Firewall 200 FVX538 Reference Manual Click Apply to submit your changes ProSafe VPN Firewall 200 FVX538 Reference Manual About Firewall Protection and Content Filtering Using Rules to Block or Allow Specific Kinds of TrafficServices-Based Rules Outbound Rules Service BlockingServices menu see Adding Customized Services on Outbound RulesInbound Rules Port Forwarding Inbound Rules Inbound Rules Setting LAN WAN Rules Order of Precedence for RulesProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN Outbound Services Rules Setting DMZ WAN Rules LAN WAN Inbound Services RulesProSafe VPN Firewall 200 FVX538 Reference Manual Setting LAN DMZ Rules LAN DMZ Outbound Services Rules LAN DMZ Inbound Services Rules Attack ChecksPptp Inbound Rules Examples LAN WAN Inbound Rule Hosting a Local Public Web ServerProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual LAN WAN or DMZ WAN Inbound Rule Specifying an Exposed Host Outbound Rules Example LAN WAN Outbound Rule Blocking Instant MessengerAdding Customized Services ProSafe VPN Firewall 200 FVX538 Reference Manual Setting Quality of Service QoS Priorities Setting a Schedule to Block or Allow Specific Traffic Setting Block Sites Content Filtering ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Source MAC Filtering Port Triggering ProSafe VPN Firewall 200 FVX538 Reference Manual Outgoing Trigger Port Range fields Mail Notifications of Event Logs and Alerts ProSafe VPN Firewall 200 FVX538 Reference Manual SysLog Facility Message Levels Numerical Code SeverityInformational Informational messages Administrator Tips Firewall Log Field DescriptionsProSafe VPN Firewall 200 FVX538 Reference Manual Dual WAN Port Systems IP Addressing for VPNs in Dual WAN Port SystemsRollover Mode Setup Screen Load Balancing Setup Screen Setting up a VPN Connection using the VPN Wizard Creating a VPN Tunnel to a Gateway ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Creating a VPN Tunnel Connection to a VPN Client ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual VPN Tunnel Policies IKE PolicyManaging IKE Policies IKE Policy TableVPN Policy Managing VPN PoliciesVPN Tunnel Connection Status VPN Policy TableConfiguring the FVX538 Creating a VPN Gateway Connection Between FVX538 and FVS338ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the FVS338 Testing the Connection Creating a VPN Client Connection VPN Client to FVX538ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the VPN Client Fvxlocal.com Home11.fvxremote.com ProSafe VPN Firewall 200 FVX538 Reference Manual Testing the Connection Certificate Authorities Generating a Self Certificate Request Generate Self Certificate Request, enter the required dataProSafe VPN Firewall 200 FVX538 Reference Manual Uploading a Trusted Certificate Managing your Certificate Revocation List CRLExtended Authentication Xauth Configuration UploadConfiguring Xauth for VPN Clients ProSafe VPN Firewall 200 FVX538 Reference Manual User Database Configuration Radius Client Configuration Enter the Primary Radius Server IP address Manually Assigning IP Addresses to Remote Users ModeConfig Mode Config OperationConfiguring the VPN Firewall ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Configuring the ProSafe VPN Client for ModeConfig ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual ProSafe VPN Firewall 200 FVX538 Reference Manual Performance Management Bandwidth CapacityVPN Firewall Features That Reduce Traffic Service BlockingProSafe VPN Firewall 200 FVX538 Reference Manual Block Sites Source MAC FilteringVPN Firewall Features That Increase Traffic Port ForwardingPort Triggering VPN Tunnels Using QoS to Shift the Traffic MixDMZ Port Tools for Traffic Management AdministrationChanging Passwords and Settings ProSafe VPN Firewall 200 FVX538 Reference Manual Enabling Remote Management Access Check Allow Remote Management radio boxUsing a Snmp Manager Https//134.177.0.1238080ProSafe VPN Firewall 200 FVX538 Reference Manual Settings Backup and Firmware Upgrade Backup and Restore Settings Click defaultRouter Upgrade Setting the Time Zone To upgrade router softwareMonitoring the Router Enabling the Traffic MeterProSafe VPN Firewall 200 FVX538 Reference Manual Setting Login Failures and Attacks Notification Monitoring Attached Devices Known PCs and Devices IP AddressViewing Port Triggering Status Port Triggering Status dataViewing Router Configuration and System Status Router Status FieldsMonitoring WAN Ports Status Monitoring VPN Tunnel Connection Status VPN Logs VPN Status dataPerforming Diagnostics Dhcp LogDiagnostics Diagnostics ProSafe VPN Firewall 200 FVX538 Reference Manual Power LED Not On Basic FunctionsLAN or Internet Port LEDs Not On Troubleshooting the Web Configuration InterfaceLEDs Never Turn Off ProSafe VPN Firewall 200 FVX538 Reference Manual Troubleshooting the ISP Connection Troubleshooting a TCP/IP Network Using a Ping Utility Testing the LAN Path to Your FirewallTesting the Path from Your PC to a Remote Device Ping -n 10 IP addressRestoring the Default Configuration and Password Problems with Date and TimeProSafe VPN Firewall 200 FVX538 Reference Manual Appendix a Default Settings and Technical Specifications Table A-1. VPN firewall Default Configuration SettingsTable A-2. VPN firewall Technical Specifications Feature Default BehaviorElectromagnetic Emissions ProSafe VPN Firewall 200 FVX538 Reference Manual Appendix B Related Documents ProSafe VPN Firewall 200 FVX538 Reference Manual Appendix C Network Planning for Dual WAN Ports What You Will Need to Do Before You BeginFigure C-1 InternetCabling and Computer Hardware Requirements Computer Network Configuration RequirementsInternet Configuration Requirements Where Do I Get the Internet Configuration Parameters? Internet Connection Information Form Virtual Private Networks VPNs Overview of the Planning ProcessInbound Traffic Ports Dual WAN Ports Load BalancingInbound Traffic Requirements for exposed hosts in dual WAN port systemsAlways change at the IP addresses Virtual Private Networks VPNs Reference Manual Road Warrior Example Dual WAN Ports, Before Rollover But a fully-qualified WAN1 or WAN2 VPN Road Warrior DualVPN Gateway-to-Gateway Single Gateway WAN Ports Road Warrior Example Dual WAN Ports, Load BalancingGateway-to-Gateway Example Single WAN Ports WAN A2to establish or re Gateway-to-Gateway Example Dual WAN Ports, Load Balancing NAT Router Remote tunnel Remote PC or WAN2 Index Index-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10
Related manuals
Manual 2 pages 62.01 Kb Manual 3 pages 5.38 Kb
Top Page Image Contents