For each variation, the remote gateway field of the dialup server remote gateway configuration must be set to dialup user and all of the clients must have their remote gateway or equivalent set to the static IP address of the remote gateway server.

The following sections describe how to configure authentication on the server and clients for each of these variations.

A dialup user must use the same mode as the VPN dialup server.

For information about user groups, see Configuring user groups.

Main mode with no user group selected

In this configuration, the server and the clients use main mode for key exchange. A user group has not been added to the server dialup remote gateway. Clients authenticate with the server using their authentication keys.

Main mode without user group

 

 

Field

 

Server

 

Clients

 

 

 

 

 

User Group

 

None

 

None

 

 

 

 

 

Mode

 

Main (ID Protection)

 

Main (ID Protection)

Authentication Key The server and the clients must have the same authentication key.

Local ID

 

empty

 

empty

Main mode with a user group selected

In this configuration, the server and the clients use main mode for key exchange. A user group has been selected in the server dialup remote gateway. Clients authenticate with the server using their authentication keys. The client authentication key can be one of the following:

The same as the server authentication key.

A username and password in the user group added to the dialup server remote gateway. In this configuration, the clients pre-shared key must be formatted with a ` + ' between the user name and password ( username+password).

Main mode with a user group selected

 

 

 

 

Field

 

Server

 

Client configuration 1

 

Client configuration 2

 

 

 

 

 

 

 

User Group

 

Select a user group

 

N/A

 

N/A

 

 

 

 

 

 

 

Mode

 

Main (ID Protection)

 

Main (ID Protection)

 

Main (ID Protection)

Authentication Key Server authentication key Server authentication key username+password

Local ID

 

empty

 

empty

 

empty

Aggressive mode with no user group

In this configuration, the server and the clients use aggressive mode for key exchange. A user group has not been selected in the server dialup remote gateway. Clients authenticate with the server using their authentication keys.

DFL-500 User Manual

55

 

Page 55
Image 55
D-Link DFL-500 user manual Main mode with no user group selected