Configuring a VPN for XAuth Clients Using a Username and Password

This section describes how to configure a remote access VPN on the controller for Cisco VPN XAuth clients using passwords. IKE Phase 1 authentication is done with an IKE preshared key; the user is then prompted to enter their username and password which is verified with the internal database on the controller.

On the controller, you need to configure the following:

1.Add entries for Cisco VPN XAuth clients to the controller’s internal database, For details on configuring an authentication server, see "Authentication Servers" on page 168

NOTE: For each client, you need to create an entry in the internal database with the entire Principal name (SubjectAltname in X.509

certificates) or Common Name as it appears on the certificate.

2.Verify that the server with the client data is part of the server group associated with the VPN authentication profile.

3.Configure other VPN settings as described in "Configuring a VPN for L2TP/IPsec with IKEv2 in the WebUI" on page 279, while ensuring that the following settings are selected:

In the L2TP and XAUTH Parameters section of the Configuration>VPN Services>IPSEC tab, enable L2TP.

In the L2TP and XAUTH Parameters section of the Configuration>VPN Services>IPSEC tab, enable XAuth to enable prompting for the username and password.

The IKE policy must have pre-sharedauthentication.

The following example configures a VPN for XAuth IKEv1 clients using a username and passwords. Access the command-line interface and issue the following commands in config mode:

(host)(config) #aaa authentication vpn default server-group internal

crypto-local isakmp xauth

(host)(config) #vpdn group l2tp enable

client dns 101.1.1.245

(host)(config) #ip local pool pw-clients 10.1.1.1 10.1.1.250

(host)(config) #crypto isakmp key 0987654 address 0.0.0.0 netmask 0.0.00

(host)(config) #crypto isakmp policy 1 authentication pre-share

Enter the following command in enable mode to configure client entries in the internal database:

(host)(config) #local-userdb add username <name> password <password>

Working with Remote Access VPNs for PPTP

Point-to-Point Tunneling Protocol (PPTP) is an alternative to L2TP/IPsec. Like L2TP/IPsec, PPTP provides a logical transport mechanism to send PPP frames as well as tunneling or encapsulation so that the PPP frames can be sent across an IP network. PPTP relies on the PPP connection process to perform user authentication and protocol configuration.

Dell PowerConnect W-Series ArubaOS 6.2 User Guide

Virtual Private Networks 287

Page 287
Image 287
Dell 6.2 manual Working with Remote Access VPNs for Pptp

6.2 specifications

Dell 6.2 is an advanced enterprise solution that caters to the needs of businesses seeking robust performance and efficiency. As a part of Dell's commitment to innovation, the 6.2 series combines cutting-edge technologies and features that enhance productivity and deliver reliable computing experiences.

One of the standout features of the Dell 6.2 is its impressive processing power. Equipped with the latest Intel processors, it offers exceptional speed and multitasking capabilities. This allows businesses to run demanding applications effortlessly, making it ideal for data-intensive tasks such as data analysis, software development, and virtualization. The series also supports substantial RAM configurations, enabling users to manage extensive workloads without experiencing slowdowns.

In terms of storage, the Dell 6.2 line includes advanced SSD options that significantly boost data access speeds compared to traditional hard drives. This rapid access to information is vital for businesses that require quick retrieval of large datasets. Furthermore, the devices support RAID configurations, which enhances data redundancy and security, protecting critical business information from loss.

Connectivity is another critical aspect of the Dell 6.2 series. It includes multiple USB ports, HDMI outputs, and high-speed Ethernet options, ensuring that users can easily connect to various peripherals and networks. The integration of Wi-Fi 6 technology enables faster wireless connections, resulting in improved internet speeds and bandwidth efficiency, which is crucial in today’s increasingly connected workplaces.

Dell has also prioritized security in the 6.2 series. It features enhanced biometric authentication and advanced encryption methods, safeguarding sensitive data from unauthorized access. Additionally, the system's BIOS protection and automatic updates provide an added layer of security, ensuring that the device remains safe from emerging threats.

The design of the Dell 6.2 is not only sleek and modern but also built for durability. Its robust chassis is engineered to withstand the rigors of daily use, making it suitable for various business environments. This durability ensures that the investment in Dell 6.2 will last for years while maintaining performance integrity.

In summary, the Dell 6.2 series embodies a blend of speed, storage efficiency, connectivity, and security, making it a top choice for enterprises looking to enhance their computing capabilities. With its modern features and durable design, Dell 6.2 is positioned as a reliable partner in driving business success.