ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
6-8 Advanced Virtual Private Networking
v1.0, September 2007
Whenever an IKE policy receives the certificate from a peer, it checks for this certificate in the
CRL on the FVG318 obtained from the corresponding CA. If the certificate is not present in the
CRL it means that the certificate is not revoked. IKE can then use this certificate for
authentication. If the certificate is present in the CRL it means that the certificate is revoked, and
the IKE will not authenticate the client.
You must manually update the FVG318 CRL regularly in order for the CA-based authentication
process to remain valid.
VPN Configuration Scenarios on the FVG318There are a variety of configurations you might implement with the FVG318. The scenarios listed
below illustrate typical configurations you might use in your organization.
In order to help make it easier to set up an IPsec system, the following two scenarios are provided.
These scenarios were developed by the VPN Consortium (http://www.vpnc.org). The goal is to
make it easier to get the systems from different vendors to interoperate. NETGEAR is providing
you with both of these scenarios in the following two formats:
• VPN Consortium Scenarios without any product implementation details
• VPN Consortium Scenarios based on the FVG318 User Interface
The purpose of providing these two versions of the same scenarios is to help you determine where
the two vendors use different vocabulary. Seeing the examples presented in these different ways
will reveal how systems from different vendors do the same thing.
The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go
to the NETGEAR Web site (http://www.netgear.com) and select VPN01L_VPN05L in the Product
Quick Find drop down menu for information on how to purchase the NETGEAR ProSafe VPN
Client.
Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off
any virus protection or firewall software you may be running on your PC.