
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Whenever an IKE policy receives the certificate from a peer, it checks for this certificate in the CRL on the FVG318 obtained from the corresponding CA. If the certificate is not present in the CRL it means that the certificate is not revoked. IKE can then use this certificate for authentication. If the certificate is present in the CRL it means that the certificate is revoked, and the IKE will not authenticate the client.
You must manually update the FVG318 CRL regularly in order for the
VPN Configuration Scenarios on the FVG318
There are a variety of configurations you might implement with the FVG318. The scenarios listed below illustrate typical configurations you might use in your organization.
In order to help make it easier to set up an IPsec system, the following two scenarios are provided. These scenarios were developed by the VPN Consortium (http://www.vpnc.org). The goal is to make it easier to get the systems from different vendors to interoperate. NETGEAR is providing you with both of these scenarios in the following two formats:
•VPN Consortium Scenarios without any product implementation details
•VPN Consortium Scenarios based on the FVG318 User Interface
The purpose of providing these two versions of the same scenarios is to help you determine where the two vendors use different vocabulary. Seeing the examples presented in these different ways will reveal how systems from different vendors do the same thing.
The PC must have the NETGEAR ProSafe VPN Client program installed that supports IPSec. Go to the NETGEAR Web site (http://www.netgear.com) and select VPN01L_VPN05L in the Product Quick Find drop down menu for information on how to purchase the NETGEAR ProSafe VPN Client.
Note: Before installing the NETGEAR ProSafe VPN Client software, be sure to turn off any virus protection or firewall software you may be running on your PC.
Advanced Virtual Private Networking |