ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

Table 5-2. Add IKE Policy Settings (continued)

Item

Description (or Subfield and Description)

Extended Authentication

XAUTH Configuration

Note: For more information about XAUTH and its authentication modes, see “Configuring XAUTH for VPN Clients” on page 5-39.

Select one of the following radio buttons to specify whether or not Extended Authentication (XAUTH) is enabled, and–if enabled–which device is used to verify user account information:

None. XAUTH is disabled. This the default setting.

Edge Device. The VPN firewall functions as a VPN concentrator on which one or more gateway tunnels terminate. The authentication mode that is available for this configuration is User Database, RADIUS PAP, or RADIUS CHAP.

IPSec Host. The VPN firewall functions as a VPN client of the remote gateway. In this configuration the VPN firewall is authenticated by a remote gateway with a user name and password combination.

Authentication

For an Edge Device configuration: from the pull-down menu,

Type

select one of the following authentication types:

 

User Database. XAUTH occurs through the VPN firewall’s

 

user database. Users must be added through the Add User

 

screen (see “Configuring the User Database for XAUTH” on

 

page 5-41).

 

Radius PAP. XAUTH occurs through RADIUS Password

 

Authentication Protocol (PAP). The local user database is

 

first checked. If the user account is not present in the local

 

user database, the VPN firewall connects to a RADIUS

 

server. For more information, see “Configuring RADIUS

 

Clients for XAUTH” on page 5-42.

 

Radius CHAP. XAUTH occurs through RADIUS Challenge

 

Handshake Authentication Protocol (CHAP). For more

 

information, see “Configuring RADIUS Clients for XAUTH”

 

on page 5-42.

 

 

Username

The user name for XAUTH.

 

 

Password

The password for XAUTH.

 

 

4.Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table. To edit an IKE policy:

1.Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure 5-18 on page 5-16).

2.In the List of IKE Policies table, click the edit button to the right of the IKE policy that you want to edit. The Edit IKE Policy screen is displayed. This screen shows the same field as the Add IKE Policy screen (see Figure 5-19 on page 5-18).

3.Modify the settings that you wish to change (see Table 5-2 on page 5-19).

5-22

Virtual Private Networking

v1.1, August 2010

Page 119 Page 121
Page 120
Image 120
NETGEAR FVS318G manual Information, see Configuring Radius Clients for Xauth
Page 119 Page 121
Top Page Image Contents