ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

8.Set the Time Out Period, in seconds, that the VPN firewall should wait for a response from the RADIUS server.

9.Set the Maximum Retry Count. This is the number of attempts that the VPN firewall will make to contact the RADIUS server before giving up.

10.Click Reset to cancel any changes and revert to the previous settings or click Apply to save the settings.

Note: Selection of the Authentication Protocol, usually PAP or CHAP, is configured on the individual IKE policy screens.

Assigning IP Addresses to Remote Users (ModeConfig)

To simply the process of connecting remote VPN clients to the VPN firewall, you can use the ModeConfig screen to assign IP addresses to remote users, including a network access IP address, subnet mask, and name server addresses from the VPN firewall. Remote users are given IP addresses available in secured network space so that remote users appear as seamless extensions of the network.

In the following example, we configured the VPN firewall using ModeConfig, and then configured a PC running ProSafe VPN Client software using these IP addresses.

NETGEAR ProSafe Gigabit 8 Port VPN Firewall FVS318G

WAN IP address: 172.21.4.1

LAN IP address/subnet: 192.168.2.1/255.255.255.0

NETGEAR ProSafe VPN Client software IP address: 192.168.1.2

Mode Config Operation

After the IKE Phase 1 negotiation is complete, the VPN connection initiator (which is the remote user with a VPN client) requests the IP configuration settings such as the IP address, subnet mask and name server addresses. The Mode Config feature will allocate an IP address from the configured IP address pool and will activate a temporary IPsec policy using the template security proposal information configured in the Mode Config record. The Mode Config feature allocates an IP address from the configured IP address pool and activates a temporary IPsec policy, using the information that is specified in the Traffic Tunnel Security Level section of the Mode Config record (on the Add Mode Config Record screen that is shown in Figure 5-33 on page 5-46).

5-44

Virtual Private Networking

v1.1, August 2010

Page 141 Page 143
Page 142
Image 142
NETGEAR FVS318G manual Assigning IP Addresses to Remote Users ModeConfig, Mode Config Operation
Page 141 Page 143
Top Page Image Contents