FVS338 ProSafe VPN Firewall 50 Reference Manual

b.From the Select Certificate pull-down menu, select None.

c.From the ID Type pull-down menu, select Domain Name and create an identifier based on the name of the IKE policy you created; for example “salesperson11.remote_id.com”.

d.Under Virtual Adapter pull-down menu, select Preferred. The Internal Network IP Address should be 0.0.0.0.

Note: If no box is displayed for Internal Network IP Address, go to Options/ Global Policy Settings, and check the box for “Allow to Specify Internal Network Address.”

e.Select your Internet Interface adapter from the Name pull-down menu.

Figure 5-22

3.On the left-side of the menu, select Security Policy.

a.Under Security Policy, Phase 1 Negotiation Mode, check the Aggressive Mode radio button.

b.Check the Enable Perfect Forward Secrecy (PFS) radio button, and select the Diffie- Hellman Group 2 from the PFS Key Group pull-down menu.

c.Enable Replay Detection should be checked.

4.Click on Authentication (Phase 1) on the left-side of the menu and select Proposal 1. Enter the Authentication values to match those in the VPN firewall ModeConfig Record menu.

Virtual Private Networking

5-31

v1.0, September 2006

Page 121
Image 121
NETGEAR manual FVS338 ProSafe VPN Firewall 50 Reference Manual