The following table describes the fields on the Dial-In Setup page:
Field | Description |
|
|
|
|
IP Address for | Dialin users must be assigned local IP addresses to access |
Dialin clients | the local network. Specify a free IP address from your local |
| network that the connected |
| connecting to the CyberGuard SG appliance. |
|
|
Authentication | The authentication scheme is the method the CyberGuard SG |
Scheme | appliance uses to challenge users dialing into the network. |
| Dialin clients must be configured to use the selected |
| authentication scheme. |
| ∙ MSCHAPv2 is the most secure, and is the only option |
| that also supports data encryption. |
| ∙ CHAP is less secure. |
| ∙ PAP (although more common) is even less secure. |
| ∙ None means that no username/password |
| authentication is required for dialin. |
|
|
Authentication | The authentication database is used to verify the username |
Database | and password received from the dialin client. |
| ∙ Local means the dialin user accounts created on the |
| CyberGuard SG appliance. You will need to created |
| user accounts as described below. This can be used |
| with any authentication scheme. |
| ∙ RADIUS means an external RADIUS server. You will |
| be prompted to enter the server IP address and |
| password. This can be used with any authentication |
| scheme, provided that the RADIUS server also |
| supports it. |
| ∙ TACACS+ means an external TACACS+ server. You |
| will be prompted to enter the server IP address and |
| password. This can only be used with the PAP |
| authentication scheme. |
|
|
Time Out | If a dialin connection remains inactive, it can be automatically |
| disconnected after a specified time period. Selecting Enable |
| idle timeout will disconnect idle connections after 15 minutes. |
| Idle time can be set between 0 – 99 minutes. |
After enabling and configuring the selected CyberGuard SG appliance COM ports/Modem to support dialin, click Continue to create and configure the dialin user accounts.
54
