D-Link DFL-260E User Manual for DFL-260E - Page 397
XAUTH, L2TP/PPTP/SSL VPN, Authentication Source, Interface, Originator IP, Terminator IP, Disallow
View all D-Link DFL-260E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 397 highlights
8.2.5. Authentication Rules Chapter 8. User Authentication the detailed HTTP explanation below). An IP rule allowing client access to core is also required with this agent type. iii. XAUTH This is the IKE authentication method which is used as part of VPN tunnel establishment with IPsec. XAuth is an extension to the normal IKE exchange and provides an addition to normal IPsec security which means that clients accessing a VPN must provide a login username and password. It should be noted that an interface value is not entered with an XAuth authentication rule since one single rule with XAuth as the agent will be used for all IPsec tunnels. However, this approach assumes that a single authentication source is used for all tunnels. An IP rule allowing client access to core is not required. iv. L2TP/PPTP/SSL VPN This is used specifically for L2TP, PPTP or SSL VPN authentication. An IP rule allowing client access to core is not required. • Authentication Source This specifies that authentication is to be performed using one of the following: i. LDAP - Users are looked up in an external LDAP server database. ii. RADIUS - An external RADIUS server is used for lookup. iii. Disallow - This option explicitly disallows all connections that trigger this rule. Such connections will never be authenticated. Any Disallow rules are best located at the end of the authentication rule set. iv. Local - A local user database defined within NetDefendOS is used for looking up user credentials. v. Allow - With this option, all connections that trigger this rule will be authenticated automatically. No database lookup occurs. • Interface The source interface on which the connections to be authenticated will arrive. This must be specified. • Originator IP The source IP or network from which new connections will arrive. For XAuth and PPP, this is the Originator IP. • Terminator IP The terminating IP with which new connections arrive. This is only specified where the Authentication Agent is PPP. 397