Netgear FVS336G-100NAS Reference Manual - Page 115
User Database Configuration, RADIUS Client Configuration, Extended Authentication, Edge Device
View all Netgear FVS336G-100NAS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual 4. In the Extended Authentication section check the Edge Device radio box to use this VPN firewall as a VPN concentrator where one or more gateway tunnels terminate. You then must specify the authentication type to be used in verifying credentials of the remote VPN gateways. (Either the User Database or RADIUS Client must be configured when XAUTH is enabled.) 5. In the Extended Authentication section, choose the Authentication Type from the pulldown menu which will be used to verify user account information. Select • Edge Device to use this VPN firewall as a VPN concentrator where one or more gateway tunnels terminate. When this option is chosen, you will need to specify the authentication type to be used in verifying credentials of the remote VPN gateways. - User Database to verify against the VPN firewall's user database. Users must be added through the User Database screen (see "User Database Configuration" on page 5-27). - RADIUS-CHAP or RADIUS-PAP (depending on the authentication mode accepted by the RADIUS server) to add a RADIUS server. If RADIUS-PAP is selected, the VPN firewall will first check in the user database to see if the user credentials are available. If the user account is not present, the VPN firewall will then connect to the RADIUS server (see "RADIUS Client Configuration" on page 5-27). • IPsec Host if you want to be authenticated by the remote gateway. In the adjacent Username and Password fields, type in the information user name and password associated with the IKE policy for authenticating this gateway (by the remote gateway). 6. Click Apply to save your settings. User Database Configuration When XAUTH is enabled as an Edge Device, users must be authenticated either by a local User Database account or by an external RADIUS server. Whether or not you use a RADIUS server, you may want some users to be authenticated locally. These users must be added to the List of Users table, as described in "Creating a New User Account" on page 7-4. RADIUS Client Configuration RADIUS (Remote Authentication Dial In User Service, RFC 2865) is a protocol for managing Authentication, Authorization and Accounting (AAA) of multiple users in a network. A RADIUS server will store a database of user information, and can validate a user at the request of a gateway or server in the network when a user requests access to network resources. During the establishment of a VPN connection, the VPN gateway can interrupt the process with an XAUTH request. At that point, the remote user must provide authentication information such as a Virtual Private Networking Using IPsec v1.0, October 2007 5-27