D-Link DFL-CPG310 Product Manual - Page 384
To set up remote VPN access for a user, Using RADIUS Authentication, VPN Remote Access, RADIUS
UPC - 790069289309
View all D-Link DFL-CPG310 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 384 highlights
Using RADIUS Authentication Remote Access VPN Clients (a Check Point SecureClient, Check Point SecuRemote, or another Embedded NGX appliance). To set up remote VPN access for a user 1. Enable your VPN Server, using the procedure Setting Up Your NetDefend firewall as a VPN Server on page 303. 2. Add or edit the user, using the procedure Adding and Editing Users on page 361. You must select the VPN Remote Access option. Using RADIUS Authentication You can use Remote Authentication Dial-In User Service (RADIUS) to authenticate both NetDefend users and Remote Access VPN Clients trying to connect to the NetDefend firewall. Note: When RADIUS authentication is in use, Remote Access VPN Clients must have a certificate. When a user tries to log on to the NetDefend Portal, the NetDefend firewall sends the entered user name and password to the RADIUS server. The server then checks whether the RADIUS database contains a matching user name and password pair. If so, then the user is logged on. By default, all RADIUS-authenticated users are assigned the set of permissions specified in the NetDefend Portal's RADIUS page. However, you can configure the RADIUS server to pass the NetDefend firewall a specific set of permissions to grant the authenticated user, instead of these default permissions. This is done by configuring the RADIUS Vendor-Specific Attribute (VSA) with a set of attributes containing permission information for specific users. If the VSA is configured for a user, then the RADIUS server passes the VSA to the NetDefend gateway as part of the response to the authentication request, and the gateway assigns the user permissions as specified in the VSA. If the VSA is not returned by the RADIUS 368 D-Link NetDefend firewall User Guide