Netgear FVS336G FVS336G Reference Manual - Page 115
Testing the Connection, Configuring Extended Authentication (XAUTH)
UPC - 606449052015
View all Netgear FVS336G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336G Reference Manual Testing the Connection 1. From your PC, right-click on the VPN client icon in your Windows toolbar and choose Connect..., then My Connections\to_FVG. Within 30 seconds you should receive the message "Successfully connected to My Connections\to_FVG" and the VPN client icon in the toolbar should say On: 2. For additional status and troubleshooting information, right-click on the VPN client icon Logs and Connection Status screens in the FVS336G. Configuring Extended Authentication (XAUTH) When connecting many VPN clients to a VPN firewall, an administrator may want a unique user authentication method beyond relying on a single common preshared key for all clients. Although the administrator could configure a unique VPN policy for each user, it is more convenient for the VPN firewall to authenticate users from a stored list of user accounts. XAUTH provides the mechanism for requesting individual authentication information from the user, and a local User Database or an external authentication server, such as a RADIUS server, provides a method for storing the authentication information centrally in the local network. XAUTH can be enabled when adding or editing an IKE Policy. Two types of XAUTH are available: • Edge Device. If this is selected, the VPN firewall is used as a VPN concentrator where one or more gateway tunnels terminate. If this option is chosen, you must specify the authentication type to be used in verifying credentials of the remote VPN gateways: User Database, RADIUS-PAP, or RADIUS-CHAP. • IPsec Host. If you want authentication by the remote gateway, enter a User Name and Password to be associated with this IKE policy. If this option is chosen, the remote gateway must specify the user name and password used for authenticating this gateway. Note: If a RADIUS-PAP server is enabled for authentication, XAUTH will first check the local User Database for the user credentials. If the user account is not present, the VPN firewall will then connect to a RADIUS server. Virtual Private Networking Using IPsec v1.2, June 2008 5-19