Netgear FVS338 FVS338 Reference Manual - Page 115
Configuring XAUTH for VPN Clients, Policies, IKE Policies, Extended Authentication
UPC - 606449037197
View all Netgear FVS338 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 115 highlights
FVS338 ProSafe VPN Firewall 50 Reference Manual . Note: If a RADIUS-PAP server is enabled for authentication, XAUTH will first check the local User Database for the user credentials. If the user account is not present, the router will then connect to a RADIUS server. Configuring XAUTH for VPN Clients Once the XAUTH has been enabled, you must establish user accounts on the Local Database to be authenticated against XAUTH, or you must enable a RADIUS-CHAP or RADIUS-PAP server. Note: If you are modifying an existing IKE Policy to add XAUTH, if it is in use by a VPN Policy, the VPN policy must be disabled before you can modify the IKE Policy. To enable and configure XAUTH: 1. Select VPN from the main menu and Policies from the submenu. The IKE Policies screen will display. 2. You can either modify an existing IKE Policy by clicking Edit adjacent to the policy, or create a new IKE Policy by clicking Add. Note: If the IKE policy is in use by a VPN Policy, you must either disable or delete the VPN policy before making changes to the IKE Policy. 3. In the Extended Authentication section, select the Authentication Type from the pull-down menu which will be used to verify user account information. Select • Edge Device to use this router as a VPN concentrator where one or more gateway tunnels terminate. When this option is chosen, you will need to specify the authentication type to be used in verifying credentials of the remote VPN gateways. - User Database to verify against the router's user database. Users must be added through the User Database screen (see "User Database Configuration" on page 5-22). - RADIUS-CHAP or RADIUS-PAP (depending on the authentication mode accepted by the RADIUS server) to add a RADIUS server. If RADIS-PAP is selected, the router will first check in the User Database to see if the user credentials are available. If the user account is not present, the router will then connect to the RADIUS server (see "RADIUS Client Configuration" on page 5-23). Virtual Private Networking v1.0, March 2008 5-21