Netgear SRX5308 SRX5308 Reference Manual - Page 181
User Database Configuration, RADIUS Client Configuration
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 181 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 5-13. Extended Authentication Settings (continued) Item Username Password Description (or Subfield and Description) The user name for XAUTH. The password for XAUTH. 4. Click Apply to save your settings. User Database Configuration When XAUTH is enabled in an Edge Device configuration, users must be authenticated either by a local user database account or by an external RADIUS server. Whether or not you use a RADIUS server, you might want some users to be authenticated locally. These users must be added to the List of Users table on the Users screen, as described in "Configuring User Accounts" on page 7-9. RADIUS Client Configuration Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for managing authentication, authorization, and accounting (AAA) of multiple users in a network. A RADIUS server stores a database of user information, and can validate a user at the request of a gateway or server in the network when a user requests access to network resources. During the establishment of a VPN connection, the VPN gateway can interrupt the process with an XAUTH request. At that point, the remote user must provide authentication information such as a user name and password or some encrypted response using his or her user name and password information. The gateway then attempts to verify this information first against a local user database (if RADIUS-PAP is enabled) and then by relaying the information to a central authentication server such as a RADIUS server. To configure primary and backup RADIUS servers: 1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs display, with the IKE Policies screen in view (see Figure 5-20 on page 5-22). Virtual Private Networking Using IPsec Connections v1.0, April 2010 5-39