Netgear SRXN3205 SRXN3205 Reference Manual - Page 116
Extended Authentication, Enable Dead Peer Detection, if yes
UPC - 606449057461
View all Netgear SRXN3205 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 116 highlights
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - Authentication Method. Select Pre-shared Key for a simple password based key. Selecting RSA-Signature will disable the Pre-shared key text box and uses the Active Self Certificate uploaded in the Certificates page. In that case, a certificate must be configured in order for RSA-Signature to work. - Pre-shared Key Note: The " (Double Quote) character is not supported for a Pre-shared Key. - Diffie-Hellman (DH) Group. This method is used when exchanging keys. The DH group sets the number of bits. The VPN Wizard default setting is Group 2. (This setting must match the remote VPN.) - SA-Lifetime (sec) - Enable Dead Peer Detection, if yes Dead Peer Detection is used to detect whether the Peer is alive or not. If the peer is detected as Dead, it deletes the IPSec and IKE Security Association. - Detection Period (Seconds): Detection Period is the interval between consecutive DPD R-U-THERE messages. DPD R-U-THERE messages are sent only when the IPSec traffic is idle. - Reconnect after failure count: Maximum number of DPD failures allowed before tearing down the connection. • Extended Authentication. The XAUTH Configuration Edge Device: Select this option to use this router as a VPN concentrator where one or more gateway tunnels terminate. The authentication modes are: - User Database: User accounts created in the router are used to authenticate users (under the VPN Client menu on the User Database page). - RADIUS: The router will connect to a RADIUS server and pass on the credentials it receives from the VPN Client. The connection between the router and the RADIUS server can be secured with the authentication protocol supported by the server (PAP or CHAP). RADIUS server settings are configured under the VPN Client menu on the RADIUS Client page. Note: If RADIUS - PAP is selected, the router will first check in the User Database to see if the user credentials are available. If the user account is not present, the router will then connect to the RADIUS server. 6-14 Virtual Private Networking Using IPsec v1.0, October 2008