Netgear SRXN3205 SRXN3205 Reference Manual - Page 126
User Database Configuration, RADIUS Client Configuration, RADIUS-CHAP, IPsec Host, Username, Password
UPC - 606449057461
View all Netgear SRXN3205 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 126 highlights
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual - RADIUS-CHAP or RADIUS-PAP (depending on the authentication mode accepted by the RADIUS server) to add a RADIUS server. If RADIUS-PAP is selected, the firewall will first check in the user database to see if the user credentials are available. If the user account is not present, the firewall will then connect to the RADIUS server (see "RADIUS Client Configuration" on page 6-24). • IPsec Host if you want to be authenticated by the remote gateway. In the adjacent Username and Password fields, type in the information user name and password associated with the IKE policy for authenticating this gateway (by the remote gateway). 6. Click Apply to save your settings. User Database Configuration When XAUTH is enabled as an Edge Device, users must be authenticated either by a local User Database account or by an external RADIUS server. Whether or not you use a RADIUS server, you may want some users to be authenticated locally. These users must be added to the List of Users table, as described in "Creating a New User Account" on page 8-4. RADIUS Client Configuration RADIUS (Remote Authentication Dial In User Service, RFC 2865) is a protocol for managing Authentication, Authorization, and Accounting (AAA) of multiple users in a network. A RADIUS server will store a database of user information, and can validate a user at the request of a gateway or server in the network when a user requests access to network resources. During the establishment of a VPN connection, the VPN gateway can interrupt the process with an XAUTH request. At that point, the remote user must provide authentication information such as a username/password or some encrypted response using his username/password information. The gateway will try to verify this information, first against a local User Database (if RADIUS-PAP is enabled) and then by relaying the information to a central authentication server such as a RADIUS server. To configure the Primary RADIUS Server: 1. Select VPN > IPsec VPN from the main/submenu. 2. Click the RADIUS Client tab and the RADIUS Client screen displays. 6-24 Virtual Private Networking Using IPsec v1.0, October 2008