Manage Vpn Policies - NETGEAR FVS318N Reference Manual
Prosafe wireless-n 8-port gigabit vpn firewall
Hide thumbs
Also See for FVS318N:
- Reference manual (425 pages) ,
- Cli reference manual (297 pages) ,
- User manual (17 pages)
Table of Contents
Advertisement
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Manage VPN Policies
You can create two types of VPN policies. When you use the VPN Wizard to create a VPN
policy, only the Auto method is available.
•
Manual. You manually enter all settings (including the keys) for the VPN tunnel on the
wireless VPN firewall and on the remote VPN endpoint. No third-party server or
organization is involved.
•
Auto. Some settings for the VPN tunnel are generated automatically through the use of
the IKE (Internet Key Exchange) Protocol to perform negotiations between the two VPN
endpoints (the local ID endpoint and the remote ID endpoint). You still need to manually
enter all settings on the remote VPN endpoint (unless the remote VPN endpoint also has
a VPN Wizard).
In addition, a certification authority (CA) can also be used to perform authentication (see
Manage Digital Certificates for VPN Connections
perform authentication, each VPN gateway needs to have a certificate from the CA. For each
certificate, there is both a public key and a private key. The public key is freely distributed,
and is used by any sender to encrypt data intended for the receiver (the key owner). The
receiver then uses its private key to decrypt the data (without the private key, decryption is
impossible). The use of certificates for authentication reduces the amount of data entry that is
required on each VPN endpoint.
VPN Policies Screen
The VPN Policies screen allows you to add additional policies—either Auto or Manual—and
to manage the VPN policies already created. You can edit policies, enable or disable policies,
or delete them entirely. These are the rules for VPN policy use:
•
Traffic covered by a policy is automatically sent through a VPN tunnel.
•
When traffic is covered by two or more policies, the first matching policy is used. (In this
situation, the order of the policies is important. However, if you have only one policy for
each remote VPN endpoint, then the policy order is not important.)
•
The VPN tunnel is created according to the settings in the security association (SA).
•
The remote VPN endpoint needs to have a matching SA; otherwise, it refuses the
connection.
To access the VPN Policies screen, select VPN > IPSec VPN > VPN Policies. The VPN
Policies screen displays. (The following figure shows some examples.)
Virtual Private Networking Using IPv4 IPSec and L2TP Connections
on page 262). For gateways to use a CA to
187
Advertisement
Table of Contents
Troubleshooting
