User Database Configuration; Radius Client Configuration - NETGEAR ProSafe FVS336Gv2 Reference Manual

Prosafe dual wan gigabit firewall with ssl & ipsec vpn

Hide thumbs Also See for ProSafe FVS336Gv2:

Installation manual (2 pages)

Datasheet (3 pages)

Reference manual (691 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

Table of Contents

ProSafe Dual WAN Gigabit Firewall with SSL & IPsec VPN FVS336Gv2 Reference Manual

In the Extended Authentication section, choose the Authentication Type from the

drop-down list which will be used to verify user account information. Select one of the

following:

•

Edge Device to use this VPN firewall as a VPN concentrator where one or more

gateway tunnels terminate. When this option is chosen, you will need to specify the

authentication type to be used in verifying credentials of the remote VPN gateways.

Specify one of the following authentication types:

User Database to verify against the VPN firewall's user database. Users must be

added through the User Database screen (see

page 88).

RADIUS–CHAP or RADIUS–PAP (depending on the authentication mode

accepted by the RADIUS server) to add a RADIUS server. If RADIUS–PAP is

selected, the VPN firewall will first check in the user database to see if the user

credentials are available. If the user account is not present, the VPN firewall will

then connect to the RADIUS server (see

page 88).

•

IPsec Host if you want to be authenticated by the remote gateway. In the adjacent

Username and Password fields, type in the information user name and password

associated with the IKE policy for authenticating this gateway (by the remote

gateway).

Click Apply to save your settings.

User Database Configuration

When XAUTH is enabled as an Edge Device, users must be authenticated either by a local

User Database account or by an external RADIUS server. Whether or not you use a RADIUS

server, you may want some users to be authenticated locally. These users must be added to

the List of Users table, as described in

RADIUS Client Configuration

RADIUS (Remote Authentication Dial In User Service, RFC 2865) is a protocol for managing

Authentication, Authorization and Accounting (AAA) of multiple users in a network. A

RADIUS server will store a database of user information, and can validate a user at the

request of a gateway or server in the network when a user requests access to network

resources. During the establishment of a VPN connection, the VPN gateway can interrupt the

process with an XAUTH request. At that point, the remote user must provide authentication

information such as a username/password or some encrypted response using his

username/password information. The gateway will try to verify this information first against a

local User Database (if RADIUS-PAP is enabled) and then by relaying the information to a

central authentication server such as a RADIUS server.

88 |

Chapter 5: Virtual Private Networking Using IPsec

"User Database Configuration"

"RADIUS Client Configuration"

"Creating a New User Account"

on page 120.

Table of Contents

User Database Configuration; Radius Client Configuration - NETGEAR ProSafe FVS336Gv2 Reference Manual

User Database Configuration

RADIUS Client Configuration

Troubleshooting

Related Manuals for NETGEAR ProSafe FVS336Gv2

Related Content for NETGEAR ProSafe FVS336Gv2

Table of Contents