Extended Authentication (Xauth); Internet Over Ipsec Tunnel; Figure 81: Ipsec Policy Configuration Continued (Auto / Manual Phase 2) - D-Link DWC-1000 User Manual

Wireless Controller

Figure 81: IPsec policy configuration continued (Auto / Manual Phase 2)

6.2.1 Extended Authentication (XAUTH)

You can also configure extended authentication (XAUTH). Rather than configure a
unique VPN policy for each user, you can configure the VPN gateway controller to
authenticate users from a stored list of user accou nts or with an external
authentication server such as a RADIUS server. With a user database, user accounts
created in the controller are used to authenticate users.
With a configured RADIUS server, the controller connects to a RADIUS server and
passes to it the credentials that it receives from the VPN client. You can secure the
connection between the controller and the RADIUS server with the authentication
protocol supported by the server (PAP or CHAP). For RADIUS – PAP, the
controller first checks in the user database to see if the user credentials are
available; if they are not, the controller connects to the RADIUS server.

6.2.2 Internet over IPSec tunnel

In this feature all the traffic will pass through the VPN Tunnel and from the Remote
Gateway the packet will be routed to Internet. On the remote gateway side, the
outgoing packet will be SNAT'ed.
124
User Manual