User Database Configuration; Radius Client Configuration - NETGEAR FVS318G - ProSafe Gigabit VPN Firewall Data Sheet Router Reference Manual

• Edge Device to use this VPN firewall as a VPN concentrator where one or more gateway
tunnels terminate. When this option is chosen, you will need to specify the authentication
type to be used in verifying credentials of the remote VPN gateways.
– User Database to verify against the VPN firewall's user database. Users must be
added through the User Database screen (see
page 5-19).
– RADIUS–CHAP or RADIUS–PAP (depending on the authentication mode accepted
by the RADIUS server) to add a RADIUS server. If RADIUS–PAP is selected, the
VPN firewall will first check in the user database to see if the user credentials are
available. If the user account is not present, the VPN firewall will then connect to the
RADIUS server (see
• IPsec Host if you want to be authenticated by the remote gateway. In the adjacent
Username and Password fields, type in the information user name and password
associated with the IKE policy for authenticating this gateway (by the remote gateway).
5. Click Apply to save your settings.

User Database Configuration

When XAUTH is enabled as an Edge Device, users must be authenticated either by a local User
Database account or by an external RADIUS server. Whether or not you use a RADIUS server,
you may want some users to be authenticated locally. These users must be added to the List of
Users table, as described in

RADIUS Client Configuration

RADIUS (Remote Authentication Dial In User Service, RFC 2865) is a protocol for managing
Authentication, Authorization and Accounting (AAA) of multiple users in a network. A RADIUS
server will store a database of user information, and can validate a user at the request of a gateway
or server in the network when a user requests access to network resources. During the
establishment of a VPN connection, the VPN gateway can interrupt the process with an XAUTH
request. At that point, the remote user must provide authentication information such as a
username/password or some encrypted response using his username/password information. The
gateway will try to verify this information first against a local User Database (if RADIUS-PAP is
enabled) and then by relaying the information to a central authentication server such as a RADIUS
server.
To configure the Primary RADIUS Server:
1. Select VPN > VPN Client from the main menu.
Virtual Private Networking Using IPsec
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
"RADIUS Client Configuration" on page
"Changing the Administrator Login" on page
1.1 November, 2009
"User Database Configuration" on
5-19).
6-2.
5-19