NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual page 167
Gigabit quad wan ssl vpn firewall
Hide thumbs
Also See for SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall:
- Configuration manual (8 pages) ,
- Use manual (9 pages) ,
- Network setup manual (8 pages)
Table of Contents
Advertisement
Table 5-10. Add IKE Policy Settings
Item
Mode Config Record
Do you want to use
Mode Config Record?
General
Policy Name
Direction / Type
Exchange Mode
Virtual Private Networking Using IPsec Connections
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
Description (or Subfield and Description)
Specify whether or not the IKE policy uses a Mode Config record. For
information about how to define a Mode Config record, see
Operation" on page
• Yes. IP addresses are assigned to remote VPN clients. You must select a
Mode Config record from the drop-down list.
Note: Because Mode Config functions only in Aggressive mode, selecting
the Yes radio button sets the tunnel exchange mode to Aggressive mode
and disables the Main mode. Mode Config also requires that both the local
and remote ends are defined by their FQDNs.
• No. Disables Mode Config for this IKE policy.
Note: An XAUTH configuration via an edge device is not possible without
Mode Config and is therefore disabled too. For more information about
XAUTH, see
"Configuring Extended Authentication (XAUTH)" on page
Select Mode
Config Record
A descriptive name of the IKE policy for identification and management
purposes.
Note: The name is not supplied to the remote VPN endpoint.
From the drop-down list, select the connection method for the VPN firewall:
• Initiator. The VPN firewall initiates the connection to the remote endpoint.
• Responder. The VPN firewall responds only to an IKE request from the
remote endpoint.
• Both. The VPN firewall can both initiate a connection to the remote endpoint
and respond to an IKE request from the remote endpoint.
From the drop-down list, select the exchange mode between the VPN firewall
and the remote VPN endpoint:
• Main. This mode is slower than the Aggressive mode but more secure.
• Aggressive. This mode is faster than the Main mode but less secure.
Note: If you specify either an FQDN or a User FQDN name as the local ID or
remote ID (see the Local and Remote sections on the screen), the Aggressive
mode is automatically selected.
v1.0, April 2010
5-42. Select one of the following radio buttons:
From the drop-down list, select one of the Mode Config
records that you defined on the Add Mode Config Record
screen (see
"Configuring Mode Config Operation on the
VPN Firewall" on page
5-42).
Note: Click the View Selected button to open the Selected
Mode Config Record Details popup window.
"Mode Config
5-37.
5-25
Advertisement
Table of Contents
Troubleshooting
