Configuring Domains - NETGEAR SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall Reference Manual
Gigabit quad wan ssl vpn firewall
Hide thumbs
Also See for SRX5308 - ProSafe® Quad WAN Gigabit SSL VPN Firewall:
- Configuration manual (8 pages) ,
- Use manual (9 pages) ,
- Network setup manual (8 pages)
Table of Contents
Advertisement
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
Configuring Domains
The domain determines the authentication method to be used for associated users. For SSL
connections, the domain also determines the portal layout that is presented, which in turn
determines the network resources to which the associated users have access. The default domain of
the VPN firewall is named geardomain. You cannot delete the default domain.
Table 7-1
summarizes the authentication protocols and methods that the VPN firewall supports.
Table 7-1. Authentication Protocols and Methods
Authentication
Description (or Subfield and Description)
Protocol or Method
PAP
Password Authentication Protocol (PAP) is a simple protocol in which the client sends
a password in clear text.
CHAP
Challenge Handshake Authentication Protocol (CHAP) executes a three-way
handshake in which the client and server trade challenge messages, each
responding with a hash of the other's challenge message that is calculated using a
shared secret value.
RADIUS
A network-validated PAP or CHAP password-based authentication method that
functions with Remote Authentication Dial In User Service (RADIUS).
MIAS
A network-validated PAP or CHAP password-based authentication method that
functions with Microsoft Internet Authentication Service (MIAS), which is a
component of Microsoft Windows 2003 Server.
WiKID
WiKID Systems is a PAP or CHAP key-based two-factor authentication method that
functions with public key cryptography. The client sends an encrypted PIN to the
WiKID server and receives a one-time pass code with a short expiration period. The
client logs in with the passcode. See
more on WiKID authentication.
NT Domain
A network-validated domain-based authentication method that functions with a
Microsoft Windows NT Domain authentication server. This authentication method has
been superseded by Microsoft Active Directory authentication but is supported to
authenticate legacy Windows clients.
Active Directory
A network-validated domain-based authentication method that functions with a
Microsoft Active Directory authentication server. Microsoft Active Directory
authentication servers support a group and user structure. Because the Active
Directory supports a multilevel hierarchy (for example, groups or organizational
units), this information can be queried to provide specific group policies or bookmarks
based on Active Directory attributes.
Note: A Microsoft Active Directory database uses an LDAP organization schema.
7-2
Appendix D, "Two-Factor
Managing Users, Authentication, and Certificates
v1.0, April 2010
Authentication," for
Advertisement
Table of Contents
Troubleshooting
