CyberGuard SG300 User Manual page 187

Unencrypted Authentication (PAP): This is plain text password authentication.
When using this type of authentication, the client passwords is transmitted un-
encrypted.
Select the Required Encryption Level, access is denied to remote users attempting to
connect not using this encryption level. Using Strong Encryption (MPPE 128 Bit) is
recommended.
Select the Authentication Database. This allows you to indicate where the list of valid
clients can be found. You can select from the following options:
Local: Use the local database defined on the Local Users tab of the Users page.
You must enable the Dialin Access option for the individual users that are allowed
dialin access.
RADIUS: Use an external RADIUS server as defined on the RADIUS tab of the
Users page.
TACACS+: Use an external TACACS+ server as defined on the TACACS+ tab of the
Users page.
Note
See the Users section of the chapter entitled System for details on adding user accounts
for PPTP access, and configuring the CyberGuard SG appliance to enable authentication
against a RADIUS or TACACS+ server.
Add a PPTP user account
Select Users under System from the main menu, click Local Users and a New user with
PPTP Access. Keep note of the Username and Password, as these are required in
configuring the remote PPTP client.
Refer to the the Users section of the chapter entitled System for a more detailed account
of adding a new local user.
Setup the remote PPTP client
To connect remote VPN clients to the local network, you need to know the username and
password for the PPTP account you added, as well as the CyberGuard SG appliance's
Internet IP address.
Virtual Private Networking
183