Enabling Xauth - HP ProCurve Secure Router 7203 dl Advanced Management And Configuration Manual
Secure router
Hide thumbs
Also See for ProCurve Secure Router 7203 dl:
- Configuration manual (1114 pages) ,
- Reference manual (1455 pages) ,
- Product end-of-life disassembly instructions (2 pages)
Table of Contents
Advertisement
Using the Web Browser Interface for Advanced Configuration Tasks
Enabling Xauth
Xauth allows IKE to request authentication information from remote users in
between establishing the IKE SA and the IPSec SA. (This authentication
information is different from the authentication method configured for IKE
phase 1; it is individual to each user.) Xauth is typically used for increased
security in client-to-site VPNs. Indeed, the VPN wizard will automatically
prompt you to enable Xauth when you select mobile peers, as discussed in
"Extended Authentication (Client-to-site VPN only)" on page 14-63.
You can also use Xauth in a site-to-site VPN. Some gateway devices, including
ProCurve Secure Routers, can act as Xauth hosts, which allows the local
router to request authentication from remote gateway device itself.
Figure 14-65. Enabling AAA from the Passwords Window
To enable Xauth:
1.
Select Passwords under System in the left navigation bar.
2.
In the Service Authentication window, click the AAA Mode Enabled box.
3.
If the router will use its local database to authenticate the remote VPN
peers, then you should check this list in the Add/Modify/Delete Users
window above.
Setting Up Virtual Private Networks
14-89
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the ProCurve Secure Router 7203 dl and is the answer not in the manual?
Questions and answers