Table of Contents
Advertisement
Network Setup menu options
Setting up dial-in access
Figure 56 Dial-in Setup tab — Account Details page
[Optional] Enter a descriptive name for the connection in the Connection Name field.
3
In the IP Address for Dial-In Clients field, enter an available IP address. This IP address must not
4
already be in use on the network (typically the LAN) that the remote user is assigned while connected to
the UTM Firewall appliance.
If you have configured several network connections, select the one that you want to connect remote users
5
to from the IP Address for Dial-In Server list. This is typically a LAN interface or alias.
Select the weakest Authentication Scheme to accept from the Authentication Scheme list. Access is denied
6
to remote users who attempt to connect using an authentication scheme weaker than the selected
scheme. Available schemes are:
• No Authentication
• Unencrypted Authentication (PAP) – This is plain text password authentication. When using this
type of authentication, the client passwords are transmitted unencrypted.
• Weakly Encrypted Authentication (CHAP) – This is the weakest type of encrypted password
authentication to use. It is not recommended that clients connect using this as it provides very little
password protection. Also note that clients connecting using CHAP are unable to encrypt traffic.
• Encrypted Authentication (MS-CHAP) – This is not a recommended encryption type and should
only be used for older dial-in clients that do not support MS-CHAP v2.
• Encrypted Authentication (MS-CHAP v2) – [Recommended] The strongest type of authentication
to use.
Select the encryption level from the Required Encryption Level list. Access is denied to remote users
7
attempting to connect not using this encryption level. Available options are:
• No Encryption
• Basic Encryption (MPPE 40 Bit)
• Strong Encryption (MPPE 128 Bit) Recommended.
Select the database used for authentication from the Authentication Database list. This allows you to
8
indicate where the list of valid clients can be found. Available options are:
• Local – Use the local database defined on the Local Users tab of the Users page. You must enable
the Dial-in Access option for the individual users that are allowed dial-in access.
• RADIUS – Use an external RADIUS server as defined on the RADIUS tab of the Users page.
• TACACS+ – Use an external TACACS+ server as defined on the TACACS+ tab of the Users page.
62
McAfee UTM Firewall 4.0.4 Administration Guide
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound