D-Link DWC-1000 User Manual
Wireless Controller
User Manual
124
Figure 81 : IP sec poli cy conf igura tio n co ntinue d (Auto / Manual Pha se 2 )
6.2.1 Extended Authentication (XAUTH)
You can also configure extended authentication (XAUTH). Rather than configure a
unique VPN policy for each user, you can configure the VPN gateway controller to
authenticate users from a stored list of user accou nts or with an external
authentication server such as a RADIUS server. With a user database, user accounts
created in the controller are used to authenticate users.
unique VPN policy for each user, you can configure the VPN gateway controller to
authenticate users from a stored list of user accou nts or with an external
authentication server such as a RADIUS server. With a user database, user accounts
created in the controller are used to authenticate users.
With a configured RADIUS server, the controller connects to a RADIUS server and
passes to it the credentials that it receives from the VPN client. You can secure the
connection between the controller and the RADIUS server with the authentication
protocol supported by the server (PAP or CHAP). For RADIUS – PAP, the
controller first checks in the user database to see if the user credentials are
available; if they are not, the controller connects to the RADIUS server.
passes to it the credentials that it receives from the VPN client. You can secure the
connection between the controller and the RADIUS server with the authentication
protocol supported by the server (PAP or CHAP). For RADIUS – PAP, the
controller first checks in the user database to see if the user credentials are
available; if they are not, the controller connects to the RADIUS server.
6.2.2 Internet over IPSec tunnel
In this feature all the traffic will pass through the VPN Tunnel and from the Remote
Gateway the packet will be routed to Internet. On the remote gateway side, the
outgoing packet will be SNAT'ed.
Gateway the packet will be routed to Internet. On the remote gateway side, the
outgoing packet will be SNAT'ed.