Netgear FVS318Gv2 – ProSAFE VPN Firewall Series User Manual

Click the Advanced tab.

Select the Mode Config check box.

Select Configuration > Save or press Ctrl + S.

Your settings are saved.

Hybrid mode is supported in VPN Client Professional, but not in VPN 
Client Lite.

Hybrid mode requires you to configure a certificate for the authentication phase and to select 
Extended authentication (XAUTH), that is, the X-Auth Popup check box.

Hybrid mode is an authentication method that is used within the authentication phase. Hybrid 
mode assumes an asymmetry between the authenticating entities. One entity, typically an 
edge device (for example, a firewall), authenticates using standard public key techniques (in 
signature mode), while the other entity, typically a remote user, authenticates using challenge 
response techniques. At the end of the authentication phase, these authentication methods 
are used to establish an IKE security association (SA) that is unidirectionally authenticated. 
To ensure that the IKE is bidirectionally authenticated, the authentication phase is 
immediately followed by an extended authentication (XAUTH) to authenticate the remote 
user. The use of these authentication methods is referred to as hybrid authentication mode. 

The VPN Client implements the RFC draft-ietf-ipsec-isakmp-hybrid-auth-05.txt. 



On the client computer desktop, double-click the VPN Client shortcut 

.

The VPN Configuration page displays.