Netgear FVS318Gv2 – ProSAFE VPN Firewall Series Reference Manual
Virtual Private Networking Using IPSec and L2TP Connections
258
NETGEAR ProSAFE VPN Firewall FVS318G v2
a. In the address field of any of the qualified web browsers, enter https://192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
b. In the Username field, enter admin and in the Password / Passcode field, enter
password.
Use lowercase letters. If you changed the password, enter your personalized
password. Leave the domain as it is (geardomain).
password. Leave the domain as it is (geardomain).
c. Click the Login button.
The Router Status screen displays. After five minutes of inactivity, which is the default
login time-out, you are automatically logged out.
login time-out, you are automatically logged out.
2.
Select VPN > IPSec VPN.
The IPSec VPN submenu tabs display with the IKE Policies for IPv4 screen in view.
3.
Specify the IP version for which you want to edit an IKE policy:
•
IPv4. In the upper right, the IPv4 radio button is already selected by default. Go to
•
IPv6. Select the IPv6 radio button. The IKE Policies screen for IPv6 displays.
4.
In the List of IKE Policies table, to the right of the IKE policy for which you want to enable
and configure XAUTH, click the Edit table button.
The Edit IKE Policy screen displays. This screen shows the same fields as the Add IKE
Policy screen.
Policy screen.
5.
In the Extended Authentication section, complete the settings as described in the following
table.
Table 54. Extended authentication settings for IPv4 and IPv6
Setting
Description
Select whether Extended Authentication (XAUTH) is enabled, and, if enabled, which device is used to verify
user account information:
user account information:
•
None. XAUTH is disabled. This the default setting.
•
Edge Device. The VPN firewall functions as a VPN concentrator on which one or more gateway
tunnels terminate. The authentication modes that are available for this configuration are User
Database, RADIUS PAP, and RADIUS CHAP.
tunnels terminate. The authentication modes that are available for this configuration are User
Database, RADIUS PAP, and RADIUS CHAP.
•
IPSec Host. The VPN firewall functions as a VPN client of the remote gateway. In this configuration,
the VPN firewall is authenticated by a remote gateway with a user name and password combination.
the VPN firewall is authenticated by a remote gateway with a user name and password combination.
Authentication
Type
Type
For an Edge Device configuration, from the list, select the authentication type:
•
User Database. XAUTH occurs through the VPN firewall’s user database. You can
add users on the Add User screen (see
add users on the Add User screen (see
•
Radius PAP. XAUTH occurs through RADIUS Password Authentication Protocol
(PAP). The local user database is first checked. If the user account is not present in
the local user database, the VPN firewall connects to a RADIUS server. For more
information, see
(PAP). The local user database is first checked. If the user account is not present in
the local user database, the VPN firewall connects to a RADIUS server. For more
information, see
•
Radius CHAP. XAUTH occurs through RADIUS Challenge Handshake Authentication
Protocol (CHAP). For more information, see
Protocol (CHAP). For more information, see