Netgear FVS318N – Prosafe Wireless N VPN Firewall Manual De Referencia
Virtual Private Networking Using IPSec and L2TP Connections
241
ProSAFE Wireless-N 8-Port Gigabit VPN Firewall FVS318N
4.
In the Extended Authentication section on the screen, complete the settings as described in
the following table:
the following table:
5.
Click Apply to save your settings.
User Database Configuration
When XAUTH is enabled in an Edge Device configuration, users need to be authenticated
either by a local user database account or by an external RADIUS server. Whether or not you
use a RADIUS server, you might want some users to be authenticated locally. These users
need to be added to the List of Users table on the Users screen, as described in
either by a local user database account or by an external RADIUS server. Whether or not you
use a RADIUS server, you might want some users to be authenticated locally. These users
need to be added to the List of Users table on the Users screen, as described in
306.
RADIUS Client and Server Configuration
Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for managing
authentication, authorization, and accounting (AAA) of multiple users in a network. A
RADIUS server stores a database of user information and can validate a user at the request
of a gateway or server in the network when a user requests access to network resources.
During the establishment of a VPN connection, the VPN gateway can interrupt the process
authentication, authorization, and accounting (AAA) of multiple users in a network. A
RADIUS server stores a database of user information and can validate a user at the request
of a gateway or server in the network when a user requests access to network resources.
During the establishment of a VPN connection, the VPN gateway can interrupt the process
Table 55. Extended authentication settings for IPv4 and IPv6
Setting
Description
Select one of the following radio buttons to specify whether Extended Authentication (XAUTH) is enabled,
and, if enabled, which device is used to verify user account information:
and, if enabled, which device is used to verify user account information:
•
None. XAUTH is disabled. This the default setting.
•
Edge Device. The wireless VPN firewall functions as a VPN concentrator on which one or more
gateway tunnels terminate. The authentication modes that are available for this configuration are User
Database, RADIUS PAP, and RADIUS CHAP.
gateway tunnels terminate. The authentication modes that are available for this configuration are User
Database, RADIUS PAP, and RADIUS CHAP.
•
IPSec Host. The wireless VPN firewall functions as a VPN client of the remote gateway. In this
configuration, the wireless VPN firewall is authenticated by a remote gateway with a user name and
password combination.
configuration, the wireless VPN firewall is authenticated by a remote gateway with a user name and
password combination.
Authentication
Type
For an Edge Device configuration, from the drop-down list, select one of the following
authentication types:
authentication types:
•
User Database. XAUTH occurs through the wireless VPN firewall’s user database.
You can add users on the Add User screen (see
You can add users on the Add User screen (see
241).
•
Radius PAP. XAUTH occurs through RADIUS Password Authentication Protocol
(PAP). The local user database is first checked. If the user account is not present in
the local user database, the wireless VPN firewall connects to a RADIUS server. For
more information, see
(PAP). The local user database is first checked. If the user account is not present in
the local user database, the wireless VPN firewall connects to a RADIUS server. For
more information, see
241.
•
Radius CHAP. XAUTH occurs through RADIUS Challenge Handshake Authentication
Protocol (CHAP). For more information, see
Protocol (CHAP). For more information, see
241.
Username
The user name for XAUTH.
Password
The password for XAUTH.