Motorola Enterprise Series Routers 사용자 설명서

VPN concentrator – This configures Xauth to expect to receive authentication credentials, and to pos-
sibly ser ve VPN IP parameters.

When Xauth is set to VPN concentrator, you can configure the IPSec profile to allow the Router to 
respond when the remote client requests an internal IP address:

Remote Members: If the Remote Members is a single address within the Local Members range, then 
the Router will respond with that address to incoming address requests from Xauth clients. For exam-
ple a Local Range of 192.168.1.1/24, and a Remote Range of 192.168.1.99/32 allows the response 
192.168.1.99, when an internal address is requested.

Since the Local Range is not required to be of type “subnet,” and the Router might need to respond 
with an internal subnet mask, the subnet mask is set to an even multiple of 8 bits based on the num-
ber of addresses in the local range. See 

.

From the Xauth Recipient Auth. Check pop-up menu, select the database to be used for authentication:

Local – If you choose this option, the Gateway will use the locally configured username and password, 
for both concentrator and client modes.

RADIUS - If you choose this option, the Gateway will use the globally configured RADIUS ser ver when 
acting in concentrator mode.

Enter an Xauth Local Username, the locally configured username to be sent in client mode. This is 
used to check received authentication credentials when not checking them with RADIUS.

Enter an Xauth Local Password, the locally configured password to be sent in client mode. This is 
used to check received authentication credentials when not checking them with RADIUS.

If you select Advanced IKE Phase 1 Options the Advanced IKE Phase 1 Options screen appears.