Netgear FVS318N 사용자 설명서
Manage Users, Authentication, and VPN Certificates
313
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
4.
Click Apply to save your settings.
Manage Digital Certificates for VPN Connections
•
•
•
•
The wireless VPN firewall uses digital certificates (also known as X509 certificates) during
the Internet Key Exchange (IKE) authentication phase to authenticate connecting IPSec VPN
gateways or clients, or to be authenticated by remote entities:
the Internet Key Exchange (IKE) authentication phase to authenticate connecting IPSec VPN
gateways or clients, or to be authenticated by remote entities:
•
On the wireless VPN firewall, you can enter a digital certificate on the IKE Policies
screen, on which the certificate is referred to as an RSA signature (see
screen, on which the certificate is referred to as an RSA signature (see
page 225 and
•
On the VPN Client, you can enter a digital certificate on the Authentication pane in the
Configuration Panel screen (see
Configuration Panel screen (see
Digital certificates are extended for secure web access connections over HTTPS (that is,
SSL connections).
SSL connections).
Digital certificates either can be self-signed or can be issued by certification authorities (CAs)
such as an internal Windows server or an external organization such as Verisign or Thawte.
such as an internal Windows server or an external organization such as Verisign or Thawte.
However, if the digital certificate contains the extKeyUsage extension, the certificate needs to
be used for one of the purposes defined by the extension. For example, if the digital
certificate contains the extKeyUsage extension that is defined for SNMPv2, the same
certificate cannot be used for secure web management. The extKeyUsage would govern the
certificate acceptance criteria on the wireless VPN firewall when the same digital certificate is
being used for secure web management.
be used for one of the purposes defined by the extension. For example, if the digital
certificate contains the extKeyUsage extension that is defined for SNMPv2, the same
certificate cannot be used for secure web management. The extKeyUsage would govern the
certificate acceptance criteria on the wireless VPN firewall when the same digital certificate is
being used for secure web management.
On the wireless VPN firewall, the uploaded digital certificate is checked for validity and
purpose. The digital certificate is accepted when it passes the validity test and the purpose
matches its use. The check for the purpose needs to correspond to its use for IPSec VPN,
SSL VPN, or both. If the defined purpose is for IPSec VPN and SSL VPN, the digital
certificate is uploaded to both the IPSec VPN certificate repository and the SSL VPN
purpose. The digital certificate is accepted when it passes the validity test and the purpose
matches its use. The check for the purpose needs to correspond to its use for IPSec VPN,
SSL VPN, or both. If the defined purpose is for IPSec VPN and SSL VPN, the digital
certificate is uploaded to both the IPSec VPN certificate repository and the SSL VPN
Check to Edit
Password
Password
Select this check box to make the password fields accessible to modify the password.
Enter Your Password
Enter the password with which you have logged in.
New Password
Enter the new password.
Confirm New Password
Reenter the new password for confirmation.
Idle Timeout
The period after which an idle user is automatically logged out of the web management
interface. The default idle time-out period is 5 minutes.
interface. The default idle time-out period is 5 minutes.
Table 77. Edit User screen settings (continued)
Setting
Description