Netgear DGFV338 사용자 설명서
DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual
Virtual Private Networking
5-27
v1.0, April 2007
•
IPSec Host. If you want authentication by the remote gateway, enter a User Name and
Password to be associated with this IKE policy. If this option is chosen, the remote gateway
must specify the user name and password used for authenticating this gateway.
Password to be associated with this IKE policy. If this option is chosen, the remote gateway
must specify the user name and password used for authenticating this gateway.
Configuring XAUTH for VPN Clients
Once the XAUTH has been enabled, you must establish user accounts on the Local Database to be
authenticated against XAUTH, or you must enable a RADIUS-CHAP or RADIUS-PAP server.
authenticated against XAUTH, or you must enable a RADIUS-CHAP or RADIUS-PAP server.
To enable and configure XAUTH:
1. Select VPN from the main menu and Policies from the submenu. The IKE Policies screen will
display.
2. You can add XAUTH to an existing IKE Policy by clicking Edit adjacent to the policy to be
modified or you can create a new IKE Policy incorporating XAUTH by clicking Add.
3. In the Extended Authentication section check the Edge Device radio box to use this router as
a VPN concentrator where one or more gateway tunnels terminate. You then must specify the
authentication type to be used in verifying credentials of the remote VPN gateways. (Either the
User Database or RADIUS Client must be configured when XAUTH is enabled.)
authentication type to be used in verifying credentials of the remote VPN gateways. (Either the
User Database or RADIUS Client must be configured when XAUTH is enabled.)
4. In the Extended Authentication section, select the Authentication Type from the pull-down
menu which will be used to verify user account information. Select
•
Edge Device to use this router as a VPN concentrator where one or more gateway tunnels
terminate. When this option is chosen, you will need to specify the authentication type to
be used in verifying credentials of the remote VPN gateways.
terminate. When this option is chosen, you will need to specify the authentication type to
be used in verifying credentials of the remote VPN gateways.
–
User Database to verify against the router’s user database. Users must be added
through the User Database screen (see
through the User Database screen (see
).
Note: If a RADIUS-PAP server is enabled for authentication, XAUTH will first check the
local User Database for the user credentials. If the user account is not present, the
router will then connect to a RADIUS server.
router will then connect to a RADIUS server.
Note: If you are modifying an existing IKE Policy to add XAUTH, if it is in use by a
VPN Policy, the VPN policy must be disabled before you can modify the IKE
Policy.
Policy.