Справочник Пользователя для Netgear UTM150 – ProSECURE Unified Threat Management (UTM) Appliance
Configure VPN Tunnels
28
NETGEAR ProSAFE VPN Client
Note:
You can use the VPN Wizard to enter some authentication settings
(select Configuration > Wizard), but after you complete the wizard,
you must also specify the advanced authentication, IPSec, and
parameter settings.
(select Configuration > Wizard), but after you complete the wizard,
you must also specify the advanced authentication, IPSec, and
parameter settings.
Configure IKE Authentication Settings
You can specify the settings for the authentication phase, which is also referred to as phase 1
or as the Internet Key Exchange (IKE) negotiation phase. The purpose of phase 1 is to
negotiate IKE policy sets, authenticate the peers, and set up a secure channel between the
peers. As part of phase 1, each end system must identify and authenticate itself to the other.
or as the Internet Key Exchange (IKE) negotiation phase. The purpose of phase 1 is to
negotiate IKE policy sets, authenticate the peers, and set up a secure channel between the
peers. As part of phase 1, each end system must identify and authenticate itself to the other.
You can specify settings for several authentication phases, enabling one computer to
establish IPSec VPN connections with several gateways or other computers (peer-to-peer
connections).
establish IPSec VPN connections with several gateways or other computers (peer-to-peer
connections).
A pre-shared key is the authentication method that is the easiest to implement but is also the
weakest in terms of security. The VPN Client supports the following authentication methods,
which are listed in the order of increased security (from weakest to strongest security):
which are listed in the order of increased security (from weakest to strongest security):
•
Pre-shared key
•
Static extended authentication
•
Dynamic extended authentication
•
Certificate stored in the VPN security policy
•
Certificate in the Windows Certificate Store
•
Certificate on a smart card or token
To configure authentication IKE settings:
1.
On your desktop, double-click the VPN Client shortcut
.