Name: NETGEAR FVS318G
Brand: NETGEAR
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Virtual Private Networking Using IPSec and L2TP Connections

257

NETGEAR ProSAFE VPN Firewall FVS318G v2

The Edit VPN Policy screen displays. This screen shows the same fields as the Add New

VPN Policy screen.

5. Mo

dify the settings that you wish to change (see T

able 53 on page 252).

6. Click the Ap

ply button.

Your changes are saved.

Configure Extended Authentication (XAUTH)

When many VPN clients connect to a VPN firewall, you might want to use a unique user

authentication method beyond relying on a single common pre-shared key for all clients.

Although you could configure a unique VPN policy for each user, it is more efficient to

authenticate users from a stored list of user accounts. XAUTH provides the mechanism for

requesting individual authentication information from the user. A local user database or an

external authentication server, such as a RADIUS server, provides a method for storing the

authentication information centrally in the local network.

You can enable XAUTH when you manually add or edit an IKE policy

. T

wo types of XAUTH

are available:

• Edg

e Device. The VPN fire

wall is used as a VPN concentrator on which one or more

gateway tunnels terminate. You must specify the authentication type to be used during

verification of the credentials of the remote VPN gateways: the user database,

RADIUS-PAP, or RADIUS-CHAP.

• IPSec Host. Authe

ntication by the remote gateway through a user name and password

that are associated with the IKE policy. The user name and password that are used to

authenticate the VPN firewall must be specified on the remote gateway.

If a RADIUS-PAP server is enabled for authentication, XAUTH first c

hecks the local user

database for the user credentials. If the user account is not present, the VPN firewall then

connects to a RADIUS server.

This section contains the following topics:

• Configure XAUTH for VPN Clients

• User Database Configuration

• RADIUS Client and Server Configuration

Configure XAUTH for VPN Clients

Once the XAUTH is enabled, you must establish user accounts in the user database to be

authenticated against XAUTH, or you must enable a RADIUS-CHAP or RADIUS-PAP server.

You cannot modify an existing IKE policy to add XAUTH while the IKE policy is in use by a

VPN policy

. The VPN policy must be disabled befo

re you can modify the IKE policy.

 To enable and configure XAUTH:

1. Log in to the unit:

Questions and Answers:

Need help?

Do you have a question about the NETGEAR FVS318G and is the answer not in the manual?

NETGEAR FVS318G Specifications

General

Power requirements	12V DC, 1.5A
Firewall throughput	250 Mbit/s
Maximum data transfer rate	1000 Mbit/s
HTTP performance	6000 transactions/sec
Wi-Fi	No
DHCP server	Yes
Number of VLANs	256
VPN tunnels quantity	12
WAN connection	Ethernet (RJ-45)
Connectivity technology	Wired
Ethernet LAN (RJ-45) ports	9
Ethernet DMZ ports quantity	1
Routing protocols	RIP-1, RIP-2
Supported network protocols	TCP/IP, UDP, ICMP, PPPoE
VPN support	IPsec (ESP), IKE, PKI, HTTPS
Security algorithms	128-bit AES, 192-bit AES, 256-bit AES, 3DES, DES, MD5, SHA-1
Internal memory	128 MB
Flash memory	32 MB
Storage media type	Flash
Processor frequency	300 MHz
Storage temperature (T-T)	-20 - 70 °C
Operating temperature (T-T)	0 - 45 °C
Cables included	LAN (RJ-45)