Virtual Private Networking Using IPv4 IPSec and L2TP Connections
206
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
8. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table.
Configure the ProSafe VPN Client for Mode Config Operation
When the Mode Config feature is enabled, the following information is negotiated between
the VPN client and the wireless VPN firewall during the authentication phase:
• V
irtual IP address of the VPN client
• DNS server ad
dress (optional)
• WINS server
address (optional)
The virtual IP address that is issued by the wirele
ss VPN firewall is displayed in the VPN
Client Address field on the VPN client’s IPSec pane.
Extended Authentication
XAUTH Configuration
Note: For more
in
formation about
XAUTH and its
authentication
modes, see Configure
XAUTH for VPN
Clients on pag
e 195.
Select one of the following radio buttons to specify
whether or not Extended
Authentication (XAUTH) is enabled, and, if enabled, which device is used to verify
user account information:
• None. XAUTH is
disabled. This the default setting.
• Edge Device. The wireless VPN firewall functions as a VPN concentrator on
which one or more gateway tunnels terminate. The authentication modes that
are available for this configuration are User Database, RADIUS PAP, and
RADIUS CHAP.
• IPSec Host. T
he wireless VPN firewall functions as a VPN client of the remote
gateway. In this configuration the wireless VPN firewall is authenticated by a
remote gateway with a user name and password combination.
Authentication
Ty
pe
For an Edge Device configuration, from the drop-down list,
select one of the following authentication types:
• Use
r Database. XAUTH occurs through the wireless VPN
firewall’s user database. You can add users on the Add User
screen (see User Database Configuration on
page 196).
• Radius PAP. XAUTH occurs through RADIUS Password
Authentication Protocol (PAP). The local user database is
first checked. If the user account is not present in the local
user database, the wireless VPN firewall connects to a
RADIUS server. For more information, see RADIUS Client
Configuration on
page 196.
• Radius CHAP. XAUTH occurs thro
ugh RADIUS Challenge
Handshake Authentication Protocol (CHAP). For more
information, see RADIUS Client Configuration on page 196.
Username The user name for XAUTH.
Password The password for XAUTH.
Table 50. Add IKE Policy screen settings for a Mode Config configuration (continued)
Setting Description
To Next Page
Loading...
