Manage Users, Authentication, and VPN Certificates
262
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
3. Change the settings as explained in the following table:
4. Click Apply
to save your settings.
Manage Digital Certificates for VPN Connections
The wireless VPN firewall uses digital certificates (also known as X509 certificates) during
the Internet Key Exchange (IKE) authentication phase to authenticate connecting IPSec VPN
gateways or clients, or to be authenticated by remote entities. The same digital certificates
are extended for secure web access connections over HTTPS (that is, SSL connections).
Digital certificates either can be self-signed or ca
n be issued by certification authorities (CAs)
such as an internal Windows server or an external organization such as Verisign or Thawte.
However, if the digital certificate contains the extKeyUsa
ge extension, the certificate needs to
be used for one of the purposes defined by the extension. For example, if the digital
certificate contains the extKeyUsage extension that is defined for SNMPv2, the same
certificate cannot be used for secure web management. The extKeyUsage would govern the
certificate acceptance criteria on the wireless VPN firewall when the same digital certificate is
being used for secure web management.
On the wireless VPN firewall, the uploaded digit
al certificate is checked for validity and
purpose. The digital certificate is accepted when it passes the validity test and the purpose
matches its use. The check for the purpose needs to correspond to its use for IPSec VPN,
SSL VPN, or both. If the defined purpose is for IPSec VPN and SSL VPN, the digital
Table 67. Edit User screen settings
Setting Description
Select User
Ty
pe
From the drop-down list, select one of the predefined user types that determines the
access credentials:
• SSL VPN
User. User who can log in only to the SSL VPN portal.
• Administra
tor. User who has full access and the capacity to change the wireless VPN
firewall configuration (that is, read/write access).
• Gues
t (readonly). User who can only view the wireless VPN firewall configuration (that
is, read-only access).
• IPSEC VPN
User. A user who can make an IPSec VPN connection only through a
NETGEAR ProSafe VPN Client, and only when the XAUTH feature is enabled (see
Configure Extended Authentication (XAUTH) on page 194).
• L2
TP User. User who can connect over an L2TP connection to an L2TP client that is
located behind the wireless VPN firewall.
Check to Edit
Passwor
d
Select this check box to make the password fields accessible to modify the password.
Enter Your Password Enter the password with which you have logged in.
New Password Enter the new password.
Confirm New Password Reenter the new password for confirmation.
Idle Timeout The period after which an idle user is automatical
ly logged out of the web management
interface. The default idle time-out period is 5 minutes.
To Next Page
Loading...
