Netgear FVS336G-300NAS Specifications Page 392
- Page / 693
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Set Up Virtual Private Networking With IPSec Connections
392
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv3
Extended Authentication Overview
When many VPN clients connect to a VPN firewall, you might want to use a unique user
authentication method beyond relying on a single common pre-shared key for all clients.
Although you could configure a unique VPN policy for each user, it is more efficient to
authenticate users from a stored list of user accounts. Extended authentication (XAUTH)
provides the mechanism for requesting individual authentication information from the user.
The VPN firewall’s local user database or an external authentication server, such as a
RADIUS server, provides a method for storing the authentication information centrally in the
local network.
You can enable XAUTH when you manually add or change an IKE policy. The VPN firewall
provides two types of XAUTH:
• Edge device. The VPN firewall functions as a VPN concentrator on which one or more
gateway tunnels terminate. Specify the authentication type that must be used during
verification of the credentials of the remote VPN gateways: the VPN firewall’s user
database, an external RADIUS-PAP server, or an external RADIUS-CHAP server.
• IPSec host. The VPN firewall functions as a VPN client of the remote gateway.
Authentication occurs at the remote gateway through a user name and password that are
associated with the IKE policy. The user name and password that are used to
authenticate the VPN firewall must be specified on the remote gateway.
After you have enabled XAUTH, you must establish user accounts in the VPN firewall’s local
user database to be authenticated against XAUTH or you must enable a RADIUS-CHAP or
RADIUS-PAP server.
If you use a RADIUS-PAP server for authentication, XAUTH first checks the VPN firewall
local user database for the user credentials. If the user account is not present, the VPN
firewall then connects to a RADIUS server.
Enable and Configure Extended Authentication for VPN Clients
The following procedure describes how to enable and configure extended authentication
(XAUTH) for VPN clients.
To enable and configure XAUTH:
1. On your computer, launch an Internet browser.
2. In the address field of your browser, enter the IP address that was assigned to the VPN
firewall during the installation process.
The VPN firewall factory default IP address is 192.168.1.1.
The NETGEAR Configuration Manager Login screen displays.
3. In the Username field, type your user name and in the Password / Passcode field, type
your password.
For the default administrative account, the default user name is admin and the default
password is password.
- ProSAFE Dual WAN Gigabit SSL 1
- Firewall 1
- Compliance 2
- Trademarks 2
- Revision History 2
- Contents 3
- Key Features and Capabilities 13
- Security Features 16
- Extensive Protocol Support 16
- Maintenance and Support 17
- Package Contents 18
- Hardware Features 18
- Back Panel 20
- DEFAULT ACCESS 21
- Login Requirements 22
- IPv4 Requirements 24
- IPv6 Requirements 24
- WAN Settings 28
- Complete these tasks: 29
- Classical Routing 31
- IPv4 Internet Connection 32
- Protocol Binding 50
- Method for IPv4 Interfaces 56
- Secondary IPv4 WAN Addresses 60
- Dynamic DNS 63
- Configure Dynamic DNS 63
- Managing Advanced WAN Options 66
- Change a QoS Profile 82
- IPv6 Network 87
- IPv6 Routing Mode 88
- Enable the IPv6 Routing Mode 89
- Connection Automatically 90
- 6to4 Tunnel 101
- ISATAP Tunnel 103
- Configure an ISATAP Tunnel 104
- Change an ISATAP Tunnel 105
- Stateless IP/ICMP Translation 108
- Interfaces 112
- What to Do Next 114
- IPv4 LANs and VLANs 116
- Port-Based VLANs 117
- Assign VLAN Profiles 117
- DHCP Servers 119
- DHCP Relay 120
- DNS Proxy 120
- LDAP Servers 120
- Add a VLAN Profile 121
- 7. Click the Add button 122
- Change a VLAN Profile 125
- Network Database 133
- DHCP Address Reservation 134
- Manage the Network Database 134
- IPv4 DMZ 141
- Manage Static IPv4 Routing 145
- Add a Static IPv4 Route 146
- 9. Click the Apply button 147
- Change a Static IPv4 Route 148
- IPv4 Static Route Example 152
- Manage the IPv6 LAN 154
- Delegation for the LAN 156
- Setting Description 162
- IPv6 LAN Setup 162
- 10. Click the Apply button 163
- Your settings are saved 163
- Add an IPv6 LAN Address Pool 169
- Add Advertisement Prefixes 176
- IPv6 DMZ 185
- Add an IPv6 DMZ Address Pool 201
- Manage Static IPv6 Routing 205
- Change a Static IPv6 Route 207
- 9. Click the Delete button 209
- Customize Firewall Protection 210
- Firewall Protection 211
- Firewall Rules Overview 212
- Default LAN WAN Rules 212
- Default DMZ WAN Rules 213
- Default LAN DMZ Rules 213
- Number of Rules Supported 213
- Categories of Service 213
- Order of Precedence 214
- Settings for Inbound Rules 219
- Add LAN WAN Rules 225
- Add DMZ WAN Rules 235
- Add LAN DMZ Rules 244
- To manage an existing rule: 253
- Examples of Firewall Rules 254
- WAN Rules screen 256
- Addresses 257
- Single LAN User 262
- LAN WAN Rules screen 265
- Site on the Internet 266
- Manage VPN Pass-Through 271
- VPN Pass-Through 272
- Set Limits for IPv4 Sessions 274
- Multicast Pass-Through 278
- Manage Firewall Objects 281
- Firewall Objects 282
- Manage Customized Services 282
- Services Overview 283
- Add a Customized Service 283
- Change a Customized Service 284
- Service Groups Overview 286
- Add a Service Group 287
- Change a Service Group 288
- IP Address Groups Overview 290
- Add an IP Address Group 290
- Change an IP Address Group 292
- Define a Schedule 294
- IPv4 QoS Profiles Overview 296
- Add an IPv4 QoS Profile 296
- Change an IPv4 QoS Profile 298
- Bandwidth Profiles Overview 301
- Change a Bandwidth Profile 304
- Protect Your Network 307
- Manage Content Filtering 308
- Enable Source MAC Filtering 314
- Manage IP/MAC Bindings 316
- Change an IPv4/MAC Binding 319
- Number of Dropped Packets 321
- Change an IPv6/MAC Binding 324
- Manage Port Triggering 327
- Add a Port Triggering Rule 328
- Change a Port Triggering Rule 330
- To enable UPnP: 332
- With IPSec Connections 335
- Dual WAN Port Systems 336
- Configurations 337
- IPSec VPN Wizard Overview 338
- 8. Click the Apply button 342
- Client-to-Gateway Tunnels 347
- 4. Click the Next button 353
- ProSAFE VPN Client 357
- 5. Click the Save button 359
- 8. Click the Save button 360
- 12. Click the Save button 362
- Information 363
- IKE Policies 369
- View the IKE Policies 369
- To view the IKE policies: 370
- Manually Add an IKE Policy 371
- IPv6 settings are identical 373
- Change an IKE Policy 378
- VPN Policies Overview 381
- View the VPN Policies 382
- Manually Add a VPN Policy 384
- Change a VPN Policy 389
- Mode Config Overview 397
- 14. Click the Apply button 404
- Operation 405
- Change a Mode Config Record 413
- Configure Keep-Alives 415
- Dead Peer Detection 417
- Manage the PPTP Server 420
- Item Description 423
- Manage the L2TP Server 424
- L2TP Server Configuration 425
- SSL VPN Portals Overview 429
- SSL VPN Wizard Overview 431
- WARNING: 433
- Domains on page 492 437
- 10. Click the Next button 437
- Disconnect Active Users 447
- Portal Layouts Overview 451
- Create a Portal Layout 451
- Change a Portal Layout 454
- To change a portal layout: 455
- SSL VPN Clients Overview 462
- Network Objects Overview 470
- Add an SSL Network Resource 471
- Add Resource Addresses 473
- SSL Policies Overview 476
- View SSL VPN Policies 477
- VPN Certificates 490
- VPN Firewall’s Authentication 491
- Accounts 492
- Add an Authentication Domain 493
- Manage Authentication Groups 498
- Add an Authentication Group 499
- Manage User Accounts 502
- User Accounts Overview 503
- Add a User Account 504
- Change a User Account 506
- Configure Login Policies 508
- To change a password: 515
- VPN Certificates Overview 517
- Upload a CA Certificate 518
- Remove a CA Certificate 520
- View Self-Signed Certificates 524
- To remove one or more CSRs: 525
- To remove one or more CRLs: 528
- Figure 12. Security alert 529
- Optimize Performance and 530
- Manage Your System 530
- Performance Management 531
- Features That Reduce Traffic 532
- Content Filtering 533
- Source MAC Filtering 534
- Port Triggering 536
- DMZ Port 536
- Exposed Hosts 536
- VPN, L2TP, and PPTP Tunnels 536
- Setting QoS Priorities 537
- Assigning Bandwidth Profiles 537
- Remote Access 538
- Configure Remote Access 539
- To access the CLI: 541
- SNMP Overview 542
- Change an SNMP Configuration 544
- Manage the Configuration File 550
- Back Up Settings 551
- Restore Settings 552
- Upgrade the Firmware 554
- Monitor System Access and 561
- Performance 561
- 11. Click the Apply button 567
- Configure and Activate Logs 571
- Enable the Syslogs 575
- View the DNS Logs 578
- View the NTP Logs 579
- View the System Status 586
- View the VLAN Status 594
- View the IPv6 Tunnel Status 595
- View the VPN Logs 597
- Connection 598
- View the Attached Devices 603
- View the DHCP Log 605
- All log entries are removed 606
- Use the Diagnostics Utilities 608
- Trace a Route 610
- Look Up a DNS Address 612
- Display the Routing Tables 612
- Capture Packets in Real Time 613
- Check the WAN IP Address 619
- Interface 626
- WAN Ports 628
- Planning Overview 629
- Planning for Inbound Traffic 634
- Reliability 640
- Log Message Terms 646
- System Log Messages 646
- Login and Logout 647
- System Startup 648
- Firewall Restart 648
- ICMP Redirect Logs 649
- Multicast and Broadcast Logs 650
- Load Balancing 650
- Auto-Rollover 650
- PPP Logs 652
- • PPTP idle time-out logs 653
- • PPP authentication logs 653
- IPSec VPN Logs 654
- SSL VPN Logs 659
- Routing Logs 660
- LAN to WAN Logs 661
- LAN to DMZ Logs 661
- DMZ to WAN Logs 661
- WAN to LAN Logs 661
- Other Event Logs 662
- Source MAC Filter Logs 663
- Bandwidth Limit Logs 663
- DHCP Logs 664
- Two-Factor Authentication 665
- Two-Factor Authentication 666
- 7. Click the Login button 669
- You are logged in 669
- Specifications 670
- Factory Default Settings 671
- Numerics 679
© 2020, manymanuals.com. All rights reserved. | 2.519 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals