Netgear FVS336G-300NAS Specifications Page 491
- Page / 693
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Manage Users, Authentication, and VPN Certificates
491
ProSAFE Dual WAN Gigabit WAN SSL VPN Firewall FVS336Gv3
VPN Firewall’s Authentication
Users are assigned to a group, and a group is assigned to a domain. Therefore, first create
any domains, then groups, then user accounts.
Note: Do not confuse the authentication groups with the LAN groups that
are described in Manage IPv4 LAN Groups and Hosts on page 133.
You must create name and password accounts for all users who must be able to connect to
the VPN firewall. This includes administrators, guests, and SSL VPN clients. Accounts for
IPSec VPN clients are required only if you have enabled extended authentication (XAUTH) in
your IPSec VPN configuration.
Users connecting to the VPN firewall must be authenticated before being allowed to access
the VPN firewall or the VPN-protected network. The login screen that is presented to the user
requires three items: a user name, a password, and a domain selection. The domain
determines the authentication method that is used and, for SSL connections, the portal layout
that is presented.
Note: IPSec VPN, L2TP, and PPTP users do not belong to a domain and
are not assigned to a group.
Except in the case of IPSec VPN users, when you create a user account, you must specify a
group. When you create a group, you must specify a domain.
The following table summarizes the external authentication protocols and methods that the
VPN firewall supports.
Table 9. External authentication protocols and methods
Authentication
Protocol or Method
Description
PAP Password Authentication Protocol (PAP) is a simple protocol in which the client sends a
password in clear text.
CHAP Challenge Handshake Authentication Protocol (CHAP) executes a three-way handshake
in which the client and server trade challenge messages, each responding with a hash of
the other’s challenge message, which is calculated using a shared secret value.
RADIUS A network-validated PAP or CHAP password-based authentication method that functions
with Remote Authentication Dial In User Service (RADIUS).
MIAS A network-validated PAP or CHAP password-based authentication method that functions
with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft
Windows 2003 Server.
- ProSAFE Dual WAN Gigabit SSL 1
- Firewall 1
- Compliance 2
- Trademarks 2
- Revision History 2
- Contents 3
- Key Features and Capabilities 13
- Security Features 16
- Extensive Protocol Support 16
- Maintenance and Support 17
- Package Contents 18
- Hardware Features 18
- Back Panel 20
- DEFAULT ACCESS 21
- Login Requirements 22
- IPv4 Requirements 24
- IPv6 Requirements 24
- WAN Settings 28
- Complete these tasks: 29
- Classical Routing 31
- IPv4 Internet Connection 32
- Protocol Binding 50
- Method for IPv4 Interfaces 56
- Secondary IPv4 WAN Addresses 60
- Dynamic DNS 63
- Configure Dynamic DNS 63
- Managing Advanced WAN Options 66
- Change a QoS Profile 82
- IPv6 Network 87
- IPv6 Routing Mode 88
- Enable the IPv6 Routing Mode 89
- Connection Automatically 90
- 6to4 Tunnel 101
- ISATAP Tunnel 103
- Configure an ISATAP Tunnel 104
- Change an ISATAP Tunnel 105
- Stateless IP/ICMP Translation 108
- Interfaces 112
- What to Do Next 114
- IPv4 LANs and VLANs 116
- Port-Based VLANs 117
- Assign VLAN Profiles 117
- DHCP Servers 119
- DHCP Relay 120
- DNS Proxy 120
- LDAP Servers 120
- Add a VLAN Profile 121
- 7. Click the Add button 122
- Change a VLAN Profile 125
- Network Database 133
- DHCP Address Reservation 134
- Manage the Network Database 134
- IPv4 DMZ 141
- Manage Static IPv4 Routing 145
- Add a Static IPv4 Route 146
- 9. Click the Apply button 147
- Change a Static IPv4 Route 148
- IPv4 Static Route Example 152
- Manage the IPv6 LAN 154
- Delegation for the LAN 156
- Setting Description 162
- IPv6 LAN Setup 162
- 10. Click the Apply button 163
- Your settings are saved 163
- Add an IPv6 LAN Address Pool 169
- Add Advertisement Prefixes 176
- IPv6 DMZ 185
- Add an IPv6 DMZ Address Pool 201
- Manage Static IPv6 Routing 205
- Change a Static IPv6 Route 207
- 9. Click the Delete button 209
- Customize Firewall Protection 210
- Firewall Protection 211
- Firewall Rules Overview 212
- Default LAN WAN Rules 212
- Default DMZ WAN Rules 213
- Default LAN DMZ Rules 213
- Number of Rules Supported 213
- Categories of Service 213
- Order of Precedence 214
- Settings for Inbound Rules 219
- Add LAN WAN Rules 225
- Add DMZ WAN Rules 235
- Add LAN DMZ Rules 244
- To manage an existing rule: 253
- Examples of Firewall Rules 254
- WAN Rules screen 256
- Addresses 257
- Single LAN User 262
- LAN WAN Rules screen 265
- Site on the Internet 266
- Manage VPN Pass-Through 271
- VPN Pass-Through 272
- Set Limits for IPv4 Sessions 274
- Multicast Pass-Through 278
- Manage Firewall Objects 281
- Firewall Objects 282
- Manage Customized Services 282
- Services Overview 283
- Add a Customized Service 283
- Change a Customized Service 284
- Service Groups Overview 286
- Add a Service Group 287
- Change a Service Group 288
- IP Address Groups Overview 290
- Add an IP Address Group 290
- Change an IP Address Group 292
- Define a Schedule 294
- IPv4 QoS Profiles Overview 296
- Add an IPv4 QoS Profile 296
- Change an IPv4 QoS Profile 298
- Bandwidth Profiles Overview 301
- Change a Bandwidth Profile 304
- Protect Your Network 307
- Manage Content Filtering 308
- Enable Source MAC Filtering 314
- Manage IP/MAC Bindings 316
- Change an IPv4/MAC Binding 319
- Number of Dropped Packets 321
- Change an IPv6/MAC Binding 324
- Manage Port Triggering 327
- Add a Port Triggering Rule 328
- Change a Port Triggering Rule 330
- To enable UPnP: 332
- With IPSec Connections 335
- Dual WAN Port Systems 336
- Configurations 337
- IPSec VPN Wizard Overview 338
- 8. Click the Apply button 342
- Client-to-Gateway Tunnels 347
- 4. Click the Next button 353
- ProSAFE VPN Client 357
- 5. Click the Save button 359
- 8. Click the Save button 360
- 12. Click the Save button 362
- Information 363
- IKE Policies 369
- View the IKE Policies 369
- To view the IKE policies: 370
- Manually Add an IKE Policy 371
- IPv6 settings are identical 373
- Change an IKE Policy 378
- VPN Policies Overview 381
- View the VPN Policies 382
- Manually Add a VPN Policy 384
- Change a VPN Policy 389
- Mode Config Overview 397
- 14. Click the Apply button 404
- Operation 405
- Change a Mode Config Record 413
- Configure Keep-Alives 415
- Dead Peer Detection 417
- Manage the PPTP Server 420
- Item Description 423
- Manage the L2TP Server 424
- L2TP Server Configuration 425
- SSL VPN Portals Overview 429
- SSL VPN Wizard Overview 431
- WARNING: 433
- Domains on page 492 437
- 10. Click the Next button 437
- Disconnect Active Users 447
- Portal Layouts Overview 451
- Create a Portal Layout 451
- Change a Portal Layout 454
- To change a portal layout: 455
- SSL VPN Clients Overview 462
- Network Objects Overview 470
- Add an SSL Network Resource 471
- Add Resource Addresses 473
- SSL Policies Overview 476
- View SSL VPN Policies 477
- VPN Certificates 490
- VPN Firewall’s Authentication 491
- Accounts 492
- Add an Authentication Domain 493
- Manage Authentication Groups 498
- Add an Authentication Group 499
- Manage User Accounts 502
- User Accounts Overview 503
- Add a User Account 504
- Change a User Account 506
- Configure Login Policies 508
- To change a password: 515
- VPN Certificates Overview 517
- Upload a CA Certificate 518
- Remove a CA Certificate 520
- View Self-Signed Certificates 524
- To remove one or more CSRs: 525
- To remove one or more CRLs: 528
- Figure 12. Security alert 529
- Optimize Performance and 530
- Manage Your System 530
- Performance Management 531
- Features That Reduce Traffic 532
- Content Filtering 533
- Source MAC Filtering 534
- Port Triggering 536
- DMZ Port 536
- Exposed Hosts 536
- VPN, L2TP, and PPTP Tunnels 536
- Setting QoS Priorities 537
- Assigning Bandwidth Profiles 537
- Remote Access 538
- Configure Remote Access 539
- To access the CLI: 541
- SNMP Overview 542
- Change an SNMP Configuration 544
- Manage the Configuration File 550
- Back Up Settings 551
- Restore Settings 552
- Upgrade the Firmware 554
- Monitor System Access and 561
- Performance 561
- 11. Click the Apply button 567
- Configure and Activate Logs 571
- Enable the Syslogs 575
- View the DNS Logs 578
- View the NTP Logs 579
- View the System Status 586
- View the VLAN Status 594
- View the IPv6 Tunnel Status 595
- View the VPN Logs 597
- Connection 598
- View the Attached Devices 603
- View the DHCP Log 605
- All log entries are removed 606
- Use the Diagnostics Utilities 608
- Trace a Route 610
- Look Up a DNS Address 612
- Display the Routing Tables 612
- Capture Packets in Real Time 613
- Check the WAN IP Address 619
- Interface 626
- WAN Ports 628
- Planning Overview 629
- Planning for Inbound Traffic 634
- Reliability 640
- Log Message Terms 646
- System Log Messages 646
- Login and Logout 647
- System Startup 648
- Firewall Restart 648
- ICMP Redirect Logs 649
- Multicast and Broadcast Logs 650
- Load Balancing 650
- Auto-Rollover 650
- PPP Logs 652
- • PPTP idle time-out logs 653
- • PPP authentication logs 653
- IPSec VPN Logs 654
- SSL VPN Logs 659
- Routing Logs 660
- LAN to WAN Logs 661
- LAN to DMZ Logs 661
- DMZ to WAN Logs 661
- WAN to LAN Logs 661
- Other Event Logs 662
- Source MAC Filter Logs 663
- Bandwidth Limit Logs 663
- DHCP Logs 664
- Two-Factor Authentication 665
- Two-Factor Authentication 666
- 7. Click the Login button 669
- You are logged in 669
- Specifications 670
- Factory Default Settings 671
- Numerics 679
© 2020, manymanuals.com. All rights reserved. | 4.058 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals