Netgear SRX5308 Specifications Page 174
- Page / 357
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Virtual Private Networking Using IPSec Connections
174
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
4. Click Apply to save your settings.
User Database Configuration
When XAUTH is enabled in an Edge Device configuration, users are authenticated either
through a local user database account or by an external RADIUS server. Whether or not you
use a RADIUS server, you might want some users to be authenticated locally. These users
need to be added to the List of Users table on the Users screen, as described in Configure
User Accounts on page 227.
RADIUS Client Configuration
Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for managing
authentication, authorization, and accounting (AAA) of multiple users in a network. A
RADIUS server stores a database of user information, and can validate a user at the request
of a gateway or server in the network when a user requests access to network resources.
During the establishment of a VPN connection, the VPN gateway can interrupt the process
with an XAUTH request. At that point, the remote user needs to provide authentication
information such as a user name and password or some encrypted response using his or her
user name and password information. The gateway then attempts to verify this information
first against a local user database (if RADIUS-PAP is enabled) and then by relaying the
information to a central authentication server such as a RADIUS server.
To configure primary and backup RADIUS servers:
1. Select VPN > IPSec VPN > RADIUS Client. The RADIUS Client screen displays:
Authentication
Type
For an Edge Device configuration: from the drop-down list, select one of the
following authentication types:
• User Database. XAUTH occurs through the VPN firewall’s user database. You
can add users on the Add User screen (see User Database Configuration on
page 174).
• Radius PAP. XAUTH occurs through RADIUS Password Authentication Protocol
(PAP). The local user database is first checked. If the user account is not present
in the local user database, the VPN firewall connects to a RADIUS server. For
more information, see RADIUS Client Configuration on page 174.
• Radius CHAP. XAUTH occurs through RADIUS Challenge Handshake
Authentication Protocol (CHAP). For more information, see RADIUS Client
Configuration on page 174.
Username The user name for XAUTH.
Password The password for XAUTH.
Table 41. Extended authentication settings (continued)
Setting Description
- ProSafe Gigabit Quad WAN 1
- SSL VPN Firewall SRX5308 1
- Technical Support 2
- Trademarks 2
- Statement of Conditions 2
- Revision History 2
- Contents 3
- Chapter 3 LAN Configuration 4
- Chapter 4 Firewall Protection 4
- Key Features and Capabilities 10
- Introduction 11
- Security Features 12
- Extensive Protocol Support 12
- Maintenance and Support 13
- Package Contents 14
- Hardware Features 14
- Figure 1 15
- Table 1. LED descriptions 15
- Rear Panel 16
- Figure 3 17
- Using the Rack-Mounting Kit 18
- Internet 19
- Log In to the VPN Firewall 20
- Figure 5 21
- Figure 6 22
- Figure 9 24
- Figure 10 25
- Figure 11 26
- Figure 12 27
- Figure 13 28
- Figure 14 29
- Figure 15 30
- Figure 16 31
- Table 5. DNS server settings 31
- Configure the WAN Mode 32
- Configure Classical Routing 33
- Configure Auto-Rollover Mode 34
- Figure 18 35
- Configure Load Balancing 37
- Figure 20 38
- Figure 21 39
- To edit a protocol binding: 40
- Configure Dynamic DNS 42
- To configure DDNS: 43
- Figure 23 44
- Figure 24 45
- Configure WAN QoS Profiles 46
- Figure 25 47
- Figure 26 48
- Figure 27 50
- To edit a QoS profile: 51
- To delete a QoS profile: 51
- Figure 28 52
- What to Do Next 54
- LAN Configuration 55
- Port-Based VLANs 56
- Figure 29 57
- VLAN DHCP Options 58
- Configure a VLAN Profile 59
- Figure 31 60
- To edit a VLAN profile: 64
- Figure 32 65
- Figure 33 66
- Manage the Network Database 68
- Figure 35 70
- Figure 36 71
- Set Up Address Reservation 72
- Figure 37 73
- Manage Routing 75
- Configure Static Routes 76
- Figure 40 78
- Static Route Example 80
- Administrator Tips 82
- Services-Based Rules 83
- Order of Precedence for Rules 90
- Set LAN WAN Rules 91
- Figure 42 92
- Figure 43 93
- Figure 44 94
- Set DMZ WAN Rules 95
- Figure 46 96
- Figure 47 97
- Set LAN DMZ Rules 98
- Figure 49 99
- Figure 50 100
- Inbound Rules Examples 101
- Figure 52 102
- Figure 53 103
- Firewall Protection 104
- Outbound Rules Example 105
- Attack Checks 106
- Figure 56 107
- Set Session Limits 109
- To enable ALG for SIP: 111
- Figure 58 111
- Add Customized Services 112
- To edit a service: 113
- Figure 60 113
- Create IP Groups 114
- Figure 62 115
- To edit an IP group: 115
- To delete an IP group: 115
- To create a QoS profile: 116
- Figure 63 117
- Figure 64 117
- Create Bandwidth Profiles 118
- Figure 65 119
- Figure 66 120
- To set a schedule: 121
- Figure 67 122
- Content Filtering 123
- Figure 68 125
- Enable Source MAC Filtering 126
- Figure 69 127
- Set Up IP/MAC Bindings 128
- Figure 70 129
- Configure Port Triggering 130
- Figure 71 131
- Figure 72 132
- Figure 73 133
- Virtual Private Networking 134
- Using IPSec Connections 134
- Configurations 136
- Figure 77 137
- Figure 78 138
- Figure 79 139
- Figure 80 140
- Figure 81 140
- Figure 82 141
- Figure 83 143
- Figure 84 144
- Figure 85 145
- Figure 86 145
- Figure 87 146
- Figure 88 146
- Figure 89 148
- Figure 90 149
- Figure 91 149
- Figure 92 150
- Figure 93 151
- Figure 94 153
- Figure 95 154
- Information 155
- Figure 97 156
- Figure 98 156
- Figure 99 156
- Figure 100 156
- Figure 101 157
- Figure 102 157
- To view the IPSec VPN logs: 158
- Logs screen in view.: 158
- Manage IPSec VPN Policies 159
- IKE Policies Screen 160
- Figure 105 161
- Configure VPN Policies 165
- VPN Policies Screen 166
- To manually add a VPN policy: 168
- Figure 106 on page 166) 168
- To edit a VPN policy: 172
- User Database Configuration 174
- RADIUS Client Configuration 174
- Figure 108 175
- Mode Config Operation 176
- Figure 109 177
- Figure 110 178
- Figure 111 180
- Operation 183
- Figure 112 184
- Figure 114 185
- Figure 113 185
- Figure 115 186
- Figure 116 188
- Figure 117 189
- Figure 118 190
- Figure 119 190
- Figure 120 191
- Configure Keep-alives 192
- Configure Dead Peer Detection 193
- Figure 123 195
- Using SSL Connections 196
- Create the Portal Layout 198
- Figure 124 199
- Figure 125 200
- To edit a portal layout: 201
- Add Servers and Port Numbers 202
- Figure 126 203
- Add a New Host Name 204
- Configure the SSL VPN Client 205
- Figure 127 206
- VPN tunnel clients 207
- Setting Description 207
- Add New Network Resources 208
- To edit a resource: 209
- Figure 129 209
- View Policies 211
- Add a Policy 212
- Figure 131 213
- To edit an SSL VPN policy: 216
- Figure 132 217
- Figure 133 217
- Figure 134 218
- To view the SSL VPN Logs: 218
- Figure 135 218
- Certificates 219
- To create a domain: 220
- Figure 136 221
- Figure 137 221
- Edit Domains 223
- Create and Delete Groups 224
- Figure 138 225
- Edit Groups 226
- Configure User Accounts 227
- Figure 141 228
- Set User Login Policies 229
- Figure 143 230
- Figure 144 232
- To modify user settings: 233
- Figure 145 233
- Manage Digital Certificates 234
- Certificates Screen 235
- Manage CA Certificates 236
- Figure 147 237
- Figure 149 239
- To delete one or more SCRs: 240
- To delete one or more CRLs: 241
- Network and System Management 242
- Features That Reduce Traffic 243
- Source MAC Filtering 245
- Port Triggering 246
- DMZ Port 247
- Exposed Hosts 247
- VPN Tunnels 247
- Assign QoS Profiles 247
- System Management 248
- Figure 151 249
- Figure 152 249
- Figure 153 251
- Manage the SNMP Configuration 254
- Figure 155 255
- Manage the Configuration File 256
- Back Up Settings 257
- Restore Settings 258
- Figure 158 260
- Monitoring System Access and 263
- Performance 263
- Figure 159 264
- Enable the LAN Traffic Meter 266
- Figure 161 267
- Figure 162 267
- Figure 163 269
- Figure 164 270
- View Status and Log Screens 274
- View the Router Status Screen 275
- Figure 166 276
- Figure 167 277
- View the VLAN Status 280
- Figure 168 281
- Figure 169 282
- Figure 170 282
- View the VPN Logs 283
- To view the SSL VPN log: 284
- Figure 174 285
- Figure 175 286
- View Attached Devices 287
- View the DHCP Log 288
- Use the Diagnostics Utilities 289
- Look Up a DNS Address 290
- Display the Routing Table 290
- Reboot the VPN Firewall 291
- Capture Packets 291
- Figure 180 292
- Basic Functioning 294
- LAN or WAN Port LEDs Not On 295
- Problems with Date and Time 300
- Specifications 302
- Inbound Traffic 311
- Figure 185 312
- Figure 186 312
- Virtual Private Networks 313
- Figure 188. f 314
- Figure 189 314
- Figure 190 315
- Figure 191 315
- VPN Gateway-to-Gateway 316
- Figure 194 317
- Figure 195 317
- Figure 196 318
- Figure 197 318
- Figure 198 319
- Figure 199 320
- Figure 200 320
- Figure 201 321
- Table 81. Log message terms 322
- System Log Messages 323
- Login/Logout 324
- System Startup 324
- Firewall Restart 325
- IPSec Restart 325
- WAN Status 326
- Auto-Rollover 327
- PPP Logs 328
- • PPTP Idle Timeout Logs 329
- Resolved DNS Names 330
- VPN Log Messages 330
- SSL VPN Logs 335
- Routing Logs 336
- LAN to DMZ Logs 337
- DMZ to WAN Logs 337
- WAN to LAN Logs 337
- DMZ to LAN Logs 337
- Other Event Logs 338
- DHCP Logs 339
- Two-Factor Authentication 341
- Figure 202 343
- Figure 203 343
- Figure 204 344
- Notification of Compliance 345
- Numerics 347
© 2020, manymanuals.com. All rights reserved. | 0.129 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals