1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. FVS338
    5. /
  5. 22
Page 106 / 178 Scroll up to view Page 101 - 105
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-16
Virtual Private Networking
v1.0, September 2006
8.
In the left frame, click on
My Identity
(shown in
Figure 5-10
).
9.
From the
Select Certificate
pull-down menu, select
None
.
10.
From the
ID Type
pull-down menu, select
Domain Name
.
The value entered under Domain Name will be in the form “<
name
><
XY
>.fvs_remote.com”,
where each user must use a different variation on the Domain Name entered here. The <
name
>
is the policy name used in the FVS338 configuration. In this example, it is “home”. X and Y
are an arbitrary pair of numbers chosen for each user.
In this example, we entered “home11.fvs_remote.com”. Up to 25 user variations can be served
by one policy.
11.
Leave Virtual Adapter disabled, and select your computer’s Network Adapter. Your current IP
address will appear.
Figure 5-9
Note:
X may not be zero!
fvs_local.com
Page 107 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-17
v1.0, September 2006
12.
Before leaving the My Identity menu, click
Pre-Shared Key
.
13.
Click
Enter Key
, and type your preshared key. Click
OK
. This key will be shared by all users
of the FVS338 policy “home”.
Figure 5-10
Figure 5-11
10.0.0.12
home11.fvs_remote.com
10.0.0.12
Page 108 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-18
Virtual Private Networking
v1.0, September 2006
14.
In the left frame, click
Security Policy
(shown in
Figure 5-12
).
15.
Select
Phase 1 Negotiation Mode
by checking the
Aggressive Mode
radio box.
16.
PFS Key Group
should be disabled, and
Enable Replay Detection
should be enabled.
17.
In the left frame, expand
Authentication (Phase 1)
and select
Proposal 1
. Compare with the
figure below. No changes should be necessary.
Figure 5-12
Figure 5-13
Page 109 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
Virtual Private Networking
5-19
v1.0, September 2006
18.
In the left frame, expand
Key Exchange (Phase 2)
and select
Proposal 1
. Compare with the
figure below. No changes should be necessary.
19.
In the upper left of the window, click the disk icon to save the policy.
Testing the Connection
To test your VPN connection:
1.
Right-click the VPN client icon
in your Windows toolbar and select
Connect...
, and then
select
My Connections\to_FVS
.
Within 30 seconds you should receive the message “Successfully connected to My
Connections\to_FVS” and the VPN client icon in the toolbar should display On:
2.
For additional status and troubleshooting information, right-click the VPN client icon
in
your Windows toolbar and select
Connection Monitor
or
Log Viewer
; or view the VPN Logs
and VPN Connection Status of the FVS338.
Figure 5-14
Page 110 / 178
FVS338 ProSafe VPN Firewall 50 Reference Manual
5-20
Virtual Private Networking
v1.0, September 2006
Extended Authentication (XAUTH) Configuration
When connecting many VPN clients to a VPN gateway router, an administrator may want a unique
user authentication method beyond relying on a single common preshared key for all clients.
Although the administrator could configure a unique VPN policy for each user, it is more
convenient for the VPN gateway router to authenticate users from a stored list of user accounts.
XAUTH provides the mechanism for requesting individual authentication information from the
user, and a local User Database or an external authentication server, such as a RADIUS server,
provides a method for storing the authentication information centrally in the local network.
XAUTH is enabled when adding or editing an IKE Policy. Two types of XAUTH are available:
Edge Device.
If this is selected, the router is used as a VPN concentrator where one or more
gateway tunnels terminate. If this option is chosen, you must specify the authentication type to
be used in verifying credentials of the remote VPN gateways: User Database, RADIUS-PAP,
or RADIUS-CHAP.
IPSec Host.
If you want authentication by the remote gateway, enter a User Name and
Password to be associated with this IKE policy. If this option is chosen, the remote gateway
must specify the user name and password used for authenticating this gateway.
Figure 5-15

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top