1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRX5308
    5. /
  5. 55
Page 271 / 469 Scroll up to view Page 266 - 270
Virtual Private Networking Using IPSec
and
L2TP Connections
271
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
3.
Click
Apply
to save your settings.
View the Active PPTP Users
To view the active PPTP tunnel users:
Select
Monitoring > Active Users & VPNs > PPTP Active Users
.
The PPTP Active Users
screen displays. (The following figure does not show any active users.)
Figure 180.
The List of PPTP Active Users table lists each active connection with the information that is
described in the following table.
The default poll interval is 5 seconds. To change the poll interval period, enter a new value in
the Poll Interval field, and click the
Set Interval
button. To stop polling, click the
Stop
button.
Encryption
If the authentication is MSCHAP or MSCHAPv2, the PPTP server can support Microsoft Point-to-Point
Encryption (MPPE). Select one or more of the following types of MPPE:
MPPE-40
. MPPE 40-bit encryption.
MPPE-128
. MPPE 128-bit encryption. This is the most secure type of MPPE encryption.
MPPE-stateful
. Stateful MPPE encryption. This is the least secure type of MPPE encryption.
Table 67.
PPTP Active Users screen information
Item
Description
Username
The name of the PPTP user that you have defined (see
Configure User Accounts
on
page
310).
Remote IP
The remote client’s IP address.
PPTP IP
The IP address that is assigned by the PPTP server on the VPN firewall.
Action
Click the
Disconnect
table button to terminate the connection. (This button is displayed
only when there an active connection.)
Table 66.
PPTP Server screen settings (continued)
Setting
Description
Page 272 / 469
Virtual Private Networking Using IPSec
and
L2TP Connections
272
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
Configure the L2TP Server
As an alternate solution to IPSec VPN tunnels, you can configure a Layer 2 Tunneling
Protocol (L2TP) server on the VPN firewall to allow users to access L2TP clients over L2TP
tunnels. A maximum of 25 simultaneous L2TP user sessions are supported. (The very first IP
address of the L2TP address pool is used for distribution to the VPN firewall.)
An L2TP Access Concentrator (LAC) typically initiates a tunnel to fulfill a connection request
from an L2TP user; the L2TP server accommodates the tunnel request. After an L2TP tunnel
is established, the L2TP user can connect to an L2TP client that is located behind the VPN
firewall.
Note:
IPSec VPN provides stronger authentication and encryption than
L2TP. (Packets that traverse the L2TP tunnel are not encapsulated
by IPSec.)
You need to enable the L2TP server on the VPN firewall, specify an L2TP server address
pool, and create L2TP user accounts. (L2TP users are authenticated through local
authentication with geardomain.) For information about how to create L2TP user accounts,
see
Configure User Accounts
on page
310.
To enable the L2TP server and configure the L2TP server pool:
1.
Select
VPN > L2TP Server
.
The L2TP Server screen displays. (The following figure
contains an example.)
Figure 181.
Page 273 / 469
Virtual Private Networking Using IPSec
and
L2TP Connections
273
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
2.
Enter the settings as described in the following table:
3.
Click
Apply
to save your settings.
View the Active L2TP Users
To view the active L2TP tunnel users, select
VPN > Connection Status > L2TP Active
Users
.
The L2TP Active Users screen displays. (The following figure does not show any
active users.)
Figure 182.
The List of L2TP Active Users table lists each active connection with the information that is
described in the following table.
Table 68.
L2TP Server screen settings
Setting
Description
L2TP Server Configuration
Enable
To enable the L2TP server, select the
Enable
check box.
Starting IP Address
The first IP address of the pool. This address is used for distribution to the VPN
firewall.
Ending IP Address
The last IP address of the pool. A maximum of 26 contiguous addresses is
supported. (The first address of the pool cannot be assigned to a user.)
Idle Timeout
The period after which an idle user is automatically logged out of the L2TP server.
The default idle time-out period is 5 minutes.
Authentication
Select one or more of the following authentication methods to authenticate L2TP users:
PAP
. RADIUS-Password Authentication Protocol (PAP).
CHAP
. RADIUS-Challenge Handshake Authentication Protocol (CHAP).
MSCHAP
. RADIUS-Microsoft CHAP (MSCHAP).
MSCHAPv2
. RADIUS-Microsoft CHAP version 2 (MSCHAPv2).
Table 69.
L2TP Active Users screen information
Item
Description
Username
The name of the L2TP user that you have defined (see
Configure User Accounts
on
page
310
).
Remote IP
The client’s IP address on the remote L2TP Access Concentrator (LAC).
Page 274 / 469
Virtual Private Networking Using IPSec
and
L2TP Connections
274
ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308
L2TP IP
The IP address that is assigned by the L2TP server on the VPN firewall.
Action
Click the
Disconnect
table button to terminate the L2TP connection.
Table 69.
L2TP Active Users screen information (continued)
Item
Description
Page 275 / 469
275
6
6.
Virtual Private Networking Using
SSL
Connections
The VPN firewall provides a hardware-based SSL VPN solution designed specifically to provide
remote access for mobile users to their corporate resources, bypassing the need for a
preinstalled VPN client on their computers. Using the familiar Secure Sockets Layer (SSL)
protocol, commonly used for e-commerce transactions, the VPN firewall can authenticate itself
to an SSL-enabled client, such as a standard web browser. Once the authentication and
negotiation of encryption information are completed, the server and client can establish an
encrypted connection. With support for up to five dedicated SSL VPN tunnels, the VPN firewall
allows users to easily access the remote network for a customizable, secure, user portal
experience from virtually any available platform.
This chapter contains the following sections:
SSL VPN Portal Options
Overview of the SSL Configuration Process
Create the Portal Layout
Configure Domains, Groups, and Users
Configure Applications for Port Forwarding
Configure the SSL VPN Client
Use Network Resource Objects to Simplify Policies
Configure User, Group, and Global Policies
Access the New SSL Portal Login Screen
View the SSL VPN Connection Status and SSL VPN Log

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top