1. Home
    2. /
  2. Manuals
    3. /
  3. NETGEAR
    4. /
  4. SRXN3205
    5. /
  5. 30
Page 146 / 218 Scroll up to view Page 141 - 145
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
7-18
Virtual Private Networking Using SSL
v1.0, October 2008
If you choose
IP Network
, you’ll need to enter a descriptive
Policy Name
,
IP Address
,
Subnet Mask
, then choose the
Service
and relevant
Permission
from the pull-down
menus.
If you choose
All Addresses
, you’ll need to enter a descriptive
Policy Name
, then choose
the
Service
and relevant
Permission
from the pull-down menus.
5.
When you are finished making your selections, click
Apply
.
The Policies screen reappears.
Your policy goes into effect immediately and is added to the policies in the
List of SSL VPN
Policies
table on this screen.
Figure 7-11
Figure 7-12
Figure 7-13
Note:
In addition to configuring SSL VPN user policies, be sure that HTTPS remote
management is enabled. Otherwise, all SSL VPN user connections will be
disabled. See
“Enabling Remote Management Access” on page 9-10
.
Page 147 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Managing Users, Authentication, and Certificates
8-1
v1.0, October 2008
Chapter 8
Managing Users, Authentication, and Certificates
This chapter contains the following sections:
“Adding Authentication Domains, Groups, and Users”
“Managing Certificates”
Adding Authentication Domains, Groups, and Users
You must create name and password accounts for all users who will connect to the firewall. This
includes administrators and SSL VPN clients. Accounts for IPsec VPN clients are only needed if
you have enabled Extended Authentication (XAUTH) in your IPsec VPN configuration.
Users connecting to the firewall must be authenticated before being allowed to access the firewall
or the VPN-protected network. The login window presented to the user requires three items: a
User Name, a Password, and a Domain selection. The Domain determines the authentication
method to be used and, for SSL VPN connections, the portal layout that will be presented.
Except in the case of IPsec VPN users, when you create a user account, you must specify a group.
When you create a group, you must specify a domain. Therefore, you should create any needed
domains first, then groups, then user accounts.
Creating a Domain
The domain determines the authentication method to be used for associated users. For SSL VPN
connections, the domain also determines the portal layout that will be presented, which in turn
determines the network resources to which the associated users will have access.
To create a domain:
1.
Select
Users > Domains
from the main/sub-menu. The Domains screen displays.
Note:
IPsec VPN users will always belong to the default domain (geardomain) and are
not assigned to groups.
Page 148 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
8-2
Managing Users, Authentication, and Certificates
v1.0, October 2008
2.
Click
Add
. The Add Domain screen displays.
3.
Configure the following fields:
a.
Enter a descriptive name for the domain in the
Domain Name
field.
b.
Select the
Authentication Type
.
The required fields are activated in varying combinations according to your selection of
Authentication Type:
Figure 8-1
Figure 8-2
Authentication Type
Required Authentication Information Fields
Local User Database
None
Radius-PAP
Authentication Server, Authentication Secret
Radius-CHAP
Authentication Server, Authentication Secret
Radius-MSCHAP
Authentication Server, Authentication Secret
Radius-MSCHAPv2
Authentication Server, Authentication Secret
NT Domain
Authentication Server, Workgroup
Page 149 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Managing Users, Authentication, and Certificates
8-3
v1.0, October 2008
c.
Select a portal
to which this domain will be associated.
4.
Click
Apply
to save and apply your entries. The Domain screen will display a new domain
row.
Creating a Group
The use of groups simplifies the configuration of VPN policies when different sets of users will
have different restrictions and access controls.
To create a group:
1.
Select
Users > Groups
from the main/submenu and the Groups screen displays.
2.
Configure the new group settings in the Add New Group section of the menu:
a.
Name
. Enter a descriptive name for the group.
b.
Domain
. Select the appropriate domain (only for Administrator or SSL VPN User).
c.
Timeout
. For an Administrator, this is the period at which an idle user will be
automatically logged out of the Web Configuration Manager
Active Directory
Authentication Server, Active Directory Domain
LDAP
Authentication Server, LDAP Base DN
Note:
Groups that are defined in the User menu are used for setting SSL VPN policies.
These groups should not be confused with LAN Groups that are defined in the
Network | LAN Setup | LAN Groups tab, which are used to simplify firewall
policies.
Figure 8-3
Authentication Type
Required Authentication Information Fields
Page 150 / 218
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
8-4
Managing Users, Authentication, and Certificates
v1.0, October 2008
3.
Click
Add
.
The new group appears in the
List of Groups
, ready for use in user account setup.
Creating a New User Account
To add individual user accounts:
1.
Select
Users > Users
from the main/submenu and the Users screen displays.
.
2.
Click
Add
and the Add User tab screen displays.
3.
Configure the following fields:
a.
User Name
. Enter a unique identifier, using any alphanumeric characters.
b.
User Type
. Select either Administrator, SSL VPN User, or IPsec VPN User.
c.
Select Group
. Select from a list of configured groups. The user will be associated with the
domain that is associated with that group.
d.
Password/Confirm Password
. The password can contain alphanumeric characters, dash,
and underscore.
Figure 8-4
Figure 8-5

Rate

3.5 / 5 based on 2 votes.

Popular NETGEAR Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top