NETGEAR STM150EW-100NAS Router User Manual


 
378
9
9. Manage Users, Authentication, and VPN
Certificates
This chapter describes how to manage users, authentication, and security certificates for IPSec
VPN and SSL VPN. This chapter contains the following sections:
Authentication Process and Options
Configure Authentication Domains, Groups, and Users
Manage Digital Certificates for VPN Connections
Authentication Process and Options
Users are assigned to a group, and a group is assigned to a domain. Therefore, you should
first create any domains, then groups, then user accounts.
Note: Do not confuse the authentication groups with the LAN groups that are
discussed in Manage Groups and Hosts (LAN Groups) on page 111.
You need to create name and password accounts for all users who need to be able to
connect to the UTM. This includes administrators, guests, and SSL VPN clients. Accounts for
IPSec VPN clients are required only if you have enabled Extended Authentication (XAUTH)
in your IPSec VPN configuration.
Users connecting to the UTM need to be authenticated before being allowed to access the
UTM or the VPN-protected network. The login screen that is presented to the user requires
three items: a user name, a password, and a domain selection. The domain determines the
authentication method that is used and, for SSL connections, the portal layout that is
presented.
Note: IPSec VPN users always belong to the default domain (geardomain)
and are not assigned to groups.
Except in the case of IPSec VPN users, when you create a user account, you need to specify
a group. When you create a group, you need to specify a domain.