ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Virtual Private Networking Using IPsec Connections 7-49
v1.0, September 2009
9. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table.
Configuring the ProSafe VPN Client for Mode Config Operation
From a client PC running NETGEAR ProSafe VPN Client software, configure the remote VPN
client connection for Mode Config operation:
1. Right-click on the VPN client icon in your Windows toolbar, select Security Policy Editor.
Then, select Options > Secure, and verify that the Specified Connections selection is enabled
(see Figure 7-11 on page 7-12).
Extended Authentication
XAUTH Configuration
Note: For more
information about
XAUTH and its
authentication modes,
see “Configuring
XAUTH for VPN
Clients” on page 7-38.
Select one of the following radio buttons to specify whether or not Extended
Authentication (XAUTH) is enabled, and–if enabled–which device is used to
verify user account information:
• None. XAUTH is disabled. This the default setting.
• Edge Device. The UTM functions as a VPN concentrator on which one or
more gateway tunnels terminate. The authentication mode that is available
for this configuration is User Database, RADIUS PAP, or RADIUS CHAP.
• IPSec Host. The UTM functions as a VPN client of the remote gateway. In
this configuration the UTM is authenticated by a remote gateway with a user
name and password combination.
Authentication
Type
For an Edge Device configuration: from the pull-down
menu, select one of the following authentication types:
• User Database. XAUTH occurs through the UTM’s user
database. Users must be added through the Add User
screen (see “User Database Configuration” on
page 7-39).
• Radius PAP. XAUTH occurs through RADIUS Password
Authentication Protocol (PAP). The local user database is
first checked. If the user account is not present in the
local user database, the UTM25 connects to a RADIUS
server. For more information, see “RADIUS Client
Configuration” on page 7-39.
• Radius CHAP. XAUTH occurs through RADIUS
Challenge Handshake Authentication Protocol (CHAP).
For more information, see “RADIUS Client Configuration”
on page 7-39.
Username The user name for XAUTH.
Password The password for XAUTH.
Table 7-16. Add IKE Policy Settings for a Mode Config Configuration (continued)
Item Description (or Subfield and Description)