NETGEAR UTM5EW-100NAS Router User Manual


 
Virtual Private Networking Using IPSec, PPTP, or L2TP Connections
310
ProSecure Unified Threat Management (UTM) Appliance
User Database Configuration
When XAUTH is enabled in an Edge Device configuration, users need to be authenticated
either by a local user database account or by an external RADIUS server. Whether or not you
use a RADIUS server, you might want some users to be authenticated locally. These users
need to be added to the List of Users table on the Users screen, as described in Configure
User Accounts on page 401.
RADIUS Client and Server Configuration
Remote Authentication Dial In User Service (RADIUS, RFC 2865) is a protocol for managing
authentication, authorization, and accounting (AAA) of multiple users in a network. A
RADIUS server stores a database of user information and can validate a user at the request
of a gateway or server in the network when a user requests access to network resources.
During the establishment of a VPN connection, the VPN gateway can interrupt the process
with an XAUTH request. At that point, the remote user needs to provide authentication
information such as a user name and password or some encrypted response using his or her
user name and password information. The gateway then attempts to verify this information
first against a local user database (if RADIUS-PAP is enabled) and then by relaying the
information to a central authentication server such as a RADIUS server.
To configure primary and backup RADIUS servers:
1. Select VPN > IPSec VPN > RADIUS Client. The RADIUS Client screen displays:
Figure 183.