User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
5-30 Using the Security Policy Editor
202-10015-01
Configure the Client to Retrieve a New Policy from a Policy
Server or Web Address
The client can be configured to periodically check for and then retrieve a new security policy from
a Web address, or uniform resource locator (URL). Or, if the client is managed by a policy
management application, the client registers with its policy server, and then polls this policy server
to look for and retrieve new security policies.
If your client isn't preconfigured with the policy distribution URL or policy server details, your
network security administrator must provide these to you.
1. In the Security Policy Editor, click Options>Policy Management. The Policy Management
dialog box opens.
2. Select the Use Policy Server check box.
3. By default, the New policy resets existing connections check box is clear. This means that the
client does not drop all connections when it retrieves a new policy.
For the client to drop all connections when it retrieves this policy, select this check box.
4. In the Policy Polling Interval (minutes) box, specify how often the client checks for and
retrieves a new policy from the Web address in the Policy URL box; type the number of
minutes, from 1 through 9999999, between these checks. The default is 1440 minutes (24
hours).
5. In the Policy Distribution Point group, select where to check for new policies:
• If it's a policy management application's policy server, take these steps:
a. Click Register and retrieve my policy from a VPN Policy Manager.
b. In the Server Name box, type the policy server’s machine name or IP address.
c. In the Server Port box, type the server’s assigned port number. The default is 389.
d. In the Policy Subtree box, type the location, typically the organization unit (OU) and
organization (O) on the policy server, where security polices are stored. The default is
ou=VPN Client, o=SafeNet.
e. The client can register with the policy server with certificates or some other way.
To register without certificates, in Perform policy server registration, accept the default,
without. Otherwise, click with.
• If it's an URL, take these steps:
a. Retrieve my policy from the following URL (the default).