Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsPC ComponentsNetgear FVS338
111112113114115116117118119120
ProSafe VPN Firewall 50 FVS338 Reference Manual
5-26 Virtual Private Networking
v1.0, January 2010
The Certificate Revocation Lists (CRL) table lists your active CAs and their critical release
dates:
CA Identify – The official name of the CA which issued this CRL.
Last Update The date when this CRL was released.
Next Update The date when the next CRL will be released.
2. Click Browse and locate the CRL file you previously downloaded from a CA.
3. Click upload. The CRL file will be uploaded and the CA Identity will appear in the
Certificate Revocation Lists (CRL) table. If you had a previous CA Identity from the same
CA, it will be deleted.
Extended Authentication (XAUTH) Configuration
When connecting many VPN clients to a VPN gateway router, an administrator may want a unique
user authentication method beyond relying on a single common preshared key for all clients.
Although the administrator could configure a unique VPN policy for each user, it is more
convenient for the VPN gateway router to authenticate users from a stored list of user accounts.
XAUTH provides the mechanism for requesting individual authentication information from the
user, and a local User Database or an external authentication server, such as a RADIUS server,
provides a method for storing the authentication information centrally in the local network.
XAUTH is enabled when adding or editing an IKE policy. Two types of XAUTH are available:
Edge Device. If this is selected, the VPN firewall is used as a VPN concentrator where one or
more gateway tunnels terminate. If this option is chosen, you must specify the authentication
type to be used in verifying credentials of the remote VPN gateways: User Database,
RADIUS-PAP, or RADIUS-CHAP.
Figure 5-26