Specifications

ManualsBrandsWaters Network Systems ManualsComputer equipmentProSwitch-Quad Series

231

232

233

234

235

236

237

238

239

240

Virtual Private Networking Using IPSec and L2TP Connections

237

ProSAFE Gigabit Quad WAN SSL VPN Firewall SRX5308

5. Click Apply to save your settings. The IKE policy is added to the List of IKE Policies table.

 To edit an IKE policy:

1. Select VPN > IPSec VPN. The IPSec VPN submenu tabs display with the IKE Policies

screen for IPv4 in view (see

Figure 158 on page 232).

2. Specify the IP version for which you want to edit an IKE policy:

• IPv4. In the upper right of the screen, the IPv4 radio button is already selected by

default. Go to Step 3.

• IPv6. Select the IPv6 radio button. The IKE Policies screen for IPv6 displays.

3. In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that

you want to edit. The Edit IKE Policy screen displays.

This screen shows the same fields as

the Add IKE Policy screen (see Figure 159 on page 233).

4. Modify the settings that you wish to change (see the previous table).

Extended Authentication

XAUTH Configuration

Note: For more

information about

XAUTH and its

authentication modes,

see Configure XAUTH

for VPN Clients on

page 246.

Select one of the following radio buttons to specify whether Extended

Authentication (XAUTH) is enabled, and, if enabled, which device is used to verify

user account information:

• None. XAUTH is disabled.

This the default setting.

• Edge Device

. The VPN firewall functions as a VPN concentrator on which

one or more gateway tunnels terminate.

The authentication modes that are

available for this configuration are User Database, RADIUS PAP, or RADIUS

CHAP.

• IPSec Host. The VPN firewall functions as a VPN client of the remote

gateway

. In this configuration, the VPN firewall is authenticated by a remote

gateway with a user name and password combination.

Authentication

ype

For an Edge Device configuration, from the drop-down list,

select one of the following authentication types:

• User Database. XAUTH occurs through the VPN

firewall’

s user database.

You can add users on the Add

User screen (see User Database Configuration on

page 247).

• Radius P

AP. XAUTH occurs through RADIUS Password

Authentication Protocol (P

AP). The local user database is

first checked. If the user account is not present in the

local user database, the VPN firewall connects to a

RADIUS server. For more information, see RADIUS Client

and Server Configuration on page 247.

• Radius CHAP. XAUTH occurs through RADIUS

Challenge Handshake

Authentication Protocol (CHAP).

For more information, see RADIUS Client and Server

Configuration on page 247

Username The user name for XAUTH.

Password The password for XAUTH.

Table 54. Add IKE Policy screen settings (continued)

Setting Description