Managing Certificates - NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN Reference Manual

Prosafe vpn firewall 200

Hide thumbs Also See for FVX538v2 - ProSafe VPN Firewall Dual WAN:

Application note (3 pages)

Specifications (2 pages)

Planning manual (26 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

Table of Contents

4. The remote VPN Endpoint must have a matching SA, or it will refuse the connection.

Only one client policy may configured at a time (noted by an "*" next to the policy name). The

List of VPN Policies contains the following fields:

•

! (Status). Indicates whether the policy is enabled (green circle) or disabled (grey circle). To

enable or disable a policy, check the radio box adjacent to the circle and click Enable or

Disable, as required.

•

Name. Each policy is given a unique name (the Connection Name when using the VPN

Wizard).

•

Type. The type is "Auto" or "Manual" as described previously (Auto is used during VPN

Wizard configuration).

•

Local. IP address (either a single address, range of address or subnet address) on your local

LAN. Traffic must be from (or to) these addresses to be covered by this policy. (The subnet

address is supplied as the default IP address when using the VPN Wizard).

•

Remote. IP address or address range of the remote network. Traffic must be to (or from) these

addresses to be covered by this policy. (The VPN Wizard default requires the remote LAN IP

address and subnet mask).

•

AH. Authentication Header. The default setting using the VPN Wizard is SHA1. (This setting

must match the remote VPN.)

•

ESP. Encapsulating Security Payload. The default setting using the VPN Wizard is 3DES.

(This setting must match the remote VPN.)

•

Action. Allows you to access individual policies to make any changes or modifications.

Managing Certificates

Digital Self Certificates are used to authenticate the identity of users and systems, and are issued

by various CAs (Certification Authorities). Digital Certificates are used by this VPN firewall

during the IKE (Internet Key Exchange) authentication phase as an alternative authentication

method.

The VPN firewall uses Digital Certificates (also known as X509 Certificates) during the Internet

Key Exchange (IKE) authentication phase to authenticate connecting VPN gateways or clients, or

to be authenticated by remote entities. The same Digital Certificates are extended for secure web

access via SSL VPN connections over HTTPS.

Virtual Private Networking

ProSafe VPN Firewall 200 FVX538 Reference Manual

v1.0, January 2010

5-19

Table of Contents

Troubleshooting

This manual is also suitable for:

Fvx538

Managing Certificates - NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN Reference Manual

Managing Certificates

Troubleshooting

Related Manuals for NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN

Related Content for NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN

This manual is also suitable for:

Table of Contents