Configuring Extended Authentication (Xauth) - NETGEAR DGFV338 ProSafe Reference Manual

DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual
2. Click Certificates in the submenu.
3. The VPN | Certificates menu is displayed showing the Certificate Revocation Lists (CRL)
table at the bottom of the screen.
Figure 5-19:
The CRL table lists your active CAs and their critical release dates:
• CA Identify—The official name of the CA which issued this CRL.
• Last Update —The date when this CRL was released.
• Next Update—The date when the next CRL will be released.
4. Click Browse and locate the CRL file you previously downloaded from a CA.
5. Click Upload. The CRL file will be uploaded and the CA Identify will appear in the CRL
Table. If you had a previous CA Identity from the same CA, it will be deleted.

Configuring Extended Authentication (XAUTH)

When connecting many VPN clients to a VPN gateway router, an administrator may want a unique
user authentication method beyond relying on a single common preshared key for all clients.
Although the administrator could configure a unique VPN policy for each user, it is more
convenient for the VPN gateway router to authenticate users from a stored list of user accounts.
XAUTH provides the mechanism for requesting individual authentication information from the
user, and a local User Database or an external authentication server, such as a RADIUS server,
provides a method for storing the authentication information centrally in the local network.
XAUTH is enabled when adding or editing an IKE Policy. Two types of XAUTH are available:
Virtual Private Networking
v1.0, May 2008
5-27