User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
9-10 Troubleshooting
202-10015-01
Each direction requires a separate key. The encryption or hash algorithm that you selected when
enabling manual keys determines the exact key length. For a list of these key lengths, go to Enter
manual keys.
Enable Manual Keys
1. In the Security Policy Editor, in the Network Security Policy list, expand the specific secure
connection .
2. For this connection, click My Identity.
3. In the Select Certificate box, in the My Identity group, click None.
4. For the selected connection, expand Security Policy.
5. In the right pane, in the Select Phase 1 Negotiation Mode group, click Use Manual Keys.
6. In the Network Security Policy list, expand Key Exchange (Phase 2).
7. Click the specific proposal.
8. In the IPSec Protocols group, Encapsulation Protocol (ESP) and Authentication Protocol
(AH) are mutually exclusive check boxes:
• To encrypt and authenticate the data, select the Encapsulation Protocol (ESP) check box.
a. In the Encryption Algorithm box, click an option:
– For minimal security, DES
– For medium security, Triple-DES (the default)
– For maximum security, AES-128, AES-192, or AES-256
– For no security, Null
Record your selection; you need it to determine the length of the key for the ESP
Encryption Key box when entering inbound and outbound keys.
b. In the Hash Algorithm box, click an option:
Your computer Remote party
inbound key <--> outbound key
outbound key <--> inbound key