User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
Using the Security Policy Editor 5-3
202-10015-01
4.
Configure My Identity for this connection.
5. Exit the Security Policy Editor.
How to Configure Global Policy Settings
Global policy settings are program preferences that apply to all secure IP communications. You
can change these at any time to match to your security policy.
1. In the Security Policy Editor, click Options, and then click Global Policy Settings. The
Global Policy Settings dialog box opens.
2. In the Retransmit Interval box, type the length of time, in seconds, that the client waits
before resending an IKE protocol packet that has not been responded to. The default is 8
seconds.
Note: If the client selects a redundant gateway when you know that the primary one is
available, try entering a higher number for Retransmit Interval.
3. In the Number of retries box, type the number of times your computer resends an IKE
protocol packet before abandoning the exchange. The default is 3 tries.
4. Status notifications are messages that inform communicating parties what the time-out periods
are and whether their security proposals have been accepted or rejected.
To send these messages, select the Send status notifications to peer host check box.
5. An internal network IP address is a virtual IP address assigned to the client user. Remote users
can appear as internal users on a private network to, for example, access a WINS server or
browse the network.
To enable remote users to appear as internal users on a private network, select the Allow to
Specify Internal Network Address check box.
Note: If you select this check box, you must enter a private internal network IP address when
Configuring My Identity.
6. To enable logging the Log Viewer's IKE negotiation messages to the isakmp.log file in the
client's installation directory, select the Enable logging to a file check box. This can facilitate
remote troubleshooting by allowing a user to send a file with these messages instead of
repeatedly freezing and printing the Log Viewer.
Notes: