User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
Using the Security Policy Editor 5-13
202-10015-01
Configure Authentication (Phase 1)
After you configure Security Policy for a secure connection, the next step is to configure
authentication proposals for this policy, one connection at a time.
Note: If you are using manual keys, skip this topic, and go to Configure Key Exchange (Phase 2).
1. In the Security Policy Editor, in the Network Security Policy list, expand a secure connection
.
2. For the selected connection, expand Security Policy. Authentication (Phase 1) and Key
Exchange (Phase 2) appear.
3. Expand Authentication (Phase 1).
4. Your next step depends on whether you are configuring the first proposal or a subsequent one:
• For the first proposal, click Proposal 1.
• For subsequent proposals, create a new one from scratch or copy an existing one as a base:
– To create one from scratch, click Create New Proposal.
– To copy an existing proposal, click the source proposal, and then click Copy.
5. In the Authentication Method and Algorithms group, select these options for this proposal:
a. In the Authentication Method box, accept the default option, based on how you
configured My Identity:
– If you entered a preshared key, Pre-Shared Key
– If you selected a certificate, RSA Signatures
If your gateway is configured for Extended Authentication (XAUTH), you can select an
XAUTH version of the default option.
b. In the Encryption Algorithm box, click an option:
– For minimal security, DES
– For medium security, Triple-DES (the default)
– For maximum security, AES-128, AES-192, or AES-256
c. In the Hash Algorithm box, click an option:
– For minimal security, MD5
– For maximum security, SHA-1 (the default)