User's Manual
Table Of Contents
- Reference Manual for the NETGEAR ProSafe VPN Client
- Contents
- Chapter 1 About This Manual
- Chapter 2 Introduction
- Chapter 3 Installation
- Chapter 4 Configuring L2TP Connections
- Chapter 5 Using the Security Policy Editor
- What is the Security Policy Editor?
- Basic Steps to Configure a Security Policy
- How to Secure All Connections
- How to Configure Global Policy Settings
- How to Configure Other Connections
- How to Add and Configure a Connection
- How to Enter a Preshared Key
- How to Configure a Gateway
- Configure My Identity
- Configure Security Policy Connection Options
- Configure Authentication (Phase 1)
- Configure Key Exchange (Phase 2)
- Edit a Distinguished Name
- Configure and Manage Connections
- Manage Proposals
- Manage Redundant Gateways
- Manage the Security Policy
- Chapter 6 Using the Certificate Manager
- What is the Certificate Manager?
- Obtain Certificates
- With Online (SCEP) Enrollment
- CAs that Support SCEP
- Retrieve a CA Certificate Online
- Configure a CA Certificate
- Use an HTTP Proxy Server for Online Certificate Requests and CRL Updates
- Import a CA Certificate
- Select a CSP
- Request a Personal Certificate
- Define How Often to Check for and Retrieve New Personal Certificates
- Retrieve a Personal Certificate Manually
- Manage Certificate Requests
- With Manual (File-Based) Enrollment
- Obtain Certificates Through Internet Explorer
- With Online (SCEP) Enrollment
- Manage Certificates
- Manage Certificate Revocation Lists (CRLs)
- Manage the Trust Policy
- Chapter 7 Using Sessions
- Chapter 8 Distributing Customized Profiles
- Chapter 9 Troubleshooting
- Appendix A Networks, Routing, and Firewall Basics
- Appendix B Virtual Private Networking
- Appendix C NETGEAR ProSafe VPN Client to NETGEAR FVS318 or FVM318 VPN Routers
- Appendix D NETGEAR VPN Client to NETGEAR FVL328 or FWAG114 VPN Router
- Glossary
- Index
Reference Manual for the NETGEAR ProSafe VPN Client
5-14 Using the Security Policy Editor
202-10015-01
d.
In the SA Life box, click an option. Unspecified is the default.
e. If you clicked Seconds for SA Life, in the adjacent box, type the number of seconds.
f. In the Key Group box, click Diffie-Hellman Group 1, Group 2 (the default), or
Group 5.
6. Click Save.
7. Configure Key Exchange (Phase 2).
Configure Key Exchange (Phase 2)
After you add and configure the authentication proposals for Security Policy, the next step is to
add and configure the key exchange proposals for that policy, one connection at a time.
1. Configure Authentication (Phase 1).
2. In the Security Policy Editor, in the Network Security Policy list, expand a secure connection
.
3. For the selected connection, expand Security Policy. Authentication (Phase 1) and Key
Exchange (Phase 2) appear.
4. Expand Key Exchange (Phase 2). Proposals appear.
5. Your next step depends on whether you are configuring the first proposal or a subsequent one:
• For the first proposal, click Proposal 1.
• For a subsequent proposal, you can start from scratch or copy an existing one as a base:
– To start from scratch, click Create New Proposal.
– To copy an existing proposal, click the source proposal, and then click Copy.
6. In the IPSec Protocols group, configure these options:
a. In the SA Life box, click the measurement unit. Your selection opens various boxes for
you to enter additional information.
Note: If you click Unspecified, no boxes are enabled; skip step “b”.
b. In the enabled boxes, type a value.
c. In the Compression box, click Deflate; this value increases the transmission speed.
7. Encapsulation Protocol (ESP) and Authentication Protocol (AH) are mutually exclusive
check boxes. Select the one that meets your requirements: