NETGEAR FVS318G Modem User Manual


 
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
Virtual Private Networking 5-19
v1.1, August 2010
3. Complete the fields, select the radio buttons, and make your selections from the pull-down
menus as explained Table 5-2.
Table 5-2. Add IKE Policy Settings
Item Description (or Subfield and Description)
Mode Config Record
Do you want to use
Mode Config
Record?
Specify whether or not the IKE policy uses a Mode Config Record. For
information about how to define a Mode Config Record, see “Mode Config
Operation” on page 5-44. Select one of the following radio buttons:
Yes. IP addresses are assigned to remote VPN clients. You must select a Mode
Config record from the pull-down menu.
Note: Because Mode Config functions only in Aggressive Mode, selecting the
Yes radio button sets the tunnel exchange mode to Aggressive mode and
disables the Main mode. Mode Config also requires that both the local and
remote ends are defined by their FQDNs.
No. Disables Mode Config for this IKE policy.
Note: An XAUTH configuration via an edge device is not possible without Mode
Config and is therefore disabled too. For more information about XAUTH, see
“Configuring Extended Authentication (XAUTH)” on page 5-39.
Select Mode
Config Record
From the pull-down menu, select one of the Mode Config
records that you defined on the Add Mode Config Record
screen (see “Configuring Mode Config Operation on the VPN
Firewall” on page 5-45).
Note: Click the View Selected button to open the Selected
Mode Config Record Details popup window,
General
Policy Name A descriptive name of the IKE policy for identification and management purposes.
Note: The name is not supplied to the remote VPN endpoint.
Direction / Type From the pull-down menu, select the connection method for the VPN firewall:
Initiator. The VPN firewall initiates the connection to the remote endpoint.
Responder. The VPN firewall responds only to an IKE request from the remote
endpoint.
Both. The VPN firewall can both initiate a connection to the remote endpoint
and respond to an IKE request from the remote endpoint.
Exchange Mode From the pull-down menu, select the exchange more between the VPN firewall
and the remote VPN endpoint:
Main. This mode is slower than the Aggressive mode but more secure.
Aggressive. This mode is faster than the Main mode but less secure.
Note: If you specify either a FQDN or a User FQDN name as the local ID and/or
remote ID (see the sections below), the aggressive mode is automatically
selected.