ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
Virtual Private Networking 5-49
v1.1, August 2010
9. Enter a Pre-Shared Key that will also be configured in the VPN client.
10. XAUTH is disabled by default. To enable XAUTH, in the Extended Authentication section,
select one of the following::
• Edge Device to use the VPN firewall as a VPN concentrator where one or more gateway
tunnels terminate. (If selected, you must specify the Authentication Type to be used in
verifying credentials of the remote VPN gateways.)
• IPsec Host if you want the VPN firewall to be authenticated by the remote gateway. Enter
a Username and Password to be associated with the IKE policy. When this option is
chosen, you will need to specify the user name and password to be used in authenticating
this gateway (by the remote gateway).
For more information on XAUTH, see “Configuring XAUTH for VPN Clients” on page 5-39.
11. If Edge Device was enabled, select the Authentication Type from the pull down menu which
will be used to verify account information: User Database, RADIUS-CHAP or RADIUS-PAP.
Users must be added through the User Database screen (see “Configuring the User Database
for XAUTH” on page 5-41 or “Configuring RADIUS Clients for XAUTH” on page 5-42).
12. Click Apply. The new policy will appear in the List of IKE Policies table.
Note: If RADIUS-PAP is selected, the VPN firewall will first check the User
Database to see if the user credentials are available. If the user account is not
present, the VPN firewall will then connect to the RADIUS server.