NETGEAR FVS318G Modem User Manual


 
ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
VPN Firewall and Network Management 6-11
v1.1, August 2010
3. Configure the following fields:
a. User Name. Enter a unique identifier, using any alphanumeric characters.
b. User Type. Select either Admin or Guest.
c. Idle Timeout. This is the period after which an idle user will be automatically logged out
of the Web Configuration Manager.
4. Click Apply to save and apply your entries. The new user appears in the Users table on the
External Users screen.
Configuring an External Server for Authentication
When an external user logs in, the VPN firewall will validate with the appropriate RADIUS,
MIAS, or WIKID server that the external user is authorized to log in.
When specifying external authentication, you are presented with several authentication protocol
choices, as summarized in the following table:
The chosen authentication protocol must be configured on the external server and on the
authenticating client devices.
Table 6-1.Authentication Protocols
Authentication
Protocol
Description
RADIUS A network-validated PAP or CHAP password-based authentication method that functions
with Remote Authentication Dial In User Service (RADIUS).
MIAS A network-validated PAP or CHAP password-based authentication method that functions
with Microsoft Internet Authentication Service (MIAS), which is a component of Microsoft
Windows 2003 Server.
WiKID WiKID Systems is a PAP or CHAP key-based two-factor authentication method that
functions with public key cryptography. The client sends an encrypted PIN to the WiKID
server and receives a one-time pass code with a short expiration period. The client logs in
with the pass code. See Appendix B, “Two Factor Authentication” for more on WiKID
authentication.
PAP Password Authentication Protocol (PAP) is a simple protocol in which the client sends a
password in clear text.
CHAP Challenge Handshake Authentication Protocol (CHAP) executes a three-way handshake
in which the client and server trade challenge messages, each responding with a hash of
the other’s challenge message that is calculated using a shared secret value.