ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
VPN Firewall and Network Management 6-13
v1.1, August 2010
• Secret Phrase. Transactions between the client and the RADIUS server are authenticated
using a shared secret phrase, so the same secret phrase must be configured on both client
and server.
• Primary Server NAS Identifier. The identifier for the Network Access Server (NAS)
must be present in a RADIUS request. Ensure that NAS identifier is configured identically
on both client and server.
The VPN firewall is acting as a NAS, allowing network access to external users after
verifying their authentication information. In a RADIUS transaction, the NAS must
provide some NAS Identifier information to the RADIUS server. Depending on the
configuration of the RADIUS server, the VPN firewall’s IP address may be sufficient as
an identifier, or the server may require a name, which you would enter here. This name
would also be configured on the RADIUS server, although in some cases it should be left
blank on the RADIUS server.
• Primary Authentications Type. From the pull-down menu, select the authentication
type: RADIUS-PAP, RADIUS-CHAP, WIKID-PAP, WIKID-CHAP, MIAS-PAP, or
MIAS-PAP. (For more information, see Table 6-1 on page 6-11.)
• As an option, you can enable a backup server by selecting the Enable Backup Server
checkbox. If enabled, specify the following fields:
– Backup Server IP Address. The IP address of the RADIUS backup server.
– Secret Phrase. Transactions between the client and the RADIUS backup server are
authenticated using a shared secret phrase, so the same secret phrase must be
configured on both client and backup server.
– Backup Server NAS Identifier. The identifier for the NAS must be present in a
RADIUS request. Ensure that NAS identifier is configured identically on both client
and backup server.
6. In the Authentication Settings section of the screen, configure the following fields:
• Domain Name. The name of the external domain that will be displayed on the login screen.
• Retry Timeout. The period in seconds that the VPN firewall should wait for a response from
the RADIUS server.
• Maximum Retry Count. The number of attempts that the VPN firewall will make to contact
the RADIUS server. When this number is exceeded, the connection to the RADIUS server
cannot be set up.
• Users Default Timeout. The period in minutes that a user is automatically logged out when
the connection is idle.
7. Click Reset to cancel the changes or click Apply to save the settings.