Configuring ipsec authentication – Panasonic NN46110-600 User Manual

Page 57

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

Advertising
background image

Chapter 2 Configuring servers

47

Configuring IPsec authentication

The following procedures describe how to configure the VPN Router to

interoperate with a RADIUS server while using either IPsec or PPTP.

To configure IPsec and RADIUS:

1

Select

Servers > Radius Auth

and click

Enable Access to RADIUS

Authentication

.

a

Click

Remove Suffix from User ID

to remove the fully-qualified ID

suffix from the UID before sending it to the RADIUS server. Specify the

character that separates the suffix from the UID as the delimiter value.

b

Select

Remove Prefix from User ID

to remove the fully-qualified ID

prefix from the UID before sending it to the RADIUS server. Specify the

character that separates the suffix from the UID as the delimiter value.

c

Select

Error Code Pass Thru

to allow an error message sent to the VPN

Router by the RADIUS server to pass through the VPN Router to the

originating client.

d

In the

RADIUS Users Obtain Default Settings

from the

Group

field,

select the default group to which users are assigned.

2

Enable one of the following authentication methods from the

Server

Supported Authentication

Options:

Response—^Response Only Token Cards

MS-CHAP-V2—Microsoft encrypted CHAP Version 2

MSCHAP—Microsoft encrypted CHAP Version 1; check RFC-2548 to
enable the VPN Router to interoperate with a Microsoft RADIUS Server
Version 2.2 or later, or a Version 2.1 with the Microsoft Hotfix applied.

Leave this box empty if using a Microsoft RADIUS Server V2.1 (without
the Hotfix) or earlier.

CHAP—Challenge Handshake Authentication Protocol

PAP—Password Authentication Protocol

3

Under

RADIUS Servers

, click

Enabled

for the RADIUS servers that you

want to use for authentication (up to three servers). The primary server

receives all RADIUS authentication inquiries unless it is out of service. A

RADIUS server that fails to respond five times is temporarily taken off the

server list for 30 minutes. After 30 minutes, the server is tried again. In the

Nortel VPN Router Security — Servers, Authentication, and Certificates

Advertising
Popular Brands
Popular manuals