Netopia 3300 User Manual

Page 172

Advertising
background image

6-6 Firmware User Guide

If you select Xauth Options the Xauth Options screen appears.

Extended Authentication (Xauth), is an extension to the IKE protocol, for IPSec tunnelling. The Xauth
extension provides dual authentication for a remote user’s Netopia Gateway to establish a VPN, authorizing
network access to the user’s central office.

From the XAuth mode of operation pop-up menu select: Disabled, Remote VPN client, or VPN
concentrator.

Disabled – The default value, hides all other options.

Remote VPN client – This allows Xauth to send authentication credentials, and to possibly acquire
VPN IP parameters. If you select Remote VPN Client, Xauth Recipient Auth. Check does not display.

When Xauth is set to Remote VPN Client, you can configure the IPSec profile with IP values that allow
the Router to acquire its IP parameters:

• The NAT PAT IP address can now be left at the default 0.0.0.0, indicating that the address is to be
requested from the remote address ser ver and dynamically applied to the profile.

Remote Members can be set to a subnet of 0.0.0.0/255.255.255.255, indicating that the network
value is to be dynamically requested as well. The acquired value will be applied to all VPN remote
member ranges whose value is exactly 0.0.0.0/255.255.255.255 and whose type is “subnet.” This
configuration requires that Idle Timeout in the Advanced IP Profile Options menu be set to 0 (zero) sec-
onds, specifying that the tunnel should be automatically initiated and permanently connected (“nailed
up.”) See

“Multiple Network IPsec” on page 6-16

.

Note:

If there is an error with the IKE connection, it will attempt to connect repeatedly.

Xauth Options

XAuth mode of operation: VPN concentrator
Xauth Recipient Auth Check: Local
XAuth Local Username: John Doe
XAuth Local Password: ********************

Advertising