Main mode with no user group selected, Main mode with a user group selected, Aggressive mode with no user group – D-Link DFL-500 User Manual

DFL-500 User Manual

55

For each variation, the remote gateway field of the dialup server remote gateway configuration must be set to
dialup user and all of the clients must have their remote gateway or equivalent set to the static IP address of
the remote gateway server.

The following sections describe how to configure authentication on the server and clients for each of these
variations.

A dialup user must use the same mode as the VPN dialup server.

For information about user groups, see

Configuring user groups

.

Main mode with no user group selected

In this configuration, the server and the clients use main mode for key exchange. A user group has not been
added to the server dialup remote gateway. Clients authenticate with the server using their authentication
keys.

Main mode without user group

Field Server

Clients

User Group

None None

Mode

Main (ID Protection)

Main (ID Protection)

Authentication Key The server and the clients must have the same authentication key.

Local ID

empty empty

Main mode with a user group selected

In this configuration, the server and the clients use main mode for key exchange. A user group has been
selected in the server dialup remote gateway. Clients authenticate with the server using their authentication
keys. The client authentication key can be one of the following:

• The same as the server authentication key.
• A username and password in the user group added to the dialup server remote gateway. In this

configuration, the clients pre-shared key must be formatted with a ` + ' between the user name and
password ( username+password).

Main mode with a user group selected

Field

Server

Client configuration 1

Client configuration 2

User Group

Select a user group

N/A

N/A

Mode

Main (ID Protection)

Main (ID Protection)

Main (ID Protection)

Authentication Key Server authentication key Server authentication key username+password

Local ID

empty empty empty

Aggressive mode with no user group

In this configuration, the server and the clients use aggressive mode for key exchange. A user group has not
been selected in the server dialup remote gateway. Clients authenticate with the server using their
authentication keys.