132
C
HAPTER
9: C
ONFIGURING
V
IRTUAL
P
RIVATE
N
ETWORK
S
ERVICES
This option does not appear for the GroupVPN SA. This SA allows does
not restrict the IP address of the client.
You do not need to configure the destination network if you are
configuring a VPN tunnel to a single VPN device such as Firewall. You only
need configure this range if you are connecting to a range of devices
such as VPN clients.
Adding a New Network Range
To add a new network range click the
Add New Network
button and
enter the address range for the network you want to allow in the dialog
box displayed.
To enter a non-contiguous range enter the each block of addresses
separately.
Deleting a Network Range
To delete a network range click on the icon of the trash can next to the
range you want to delete and confirm your decision when asked.
Editing a Network Range
To edit a network range click of the icon of the pencil and paper next to
the range you want to edit. Change the range to the desired value and
click the
Update
button.
Configuring the
Firewall to use a
RADIUS Server
The Firewall is capable of using a RADIUS (Remote Authentication Dial-In
User Service) server to authenticate VPN users. To configure your Firewall
to use a RADIUS server click on
VPN
on the left hand side of the screen
and then on the
RADIUS
tab.
Before using RADIUS to authenticate clients enable RADIUS in the
Security policy of a Security Association. See “Security Policy” on
page 127.
CAUTION:
The RADIUS server will only authenticate client devices. Do
not enable RADIUS if you are authenticating with another Firewall.
Changing the Global
RADIUS Settings
RADIUS Server Retries
Enter the number of times you want the Firewall to attempt to connect to
the RADIUS Server in the
RADIUS Server Retries
field. If the RADIUS server
DUA1611-0AAA02.book Page 132 Thursday, August 2, 2001 4:01 PM
Содержание 3C16111 - SuperStack 3 Firewall Web Site Filter
Страница 18: ...18 DUA1611 0AAA02 book Page 18 Thursday August 2 2001 4 01 PM ...
Страница 50: ...50 DUA1611 0AAA02 book Page 50 Thursday August 2 2001 4 01 PM ...
Страница 96: ...96 CHAPTER 6 USING THE FIREWALL DIAGNOSTIC TOOLS DUA1611 0AAA02 book Page 96 Thursday August 2 2001 4 01 PM ...
Страница 122: ...122 CHAPTER 8 ADVANCED SETTINGS DUA1611 0AAA02 book Page 122 Thursday August 2 2001 4 01 PM ...
Страница 150: ...150 CHAPTER 10 CONFIGURING HIGH AVAILABILITY DUA1611 0AAA02 book Page 150 Thursday August 2 2001 4 01 PM ...
Страница 152: ...152 DUA1611 0AAA02 book Page 152 Thursday August 2 2001 4 01 PM ...
Страница 166: ...166 CHAPTER 11 ADMINISTRATION AND ADVANCED OPERATIONS DUA1611 0AAA02 book Page 166 Thursday August 2 2001 4 01 PM ...
Страница 174: ...174 DUA1611 0AAA02 book Page 174 Thursday August 2 2001 4 01 PM ...
Страница 178: ...178 CHAPTER 13 TYPES OF ATTACK AND FIREWALL DEFENCES DUA1611 0AAA02 book Page 178 Thursday August 2 2001 4 01 PM ...
Страница 190: ...190 CHAPTER 14 NETWORKING CONCEPTS DUA1611 0AAA02 book Page 190 Thursday August 2 2001 4 01 PM ...
Страница 192: ...192 DUA1611 0AAA02 book Page 192 Thursday August 2 2001 4 01 PM ...
Страница 206: ...206 APPENDIX D TECHNICAL SUPPORT DUA1611 0AAA02 book Page 206 Thursday August 2 2001 4 01 PM ...
Страница 212: ...212 INDEX DUA1611 0AAA02 book Page 212 Thursday August 2 2001 4 01 PM ...
Страница 214: ...DUA1611 0AAA02 book Page 214 Thursday August 2 2001 4 01 PM ...