Netopia 3346N-ENT User Guide (en)

Download
6-6  Firmware User Guide
If you select Xauth Options the Xauth Options screen appears.
Extended Authentication (Xauth), is an extension to the IKE protocol, for IPSec tunnelling. The Xauth 
extension provides dual authentication for a remote user’s Netopia Gateway to establish a VPN, authorizing 
network access to the user’s central office.
From the XAuth mode of operation pop-up menu select: Disabled, Remote VPN client, or VPN 
concentrator.
Disabled – The default value, hides all other options.
Remote VPN client – This allows Xauth to send authentication credentials, and to possibly acquire 
VPN IP parameters. If you select Remote VPN Client, Xauth Recipient Auth. Check does not display.
When Xauth is set to Remote VPN Client, you can configure the IPSec profile with IP values that allow 
the Router to acquire its IP parameters:
• The NAT PAT IP address can now be left at the default 0.0.0.0, indicating that the address is to be 
requested from the remote address ser ver and dynamically applied to the profile.
• Remote Members can be set to a subnet of 0.0.0.0/255.255.255.255, indicating that the network 
value is to be dynamically requested as well. The acquired value will be applied to all VPN remote 
member ranges whose value is exactly 0.0.0.0/255.255.255.255 and whose type is “subnet.” This 
configuration requires that Idle Timeout in the Advanced IP Profile Options menu be set to 0 (zero) sec-
onds, specifying that the tunnel should be automatically initiated and permanently connected (“nailed 
up.”) See 
.
Note:
If there is an error with the IKE connection, it will attempt to connect repeatedly.
                            Xauth Options
         XAuth mode of operation:           VPN concentrator
         Xauth Recipient Auth Check:        Local
         XAuth Local Username:              John Doe
         XAuth Local Password:              ********************