11-12-2009 05:50 AM
I wonder if anybody of you can explain when one should use "XAuth Server" or "Use Default" in the gateway parameters of VPN configuration.
When I choose "Use Default" the gateway obviously uses the global XAuth settings where IP Pool, DNS, default auth server, etc. are defined.
So when I choose "use default" the gateway will search the whole local user-db for the authenticating xauth-user. Correct?
When I choose "XAuth Server" I can restrict the VPN user to either a single user or user group (so not all xauth-users in the user-db are able to authenticate). Correct?
But how do I assign an IP Pool when using "XAuth Server" in the VPN Gateway Parameters?
11-12-2009 05:43 PM
You can assign the IP to the user you specify as the IKE user for the G/W.
11-13-2009 03:21 PM
YES! You can use an IP Pool - I think I had a typo in my reply. If you setup a local user and define them for Xauth and associate an IP Pool with that user they will take the settings from the pool that they were assigned to.