I wish to configure a VPN for less than 10 home and remote users to access the office network. The Netgear FVL328 and ProSafe VPN Client software was purchased before I arrived so it stays unless there is a good reason not to.
Remote sites will be MacOS X and Windows. Expecting to use L2TP.
Swamped reading documentation for the Netgear FVL328 and ProSafe VPN Client where "do this" instructions don't explain what or why. "Simply buy certificate(s) from one of the following vendors and push these buttons." Then I'm sure magic happens and Things Just Work.
I don't see any point in having a signed certificate from a well known trusted external source when I do not want any access from any other than systems under our control. Is not as if I was configuring a web server, as I'm not.
What I desire is for the external user to know it has contacted the correct VPN based on certificate verification. And vice versa, that the Netgear VPN gateway knows based on certificates that the connecting user is permitted.
I have Unix systems with OpenSSL that appears quite capable of generating self-signed certificates in the proper format. If only I had a better understanding of what it is that I need to do. What to put in the certificate's data fields. Surely I'm not the first to walk this road?