HotBrick VPN Client, User Manual

Page 1: ...HotBrick VPN Client User Manual ...

Page 2: ...ow 5 4 CONFIGURATION 7 4 1 USB Mode 7 4 2 Configuration Wizard 9 4 3 Tunnel configuration main window 11 4 4 Authentication or Phase 1 12 4 5 IPSec Configuration or Phase 2 14 4 6 Certificate management 15 4 7 Global Parameters 16 4 8 Configuration management 17 4 9 Tunnel management Connections 17 4 10 Configuration tools 18 4 11 Console 19 5 UNINSTALL 20 5 1 Software uninstall 20 6 TROUBLESHOOTI...

Page 3: ...ty with existing IPSec routers and gateways Our offer is specially designed to target OEM clients and System Integrators We provide a fully functional VPN Client solution to complete existing offers Our IPSec VPN Client can be re branded and source code license is available on demand The VPN IPSec Client completes our range of network security products and like all our products is easy to use and ...

Page 4: ...hortcut from VPN Client icon available in the taskbar from menu Start Programs HotBrick VPN HotBrick VPN 2 2 Evaluation Period It is possible to use HotBrick IPSec VPN Client during the evaluation period i e limited to 30 days by clicking on Trial button When the IPSec VPN Client is on Evaluation mode the register window appears at each boot of the client 3 Software manipulation HotBrick VPN Clien...

Page 5: ...established tunnel A left button click on VPN icon opens configuration user interface A right button click shows the following menu Quit will close established VPN tunnels stops the configuration user interface Save Apply will close established VPN tunnels and reopen all the VPN tunnels Console shows log window Connections opens the list of already established VPN tunnels You can configure tunnels...

Page 6: ...meters et Connections left column A configuration window right column that shows the associated tree level 3 3 1 Main menus File menu is used for saving and loading a configuration With this menu you can import or export VPN configuration Configuration menu contains all actions from tree control right click menu Configuration menu gives also access to the configuration wizard Tools menu contains C...

Page 7: ...VPN Client restart pending 3 3 3 Window About The About window provides the VPN Client software version There is also an URL to our web site 4 Configuration You ll find a set of useful VPN Client configuration documents available for each of the VPN Client gateway we support Please go to our knowledge base on our website http www hotbrick com br vpnclient_list htm 4 1 USB Mode The VPN Client 2 5 b...

Page 8: ...ted drive will be automatically recognized Please note also that this is not necessary to insert a USB Stick during this step In case no USB Stick is plugged in the following pop window will inform the user Once USB mode is set on the USB token box status bar shows USB The text is gray i e see below if no USB stick is plugged in The text is plain when a USB Stick is plugged in 4 1 2 How to enable ...

Page 9: ... Each and every tunnel must be configured individually Select one tunnel by clicking on IPSec Configuration Phase 2 in the tree list window see section 4 5 Set the mode Auto open when USB stick plugged in on 4 2 Configuration Wizard HotBrick IPSec VPN client integrates a Configuration Wizard that allows the creation of VPN configuration in three easy steps This wizard is designed for remote comput...

Page 10: ... this connection open wizard s window by selecting menu Configuration Wizard 4 2 1 Step 1 of 3 You specify the type of the equipment at the end of the tunnel VPN gateway 4 2 2 Step 2 of 3 You must specify the following information the public network side address of the gateway ...

Page 11: ... parameters may be further configured directly via the main interface e g Certificates virtual IP address etc 4 3 Tunnel configuration main window 4 3 1 How to create a tunnel To create a VPN tunnel from the main window without using configuration wizard you must follow the follow ing steps 1 Right click on Configuration in the tree list window and select New Phase 1 2 Configure Authentication Pha...

Page 12: ...larly several IPSec Configuration phase 2 can be created for a same Authentication Phase Phase 1 4 3 3 Active or Non Active phase A phase can be either active or non active If a phase is non active its settings will not be applied This feature can be used with a configuration composed of several VPN tunnels that do not need to be enabled si multaneously Changing active to non activate state for a ...

Page 13: ...HotBrick VPN Client User Manual Property of HotBrick 2005 13 ...

Page 14: ...he same name Interface IP address of the network interface of the computer through which VPN con nection is established If the IP address may change when it is received dy namically by an ISP select Remote Gateway IP address or DNS address of the remote gateway in our example gate way mydomain com This field is mandatory Pre shared key Password or key shared with the remote gateway Certificate X50...

Page 15: ...otBrick com 4 a string type KEY ID e g 123456 5 a certificate issuer type DER ASN1 DN see Certificates configura tion If this identity is not set VPN client s IP address is used Remote ID Remote ID is the identity the VPN client is expecting to receive during Phase 1 from the VPN gateway This identity can be 6 an IP address type IP address for example 80 2 3 4 7 an domain name type DNS e g gateway...

Page 16: ...HotBrick VPN Client User Manual Property of HotBrick 2005 16 4 5 IPSec Configuration or Phase 2 ...

Page 17: ...address is avail able Remote address This field may be Remote host address or Remote LAN address depending of the address type It is the remote IP address or LAN network address of the gateway that opens the VPN tunnel Subnet mask Subnet mask of the remote LAN Only available when address type is equal to Subnet address ESP encryption Encryption algorithm negotiated during IPSec phase 3DES AES ESP ...

Page 18: ...ate User certificate Private key of the user certificate The private key must not be encrypted X509 certificates are used during Phase 1 4 6 1 How configuring IPSec VPN Client with certificates 1 Select radio button Certificate in the Authentication window and click on Certificates Mgt 2 Click on Browse and select the appropriate files 3 Open Advanced button and fill Local ID with Type DER_ASN1_DN...

Page 19: ...HotBrick VPN Client User Manual Property of HotBrick 2005 19 4 7 Global Parameters ...

Page 20: ...it again This is other way for IT managers to customize VPN configurations before dispatching to end users 4 9 Tunnel management Connections Connections screen shows opened VPN tunnels and this interface can be used to close them To close a tunnel select one tunnel in the tunnel list and click on Close tunnel IKE default lifetime Default lifetime for IKE rekeying IKE minimal lifetime Minimal lifet...

Page 21: ...ectory If there are several active tunnels they will close properly This feature can be used for example in a script that launches the VPN Client after establishing a dialup con nection and exit it just before the disconnection 4 10 2 IPSec VPN Client Startup mode VPNSTART VpnStart exe is a configuration tool that sets up the client startup mode HotBrick VPN Client can start with 3 different modes...

Page 22: ...HotBrick Client VPN interface It can be used by IT managers for preventing end user from modifying configuration settings In invisible mode the window interface is never shown 4 11 Console The Console window is available from icon menu that can be found in the taskbar or from Console button in the configuration user interface This window can be used to analyze VPN tunnels This tool is particularly...

Page 23: ...rinting log Clear Clear console window content Save File Save logs in a file Stop File Stop saving logs in a file Report Print VPN configuration and IKE internal state Label Name Description Misc Misc log level for configuration reading or dump of low level messages Trpt Transport log level for UDP transport mode Msg Message log level for IKE decode Cryp Crypto log level and dump for crypto materi...

Page 24: ...tBrick VPN Client User Manual Property of HotBrick 2005 24 7 Contacts Information and update are available at www HotBrick com Technical support is available by email support HotBrick com End of Document ...