TheGreenBow THEGREENBOW VPN-CLIENT -, User Manual

Page 1: ...x_en Doc version 1 2 Nov 2004 VPN version 2 50 IPSec VPN Client User Manual Property of Sistech SA Sistech 2004 1 1 TheGreenBow VPN Client User Manual WebSite http www thegreenbow com Contact support...

Page 2: ...1 How to create a tunnel 10 4 3 2 Several Authentication or IPSec Configuration Phases 11 4 3 3 Active or Non Active phase 11 4 4 Authentication or Phase 1 11 4 4 1 Settings description 12 4 4 2 Adva...

Page 3: ...ated areas Our IKE implementation is based on the OpenBSD 3 1 implementation ISAKMPD thus providing best compatibility with existing IPSec routers and gateways Our offer is specially designed to targe...

Page 4: ...taskbar from menu Start Programs TheGreenBow VPN TheGreenBow VPN 2 2 Evaluation Period It is possible to use TheGreenBow IPSec VPN Client during the evaluation period i e limited to 30 days by clickin...

Page 5: ...en all the VPN tunnels Console shows log window Connections opens the list of already established VPN tunnels You can configure tunnels to open up automatically when the software starts 3 2 Hidden Use...

Page 6: ...window About 3 3 2 Status bar The status bar displays several information The USB Token box left side indicates whether the USB mode is set On or Off see also section 4 1 page 7 In case it is set On...

Page 7: ...he capability to secure tunnel security elements by the use of a USB Stick Once the USB mode is set On you just need to insert the USB stick to automatically open tunnels And you just need to unplug t...

Page 8: ...ck When you insert a new USB stick the IPSec VPN Client automatically propose to enable the USB stick through the following options Copying the configuration onto the USB stick the VPN client will cop...

Page 9: ...a VPN gateway Let take the following example The remote computer has a dynamically provided public IP address It tries to connect the Corporate LAN behind a VPN gateway that has a DNS address gateway...

Page 10: ...gured directly via the main interface e g Certificates virtual IP address etc 4 3 Tunnel configuration main window 4 3 1 How to create a tunnel To create a VPN tunnel from the main window without usin...

Page 11: ...for a same Authentication Phase Phase 1 4 3 3 Active or Non Active phase A phase can be either active or non active If a phase is non active its settings will not be applied This feature can be used...

Page 12: ...rd or key shared with the remote gateway Certificate X509 certificate used by the VPN client see certificate configuration IKE encryption Encryption algorithm used during Authentication phase 3DES AES...

Page 13: ...address type IP address for example 80 2 3 4 an domaine name type DNS e g gateway mydomain com an email address type Email e g admin mydomain com a string type KEY ID e g 123456 a certificate issuer...

Page 14: ...bnet address ESP encryption Encryption algorithm negociated during IPSec phase 3DES AES ESP authentication Authentication algorithm negociated during IPSec phase MD5 SHA ESP mode IPSec encapsulation m...

Page 15: ...configuring IPSec VPN Client with certificates 1 Select radio button Certificate in the Authentication window and click on Certificates Mgt 2 Click on Browse and select the appropriate files Root cert...

Page 16: ...ying IPSec minimal lifetime Default lifetime for IPSec rekeying IPSec maximal lifetime Maximal lifetime for IPSec rekeying IPSec minimal lifetime Minimal lifetime for IPSec rekeying Retransmissions Ho...

Page 17: ...guration files will have a tgb extension You can open and modify an exported configuration file extension tgb with any word processing e g Notepad and re import it again This is other way for IT manag...

Page 18: ...es During PC boot this mode can be used for secure remote action At Windows login login mode Launched by user or from a script manual mode The latest version of this tool is available on our website w...

Page 19: ...r log level about timers Sdep Sysdep log level about IKE interface from to IPSec SA SA log level for SA managment Exch Exchange log level about IKE exchanges very useful Nego Negotiation log level abo...

Page 20: ...IPSec VPN Client User Manual Property of Sistech SA Sistech 2004 20 20 8 Support Information and update are available at http www thegreenbow com Technical support by email at support thegreenbow com...