Cisco Systems OL-5490-01 manual VPN Client Overview

Page 14

Chapter 1 Understanding the VPN Client

VPN Client Overview

VPN Client Overview

The VPN Client works with a Cisco VPN device to create a secure connection, called a tunnel, between your computer and a private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security (IPSec) tunneling protocols to establish and manage the secure connection.

The steps used to establish a VPN connection can include:

•Negotiating tunnel parameters (addresses, algorithms, lifetime)

•Establishing VPN tunnels according to the parameters

•Authenticating users (from usernames, group names and passwords, and X.509 digital certificates.)

•Establishing user access rights (hours of access, connection time, allowed destinations, allowed protocols)

•Managing security keys for encryption and decryption

•Authenticating, encrypting, and decrypting data through the tunnel

For example, to use a remote PC to read e-mail at your organization, the connection process might be similar to the following:

Step 1 Connect to the Internet.

Step 2 Start the VPN Client.

Step 3 Establish a secure connection through the Internet to your organization’s private network.

Step 4 When you open your e-mail

•The Cisco VPN device

–Uses IPSec to encrypt the e-mail message

–Transmits the message through the tunnel to your VPN Client

•The VPN Client

–Decrypts the message so you can read it on your remote PC

–Uses IPSec to process and return the message to the private network through the Cisco VPN device.

VPN Client User Guide for Mac OS X

1-2	OL-5490-01

Image 14

Contents VPN Client User Guide for Mac OS VPN Client User Guide for Mac OS N T E N T S Authentication Changing the Password on a Personal Certificate Notifications Contents AudienceDocument Conventions Related DocumentationTerminology Cisco.com Obtaining DocumentationData Formats Documentation CD-ROMDocumentation Feedback Obtaining Technical AssistanceOrdering Documentation Technical Assistance Center Cisco TAC WebsiteObtaining Additional Publications and Information Cisco TAC Escalation CenterUnderstanding the VPN Client Connection TechnologiesVPN Client Overview VPN Client Features Program FeaturesAdministrator Guide Authentication Features IPSec FeaturesVPN Client IPSec Attributes IPSec Attribute DescriptionXauth OL-5490-01 Verifying System Requirements Gathering Information You NeedPreconfiguring the VPN Client Obtaining the VPN Client SoftwarePreconfiguring the User Profile Preconfiguring the Global ProfileInstalling the VPN Client AuthenticationAuthorization Window VPN Client Installation Process IntroductionAccepting the License Agreement Selecting the Application DestinationChoosing the Installation Type Select Destination WindowEasy Install Window 10 Install Software Progress Window 11 Successful Installation Confirmation Window Uninstalling the VPN Client CLI Version Install Script NotesSudo /usr/local/bin/vpnuninstall Enter your password OL-5490-01 Navigating the User Interface VPN Client MenuVPN Client Window-Simple Mode Choosing a Run ModeOperating in Simple Mode Status Menu Main Menus-Simple ModeConnection Entries Menu Operating in Advanced Mode VPN Client Window-Advanced ModeToolbar Action Buttons-Advanced Mode Main Tabs-Advanced ModeMain Menus-Advanced Mode Connection Entries MenuCertificates Menu 10 Status MenuRight-Click Menus Log MenuConnection Entries Tab Right-Click Menu 14 Connection Entries Right-Click MenuCertificates Tab Right-Click Menu 15 Certificates Tab Right-Click MenuConfiguring Connection Entries Creating a Connection EntryVPN Client Window Authentication Methods Group AuthenticationMutual Group Authentication Certificate AuthenticationCertificate Authentication Transport Settings Transport ParametersAllow Local LAN Access Enable Transport TunnelingTransparent Tunneling Mode Backup Servers Peer Response TimeoutEnter the hostname or IP address of the backup server to add Configuring Connection Entries Backup Servers Checking Prerequisites Establishing a Connection2shows the VPN Client window in simple mode Shared Key Authentication Choosing Authentication MethodsConnecting to a Default Connection Entry VPN Group Name and Password Authentication Radius Server AuthenticationSecurID Authentication User Authentication for RadiusUsing Digital Certificates User Authentication for RSA SecurIDUsing the Certificate Store Enrolling and Managing CertificatesEnrolling Certificates Certificate StoreOnline Certificate Enrollment Entry Field Description Deleting an Enrollment Request Managing Enrollment RequestsViewing the Enrollment Request Changing the Password on an Enrollment Request Retrying an Enrollment RequestImporting a Certificate Viewing a CertificateCertificate Properties Exporting a Certificate Whether the export is successfulDeleting a Certificate Successful Export Prompt11 Password Prompt for Deleting Enrollment Certificates Verifying a CertificateChanging the Password on a Personal Certificate Managing Connection Entries Importing a Connection EntryModifying a Connection Entry Import VPN ConnectionConnection Entry Settings Deleting a Connection EntryEnable Logging Event LoggingClear Logging Set Logging OptionsLog Class Description Module Opening the Log Window Logging LevelsViewing Statistics Log WindowTunnel Details Field DescriptionCisco VPN Client Administrator Guide lists all Route DetailsNotifications Statistics Window-Route Details10 Notifications Window D E IN-2 IN-3 IN-4 IN-5 IN-6 IN-7 IN-8