HotBrick VPN 800/8 F manual VPN Configuration

Page 45

HotBrick, Tel: 305 -398-0888, Fax: 305-398-5966

7 : VPN Configuration

Virtual Private Network (VPN) uses encryption and authentication to create the connection between two end points (computers or networks). It allows private data to be sent securely over a public network or Internet without the risk of unauthorized access from outside intruders. VPNs establish a private network that can send data securely between two networks. We call this creating a “tunnel”. A VPN tunnel connects the two PCs or networks.

Note: The VPN800/8 F Firewall uses industry standard IPSec encryption. However, due to the variations in how manufacturers interpret this standard, many VPN products are not interoperable. Although the VPN800/8 F Firewall can interoperate with many other VPN products, it is not possible to provide specific technical support for every other product on the market.

Planning the VPN

When planning your VPN, you must make following choices first.

1.If the remote end is a network, the two-endpoint networks must have different LAN IP address ranges. If the remote endpoint is a single PC running a VPN client, its destination address must be a single IP address, with a subnet mask of 255.255.255.255

2.You can use the Internet Key Exchange (IKE) setup, or Manual Keying that requires you to

specify each phase of the connection. IKE has become the standard for automatic keying. 3. Decide what encryption level you are going to use (DES, 3DES or AES)?

The settings you have to make to connect to another HotBrick product are basic.

Some Standard settings that we use for tunnels between our products are SHA1 authentication, AES 128 bits encryption and DH group 2 as hash algorithm. This is a basic setting that ensures good speed and very secure encryption and authentication so your data will be safely transported via the IPSec tunnel.

There are two basic settings:

Tunnel to HotBrick Unit - This describes how to setup an IPSec tunnel to a HotBrick VPN 401 VPNX2, LB-2 VPN, LB-2, 1400/2, 800/8 F, 800/2 G and HSS 6000.

45

Image 45

Contents Users Guide Firewall VPN 800/8 FTable of Contents QOS Configuration 1Introduction  Supports all common Connection Methods Other Features Physical Details Package ContentsLED Action Condition Tftp Download Default SettingsHotBrick, Tel 305 -398-0888, Fax Procedure Quick InstallationConfiguring the Dual WAN VPN Firewall for your LAN OverviewNo Response? LAN & Dhcp Setup Installing the Dual WAN VPN Firewall on your LAN Flex Ports Quick Installation LAN & Dhcp Dhcp server configuration LAN IP ConfigurationLAN Any IP Setup Dhcp IP address rangeDhcp Client List Optional Address InfoLoaddbalancingB e Load Balancing LLoadbalancingB eConnection validation Advanced WAN Port options Traffic Management Transparant bridge optionWAN IP Account Advanced WAN PPPoEAdvanced WAN Advanced WAN PptpAdvanced Configuration Advanced configuration Host IPHost IP Host Network Identity Host network identity Host Network Binding Advanced configuration Routing Dynamic routingStatic routing Configuring Other Routers on your LAN Static Routing exampleDual WAN VPN Firewall Gateways Routing Table For Router Bs Default Router For Router As Default RouteVirtual Server Connecting to the Virtual Server Advanced configuration virtual server HotBrick, Tel 305 -398-0888, Fax Advanced configuration Special Application Advanced configuration Dynamic DNS To use the Dynamic DNS featureUsing a Special Application on your PC Dynamic DNS Service Additional settingsWAN Port Binding Advanced Configuration Multi DMZ Advanced Configuration UPnP Setup NAT Configuration Advanced Configuration NAT SettingExternal Filters Configuration Advanced Configuration Advanced FeatureSettings to correct the problem Security Management Security Management Access Filter Security Management Session Limit Security Management System Filter Exeption VPN Configuration VPN Configuration Tunnel to HotBrick Unit VPN Configuration Tunnel to HotBrick Client Action VPN Configuration Advanced settings Security level Key management  Action VPN Configuration Tunnel to 3rd PartyIPSec policy options OptionsVPN configuration VPN preset VPN Configuration SA VPN configuration SA VPN Configuration VPN Log Message StatusUndefined messages QoS Configuration QoS FeaturesIP TOS Type of Service Feature QoS Configuration Policy Configuration Policy Priority QoS Configuration QoS Setup QoS FeaturePolicy Priority Management Assistant Management assistant Admin PasswordEmail Alert Configuration Enable/Disable Email Alert EmailSMTPServer Password This is the user password Management Assistant Email AlertSystem Information Management Assistant SnmpSyslog Delivery Management Asssistant SyslogManagement Assistant Upgrade Firmware Device Status Device status System statusLAN Information Device Status WAN status NAT Statistics Data NAT Status LAN IP info Device Information Device information Device InformationDevice Statistics ButtonsHotBrick, Tel 305 -398-0888, Fax Appendix a SpecificationsFCC Statement CE Marking WarningWindows TCP/IP Setup Overview TCP/IP SettingsAppendix B Using Dhcp Using Specify an IP AddressStatistics Checking TCP/IP Settings Windows Using a fixed IP Address Use the following IP Address Using DhcpChecking TCP/IP Settings Windows XP Figure B-8 TCP/IP Properties Windows XP General Problems TroubleshootingInternet Access Appendix CVPN 800/8 F To 401VPNX2 or LB-2 HotBrick, Tel 305 -398-0888, Fax