Secure Computing
Sidewinder Version 5.1.0.02, SafeNet
manual
VPN Administration Guide
Install
VPN Administration Guide
Plan your VPN configuration
Field Setting Local Network/IP
How to
Authorization
Enable
If using digital certificates
Page 1
VPN Administration Guide
Revision A
SafeNet/Soft-PK
Version 5.1.3 Build 4
Sidewinder Version 5.1.0.02
Page 1
Page 2
Image 1
Page 1
Page 2
Contents
VPN Administration Guide
Page
Copyright Notice
Printing History
B L E O F C O N T E N T S
Installing and Working with Soft-PK
Who should read this guide?
About this Guide
Organized
How this guide is
About Sidewinder
About Soft-PK
About digital certificates
Viewing and printing this document online
Viii
About this chapter
Getting Started
About Soft-PK & Sidewinder VPNs
Sidewinder and other network requirements
Requirements
Soft-PK requirements
Roadmap to deploying your VPNs
4c1 Define remote identities within Sidewinder
Sidewinder system
Satisfy Sidewinder, network, & system requirements
Plan your VPN configuration
Create/Request the digital certificates
If using pre-shared keys passwords
Configure the VPN connections on the Sidewinder
Troubleshoot any connection problems
Planning Your VPN Configuration
Identifying basic VPN connection needs
Using digital certificate authentication
Identifying authentication requirements
Private key file
Certificate file with public key
No CA needed
Closer look at self-signed certificates
For a small number of VPN
Clients
Closer look at CA-based certificates
Understanding pre-shared key authentication
Extended authentication
VPN tunnel terminating on trusted burb
Determining where you will terminate your VPNs
More about virtual burbs and VPNs
Select Firewall Administration Burb Configuration
Defining a virtual burb
Sidewinder
Understanding Sidewinder client address pools
Understanding Sidewinder client address pools
Configuring Sidewinder for Soft-PK Clients
Click Apply Configure the Isakmp server
Enable the cmd, egd, and isakmp servers
Enable
Select VPN Configuration Isakmp Server
Configuring ACL & proxies entries for VPN connections
Creating & exporting a firewall certificate
Managing Sidewinder self- signed certs
Click OK when done
Specify the following Firewall Certificate settings
Mail Address
Creating & exporting remote certificates
Select Services Configuration Certificate Management
Select the Remote Certificates tab. Click New
Click Add to add the certificate to the Certificates list
Specify the following Remote Certificate settings
Key File
Generated
Return to for each remote client
Defining a CA to use and obtaining the CA root cert
Managing CA- based certificates
Requesting a certificate for the firewall
Click Add to send the enrollment request
Specify the firewall certificate information
Retrieve the key, revoke, etc
Determining identifying information for client certificates
Certificate Identities defined on the firewall
Defining remote client identities in Sidewinder
Managing pre- shared keys passwords
Configuring the VPN on the Sidewinder
Enabled Select Yes Burb
Field Setting Local Network/IP
New button to specify the IP Address / Hostname
Example, if you specify 24 with an IP address
Certificate VPN from the list provided Firewall Identity
Require Extended Enable this checkbox Authentication
Type Firewall to the remote client Value
This field cannot be edited
Client
Type
Edited
Click Close
Save your settings!4. Click Add to save the settings
Remote Identity
Page
Installing and Working with Soft-PK
Soft-PK installation notes
Determining Soft-PK status from icon variations
Starting Soft-PK
Activating/Deactivating Soft-PK
Right-click the Soft-PK tray icon to access menu
Means Soft-PK security policy is currently active
Certificate Manager
About the Soft-PK program options
Security Policy Editor
Log Viewer
Managing certificates on Soft-PK
Setting up Sidewinder self-signed certificates
Setting up CA-based certificates
Get your CA administrator to approve your request
Click Advanced to select a certificate service provider
Select the Generate Exportable Key check box
Importing certificate in Soft-PK
Verification window
Importing a personal certificate into Soft-PK
Import Certificate Password Window
Certificate file
Select Options Secure Specified Connections
Configuring a security policy on the Soft-PK
Enable the Connect using Secure Gateway Tunnel box
If using digital certificates
Specify the interface information
New connection Named SecureVPN
Configuring a security policy on the Soft-PK
Encryption and Data Integrity/Algorithms fields
Optional Click Save to save the policy on this system
SA Life Select Unspecified to default to Sidewinder settings
Page
Deploying Soft-PK to Your End Users
Word
Overview
Format
Security policy
Soft-PK setup.exe file and supporting files
Cannot modify
Customizing the user worksheet
Specifying installation instructions
Specifying dial-up network instructions
Specifying certificate import/request instructions
Specifying basic connection information
Specifying security policy instructions
About this appendix
Soft-PK Log Viewer
Soft-PK Connection Monitor
To view the details
More about the Connection Monitor
Sidewinder troubleshooting commands
Page
Part Number 86-0935037-A
Related pages
All Admin page
What does the printer indicate when it needs more free space in flash memory?
Find solutions
(#)
Top
Page
Image
Contents