Chapter 7: Network Menu and Forms 75

VPN Connections

Virtual Private Network (VPN) enables a secured communication between the console server and a remote network by utilizing a gateway and creating a secured connection between the console server and the gateway. IPSec is the protocol used to construct the secure tunnel. IPSec provides encryption and authentication services at the IP level of the protocol stack.

When VPN Connections is selected under Network, the VPN Connections form appears.

You can use the form to add a VPN connection or edit one already in the list. When you click the Edit or Add buttons, a New/Modify Connection form appears. The form displays different fields depending on whether RSA Public Keys or Shared Secret is selected.

The remote gateway is referred to as the Remote or Right host and the console server is referred to as the Local or Left host. If left and right are not directly connected, then you must also specify a NextHop IP address.

The next hop for the remote or right host is the IP address of the router to which the remote host or gateway running IPSec sends packets when delivering them to the left host. The next hop for the left host is the IP address of the router to which the console server sends packets to for delivery to the right host.

A Fully Qualified Domain Name in the ID fields for both the Local (‘Left’) host and the Remote (‘Right’) host where the IPSec negotiation takes place should be indicated.

The following table describes the fields and options on the form. Check with your system administrator who defined and configured the security protocols, if needed. The information must match exactly on both ends, local and remote.

Table 7.5: Field and Menu Options for Configuring a VPN Connection

Field Name

Definition

Connection Name

Authentication Protocol

Authentication Method

ID

Any descriptive name you wish to use to identify this connection such as

MYCOMPANYDOMAIN-VPN.

The authentication protocol used, either ESP (Encapsulating Security Payload) or AH (Authentication Header).

Authentication method used, either RSA Public Keys or Shared Secret.

This is the hostname that a local system and a remote system use for IPSec negotiation and authentication. It can be a fully qualified domain name preceded by @. For example, hostname@xyz.com

IP Address

The IP address of the host.

Page 83
Image 83
Avocent ACS 5000 manual VPN Connections, Mycompanydomain-Vpn