VPN Client Overview | Cisco Systems OL-5490-01 guide

Chapter 1 Understanding the VPN Client

VPN Client Overview

VPN Client Overview

The VPN Client works with a Cisco VPN device to create a secure connection, called a tunnel, between your computer and a private network. It uses Internet Key Exchange (IKE) and Internet Protocol Security (IPSec) tunneling protocols to establish and manage the secure connection.

The steps used to establish a VPN connection can include:

•Negotiating tunnel parameters (addresses, algorithms, lifetime)

•Establishing VPN tunnels according to the parameters

•Authenticating users (from usernames, group names and passwords, and X.509 digital certificates.)

•Establishing user access rights (hours of access, connection time, allowed destinations, allowed protocols)

•Managing security keys for encryption and decryption

•Authenticating, encrypting, and decrypting data through the tunnel

For example, to use a remote PC to read e-mail at your organization, the connection process might be similar to the following:

Step 1 Connect to the Internet.

Step 2 Start the VPN Client.

Step 3 Establish a secure connection through the Internet to your organization’s private network.

Step 4 When you open your e-mail

•The Cisco VPN device

–Uses IPSec to encrypt the e-mail message

–Transmits the message through the tunnel to your VPN Client

•The VPN Client

–Decrypts the message so you can read it on your remote PC

–Uses IPSec to process and return the message to the private network through the Cisco VPN device.

VPN Client User Guide for Mac OS X

1-2	OL-5490-01

Image 14

Cisco Systems OL-5490-01 manual VPN Client Overview

Contents

VPN Client User Guide for Mac OS VPN Client User Guide for Mac OS N T E N T S Authentication Changing the Password on a Personal Certificate Notifications Contents Audience Document Conventions Related DocumentationTerminology Cisco.com Obtaining DocumentationData Formats Documentation CD-ROM Documentation Feedback Obtaining Technical AssistanceOrdering Documentation Technical Assistance Center Cisco TAC Website Obtaining Additional Publications and Information Cisco TAC Escalation Center Understanding the VPN Client Connection Technologies VPN Client Overview VPN Client Features Program Features Administrator Guide Authentication Features IPSec Features VPN Client IPSec Attributes IPSec Attribute Description Xauth OL-5490-01 Verifying System Requirements Gathering Information You Need Preconfiguring the VPN Client Obtaining the VPN Client Software Preconfiguring the User Profile Preconfiguring the Global Profile Installing the VPN Client Authentication Authorization Window VPN Client Installation Process Introduction Accepting the License Agreement Selecting the Application Destination Choosing the Installation Type Select Destination Window Easy Install Window 10 Install Software Progress Window 11 Successful Installation Confirmation Window Uninstalling the VPN Client CLI Version Install Script Notes Sudo /usr/local/bin/vpnuninstall Enter your password OL-5490-01 Navigating the User Interface VPN Client Menu VPN Client Window-Simple Mode Choosing a Run ModeOperating in Simple Mode Status Menu Main Menus-Simple ModeConnection Entries Menu Operating in Advanced Mode VPN Client Window-Advanced Mode Toolbar Action Buttons-Advanced Mode Main Tabs-Advanced Mode Main Menus-Advanced Mode Connection Entries Menu Certificates Menu 10 Status Menu Right-Click Menus Log Menu Connection Entries Tab Right-Click Menu 14 Connection Entries Right-Click Menu Certificates Tab Right-Click Menu 15 Certificates Tab Right-Click Menu Configuring Connection Entries Creating a Connection Entry VPN Client Window Authentication Methods Group Authentication Mutual Group Authentication Certificate Authentication Certificate Authentication Transport Settings Transport Parameters Allow Local LAN Access Enable Transport TunnelingTransparent Tunneling Mode Backup Servers Peer Response Timeout Enter the hostname or IP address of the backup server to add Configuring Connection Entries Backup Servers Checking Prerequisites Establishing a Connection 2shows the VPN Client window in simple mode Shared Key Authentication Choosing Authentication MethodsConnecting to a Default Connection Entry VPN Group Name and Password Authentication Radius Server Authentication SecurID Authentication User Authentication for Radius Using Digital Certificates User Authentication for RSA SecurID Using the Certificate Store Enrolling and Managing Certificates Enrolling Certificates Certificate Store Online Certificate Enrollment Entry Field Description Deleting an Enrollment Request Managing Enrollment RequestsViewing the Enrollment Request Changing the Password on an Enrollment Request Retrying an Enrollment Request Importing a Certificate Viewing a Certificate Certificate Properties Exporting a Certificate Whether the export is successful Deleting a Certificate Successful Export Prompt 11 Password Prompt for Deleting Enrollment Certificates Verifying a Certificate Changing the Password on a Personal Certificate Managing Connection Entries Importing a Connection Entry Modifying a Connection Entry Import VPN Connection Connection Entry Settings Deleting a Connection Entry Enable Logging Event Logging Clear Logging Set Logging Options Log Class Description Module Opening the Log Window Logging Levels Viewing Statistics Log Window Tunnel Details Field Description Cisco VPN Client Administrator Guide lists all Route Details Notifications Statistics Window-Route Details 10 Notifications Window D E IN-2 IN-3 IN-4 IN-5 IN-6 IN-7 IN-8