PN 82013151
SSH IPSec Client Setup
The RouteFinder supports VPN (Virtual Private Networking), which provides the ability to encrypt IP network traffic.
Host 1 | > Internet | > Router |
encrypted | > |
All communication between the hosts uses strong encryption, so that nobody is able to listen to this communication. As discussed earlier, the three methods of VPN setup are Host to Host, Host to Net, and Net to Net. This section covers the
Host to Net Setup
This is one of the most common setups, and is often used for the roadwarrior setup. This setup lets the Host access an Internet connection that is encrypted and authenticated.
An example of a Host to Net setup is a sales representative that dials into the Internet and establishes a VPN connection to the company RouteFinder, and gains with that an encrypted and authenticated connection to the corporate LAN or DMZ or
HOST | > Router | > Router |
encrypted | > | |
|
|
|
Note: Make sure that all routers between both SSH IPSec ends can route IP protocol 50 (IPSec). Sometimes routers are configured to route only TCP (protocol 6), UDP (protocol 17) and ICMP (protocol 1) and drop all other protocols. Routers configured that way won't work for VPN with IPSec!
Host to NET using SSH Sentinel 1.1.1 (Static IP) to connect to a RouteFinder using Pre Shared Keys (PSK)
This section describes how to set up a Host to Net connection between a Sentinel SSH version 1.1.1 client and a RouteFinder using IKE, PSK and static IPs. The setup involves 1) RouteFinder Configuration steps, and 2) Sentinel Configuration steps.
192.168.3.0/255.255.255.0 | ←→ 212.6.145.2 | ←→ 212.6.145.3 |
DMZ Network | ←→ external VPN Gateway IP ←→ Sentinel Client IP | |
|
|
|
22
