Planet Technology CS-500 4.3.8 VPN, 4.3.8.1 IPSec Autokey, QoS, IDP, Tunnel, Policy, Tunnel, Policy, Client, Tunnel, Tunnel:, Statistic, What is New, Traffic Log, PPTP Server

Content Security Gateway User’s Manual

4.3.8 VPN

The CS-500 adopts VPN to set up safe and private network service, and combine the remote Authentication system in order to integrate the remote network and PC of the enterprise. It also provides the remote users a safe encryption way to have best efficiency and encryption when delivering data. CS-500 provides two kinds of VPN service and the PPTP client.

IPSec Autokey: The system manager can create a VPN connection using Autokey IKE. Autokey IKE (Internet Key Exchange) provides a standard method to negotiate keys between two security gateways. It also can set up IPSec Lifetime and Preshared Key of the CS-500.

PPTP Server: The System Manager can set up VPN-PPTP Server functions at CS-500 in this chapter.

PPTP Client: The System Manager can set up VPN-PPTP Client functions at CS-500 in this chapter.

Tunnel: To define local and remote VPN device with related information, then the Tunnel entry can be selected in Policy in order to submit the further function to the VPN traffic.

What is New?

CS-500 isolates the Tunnel setting in order to allow Policy rule controlling VPN traffic. So user can filter the VPN packets with QoS, IDP rule, and record the connection in Traffic Log or Statistic. Hence, to set up a Virtual Private Network (VPN), you need to configure CS-500 with following setting:

1.Configure IPSec Autokey for the encryption and authentication or PPTP Server/Client setting.

2.Configure Tunnel for the information of local and remote VPN device.

3.Configure Incoming Policy Rule to combine VPN traffic with QoS, IDP and the other function.

4.3.8.1 IPSec Autokey

This chapter describes steps to create a VPN connection using Autokey IKE. Autokey IKE (Internet Key Exchange) provides a standard method to negotiate keys between two security gateways. For example, with two Content Security Gateway devices, IKE allows new keys to be generated after a set amount of time has passed or a certain threshold of traffic has been exchanged.

Accessing the Autokey IKE window

Click IPSec Autokey under the VPN menu to enter the IPSec Autokey window. The IPSec Autokey table displays current configured VPNs.

ÍÍ

- 94 -