Manuals
/
Secure Computing
/
Computer Equipment
/
Network Router
Secure Computing
Soft-PK Version 5.1.3 Build 4, SafeNet, Sidewinder Version 5.1.0.02
manual
Models:
Soft-PK Version 5.1.3 Build 4
Sidewinder Version 5.1.0.02
SafeNet
1
2
80
80
Download
80 pages
41.45 Kb
1
2
3
4
5
6
7
8
Install
VPN Administration Guide
Plan your VPN configuration
Field Setting Local Network/IP
How to
Authorization
Enable
If using digital certificates
Page 2
Image 2
Page 1
Page 3
Page 2
Image 2
Page 1
Page 3
Contents
VPN Administration Guide
Page
Copyright Notice
Printing History
B L E O F C O N T E N T S
Installing and Working with Soft-PK
About this Guide
Who should read this guide?
How this guide is
Organized
About digital certificates
About Soft-PK
About Sidewinder
Viewing and printing this document online
Viii
Getting Started
About this chapter
About Soft-PK & Sidewinder VPNs
Requirements
Sidewinder and other network requirements
Soft-PK requirements
Roadmap to deploying your VPNs
Sidewinder system
4c1 Define remote identities within Sidewinder
Plan your VPN configuration
Satisfy Sidewinder, network, & system requirements
If using pre-shared keys passwords
Create/Request the digital certificates
Configure the VPN connections on the Sidewinder
Troubleshoot any connection problems
Planning Your VPN Configuration
Identifying basic VPN connection needs
Private key file
Identifying authentication requirements
Using digital certificate authentication
Certificate file with public key
For a small number of VPN
Closer look at self-signed certificates
No CA needed
Clients
Understanding pre-shared key authentication
Closer look at CA-based certificates
Extended authentication
Determining where you will terminate your VPNs
VPN tunnel terminating on trusted burb
Defining a virtual burb
Select Firewall Administration Burb Configuration
More about virtual burbs and VPNs
Understanding Sidewinder client address pools
Sidewinder
Understanding Sidewinder client address pools
Configuring Sidewinder for Soft-PK Clients
Enable
Enable the cmd, egd, and isakmp servers
Click Apply Configure the Isakmp server
Select VPN Configuration Isakmp Server
Configuring ACL & proxies entries for VPN connections
Managing Sidewinder self- signed certs
Creating & exporting a firewall certificate
Mail Address
Specify the following Firewall Certificate settings
Click OK when done
Select the Remote Certificates tab. Click New
Select Services Configuration Certificate Management
Creating & exporting remote certificates
Key File
Specify the following Remote Certificate settings
Click Add to add the certificate to the Certificates list
Generated
Return to for each remote client
Managing CA- based certificates
Defining a CA to use and obtaining the CA root cert
Requesting a certificate for the firewall
Retrieve the key, revoke, etc
Specify the firewall certificate information
Click Add to send the enrollment request
Determining identifying information for client certificates
Defining remote client identities in Sidewinder
Certificate Identities defined on the firewall
Managing pre- shared keys passwords
Configuring the VPN on the Sidewinder
New button to specify the IP Address / Hostname
Field Setting Local Network/IP
Enabled Select Yes Burb
Example, if you specify 24 with an IP address
Type Firewall to the remote client Value
Require Extended Enable this checkbox Authentication
Certificate VPN from the list provided Firewall Identity
This field cannot be edited
Edited
Type
Client
Remote Identity
Save your settings!4. Click Add to save the settings
Click Close
Page
Installing and Working with Soft-PK
Soft-PK installation notes
Starting Soft-PK
Determining Soft-PK status from icon variations
Means Soft-PK security policy is currently active
Right-click the Soft-PK tray icon to access menu
Activating/Deactivating Soft-PK
Security Policy Editor
About the Soft-PK program options
Certificate Manager
Log Viewer
Setting up Sidewinder self-signed certificates
Managing certificates on Soft-PK
Setting up CA-based certificates
Select the Generate Exportable Key check box
Click Advanced to select a certificate service provider
Get your CA administrator to approve your request
Importing certificate in Soft-PK
Verification window
Import Certificate Password Window
Importing a personal certificate into Soft-PK
Certificate file
Configuring a security policy on the Soft-PK
Select Options Secure Specified Connections
Specify the interface information
If using digital certificates
Enable the Connect using Secure Gateway Tunnel box
New connection Named SecureVPN
Configuring a security policy on the Soft-PK
Encryption and Data Integrity/Algorithms fields
SA Life Select Unspecified to default to Sidewinder settings
Optional Click Save to save the policy on this system
Page
Deploying Soft-PK to Your End Users
Format
Overview
Word
Cannot modify
Soft-PK setup.exe file and supporting files
Security policy
Specifying dial-up network instructions
Specifying installation instructions
Customizing the user worksheet
Specifying certificate import/request instructions
Specifying security policy instructions
Specifying basic connection information
Soft-PK Log Viewer
About this appendix
Soft-PK Connection Monitor
More about the Connection Monitor
To view the details
Sidewinder troubleshooting commands
Page
Part Number 86-0935037-A
Top
Page
Image
Contents