T A B L E O F C O N T E N T S

Preface: About this Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . .v

Who should read this guide? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .v How this guide is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vi Where to find additional information . . . . . . . . . . . . . . . . . . . . . . . vii

Chapter 1: Getting Started . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

About Soft-PK & Sidewinder VPNs . . . . . . . . . . . . . . . . . . . . . . . 1-2Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3 Sidewinder and other network requirements . . . . . . . . . . . . . . 1-3Soft-PK requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4Roadmap to deploying your VPNs . . . . . . . . . . . . . . . . . . . . . . . 1-5

Chapter 2: Planning Your VPN Configuration. . . . . . . . . . 2-1

Identifying basic VPN connection needs . . . . . . . . . . . . . . . . . . . 2-2Identifying authentication requirements . . . . . . . . . . . . . . . . . . . 2-3Using digital certificate authentication . . . . . . . . . . . . . . . . . . . 2-3Understanding pre-shared key authentication . . . . . . . . . . . . 2-5 Extended authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6Determining where you will terminate your VPNs . . . . . . . . . . . . 2-7More about virtual burbs and VPNs . . . . . . . . . . . . . . . . . . . . 2-8Defining a virtual burb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8Understanding Sidewinder client address pools . . . . . . . . . . . . . 2-9

Chapter 3: Configuring Sidewinder for Soft-PK Clients . 3-1

Enabling the VPN servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2Configuring ACL & proxies entries for VPN connections . . . . . . 3-3Managing Sidewinder self-signed certs . . . . . . . . . . . . . . . . . . . 3-4Creating & exporting a firewall certificate . . . . . . . . . . . . . . . . 3-4 Creating & exporting remote certificate(s) . . . . . . . . . . . . . . . . 3-6 Managing CA-based certificates . . . . . . . . . . . . . . . . . . . . . . . . . 3-9 Defining a CA to use and obtaining the CA root cert . . . . . . . 3-9 Requesting a certificate for the firewall . . . . . . . . . . . . . . . . . 3-10 Determining identifying information for client certificates . . . 3-12

Table of Contents

iii

 

 

Page 4 Page 6
Page 5
Image 5
Secure Computing Soft-PK Version 5.1.3 Build 4, SafeNet, Sidewinder Version 5.1.0.02 manual B L E O F C O N T E N T S
Page 4 Page 6
Top Page Image Contents