Manuals
/
Secure Computing
/
Computer Equipment
/
Network Router
Secure Computing
Sidewinder Version 5.1.0.02, SafeNet, Soft-PK Version 5.1.3 Build 4
manual
Models:
Soft-PK Version 5.1.3 Build 4
Sidewinder Version 5.1.0.02
SafeNet
1
79
80
80
Download
80 pages
41.45 Kb
73
74
75
76
77
78
79
80
<
>
Install
VPN Administration Guide
Plan your VPN configuration
Field Setting Local Network/IP
How to
Authorization
Enable
If using digital certificates
Page 79
Image 79
Page 78
Page 80
Page 79
Image 79
Page 78
Page 80
Contents
VPN Administration Guide
Page
Copyright Notice
Printing History
B L E O F C O N T E N T S
Installing and Working with Soft-PK
Who should read this guide?
About this Guide
Organized
How this guide is
Viewing and printing this document online
About Soft-PK
About Sidewinder
About digital certificates
Viii
About this chapter
Getting Started
About Soft-PK & Sidewinder VPNs
Sidewinder and other network requirements
Requirements
Soft-PK requirements
Roadmap to deploying your VPNs
4c1 Define remote identities within Sidewinder
Sidewinder system
Satisfy Sidewinder, network, & system requirements
Plan your VPN configuration
Create/Request the digital certificates
If using pre-shared keys passwords
Configure the VPN connections on the Sidewinder
Troubleshoot any connection problems
Planning Your VPN Configuration
Identifying basic VPN connection needs
Certificate file with public key
Identifying authentication requirements
Using digital certificate authentication
Private key file
Clients
Closer look at self-signed certificates
No CA needed
For a small number of VPN
Closer look at CA-based certificates
Understanding pre-shared key authentication
Extended authentication
VPN tunnel terminating on trusted burb
Determining where you will terminate your VPNs
More about virtual burbs and VPNs
Select Firewall Administration Burb Configuration
Defining a virtual burb
Sidewinder
Understanding Sidewinder client address pools
Understanding Sidewinder client address pools
Configuring Sidewinder for Soft-PK Clients
Select VPN Configuration Isakmp Server
Enable the cmd, egd, and isakmp servers
Click Apply Configure the Isakmp server
Enable
Configuring ACL & proxies entries for VPN connections
Creating & exporting a firewall certificate
Managing Sidewinder self- signed certs
Click OK when done
Specify the following Firewall Certificate settings
Mail Address
Creating & exporting remote certificates
Select Services Configuration Certificate Management
Select the Remote Certificates tab. Click New
Generated
Specify the following Remote Certificate settings
Click Add to add the certificate to the Certificates list
Key File
Return to for each remote client
Defining a CA to use and obtaining the CA root cert
Managing CA- based certificates
Requesting a certificate for the firewall
Click Add to send the enrollment request
Specify the firewall certificate information
Retrieve the key, revoke, etc
Determining identifying information for client certificates
Certificate Identities defined on the firewall
Defining remote client identities in Sidewinder
Managing pre- shared keys passwords
Configuring the VPN on the Sidewinder
Example, if you specify 24 with an IP address
Field Setting Local Network/IP
Enabled Select Yes Burb
New button to specify the IP Address / Hostname
This field cannot be edited
Require Extended Enable this checkbox Authentication
Certificate VPN from the list provided Firewall Identity
Type Firewall to the remote client Value
Client
Type
Edited
Click Close
Save your settings!4. Click Add to save the settings
Remote Identity
Page
Installing and Working with Soft-PK
Soft-PK installation notes
Determining Soft-PK status from icon variations
Starting Soft-PK
Activating/Deactivating Soft-PK
Right-click the Soft-PK tray icon to access menu
Means Soft-PK security policy is currently active
Log Viewer
About the Soft-PK program options
Certificate Manager
Security Policy Editor
Managing certificates on Soft-PK
Setting up Sidewinder self-signed certificates
Setting up CA-based certificates
Get your CA administrator to approve your request
Click Advanced to select a certificate service provider
Select the Generate Exportable Key check box
Importing certificate in Soft-PK
Verification window
Importing a personal certificate into Soft-PK
Import Certificate Password Window
Certificate file
Select Options Secure Specified Connections
Configuring a security policy on the Soft-PK
New connection Named SecureVPN
If using digital certificates
Enable the Connect using Secure Gateway Tunnel box
Specify the interface information
Configuring a security policy on the Soft-PK
Encryption and Data Integrity/Algorithms fields
Optional Click Save to save the policy on this system
SA Life Select Unspecified to default to Sidewinder settings
Page
Deploying Soft-PK to Your End Users
Word
Overview
Format
Security policy
Soft-PK setup.exe file and supporting files
Cannot modify
Customizing the user worksheet
Specifying installation instructions
Specifying dial-up network instructions
Specifying certificate import/request instructions
Specifying basic connection information
Specifying security policy instructions
About this appendix
Soft-PK Log Viewer
Soft-PK Connection Monitor
To view the details
More about the Connection Monitor
Sidewinder troubleshooting commands
Page
Part Number 86-0935037-A
Top
Page
Image
Contents
