beautypg.com

8 vpn, 1 ipsec autokey – PLANET CS-1000 User Manual

Page 95

background image

Multi-Homing Security Gateway User’s Manual

3.3.8 VPN

The CS-1000 adopts VPN to set up safe and private network service, and combine the remote Authentication

system in order to integrate the remote network and PC of the enterprise. It also provides the remote users a

safe encryption way to have best efficiency and encryption when delivering data. CS-1000 provides two kinds

of VPN service and the PPTP client.

IPSec Autokey:

The system manager can create a VPN connection using Autokey IKE. Autokey IKE

(Internet Key Exchange) provides a standard method to negotiate keys between two security gateways. It

also can set up IPSec Lifetime and Preshared Key of the CS-1000.

PPTP Server:

The System Manager can set up VPN-PPTP Server functions at CS-1000 in this chapter.

PPTP Client:

The System Manager can set up VPN-PPTP Client functions at CS-1000 in this chapter.

Trunk:

To define local and remote VPN device with related information, it also can be configured to enable

VPN Trunk function. Trunk entry must be selected in Policy to submit the further function to the VPN traffic.

What is New?

CS-1000 isolates the Trunk setting in order to allow Policy rule controlling VPN traffic. So user can filter the

VPN packets with QoS, IDP rule, and record the connection in Traffic Log or Statistic. Hence, to set up a

Virtual Private Network

(VPN), you need to configure CS-1000 with following setting:

1. Configure IPSec Autokey for the encryption and authentication or PPTP Server/Client setting.

2. Configure Trunk for the information of local and remote VPN device.

3. Configure Policy rule to combine VPN traffic with QoS, IDP and the other function.

3.3.8.1 IPSec Autokey

This chapter describes steps to create a VPN connection using Autokey IKE. Autokey IKE (Internet Key

Exchange) provides a standard method to negotiate keys between two security gateways. For example, with

two Multi-Homing Security Gateway devices, IKE allows new keys to be generated after a set amount of time

has passed or a certain threshold of traffic has been exchanged.

Accessing the Autokey IKE window

Click IPSec Autokey under the VPN menu to enter the IPSec Autokey window. The IPSec Autokey table

displays current configured VPNs.

НН

- 89 -

See also other documents in the category PLANET Communication: