netasq防火墙配置手册
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
IPSec VPN Remote access (Client to site) using Pre-shared keys Diagram
Requirement
Configuration
Head office Netasq IPS Firewall Configuration for IPSec VPN User creation
Configuring access policy for user/user group
Configuring PSK for users
Creating mobile peer
Adding VPN Tunnel (Mobile) configuration
IPSec VPN Client Configuration
Verifying the communication
DIAGRAM
Requirement
Zoom Technologies wants to provide access to resources like printers, shared folder or the computer itself of the head office to its executives who go around places. For this requirement Zoom Technologies has to implement IPSec Client to Site VPN.
To fulfill this requirement the client who will try to access the resources at head office need to establish a IPSec Tunnel to Head office Netasq IPS Firewall using a IPSec client software installed on PC/Laptop/Netbook.
The configuration is done on two places
asq IPS Firewall
2.IPSec Client software installation on client PC/Laptop/Net-book
Configuration
Configuration of Netasq IPS Firewall at Head office
1.Access the firewall and navigate to Users and click on it to expand users menu
2.Click on Users below users menu
1
2
3.Click on to add a new user
4.Enter ID, username and email address
5.Click on Apply
4
5
6.Click on Access privileges option under users menu
6
7. Click on ACCESS POLICY
8. Click on Add
8
9.Double click to change it to
10.Select the user from the user – user group list
11.Change the IPSec column from to
12.Click Apply
9 10
11
13.Click on Save when prompted for
12
1.Expand VPN
2.Click IPSec VPN
3.Click on Identification Tab
2
1
5.Enter the Email id of the user (should be same email-id as of the user that we created earlier)
6.Enable the Enter the key in ASCII characters checkbox
7.Enter Password and confirm the same
8.Click OK
4
9
10.Click Save when prompted
10
11.Click Yes, activate the policy to active the changes in the policy
11
12. Click Peers tab
13. Click Add
14. Click New anonymous (mobile) peer
14
13
15.Enter a name for the mobile peer
16.Click Next
15
16
17.Select Pre-shared key(PSK) as the PEER AUTHENTICATION method
18.Click Next
17
18
19.Click Next
20.Click Finish
21.Click on Encryption Policy – Tunnels
22.Click on Anonymous - Mobile Users tab
22