Page 76 / 161
Scroll up to view Page 71 - 75
76
Section 4
Configure
IPSec Tunnel Parameter Setup Worksheet
Parameter
Cayman
Peer Gateway
Name
Peer External IP Address
Peer Internal IP Network
Peer Internal IP Netmask
Enable
Encrypt Protocol
None
ESP
Auth Protocol
None
ESP
AH
Key Management
IKE
Pre-Shared Key Type
HEX
ASCII
Pre-Shared Key
Negotiation Method
Main
Aggressive
DH Group
1
2
5
SA Encrypt Type
DES
3DES
CAST
Blowfish
SA Hash Type
N/A
MD5
SHA1
PFS DH Group
Off
1
2
5
Soft MBytes
1 - 1000000
Soft Seconds
60 - 1000000
Hard MBytes
1 - 1000000
Hard Seconds
60 - 1000000
Downloaded from
www.Manualslib.com
manuals search engine
Page 77 / 161
77
Section 4
Configure
SafeHarbour Tunnel Setup
Use the following tasks to configure an IPSec VPN tunnel on your Cayman
Gateway.
Task 1: Ensure that you have SafeHarbour VPN enabled.
SafeHarbour is a keyed feature. See
page 93
for information concerning
installing Cayman Software Feature Keys.
Task2: Complete Parameter Setup Worksheet
IPSec tunnel configuration requires precise parameter set between VPN
devices. The Setup Worksheet facilitates setup and assures that the associ-
ated variables are
identical
.
Task 3: Enable IPSec
IPSec must be enabled on your Gateway to allow further VPN configura-
tion. Perform the following steps to enable IPSec:
Step 1
Browse to Gateway.
Step 2
Click the
Security
toolbar button.
Step 3
Click the
IPSec
link.
Step 4
Check the
Enable SafeHarbour IPSec
checkbox.
Checking this box will automatically display the
SafeHarbour IPSec Tunnel
Entry
parameters.
Downloaded from
www.Manualslib.com
manuals search engine
Page 78 / 161
78
Section 4
Configure
Leave the
Enable NAT over Tunnel
choice as
Off
unless your network
administrator instructs otherwise.
Task 4: Make the IPSec Tunnel Entries
Enter the initial group of tunnel parameters. Refer to your
Setup Work-
sheet
and the
Glossary of VPN Terms
as required. Perform the following
steps:
Step 1
Enter tunnel
Name
.
Step 2
Enter the
Peer External IP Address
.
Step 3
Select
Encryption Protocol
from the pulldown menu.
Step 4
Select
Authentication Protocol
from the pulldown menu.
Step 5
Select
Key Management
from the pulldown menu.
This is the only parameter that does not have to be identical to the peer/
remote VPN device
Downloaded from
www.Manualslib.com
manuals search engine
Page 79 / 161
79
Section 4
Configure
Step 6
Ensure that the toggle checkbox
Enable
, which is
On
by default, remains
On.
Step 7
Click
Add
.
The Tunnel Details page appears.
Task 5: Make the Tunnel Details entries
Use the following steps:
Step 1
Enter or select the required settings.
Step 2
Click
Update
. The
Alert
button appears.
Step 3
Click the
Alert
button.
Step 4
Click
Save and Restart
.
Your SafeHarbour IPSec VPN tunnel is fully configured.
Tunnel sessions can
only
be initiated from the LAN client side.
Downloaded from
www.Manualslib.com
manuals search engine
Page 80 / 161
80
Section 4
Configure
Using the Security Monitoring Log
You can view the Security Log at any time. Use the following steps:
Step 1
Click the
Security
toolbar button.
Step 2
Click the
Security Log
link.
Step 3
Click the
Show
link from the Security Log tool bar.
An example of the Security Log is shown on the next page.
Step 4
When a new security event is detected, you will see the
Alert
button.
The
Security Alert
remains
until
you view the information. Clicking the Alert
button will take you directly to a page showing the log.
Link
Security Log
Response
Description
Security Monitoring detects security-related events, including common
types of malicious attacks, and writes them to the security log file.
Downloaded from
www.Manualslib.com
manuals search engine