Table of Contents
Advertisement
Advertisement
Table of Contents
Related Manuals for Nokia CC500 - VPN - Gateway
Summary of Contents for Nokia CC500 - VPN - Gateway
- Page 1 Nokia CryptoCluster 500 VPN Gateway 11 December 2002 This document explains how to configure a virtual private network connection over an open network from a remote host running SSH Sentinel to a private network protected by a Nokia CryptoCluster 500 VPN gateway.
- Page 2 Tel: +358 20 500 7030 (Finland), +1 650 251 2700 (USA), +81 3 3459 6830 (Japan) Fax: +358 20 500 7031 (Finland), +1 650 251 2701 (USA), +81 3 3459 6825 (Japan) c 2002 SSH Communications Security Corp. VPN with SSH Sentinel and Nokia CryptoCluster...
-
Page 3: Table Of Contents
Platform Requirements ....... . . 1.2 Configuring Nokia CryptoCluster 500 ...... - Page 4 CONTENTS c 2002 SSH Communications Security Corp. VPN with SSH Sentinel and Nokia CryptoCluster...
-
Page 5: Vpn Connection To Nokia Cryptocluster 500 Vpn Gateway
VPN gateway to accept connections from SSH Sentinel VPN clients. Certificates granted by an external certification authority are used for authentication. Note: For documentation on how to configure other features of CC500, please refer to the Nokia CryptoCluster 500 (CC500) VPN Gateway documentation. -
Page 6: Configuring Nokia Cryptocluster 500
Chapter 1. VPN Connection to Nokia CryptoCluster 500 VPN Gateway 1.2 Configuring Nokia CryptoCluster 500 1.2.1 Prerequisites It is assumed that the initial gateway installation has been performed and that an external certification authority (CA) has been created. To create a new external CA, open VPN Global Properties, select Policy Configuration - Certification... - Page 7 This is likely to be The gateway’s protected host groups. Please note that the host group must match the remote network you define later in SSH Sentinel settings. 8. On the left pane of the of the Gateway Properties window, select Client Access. c 2002 SSH Communications Security Corp. VPN with SSH Sentinel and Nokia CryptoCluster...
- Page 8 Chapter 1. VPN Connection to Nokia CryptoCluster 500 VPN Gateway Figure 1.4: CryptoCluster IKE Policy settings 9. Enable Allow clients to connect using certificate based authentication, and add a new Certificate Clients entry as shown in Figure 1.5 (CryptoCluster Client Access settings): Figure 1.5: CryptoCluster Client Access settings...
-
Page 9: Configuring Ssh Sentinel
Remote network: a network that matches the host group that is protcted by the CryptoCluster gateway. For example, if the network behind the gateway is 192.168.1.0./255.255.255.0, create c 2002 SSH Communications Security Corp. VPN with SSH Sentinel and Nokia CryptoCluster... - Page 10 Chapter 1. VPN Connection to Nokia CryptoCluster 500 VPN Gateway this network entry in the Network Editor (click the ... button to open the editor), and select it as the remote network here. Authentication key: select the certificate you wish to use for authentication.
-
Page 11: Troubleshooting
7. Ping the private interface of the router and verify that traffic goes through the VPN tunnel. 1.4 Troubleshooting The audit logs and IKE log are available in SSH Sentinel for troubleshooting. Refer to the SSH Sentinel User Manual for details. c 2002 SSH Communications Security Corp. VPN with SSH Sentinel and Nokia CryptoCluster...