Presentation on theme: "XP Road Warrior Connection By: Darren Critchley. What is Road Warrior? Remote client such as a salesperson who needs to connect to the main office LAN."— Presentation transcript:
What is Road Warrior? Remote client such as a salesperson who needs to connect to the main office LAN resources Sometimes referred to as a Host to Net VPN or VPN Client
What is needed on the client end? XP has the client built in, but complicated to configure Free offerings such as Linsys Commercial offering Safenet Softremote
XP Service Pack 2 and the Windows Firewall Make sure your XP is up to date and patched! Firewall necessary to protect Roadwarrior Should not interfere with VPN Hotfix may be required to allow ping across the VPN http://support.microsoft.com/?kbid=889527
Set up a connection on the NetSentron NOTE: Due to the method in which the VPN identifies a connection, you can only have one Pre-Shared Key Roadwarrior From VPN page click Add Select “Host-to-Net Virtual Private Network (RoadWarrior)” and click Add Give the VPN a name Cannot start with a number Cannot contain spaces or non-alphanumeric items Adjust local subnet if necessary Remote Host/IP you can optionally limit the connection to a specific IP or Hostname Enter a Remark – describes this VPN Connection Dead Peer Detection action Choose Clear as the connection is a Roadwarrior Check Enabled Enter a Pre-Shared key or have the NetSentron generate one for you
Connect an XP Roadwarrior using the free Linsys Program The Linsys Client is really a nice wrapper that is for configuring the IPSec policies on Windows. download the Linsys utility from http://www.netsentron.com/utilities.html http://www.netsentron.com/utilities.html install the program start the program The first time you run the program, it may complain that a necessary patch is missing. If you wish to let the program find, download and install the patch, then click yes, otherwise you can search for it on your own.
Name the VPN, enter a name for the VPN in the empty box next to the IPSec Profile Name If you have more than one Network card in your PC, you can select which one you wish to use from the Interface drop down list Once you select a network card, the IP Address for the Local side of the Tunnel will automatically be filled in for you.
Enter the information for the Remote Side of the Tunnel Enter VPN Gateway (hostname / ip) – this is the RED (WAN) address of the NetSentron Enter the Remote Internal IP – this is the GREEN (LAN) address of the NetSentron Enter the Private Address/Network Mask – this is the subnet on the GREEN (LAN) side of the NetSentron, insure that it matches the local subnet entry on the VPN connection on the NetSentron Enter information into the IPSec Options area Select Pre-Shared Key for Authentication Method Enter your Pre-Shared Key that you entered into the NetSentron into the text area insure that the rest of the settings are: 3DES, MD5, PFS (checked), 3500, 50000 Click on the Other Options Tab and then make sure Debug Enabled is checked Click on Ipsec Profiles Tab Save your connection by clicking the Disk Icon in the upper part of the Linsys client
Test the Connection Before we connect, bring up log Right click on the Linsys icon in the Task Bar, select View Log Now click connect – if all is well, you should see the log with a connection message and the Linsys Icon should turn green Verify connection by pinging the NetSentron Green (LAN) Address