Citrix Systems 4.2 Switch User Manual


 
Chapter 16. Managing Networks and Traffic
192
12. Enter the user name and password from step 1.
16.24.3. Using Remote Access VPN with Mac OS X
First, be sure you've configured the VPN settings in your CloudPlatform install. This section is only
concerned with connecting via Mac OS X to your VPN.
Note, these instructions were written on Mac OS X 10.7.5. They may differ slightly in older or newer
releases of Mac OS X.
1. On your Mac, open System Preferences and click Network.
2. Make sure Send all traffic over VPN connection is not checked.
3. If your preferences are locked, you'll need to click the lock in the bottom left-hand corner to make
any changes and provide your administrator credentials.
4. You will need to create a new network entry. Click the plus icon on the bottom left-hand side
and you'll see a dialog that says "Select the interface and enter a name for the new service."
Select VPN from the Interface drop-down menu, and "L2TP over IPSec" for the VPN Type. Enter
whatever you like within the "Service Name" field.
5. You'll now have a new network interface with the name of whatever you put in the "Service Name"
field. For the purposes of this example, we'll assume you've named it "CloudStack." Click on that
interface and provide the IP address of the interface for your VPN under the Server Address field,
and the user name for your VPN under Account Name.
6. Click Authentication Settings, and add the user's password under User Authentication and enter
the pre-shared IPSec key in the Shared Secret field under Machine Authentication. Click OK.
7. You may also want to click the "Show VPN status in menu bar" but that's entirely optional.
8. Now click "Connect" and you will be connected to the CloudStack VPN.
16.24.4. Setting Up a Site-to-Site VPN Connection
A Site-to-Site VPN connection helps you establish a secure connection from an enterprise datacenter
to the cloud infrastructure. This allows users to access the guest VMs by establishing a VPN
connection to the virtual router of the account from a device in the datacenter of the enterprise. Having
this facility eliminates the need to establish VPN connections to individual VMs.
The difference from Remote VPN is that Site-to-site VPNs connects entire networks to each other,
for example, connecting a branch office network to a company headquarters network. In a site-to-site
VPN, hosts do not have VPN client software; they send and receive normal TCP/IP traffic through a
VPN gateway.
The supported endpoints on the remote datacenters are:
Cisco ISR with IOS 12.4 or later
Juniper J-Series routers with JunOS 9.5 or later