Filter
Top Products
PN 82013151
22
SSH IPSec Client Setup
The RouteFinder supports VPN (Virtual Private Networking), which provides the ability
to encrypt IP network traffic.
Host 1 <----> Router <----> Internet <----> Router <----> Host 2
<----------------- encrypted ------------------->
All communication between the hosts uses strong encryption, so that nobody is able to
listen to this communication. As discussed earlier, the three methods of VPN setup are
Host to Host, Host to Net, and Net to Net. This section covers the client-side aspects of
a Host to NET connection using SSH Sentinel 1.1.1 (Static IP) to connect to a
RouteFinder using Pre Shared Keys (PSK)
Host to Net Setup
This is one of the most common setups, and is often used for the roadwarrior setup.
This setup lets the Host access an Internet connection that is encrypted and
authenticated.
An example of a Host to Net setup is a sales representative that dials into the Internet
and establishes a VPN connection to the company RouteFinder, and gains with that an
encrypted and authenticated connection to the corporate LAN or DMZ or E-mail server.
HOST <----> Router <----> Internet <----> Router <----> VPN-Gateway <----> NET
<------------------- encrypted ----------------->
Note: Make sure that all routers between both SSH IPSec ends can route IP protocol
50 (IPSec). Sometimes routers are configured to route only TCP (protocol 6), UDP
(protocol 17) and ICMP (protocol 1) and drop all other protocols. Routers configured
that way won't work for VPN with IPSec!
Host to NET using SSH Sentinel 1.1.1 (Static IP) to connect to a
RouteFinder using Pre Shared Keys (PSK)
This section describes how to set up a Host to Net connection between a Sentinel SSH
version 1.1.1 client and a RouteFinder using IKE, PSK and static IPs. The setup
involves 1) RouteFinder Configuration steps, and 2) Sentinel Configuration steps.
192.168.3.0/255.255.255.0 ←→ 212.6.145.2 ←→ 212.6.145.3
DMZ Network ←→ external VPN Gateway IP ←→ Sentinel Client IP