Cisco Systems OL-5490-01 Bedienungsanleitung

Corporate Headquarters Cisco Systems, In c. 170 West Tasman Drive San Jose, CA 951 34-1706 USA http://www.ci sco.com Tel: 408 526-4000 800 553-NETS (638 7) Fax: 408 526-4100 VPN Client User Guide f or Mac OS X Re lease 4.6 August 2004 Customer Order Number: Text Part Number: OL -5490-01[...]

THE SPECIFICATION S AND INFORMATION REGARDING TH E PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITH OUT NOTICE. ALL STATEMENTS , INFORMATION, AND RECOMMENDATI ONS IN THI S MANUAL ARE BE LIEVED TO BE A CCURATE BUT ARE PRESENTED WI THOUT WARRANTY OF ANY KIND, EX PRESS OR IMPLIED. USERS MUST TAKE FULL RESPO NSIBILITY FOR THEIR APPLICATION OF ANY PRO[...]

iii VPN Client User Guide for Mac OS X OL-5490-01 CONTENTS About This Guide vii Audience vii Contents vii Related Documentation viii Terminology viii Document Conventions viii Data Formats ix Obtaining Documentation ix Cisco.com ix Documentation CD-ROM ix Ordering Documentation x Documentation Feedback x Obtaining Technical Assistance x Cisco.com x[...]

Contents iv VPN Client User Guide for M ac OS X OL-5490-01 Preconfiguring the User P rofile 2-3 Preconfiguring the Global Profile 2-3 Bundling a Root Certificate with the Installa tion Package for Darwin 2-4 Installing the VPN Client 2-4 Authentication 2-4 VPN Client Installation Process 2-6 Introduction 2-6 Accepting the Licens e Agreement 2-7 Sel[...]

Contents v VPN Client User Guide for Mac OS X OL-5490-01 Mutual Group Authentica tion 4-4 Certificate Authentication 4-4 Transport Parameters 4-6 Enable Transport Tunneling 4-7 Transparent Tunneling Mod e 4-7 Allow Local LAN Access 4-7 Peer Response Tim eout 4-8 Backup Servers 4-8 CHAPTER 5 Establishing a VPN C onnection 5-1 Checking Prerequ isites[...]

Contents vi VPN Client User Guide for M ac OS X OL-5490-01 CHAPTER 7 Managing the VPN Client 7-1 Managing Connection Entries 7-1 Importing a Connection Entry 7-1 Modifying a Con nection Entry 7-2 Deleting a Connection Entry 7-3 Event Logging 7-4 Enable Logging 7-4 Clear Logging 7-5 Set Logging Options 7-5 Opening the Log Window 7-7 Viewing Statisti[...]

vii VPN Client User Guide for Mac OS X OL-5490-01 About This Guide This VPN Client User G uide describes ho w to insta ll, use, and manage the Cisco VPN Client for the Macintosh op erating system, V ersion 10.2 or later . Y ou can manage the VPN Client for Mac OS X from the graphical user interface or from the command-line interface. The VPN Client[...]

viii VPN Client User Guide for M ac OS X OL-5490-01 About This Guide Related Documentation • Chapter 7, “Managing the VPN Client.” Thi s chapter descri bes how to manage VPN Clie nt connections, use the ev ent log, and vie w tunnel details, including packet and routing data. Related Documentation The follo wing is a list of user gui des and o[...]

ix VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Documentation Caution Means reader be careful. Caution s alert you to act ions or conditions that co uld result in equipment damage or loss of data. Data Formats When you conf igure the VPN Client, ent er data in these formats unl ess the instructions indicate otherwise. ?[...]

x VPN Client User Guide for M ac OS X OL-5490-01 About This Guide Obtaining Technica l Assistance Ordering Documentation Y ou can find instru ctions for ordering documen tation at this URL: http://www .cisco.com/u ni vercd/cc/td/ doc/es_inpck/pdi.htm Y ou can order Cisco documen tation in these ways: • Registered Cisco.com users (Cisco direct cus[...]

xi VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Technical Assistance • Download and test software packages • Order Cisco learning materials and merchandise • Register for online skill assessment, trai ning, and certif ication programs T o obtain customized informatio n and service, you can self-register on Cisco.co[...]

xii VPN Client User Guide for M ac OS X OL-5490-01 About This Guide Obtaining Additional Publ ications and Information Cisco TAC Escalation Center The Cisco T A C Escalation Center addresses priority le v el 1 or priority le v el 2 issues. These classifications are assigned when se vere network de gradation signif icantly i mpacts bu siness operati[...]

CH A P T E R 1-1 VPN Client User Guide for Mac OS X OL-5490-01 1 Understanding the VPN Client The Cisco VPN Client for Mac OS X is a softw are application that runs on any Maci ntosh computer using operating system V ersion 10.2 or later . The VPN Client on a remote PC, communicating w ith a Cisco VPN de vice on an enterprise network or with a serv[...]

1-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 1 Understan ding the VPN Client VPN Client Overview VPN Client Overview The VPN Client works with a Cisco V PN de vice to cr eate a secure connection, called a tunnel, between your computer and a p riv ate networ k. It uses Internet K ey Exchange (IKE) and In ternet Protocol Security (IPSec[...]

1-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Unde rstanding the VPN Client VPN Client Features VPN Client Features The tables in the following sections describe the VPN Client features. Ta b l e 1 - 1 lists the VPN Client mai n features. Program Features The VPN Client supports the Program featur es listed in Ta b l e 1 - 2 . T able [...]

1-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 1 Understan ding the VPN Client VPN Client Features Automatic VPN Client config uration option The ability to import a conf igurati on fil e. Event lo gging The VPN Client log collects e v ents for vie wing and anal ysis. N A T T ransparency (NA T -T) Enables the VPN Client and the VPN devi[...]

1-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Unde rstanding the VPN Client VPN Client Features Authentication Features The VPN Client supports the authenti cation features listed in Ta b l e 1 - 3 . IPSec Features The VPN Client supports the IPSec features listed in Ta b l e 1 - 4 Co n ne c t on op en This feature lets a user conn ec[...]

1-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 1 Understan ding the VPN Client VPN Client Features VPN Client IPSec Attributes The VPN Client supports the IPSec attri butes list ed in Ta b l e 1 - 5 . Split tunneling The ability to simult aneously direct pack ets o ver the Int ernet in clear text and enc rypted thro ugh an IPSec tu nnel[...]

1-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Unde rstanding the VPN Client VPN Client Features Extended Authentication (XA UTH) The capability of authenti cating a user within IKE. Thi s authentication is i n addition to the normal IKE phase 1 authentication, where the IPSec de vices authenticate each other . The extended authen tica[...]

1-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 1 Understan ding the VPN Client VPN Client Features[...]

CH A P T E R 2-1 VPN Client User Guide for Mac OS X OL-5490-01 2 Installing the VPN Client This chapter describes ho w to install the VPN Client for Mac OS X. Verifying System Requirements The VPN Client for Mac OS X runs on any Po wer Macintosh or compati ble computer with the Macintosh operating system V ersions 10.2 or later and 30 MB of hard di[...]

2-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Obtaining the VPN Client Software Obtaining the VPN Client Software The VPN Client software is a v ailable from the Cisco website an d comes as a disk image f il e (vpnclient-<v ersion>-GUI.k9.dmg). Only system admini strators ca n obtain and distrib ute t[...]

2-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Preconfiguring the VPN Client Figur e 2-2 VPN Client Installer Dir ect ory Preconfiguring the User Profile The VPN Client uses parameters that must be unique ly configured for each re mote user of the priv ate network. T ogether these parameters make up a user pr [...]

2-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Bundling a Root Certificate with th e Installation Pa ckage for Darwin Bundling a Root Certificate with the Installation Package for Darwin T o use mutual authenticati on, the VPN Client computer must hav e a root certif icate install ed. Y ou can bundle a roo t[...]

2-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Figure 2-3 A uthorization Window Step 2 Click the lock to authen ticate your passwor d. The Authenticate dialog box appears ( Figure 2-4 ). Figur e 2-4 A uthenticat e Dialog Bo x Step 3 Enter your administ rator username an d a password o[...]

2-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Installing the VPN Client VPN Client Installation Process Y ou must complete all steps in the VPN Client inst allation pr ocess before you can use the VPN Client software. At any time durin g the installation process, you can go back to a pre vious step and adju[...]

2-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Accepting the License Agreement Y ou are re quired to read and acce pt the Cisco softwa re license agreement before you can continue with the installation process ( See Figure 2-6 ). Figure 2-6 Cisco Licence Agr eement Before you accept t[...]

2-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Installing the VPN Client Figur e 2-7 Select Destination Window Click Continue . The VPN Client is installed in the Applications di rectory . Choosing the Installation Type The default in stallation process installs the f ollowing packages with the VPN Client ap[...]

2-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Figure 2-8 Easy Install Window T o choose which pack ages to install, click Customize to o pen the Custom Install windo w ( Figure 2-9 ). Figur e 2-9 C ustom Install Windo w The packages with the blue check box are optional. T o ma ke a p[...]

2-10 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Installing the VPN Client Click Easy Install to return to the def ault installation p ackages, or Install to cont inue with a custom installati on. A progress bar lists the installa tion steps as they occur ( Figure 2-10 ). Figur e 2-1 0 Install Sof twar e Pr o[...]

2-11 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Figur e 2-1 1 Successful Installa tion Confir mation Window Click Close . If you do not receiv e this conf irmation, the installation was not successful . Y ou must start the installation process again from the beginning or contact your [...]

2-12 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Uninstalling the VPN Client Figur e 2-12 Location of VPN Client Application CLI Version Install Script Notes The VPN Client in staller includes both t he graphica l user interf ace and the command-line v ersion of the VPN Client for Mac OS X. Y ou can choo se t[...]

2-13 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Uninstalling the VPN Client Note W e recommend that you uninstall an y pre vious v ers ion of the VPN Client for Mac OS X before you install a new version. The VPN Client uninstall scr ipt uninstalls an y pre vious command-line o r GUI version o f the VPN Client [...]

2-14 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 2 Insta lling the VPN Client Uninstalling the VPN Client[...]

CH A P T E R 3-1 VPN Client User Guide for Mac OS X OL-5490-01 3 Navigating the User Interface This chapter describes the main VPN Client windo w and the t ools, tabs, menus and icons for na vigating the user interface. VPN Client Menu Use the VPN Client menu ( Figure 3-1 ) to manage the VPN Client appl ication and main win dow setti ngs. Figur e 3[...]

3-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 3 N avigating the User Interface Choosing a Run Mo de – Sav e windo w settings—Sa v es changes to the VPN Client windo w . For e xample, you can sa ve the windo w size; the windo w position; the sel ected tab; and the vie w (simple or adv anced mode). – Minimize upon connect—Places [...]

3-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Naviga ting the User Interface Operating in Simple Mode Figur e 3-3 VPN Client Window—Simp le Mode The main VPN Client windo w sho ws only the v ersion information, t he default connection ent ry , the connect b utton, and the stat us bar . Main Menus—Simple Mode This section descr ibe[...]

3-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 3 N avigating the User Interface Operating in Advanc ed Mode Operating in Advanced Mode Use Adv anced mode to manage the VPN Client; conf ig ure connection ent ries; manage certificates; vie w and manage e vent lo gging; and vie w tunnel statistics an d routing data. VPN Client Window—Adv[...]

3-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Naviga ting the User Interface Operating in Advanced Mode Toolbar Action Buttons—Advanced Mode The action b uttons at the top o f the VPN Client windo w v ary dependin g on which tab is forw ard. For e xample, if the Connections tab is forw ard, the Connect, Ne w , Import, Modify , and D[...]

3-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 3 N avigating the User Interface Operating in Advanc ed Mode Main Menus—Advanced Mode The follo wing sections describe t he main VPN Client menus, located at the top of your screen, when the VPN Client applicat ion is running in adv anced mod e and acti ve on you r desktop. Connection Ent[...]

3-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Naviga ting the User Interface Operating in Advanced Mode Status Menu Use the Status menu ( Figu re 3-10 ) to display the tunnel and route statistics or to vie w notif ications from the VPN device. Figur e 3-1 0 Status Menu • Statistics—Open the Statist ics window to view tunnel detail[...]

3-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 3 N avigating the User Interface Operating in Advanc ed Mode • Retry Certif icate Enrollment—Retry a pre viously st arted certificate enro llment. • Sho w or Hide CA/RA Certificates—This menu option toggles to Sho w or Hide root certif icates issued b y either a Certifi cate Authori[...]

3-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Naviga ting the User Interface Operating in Advanced Mode Connection Entries Tab Right-Click Menu Figure 3-14 sh ows the ri ght-click menu options a v ailable when the Connecti on Entries tab is selected. Figur e 3-14 Connection En tr ies Right-Clic k Menu • Connect—Establish a VPN co [...]

3-10 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 3 N avigating the User Interface Operating in Advanc ed Mode Certificates Tab Right-Click Menu Figure 3-15 sh ows the ri ght-click menu options a v ailable when the Cert ificates t ab is forward. Figur e 3-15 Cer tificates T ab Right-Clic k Menu • V iew—V iew the properties of the sele[...]

CH A P T E R 4-1 VPN Client User Guide for Mac OS X OL-5490-01 4 Configuring Connection Entries A connection entry is a set of parame ters that th e VPN Clien t uses to identify and connect to a specific pri v ate network. Connection entry parameters incl ude a name and description for the connection, the na me or address of the VPN de vice (the re[...]

4-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 4 Con figuring Connection Entries Creating a Connection Entry T o create a connection entry: Step 1 Open the VPN Client applicatio n. The VPN Client wi ndo w appears ( Figure 4-1 ). Figur e 4-1 VPN Client Window . Step 2 Click the Connection Entri es tab . Step 3 Click New at the top of the[...]

4-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Authentication Method s Step 4 Enter a unique connecti on entry name. Y ou can use any name to identify this connection. This name can contain spaces, and it is not case-sensitiv e. Step 5 Enter a descripti on of this connection. This f ield is optional, b ut[...]

4-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 4 Con figuring Connection Entries Authentication Method s Figur e 4-3 Gr oup A uthentication Step 2 Enter the name of the IPSec group you belo ng to. Step 3 Enter the password fo r your IPSec group. The f ield displays only aster isks. Step 4 Confir m the password b y entering it again. Ste[...]

4-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Authentication Method s Figur e 4-4 Certificat e A uthentication Step 2 Select a certif icate from the Name drop -do wn menu. If the Name f ield displays N o Certificat es Installed, you must f irst enroll or imp ort a certifi cate before you can use this fea[...]

4-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 4 Con figuring Connection Entries Transport Parameters Transport Parameters This section descri bes transport parameters you can conf igure f or a connection entry . The transport parameters incl ude: • Enable T ransport T unneling, page 4-7 • T ransparent T unneling Mode, page 4-7 • [...]

4-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Transport Parameters Enable Transport Tunneling T ransparent tunneling allows secure tr ansmission be tween the VPN Client an d a secure gateway through a router serving as a fire wall. The router might al so be conf igured for Netw ork Address T ranslation ([...]

4-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 4 Con figuring Connection Entries Backup Servers • When this parameter is disabled, all traf fic from your client system goes through the IPSec connection to the secure gatew ay . If the local LAN you are using is not secure, you should no t enable local LAN access. For e xample, do not e[...]

4-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Backup Servers Figure 4-6 Backup Servers T ab Step 5 Check the Enable Backup Servers check box . This parameter is not enabled b y default. The l ist of av ailabl e backup servers is displayed. Backup serv ers are used in the order presented in the list. Step[...]

4-10 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 4 Con figuring Connection Entries Backup Servers Step 3 Click OK . The backup server is added to th e list of a vailable backup serv ers. T o remov e a backup se rver , return to the Backup Server tab, select a serv er from the list, and click Rem ove .[...]

CH A P T E R 5-1 VPN Client User Guide for Mac OS X OL-5490-01 5 Establishing a VPN Connection This chapter descr ibes how to esta blish a VPN con nection with a pri v ate netw ork using the VPN Cl ient and the user authentication metho ds supported by t he VPN devi ce that is pro viding your connection. Checking Prerequisites Before you can establ[...]

5-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 5 E stablishing a VPN Connectio n Establishing a Connection Figur e 5-1 VPN Client Icon The main VPN Client windo w appears. Figure 5-2 sho ws the VPN Client windo w in simpl e mode. Figur e 5-2 VPN Client Window—Simp le Mode Figure 5-3 sho ws the VPN Client windo w in adv anced mode. Fig[...]

5-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Estab lishing a VPN Connection Choosing Authenti ca tion Methods The status bar at the bottom of th e main VPN Client window displays your conne ction status. When connected, t he left side of the status b ar indicates the connection entry name and the r ight side displays the amount of ti[...]

5-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 5 E stablishing a VPN Connectio n Choosing Authentication Methods Figure 5-4 Shared Ke y A uthentication Enter your U sername and Password and clic k OK . VPN Group Name and Password Authentication The VPN group login method uses your VPN gro up name and password for authentication ( Figure[...]

5-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Estab lishing a VPN Connection Choosing Authenti ca tion Methods Figur e 5-6 User Authentication f or RADIUS Enter your username and passw ord and click OK . Check the Sa ve Password check box if you do not want to be prompted for your RADIUS passw ord each time you start a VPN session u s[...]

5-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 5 E stablishing a VPN Connectio n Using Digital Certificates Figur e 5-7 Use r A uthentica ti on for R SA SecurID Enter your username and RSA SecurID passcode and click OK . Using Digital Certificates The VPN Client works with Cer tificate Autho rities (CAs) that support SCEP , manual enrol[...]

CH A P T E R 6-1 VPN Client User Guide for Mac OS X OL-5490-01 6 Enrolling and Managing Certificates This chapter describes h ow t o enroll and manage d igi tal certif icates for the VPN Client for Mac OS X, specifical ly ho w to perform the follo wing tasks: • Obtain personal certif icates th rough enrollment with a cer tificate au thority (CA),[...]

6-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Enrolling Certificates Figur e 6-1 Certificat e Stor e For each cert ificat e, the follo wing information is listed: • Certif icate—The name of the certif icate. • Store—The certificate store wher e this certif icate resides. If you enroll a ce[...]

6-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certific ates Enrolling Certificates Figur e 6-2 Online Certificate Enr ollment Step 4 Enter the enrollment parameters. • For onli ne enrollment enter: – Certif icate Authority—The Common name or the Subject name of the CA Certificate. Th is drop-do wn list con[...]

6-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Enrolling Certificates Step 5 Click Next to continue wit h certificate enrollment . The Certificat e Enrollment dialog box appears ( Figure 6-3 ). Figur e 6-3 Certificat e Enrollment Step 6 Enter the remaining certif icate enrollment parameters. Al l f[...]

6-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certific ates Enrolling Certificates The certif icate enrollment is listed in the certif icate store as a re q u e s t . T o resume a certificate enrollment request, right- click and choose Resume Certif icate Enrollment . Altern ately , you can resume an enrollment [...]

6-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Enrolling Certificates Step 3 Enter the passwor d in the Pa ssword f ield (if there is one) and click OK . The VPN Client ver ifies the passw ord. If the password is correct, the VPN Client deletes the request. Changing the Password on an Enrollment Re[...]

6-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certific ates Importing a Certificate Importing a Certificate A network administrat or might place a certif icate in a f ile. This certificate must be imported in to the certificate store before you can use it for au thenticating the VPN Cl ient to a VPN device. T o [...]

6-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Viewing a Certificate Figur e 6-7 Certificat e Proper ties A typical d igital cer tificate cont ains the follo wing informat ion: • Common name—The name of the o wner , usually both the f irst and l ast names. Th is field identifies the o wner with[...]

6-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certific ates Exporting a Certificate – state or province ( st) – country ( c) – e-mail address ( e) Other items might be included in the Subject, dep ending on the certif icate. • Issuer—The fully qualif ied distinguished na me (FQDN) of the source that pr[...]

6-10 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Deleting a Certificate Figure 6-9 Successful Export Prompt Step 9 Click OK to return to the VPN Client windo w . Deleting a Certificate Y ou can delete an y certif icat e from your cert ifi cat e store. Y ou must provid e a password to delete an enrol[...]

6-11 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certific ates Verifying a Certificate Step 3 Click Delete at the t op of the VPN Client wi ndow . The Certif icate Pa ssword dialog b ox appears ( Figure 6-11 ). Figure 6-1 1 P asswor d Prompt f or Deleting Enrollment Cer tificates. Step 4 Enter the Certif icate Pas[...]

6-12 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 6 Enrolling and Mana ging Certificates Changing the Password on a Personal Certificate Changing the Password on a Personal Certificate T o vie w personal (root) certif icates issued by either a Certi ficate Authorit y (CA) or a Regist ration Authority (RA), use the Show/Hi de CA/RA Certif [...]

CH A P T E R 7-1 VPN Client User Guide for Mac OS X OL-5490-01 7 Managing the VPN Client This chapter describes ho w to manage connection ent ries, and vie w and manage the e vent logg ing. Managing Connection Entries The follo wing sections descr ibe the operations used t o manage connection entries. This in cludes ho w to import, modify , and del[...]

7-2 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Managing Connection En tries Figur e 7 -1 Import VPN Connection Step 3 Locate the connection entry to impor t. A v alid connectio n entry conf iguration f ile must ha ve a .pcf extension. Step 4 Click Open . The connection ent ry is added to the list of a v ailabl[...]

7-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Managing Connectio n Entries Figure 7 -2 Connectio n Entry Settings The existi ng configu ration for this conn ection entry is displayed. Step 4 Make adjustments to th is co nnection entry configuration. Step 5 Click Sav e . The VPN Client Prop erties dialog box clo[...]

7-4 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Event Logging Figure 7 -3 Confirm Delet e Caution Y ou cannot retrie ve a co nnection entry that has been deleted. Step 4 Click Delete to delete this connect ion entry . The connection entry is removed from the prof iles directory and you are returned to the Conne[...]

7-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Event Logging Figur e 7 -4 Event Log Every VPN sessi on contains at least one log entry , the connection history . T o disable logging, cli ck the Disable button at the to p of the VP N Client win dow . Clear Logging T o clear the ev ent messages from the logging wi[...]

7-6 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Event Logging Figur e 7 -5 Log Set tings Ta b l e 7 - 1 describes the log classes that ge nerate events in the VPN Cl ient log viewer . T able 7 -1 VPN Client Logging Cl asses Log Class Description Module [LOG.IKE] Internet K ey Excha nge module, which manages sec[...]

7-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Event Logging Step 3 Select the logging le v el for each module that uses log ging services. The logging le v els allo w you to choose the amount of informat ion you want to capture. Figu re 7-6 show s the logging le vels. Figur e 7 -6 Logging Lev els There are four[...]

7-8 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Viewing Statistics Figur e 7 -7 Log Windo w The follo wing b uttons allo w you to manage the inf ormation in the Log W ind ow: • Sa ve the data in the e v ent log to a f ile. Note The VPN Client sav es the information to the Cli ent install directory . The defau[...]

7-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Viewing Statistics • Split tunneling • N A T transparency T o view VPN session statistics, choose Statistics from the Status menu. The Statistics windo w has two t abs, T unnel Deta ils and Route Details. The T unnel Details t ab lists information abo ut the VPN[...]

7-10 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Viewing Statistics Route Details The Route Details tab displays the routes that VPN tr aff ic tak es into the netw ork, which can be eith er Local LAN routes or secured routes. • Local LAN routes are excluded from the secure VPN tunnel. • Secured routes are r[...]

7-11 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Viewing Statistics Figur e 7 -9 Statistics Window—R oute Details For each lo cal LAN or secured route, the follo wing informatio n is listed: • Network—The IP address of the VPN de vice providin g the route to the network. • Subnet Mask—The subnet mask ap[...]

7-12 VPN Client User Guide for M ac OS X OL-5490-01 Chapter 7 Mana ging the VPN Client Viewing Statistics F i g u r e 7- 10 N o t i f i c a t i o n s W i n d o w The top pane of the Notif ications win dow l ists the title of each stored notificat ion. The bottom pane displays the notif ication message a ssociated with the selected title. All notif [...]

IN-1 VPN Client User Guide for Mac OS X OL-5490-01 INDEX A administrator password 2-4 advanced mo de buttons 3-5 menus 3-6 tabs 3-5 window 3-4 AES (Advanced Encryption Standard) 1-6 aggressive mode 1-6 algorithms data compr ession 1-7 encryption 1-6 in VPN client 1-2 application binaries 2-8 applications directory 2-8 authentication algorithms 1-6 [...]

Index IN-2 VPN Client User Guide for Ma c OS X OL-5490-01 management 6-1 new password 6-3 online enrollment 6-2 password 5-6, 6-7 peer 1-5 properties 6-8 resume enrollment 3-8 store 6-1 validity 3-7 verifying 6-11 viewing 6-7 view properties 3-7 X.509 1-6 certificate chain 6-9 certificates menu 3-7 certificates tab 3-5 challenge password, certifica[...]

Index IN-3 VPN Client User Guide for Mac OS X OL-5490-01 directory, applications 2-8 disable logging 3-8 disconnect client 3-3, 3-9 disk drive 2-7 disk space 2-1 DNS, split 1-6 documentation conventions viii obtaining ix related viii domains 1-6 DPD adjusting peer time out 4-8 keep alive mechanism DSL 1-1 duplicate funct ion 3-9 E easy install 2-9 [...]

Index IN-4 VPN Client User Guide for Ma c OS X OL-5490-01 I icon for installer 2-2 identity certificate 4-3 IKE (Internet Key Exchange) 1-2, 7-6 IKE keepalives 1-5 image file 2-2 import certificate 6-7 connection entry 7-1 password 6-7 installati on authentication 2-4 customize 2-9 default 2-9 process 2-6 requirements 2-1 successful 2-11 installati[...]

Index IN-5 VPN Client User Guide for Mac OS X OL-5490-01 main tabs certificates 3-5 connection entries 3-5 log 3-5 main VPN Client window 3-4, 5-2 managing certificates 6-1 connection entries 7-1 MD5 (Message Digest 5) 1-6 menus certificates 3-7 connection entries 3-6 log 3-8 main 3-6 right-click 3-8 status 3-7 minimize client window 3-2 mode advan[...]

Index IN-6 VPN Client User Guide for Ma c OS X OL-5490-01 PKI (Public Key Infrastructure) 1-3, 4-4 platform 3-1 POTS 1-1 preconfigurati on tasks 2-2 preconfigured fil es 2-2 preconfigured keys 2-1 preferen ces, client wi ndow 3-1 prerequisites installati on 2-1, 2-6 passwords 2-1 RSA PIN 5-1 VPN connection 5-1 preshared k eys 4-1 private netw ork 2[...]

Index IN-7 VPN Client User Guide for Mac OS X OL-5490-01 terms, license agreement 2-7 toggle command 3-2 tooltips, enab ling 3-2 transparent tunneling 1-5, 4-7 transport parameters 4-6 tunnelin g 4-7 Triple-DES (Data Encryption Standard) 1-6 tunnelin g encapsulation mode 1-7 protocol 1-3 split 1-6 transparent 4-7 tunnel routin g data 3-2 tunnel sta[...]

Index IN-8 VPN Client User Guide for Ma c OS X OL-5490-01[...]