Configure Microsoft® Windows XP** Virtual Private Network (VPN) client interoperability with NAT-T support 15
Configuring the AR450S or other ATI VPN router
This configuration is a script file for running IPSec encapsulating L2TP, on a Head Office AR450S
configured to support IPSec remote PC clients. You could also use any other ATI VPN router.
Before loading the configuration, you will need to: create a security user, enable system security, log
in as the security user and then create a general ENCO key for use with ISAKMP—all done from
the command line prompt. These steps are outlined below. Then you may load the script using
ZMODEM or TFTP methods, or use the router's built in editor or command-line prompt.
1. Define a security officer.
This step must be completed on the head office router.
add user=secoff password=<your password> privilege=securityofficer
enable system security
login secoff
2. Generate a key at the head office router.
create enco key=1 type=general
value=<enter your own alphanumeric string>
Note the value of the string you have entered so that you can load it on the PC clients. This
shared key will be used to encrypt initial ISAKMP negotiation. The shared key must be
alphanumeric to ensure interoperation with Windows. If you also want to use Secure Shell, you
will need additional keys. Refer to the Secure Shell chapter and example in your device’s
software reference for more information.
3. Enter the configuration.
AR450S Configuration
The following commands need to be loaded as a file using zmodem or FTTP; or they can be entered
at the command line and saved using the command:
create conf=vpn.cfg
After you have created the file, set your router configuration to refer to this configuration at boot
time using the command:
set conf=vpn.cfg
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce