90 likes | 174 Views
NetSentron: Net to Net VPN. By: Darren Critchley. What is VPN?. A tunnel created between two endpoints where all packets sent and received are encrypted Allows one to access a network securely from anywhere in the world. Who uses VPN …. NetSentron is an Industry Standard IPSec based VPN
E N D
NetSentron: Net to Net VPN By: Darren Critchley
What is VPN? A tunnel created between two endpoints where all packets sent and received are encrypted • Allows one to access a network securely from anywhere in the world
Who uses VPN … • NetSentron is an Industry Standard IPSec based VPN • Used by Cisco, IBM, Symantec, SonicWall, WatchGuard, Linksys, Dlink and many others. • NetSentron only uses the following data encryption algorithms:
3DES (Data Encryption Standard) • Encrypts data three times. Three 64-bit keys are used, instead of one, for an overall key length of 192 bits (the first encryption is encrypted with second key, and the resulting cipher text is again encrypted with a third key).
AES (Advanced Encryption Standard) Created to replace DES • Has a fixed block size of 128-bits and a key size of 128, 192, or 256-bits • June 2003 the U.S. Government (NSA) announced that AES is secure enough to protect classified information up to the TOP SECRET level
DES (Data Encryption Standard) • The algorithm specification was published in January 1977 • NOT Supported by the NetSentron • Easily cracked and considered insecure
How to Configure a Net to Net Pre-Shared Key VPN • Enter VPN Hostname or IP Address (Dynamic DNS Service) • Enable the VPN • If using Dynamic DNS, set delay to 60 • Enabled DPD (Dead Peer Detection) if using Dynamic IP's • VPN Enabled, can now add a connection
How to add a VPN connection – Pre-Shared Key • Enable Remote GUI access on remote NetSentron • Click Add on the VPN Page • Choose “Net-to-Net Virtual Private Network” and click Add • Give the VPN a name • Cannot start with a number • Cannot contain spaces or non-alphanumeric items • Enter Remote Hostname or IP Address (Dynamic DNS Service) • Adjust Local Subnet if necessary • Enter the Remote Subnet • Enter a Remark – describes this VPN Connection
Configuration Continued … • Dead Peer Detection action • Choose Hold if both ends have Static IP's • Choose Restart if Dynamic on either end • Choose Clear if Roadwarrior • Check Enabled • Enter a Pre-Shared key or have the NetSentron generate one for you • Repeat the same procedure on the Remote NetSentron • Connect to GUI remotely • Subnets are reversed • cut and paste Pre-Shared key • Verify VPN is functioning by pinging NetSentron on remote end of VPN