Cisco OL-5490-01 - Manuals

Contents vi VPN Client User Guide for Mac OS X OL-5490-01 C H A P T E R 7 Managing the VPN Client 7-1 Managing Connection Entries 7-1 Importing a Connection Entry 7-1 Modifying a Connection Entry 7-2 Deleting a Connection Entry 7-3 Event Logging 7-4 Enable Logging 7-4 Clear Logging 7-5 Set Logging O...

vii VPN Client User Guide for Mac OS X OL-5490-01 About This Guide This VPN Client User Guide describes how to install, use, and manage the Cisco VPN Client for the Macintosh operating system, Version 10.2 or later. You can manage the VPN Client for Mac OS X from the graphical user interface or from...

viii VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Related Documentation • Chapter 7, “Managing the VPN Client.” This chapter describes how to manage VPN Client connections, use the event log, and view tunnel details, including packet and routing data. Related Documentation The foll...

ix VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Documentation Caution Means reader be careful. Cautions alert you to actions or conditions that could result in equipment damage or loss of data. Data Formats When you configure the VPN Client, enter data in these formats un...

x VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Technical Assistance Ordering Documentation You can find instructions for ordering documentation at this URL: http://www.cisco.com/univercd/cc/td/doc/es_inpck/pdi.htm You can order Cisco documentation in these ways: • Registe...

xi VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Technical Assistance • Download and test software packages • Order Cisco learning materials and merchandise • Register for online skill assessment, training, and certification programs To obtain customized information and se...

xii VPN Client User Guide for Mac OS X OL-5490-01 About This Guide Obtaining Additional Publications and Information Cisco TAC Escalation Center The Cisco TAC Escalation Center addresses priority level 1 or priority level 2 issues. These classifications are assigned when severe network degradation s...

C H A P T E R 1-1 VPN Client User Guide for Mac OS X OL-5490-01 1 Understanding the VPN Client The Cisco VPN Client for Mac OS X is a software application that runs on any Macintosh computer using operating system Version 10.2 or later. The VPN Client on a remote PC, communicating with a Cisco VPN d...

1-2 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Understanding the VPN Client VPN Client Overview VPN Client Overview The VPN Client works with a Cisco VPN device to create a secure connection, called a tunnel, between your computer and a private network. It uses Internet Key Exchange (IK...

1-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Understanding the VPN Client VPN Client Features VPN Client Features The tables in the following sections describe the VPN Client features. Table 1-1 lists the VPN Client main features. Program Features The VPN Client supports the Program f...

1-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 1 Understanding the VPN Client VPN Client Features VPN Client IPSec Attributes The VPN Client supports the IPSec attributes listed in Table 1-5 . Split tunneling The ability to simultaneously direct packets over the Internet in clear text and...

C H A P T E R 2-1 VPN Client User Guide for Mac OS X OL-5490-01 2 Installing the VPN Client This chapter describes how to install the VPN Client for Mac OS X. Verifying System Requirements The VPN Client for Mac OS X runs on any Power Macintosh or compatible computer with the Macintosh operating sys...

2-2 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Obtaining the VPN Client Software Obtaining the VPN Client Software The VPN Client software is available from the Cisco website and comes as a disk image file (vpnclient-<version>-GUI.k9.dmg). Only system adm...

2-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Preconfiguring the VPN Client Figure 2-2 VPN Client Installer Directory Preconfiguring the User Profile The VPN Client uses parameters that must be uniquely configured for each remote user of the private network. T...

2-4 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Bundling a Root Certificate with the Installation Package for Darwin Bundling a Root Certificate with the Installation Package for Darwin To use mutual authentication, the VPN Client computer must have a root certi...

2-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client VPN Client Installation Process You must complete all steps in the VPN Client installation process before you can use the VPN Client software. At any time during the installation process, ...

2-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Accepting the License Agreement You are required to read and accept the Cisco software license agreement before you can continue with the installation process (See Figure 2-6 ). Figure 2-6...

2-8 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Installing the VPN Client Figure 2-7 Select Destination Window Click Continue . The VPN Client is installed in the Applications directory. Choosing the Installation Type The default installation process installs th...

2-12 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 2 Installing the VPN Client Uninstalling the VPN Client Figure 2-12 Location of VPN Client Application CLI Version Install Script Notes The VPN Client installer includes both the graphical user interface and the command-line version of the V...

3-2 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Choosing a Run Mode – Save window settings—Saves changes to the VPN Client window. For example, you can save the window size; the window position; the selected tab; and the view (simple or advanced mode). – Min...

3-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Simple Mode Figure 3-3 VPN Client Window—Simple Mode The main VPN Client window shows only the version information, the default connection entry, the connect button, and the status bar. Main Menus—...

3-4 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Operating in Advanced Mode Use Advanced mode to manage the VPN Client; configure connection entries; manage certificates; view and manage event logging; and view tunnel statistics and...

3-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Toolbar Action Buttons—Advanced Mode The action buttons at the top of the VPN Client window vary depending on which tab is forward. For example, if the Connections tab is forward, the...

3-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Main Menus—Advanced Mode The following sections describe the main VPN Client menus, located at the top of your screen, when the VPN Client application is running in advanced mode and ...

3-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Status Menu Use the Status menu ( Figure 3-10 ) to display the tunnel and route statistics or to view notifications from the VPN device. Figure 3-10 Status Menu • Statistics—Open the ...

3-8 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode • Retry Certificate Enrollment—Retry a previously started certificate enrollment. • Show or Hide CA/RA Certificates—This menu option toggles to Show or Hide root certificates issued b...

3-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Connection Entries Tab Right-Click Menu Figure 3-14 shows the right-click menu options available when the Connection Entries tab is selected. Figure 3-14 Connection Entries Right-Clic...

3-10 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 3 Navigating the User Interface Operating in Advanced Mode Certificates Tab Right-Click Menu Figure 3-15 shows the right-click menu options available when the Certificates tab is forward. Figure 3-15 Certificates Tab Right-Click Menu • View—...

C H A P T E R 4-1 VPN Client User Guide for Mac OS X OL-5490-01 4 Configuring Connection Entries A connection entry is a set of parameters that the VPN Client uses to identify and connect to a specific private network. Connection entry parameters include a name and description for the connection, th...

4-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Authentication Methods Step 4 Enter a unique connection entry name. You can use any name to identify this connection. This name can contain spaces, and it is not case-sensitive. Step 5 Enter a description of t...

4-4 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Authentication Methods Figure 4-3 Group Authentication Step 2 Enter the name of the IPSec group you belong to. Step 3 Enter the password for your IPSec group. The field displays only asterisks. Step 4 Confirm ...

4-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Transport Parameters Transport Parameters This section describes transport parameters you can configure for a connection entry. The transport parameters include: • Enable Transport Tunneling, page 4-7 • Transp...

4-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Transport Parameters Enable Transport Tunneling Transparent tunneling allows secure transmission between the VPN Client and a secure gateway through a router serving as a firewall. The router might also be con...

4-8 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 4 Configuring Connection Entries Backup Servers • When this parameter is disabled, all traffic from your client system goes through the IPSec connection to the secure gateway. If the local LAN you are using is not secure, you should not enabl...

C H A P T E R 5-1 VPN Client User Guide for Mac OS X OL-5490-01 5 Establishing a VPN Connection This chapter describes how to establish a VPN connection with a private network using the VPN Client and the user authentication methods supported by the VPN device that is providing your connection. Chec...

5-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Establishing a VPN Connection Choosing Authentication Methods The status bar at the bottom of the main VPN Client window displays your connection status. When connected, the left side of the status bar indicates the connection entry name an...

5-4 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Establishing a VPN Connection Choosing Authentication Methods Figure 5-4 Shared Key Authentication Enter your Username and Password and click OK . VPN Group Name and Password Authentication The VPN group login method uses your VPN group nam...

5-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Establishing a VPN Connection Choosing Authentication Methods Figure 5-6 User Authentication for RADIUS Enter your username and password and click OK . Check the Save Password check box if you do not want to be prompted for your RADIUS pass...

5-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 5 Establishing a VPN Connection Using Digital Certificates Figure 5-7 User Authentication for RSA SecurID Enter your username and RSA SecurID passcode and click OK . Using Digital Certificates The VPN Client works with Certificate Authorities...

C H A P T E R 6-1 VPN Client User Guide for Mac OS X OL-5490-01 6 Enrolling and Managing Certificates This chapter describes how to enroll and manage digital certificates for the VPN Client for Mac OS X, specifically how to perform the following tasks: • Obtain personal certificates through enrollme...

6-2 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Enrolling Certificates Figure 6-1 Certificate Store For each certificate, the following information is listed: • Certificate—The name of the certificate. • Store—The certificate store where this certifica...

6-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Enrolling Certificates The certificate enrollment is listed in the certificate store as a request . To resume a certificate enrollment request, right-click and choose Resume Certificate Enrollment . Alter...

6-6 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Enrolling Certificates Step 3 Enter the password in the Password field (if there is one) and click OK . The VPN Client verifies the password. If the password is correct, the VPN Client deletes the request...

6-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Importing a Certificate Importing a Certificate A network administrator might place a certificate in a file. This certificate must be imported in to the certificate store before you can use it for authent...

6-9 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Exporting a Certificate – state or province ( st) – country ( c) – e-mail address ( e) Other items might be included in the Subject, depending on the certificate. • Issuer—The fully qualified distinguishe...

6-10 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Deleting a Certificate Figure 6-9 Successful Export Prompt Step 9 Click OK to return to the VPN Client window. Deleting a Certificate You can delete any certificate from your certificate store. You must ...

6-11 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Verifying a Certificate Step 3 Click Delete at the top of the VPN Client window. The Certificate Password dialog box appears ( Figure 6-11 ). Figure 6-11 Password Prompt for Deleting Enrollment Certifica...

6-12 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 6 Enrolling and Managing Certificates Changing the Password on a Personal Certificate Changing the Password on a Personal Certificate To view personal (root) certificates issued by either a Certificate Authority (CA) or a Registration Author...

C H A P T E R 7-1 VPN Client User Guide for Mac OS X OL-5490-01 7 Managing the VPN Client This chapter describes how to manage connection entries, and view and manage the event logging. Managing Connection Entries The following sections describe the operations used to manage connection entries. This...

7-2 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Managing Connection Entries Figure 7-1 Import VPN Connection Step 3 Locate the connection entry to import. A valid connection entry configuration file must have a .pcf extension. Step 4 Click Open . The connection en...

7-3 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Managing Connection Entries Figure 7-2 Connection Entry Settings The existing configuration for this connection entry is displayed. Step 4 Make adjustments to this connection entry configuration. Step 5 Click Save . ...

7-4 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Event Logging Figure 7-3 Confirm Delete Caution You cannot retrieve a connection entry that has been deleted. Step 4 Click Delete to delete this connection entry. The connection entry is removed from the profiles dir...

7-5 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Event Logging Figure 7-4 Event Log Every VPN session contains at least one log entry, the connection history. To disable logging, click the Disable button at the top of the VPN Client window. Clear Logging To clear t...

7-7 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Event Logging Step 3 Select the logging level for each module that uses logging services. The logging levels allow you to choose the amount of information you want to capture. Figure 7-6 shows the logging levels. Fig...

7-8 VPN Client User Guide for Mac OS X OL-5490-01 Chapter 7 Managing the VPN Client Viewing Statistics Figure 7-7 Log Window The following buttons allow you to manage the information in the Log Window: • Save the data in the event log to a file. Note The VPN Client saves the information to the Clien...

IN-1 VPN Client User Guide for Mac OS X OL-5490-01 I N D E X A administrator password 2-4 advanced mode buttons 3-5 menus 3-6 tabs 3-5 window 3-4 AES (Advanced Encryption Standard) 1-6 aggressive mode 1-6 algorithms data compression 1-7 encryption 1-6 in VPN client 1-2 application binaries 2-8 appli...