 VPN
Router Tutorial - Getting it to work with an IPSec Client Part 3a: IPSec Client Config:
SSH Sentinel v1.2
IPSec Client Software
SSH Sentinel is my IPSec client of choice -
primarily because it is free for non-commercial use. This beats the
heck out of paying $150 per license for some of the other clients
out there. SSH Sentinel however is not the most intuitive client on
the market. Come to think of it, all IPSec client software programs
are a little hard to set up for beginners.
Version 1.2 or 1.3?  When this tutorial was
written, SSH Sentinel 1.3 was in BETA. I had a few problems with it
retaining its settings so this tutorial was written with version
1.2. If you have version 1.3, click
here for v1.3 instructions
. Where does it go?
SSH Sentinel should be loaded on the REMOTE
computers - the computers on the Internet that you want to have
access to your LAN. SSH Sentinel is a free download for
non-commercial use and can be found here.
The Install
When you see the following screen, select
'administrator email' and type in your email address
Next, select 'self-signed certificate'
Key Configuration
Once installed, you will need to enter the
'POLICY EDITOR'. It can be reached from the start menu or by
right clicking the blue SSH Sentinel icon in your task bar.
From the SSH Sentinel Policy Editor, Select
the Key Management tab and add a new key.
Select create a preshared key when you see
'Mr. Buff'
Create a name for the key and type in the
exact key you typed into your router. Again, this key should
be at least 8 characters long and should not be a single word
from a dictionary
You have now created a shared
key. Now to create the VPN Connection.
VPN Tunnel Config
Now, from the Security Policy screen, add a
new VPN Connection. Note: The picture below shows one
that was already added. You should only have the add
button. The folder layout will look a little different in v
1.2 but that's ok.
Type in the VPN Routers WAN address. You
will need to click the 'IP' button to the right if you are typing a
static IP address. Next, select the shared authentication key
you just created and check the 'use legacy proposal' button.
Last, type in the IP schema of the LAN network that is BEHIND
the VPN router. and click OK.
These are the PROPERTIES of the new VPN
connection we created. Be sure yours looks like this.
Select the ADVANCED tab
and make it look like this. BE SURE TO SELECT THE
'Use Perfect Forward Security' checkbox or it will not work! If the remote client computer
is behind some kind of NAT based router or firewall,
check the 'Enable NAT Traversal' checkbox too.
Congrats! You have
confiigured the SSH Sentinel software. Now we must do a little
ROUTING to get everything working.
Article TOC |
|
|
If you enjoyed this tutorial, please LINK to it! |
| 
SSH Sentinel v1.2
Menu:
