IBM i 7.2 Security Virtual Private Networking IBM Note Before using this information and the product it supports, read the information in “Notices” on page 83. This document may contain references to Licensed Internal Code. Licensed Internal Code is Machine Code and is licensed to you under the terms of the IBM License Agreement for Machine Code. © Copyright International Business Machines Corporation 1998, 2013. US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp. Contents Virtual Private Networking.....................................................................................1 What's new for IBM i 7.2..............................................................................................................................1 PDF file for Virtual private network............................................................................................................. 2 Concepts.......................................................................................................................................................2 IP Security protocols.............................................................................................................................. 2 Authentication Header......................................................................................................................3 Encapsulating Security Payload....................................................................................................... 5 AH and ESP combined...................................................................................................................... 6 Enhanced Cryptographic Algorithms................................................................................................6 Key management....................................................................................................................................8 IKE version 2........................................................................................................................................ 10 IKE_SA rekey...................................................................................................................................11 URL lookup of certificates...............................................................................................................11 Layer 2 Tunnel Protocol........................................................................................................................11 Network address translation for VPN.................................................................................................. 12 NAT compatible IPSec with UDP......................................................................................................... 13 IP Compression.................................................................................................................................... 14 VPN and IP filtering.............................................................................................................................. 15 VPN connections with no policy filters...........................................................................................15 Implicit IKE..................................................................................................................................... 16 Scenarios....................................................................................................................................................16 Scenario: Basic branch office connection............................................................................................16 Completing the planning worksheets.............................................................................................18 Configuring VPN on System A.........................................................................................................19 Configuring VPN on System C.........................................................................................................20 Starting VPN....................................................................................................................................20 Testing a connection.......................................................................................................................20 Scenario: Basic business to business connection...............................................................................21 Completing the planning worksheets.............................................................................................22 Configuring VPN on System A.........................................................................................................23 Configuring VPN on System C.........................................................................................................24 Activating packet rules................................................................................................................... 24 Starting a connection......................................................................................................................24 Testing a connection.......................................................................................................................25 Scenario: Protecting an L2TP voluntary tunnel with IPSec.................................................................25 Configuring VPN on System A.........................................................................................................26 Configuring a PPP connection profile and virtual line on System A.............................................. 28 Applying the l2tptocorp dynamic-key group to the toCorp PPP profile................................. 29 Configuring VPN on System B.........................................................................................................30 Configuring a PPP connection profile and virtual line on System B.............................................. 30 Activating packet rules................................................................................................................... 31 Scenario: Firewall friendly VPN............................................................................................................31 Completing the planning worksheets.............................................................................................33 Configuring VPN on Gateway B.......................................................................................................34 Configuring VPN on System E.........................................................................................................35 Starting Connection........................................................................................................................ 36 Testing the connection....................................................................................................................37 Scenario: VPN connection to remote users.........................................................................................37 Completing planning worksheets for VPN connection from the branch office to remote sales people...............................................................................................................................37 Configuring L2TP terminator profile for System A......................................................................... 38 iii Starting receiver connection profile............................................................................................... 39 Configuring a VPN connection on System A for remote clients.....................................................40 Activating filter rules.......................................................................................................................40 Configuring VPN on Windows client............................................................................................... 41 Testing VPN connection between endpoints................................................................................. 42 Scenario: Using network address translation for VPN........................................................................ 42 Planning for VPN........................................................................................................................................ 44 VPN setup requirements......................................................................................................................44 Determining what type of VPN to create............................................................................................. 44 Completing VPN planning work sheets............................................................................................... 45 Planning work sheet for dynamic connections.............................................................................. 45 Planning work sheet for manual connections................................................................................46 Configuring VPN......................................................................................................................................... 48 Configuring VPN connections with the New Connection wizard.........................................................48 Configuring VPN security policies........................................................................................................ 49 Configuring an Internet Key Exchange policy...............................................................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages94 Page
-
File Size-