ملخص المحتوى في الصفحة رقم 1
SSH IPSec Client
Models RFIPSC-1/5/10/50
Quick Start Guide
ملخص المحتوى في الصفحة رقم 2
ملخص المحتوى في الصفحة رقم 3
Quick Start Guide 82013151 Revision B SSH IPSec Client Model # RFIPSC-1/5/10/50 for RouteFinder Model # RF650VPN This publication may not be reproduced, in whole or in part, without prior expressed written permission from Multi-Tech Systems, Inc. All rights reserved. Copyright © 2001, by Multi-Tech Systems, Inc. Multi-Tech Systems, Inc. makes no representations or warranties with respect to the contents hereof and specifically disclaims any implied warranties of merchantability or fitness for an
ملخص المحتوى في الصفحة رقم 4
iv
ملخص المحتوى في الصفحة رقم 5
Contents Chapter 1 – Introduction and Description Introduction ......................................................................................... 7 Product Description .............................................................................. 7 Internet Protocol (IP)............................................................................ 8 Internet Protocol Security (IPSec)......................................................... 8 About this Manual and Related Manuals ...........
ملخص المحتوى في الصفحة رقم 6
Figures Figure Number Title Page Number Figure 1 The SSH Sentinel installation package icon. 12 Figure 2. SSH Sentinel Welcome screen. 12 Figure 3. Licensing Agreement 13 Figure 4. Choose Destination Path. 14 Figure 5. Generating the Authentication Key. 15 Figure 6. Authentication Key Generation Done. 15 Figure 7. Inquiring Certificate Identity. 16 Figure 8. Choosing the Enrollment Method. 17 Figure 9. Online Enrollment Settings. 18 Figure 10. Off-line Certification Request. 19 Figure
ملخص المحتوى في الصفحة رقم 7
RFIPSC Quick Start Guide Chapter 1 – Introduction and Description Introduction Welcome to Multi-Tech’s new RouteFinder, model RF650VPN. The RF650VPN is an Internet security appliance that lets you use data encryption and the Internet to securely connect to telecommuters, remote offices, customers or suppliers while avoiding the cost of expensive private leased lines. The SSH Sentinel IPSec VPN Client software is available in 1-, 5-, 10- and 50-user packages. The RF650VPN provides SSH Sentinel ve
ملخص المحتوى في الصفحة رقم 8
PN 82013151 Internet Protocol (IP) The open architecture of the Internet Protocol (IP) makes it a highly efficient, cost- effective and flexible communications protocol for local and global communications. IP is widely adopted, not only on the global Internet, but also in the internal networks of large corporations. The Internet Protocol was designed to be highly reliable against random network errors. However, it was not designed to be secure against a malicious attacker. In fact, it is vulnera
ملخص المحتوى في الصفحة رقم 9
RFIPSC Quick Start Guide About this Manual and Related Manuals This Quick Start Guide manual contains four chapters and one appendix, and is intended to provide the experienced client user or system administrator with the information needed to quickly get the SSH IPSec Client software up and running. The full Sentinel SSH IPSec Client User Guide manual is provided on the SSH IPSec Client CD-ROM included in the license pak. Please address comments about this manual to the Multi-Tech Publications
ملخص المحتوى في الصفحة رقم 10
PN 82013151 10
ملخص المحتوى في الصفحة رقم 11
RFIPSC Quick Start Guide Chapter 2 - SSH IPSec Client Installation and Setup Introduction This section describes the SSH Sentinel software, an IPSsec client product by SSH Communications Security Corp, providing secure communications over a TCP/IP connection. The Sentinel SSH software is used by client devices for secure connection to the Multi-Tech RouteFinder model RF650VPN. The SSH Sentinel client installation and setup procedures are described in the following sections. The installation of
ملخص المحتوى في الصفحة رقم 12
PN 82013151 To run the SSH Sentinel client software, you need a personal computer with at least the following configuration: • Processor Pentium 100 MHz • Memory (RAM) 32 MB for Windows 9x, or 64 MB for Windows NT4/2000 • Hard disk space 10 megabytes of free disk space • Network connection TCP/IP network protocol Starting the SSH Sentinel Installation The SSH Sentinel installation requires that you have full access rights for the system files on your computer. On a Windows NT system, you must l
ملخص المحتوى في الصفحة رقم 13
RFIPSC Quick Start Guide The installer will run Installation Wizard, which creates the initial configuration and sets up the SSH Sentinel client software. Note: If a previous version of the SSH Sentinel software is installed on your computer and you try to install a new version, the wizard updates the software and the steps described here are skipped. 3. When started, the Installation Wizard goes through a sequence of basic installation dialogs, displaying the licensing agreement and allowing
ملخص المحتوى في الصفحة رقم 14
PN 82013151 Figure 4. Choose Destination Path. Authentication Key Generation The SSH Sentinel Installation Wizard generates a primary authentication key for IPSec peer (host) authentication purposes. The primary authentication key is a 1024-bit RSA key pair that is used for digital signatures and strong authentication. Authentication key generation begins with random seed generation. A random pool of data is collected from the user moving the mouse or typing in random text. The data is then use
ملخص المحتوى في الصفحة رقم 15
RFIPSC Quick Start Guide Figure 5. Generating the Authentication Key. Figure 6. Authentication Key Generation Done. 15
ملخص المحتوى في الصفحة رقم 16
PN 82013151 Identity Information 5. SSH Sentinel uses certificates and digital signatures as its primary authentication method. SSH Sentinel processes certificates according to the IETF Public-Key Infrastructure X.509v3 standards, allowing you to take advantage of the public-key infrastructure (PKI). SSH Sentinel supports certificate revocation lists (CRLs) and authority revocation lists (ARLs, that is, CRLs for CAs) and is very configurable. However, you can run the software as stand-alone, se
ملخص المحتوى في الصفحة رقم 17
RFIPSC Quick Start Guide Choose the Enrollment Method 6. A certification request can be created as part of the installation process. You can either enroll online, in other words create and send the request immediately, or save the request in a file and deliver it later to the certification authority (CA). If there is no certification authority available or you for some reason want to postpone the creation of the request, create a self-signed certificate. It should be noted that once you’ve inst
ملخص المحتوى في الصفحة رقم 18
PN 82013151 Online Enrollment Information To enroll online, you must locate the certification authority server and you must possess the certification authority certificate. Most often, you can download the certificate of the certification authority from its web site. Figure 9. Online Enrollment Settings You must also specify the enrollment protocol. In addition, you may configure the Socks and proxy settings to get through the firewall if the local server is protected by one. Enrollment Protoco
ملخص المحتوى في الصفحة رقم 19
RFIPSC Quick Start Guide either saved it in a file or copied the contents of it to the Windows clipboard. In a file, the certificate may be in binary (X.509), PEM (Privacy Enhanced Mail) or HEX format. Pasted from the clipboard, the certificate must be in PEM encoded format. Advanced button (D) Opens a dialog box for configuring the socks and proxy settings. Reference Number (E) (Key Identifier) The key identifier is used only in connection with the Certificate Management Protocol (CMP). The key
ملخص المحتوى في الصفحة رقم 20
PN 82013151 you may prefer sending the request via email or using an enrollment service on the Web. Select PKCS#10 request file location In the text field (callout A in Figure 10 above), enter the path and the name of the file where the certification request will be stored. You can also click the Browse button to select. Click Next and continue installation. Encryption Speed Diagnostics 8. SSH Sentinel runs diagnostics on the encryption algorithms as the last step of the installation. You can