Setting Up an IPSec VPN Client: Example Given Using Shrewsoft VPN Client

Email to friend

Add comment

Votes: 0

Comments: 0

Posted: 17 Sep, 2008
by: Knowledge M.

Updated: 31 May, 2010
by: Knowledge M.

After "Shrew Soft" IPsec VPN client has been downloaded and installed in your Windows machine follow the steps below to configure the client. Steps here are given to match IPsec mobile client configuration described elsewhere in this knowledgebase.

Tab1: General
Remote Host - Enter the IP address of Mettle SE's WAN port
Port: 500
Address Method: Use an existing adaptor
MTU: 1500
Address & Netmask: Obtain automatically

Tab2: Client
NAT Traversal: Enable
NAT Traversal Port: 4500
Keep Alive: 15secs
IKE Fragmentation: Enable
Max packet size: 540 bytes
Enable all "Other Options"

Tab3: Name Resolution
Enable all the options

Tab4: Authentication
Authentication Method: Mutual PSK
Local Identity: UFQDN & enter the string below
Remote Identity: IP address
Credentials: Enter the pre shared key configured in Mettle SE

Tab5: Phase1
Exchange type: Aggressive
DH Exchange: Group2
Cipher Algorithm: 3des
Hash algorithm: SHA1
Key life time limit: 3600

Tab6: Phase2
Transform algorithm: esp 3des
HMAC algorithm: sha1
PFS exchange: group2
Compress algorithm: Disabled
Key life time limit: 3600

Tab7: Policy
Leave everything at default settings.

PS: Linuxense Information Systems does not endorse or support ShrewSoft IPsec VPN client. ShrewSoft VPN client is used only as an example.

Also read

	Setting Up IPsec VPN Accounts
	IPsec VPN Troubleshooting

Others in this Category

	Initial Configuration: Setting up Mettle SE in a Local Area Network with Internet Connection.
	Default IP Address & Admin Password (And How To Change It?)
	Configuring DHCP Server
	Enabling The LAN Hosts To Use The Internet Connection (NATing)
	Adding A Second (Or More) Internet Connection To Mettle SE & Setting Up Failover/Load Balancing
	Monitoring The Internet Usage
	How To Turn On/Off The Content Filter & Gateway Antivirus Service
	Fine Tuning The Content Scanner
	Setting Up PPTP VPN accounts
	OpenVPN: Setting Up SSL-VPN accounts
	Setting Up IPsec VPN Accounts
	Deploying A Second LAN With Mettle SE.
	Choosing a VPN Technology
	Adding Firewall Rules
	Setting Up Mettle SE Stack for Active/Passive Fail-Over (CARP)
	Connecting & Securing a Leased Line Connection to Mettle SE
	Port Forwarding (PAT)
	Creating a DNS Entry/Record for the LAN
	Blocking GTalk in the LAN
	Blocking Yahoo! IM from the LAN
	OpenVPN: If VPN Clients Want to Access a Subnet other than "Local network"
	Setting up IPSec Tunnel
	Open VPN Troubleshooting
	PPTP VPN Troubleshooting
	NTP Client/Server
	Firewall: Alias
	Captive Portal
	Virtual IP Address
	OpenVPN: Setting Up a SSL-VPN Client in Windows
	Creating Tagged VLANs
	Cloning Firewall Rules
	IPsec VPN Troubleshooting
	Wake On LAN
	Inbound Loadbalancing
	OpenVPN: Setting up Certification Authority & Generating Certificates
	Changing default webGUI Port and Protocol
	Using Packet Capture
	Using Traceroute
	Package Updates
	OpenVPN: To make OpenVPN client use VPN as the Default Gateway
	OpenVPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
	Adding a Static DHCP Lease
	Schedule Based Firewall Rules
	RRD Graphs
	Server Load Balancing
	Firewall Logs
	Backup and Restore Mettle SE Running Configuration
	Event Logging To Remote Syslog Server
	Split DNS
	NAT Reflection/NAT Loopback
	Dynamic DNS