PreviousNext

Nortel


Creating an IPSec profile using the set up wizard

Whenever you need a standard VPN tunnel, use the IPSec tunnel type. Use the Set Up Wizard to quickly create a standard profile on the Client.

Create a profile using the Set Up Wizard, by performing the following procedure:

  1. Type in a profile name into the Profile Name box. You can also enter a description of the profile.
  2. Click Global Profile if you want this profile to be applied across the VPN. You must select Global Profile to configure PLAP. Click Next.
  3. Click IPSec Tunnel as a connection type for this profile. Click Next.
  4. Type in an IP address or DNS for the VPN into the Destination box. Click Next.
  5. Select one of the following Authentication types, and then click Next:
    1. Username and Password. Go to step 6.
    2. Hardware or Software Token Card. Go to step 7.
    3. Digital Certificate and Smartcard. Before using this option, you must import a certificate into the Microsoft Certificate Store. Go to step 8.
  6. If you have selected Username and Password, perform the following:
    1. Type the username and password as assigned to you by the network administrator into the Username and Password boxes. Click Next.
    2. Click No if you do not have a group ID and group password. Click Yes if you do, and then type the group ID and group password as assigned to you by the network administrator into the Group ID and Group Password boxes. Click Next. Go to step 9.
    3. The NVC does not share the group password between local computer accounts. If you log on to the local computer by using a different user account than the one you use to create the NVC profile, you must reenter the group password. For example, you log on to the local computer as the administrator, create the client profile, and log off. If you then log on to the local computer with a different user account, you must reenter the group password in the client profile. You must reenter the password regardless of how you install the Nortel VPN. Reenter the password by clicking the Edit the Profile, Manage Profiles, <profile name>IPSec, General tab.

  7. If you have selected Hardware or Software Token Card, perform the following:
    1. Select one of the following tokens, and then click Next:
      • Challenge Response Token Card
      • Response Only Token Card. Click Use Passcode if you are using a passcode.
      • Response Only Software Token
    2. Type the user and token group ID, and token group password as assigned to you by the network administrator into the User ID, Token Group ID and Token Group Password boxes. Click Next. Go to step 9.
  8. If you have selected Digital Certificate and Smartcard, perform the following:
    1. If you want to allow the NVC to select a certificate, click Automatically select a valid certificate. Click Next.
    2. If you want to manually select a certificate, select Please select a certificate from the Microsoft Certificate Store below to enable the Microsoft Certificate Store list. Highlight a certificate from the list. Click Next.
  9. Click No if you do not want to dial first, and then click Next. Click Yes if you want to make a dial-up connection first. Selecting Yes opens the following section.
    1. Select a dial-up from an existing connection from the list or click Create a new Dial-up entry. The Set up a new dial-up connection dialog box appears.
    2. Click the Dialing Rules link. The Location Information dialog box appears. Enter the telephone information pertaining to your geographic area. Click OK to close.
    3. Type the telephone number that the NVC uses to dial up the server into the Telephone number box.
    4. Type a name that identifies the connection into the Destination box.
    5. If you are using a smart card, click Use a Smart Card. Click Create if you do not want others to use this connection.
    6. If you want all users who are using this PC to use this connection, click Allow other people to use this connection.
    7. Click Next. The Type your user name and password section appears.
    8. Type your user name into the User name box.
    9. Type a password into the Password box. You can also select Show characters to show the password in the box and Remember this password to save the password without having to reenter it again.
    10. You can optionally type a domain name into the Domain box.
    11. Click Create to configure the new dial-up settings. Click Next.
  10. Click No if you do not want to launch an application or Yes if you want to launch an application before or after your VPN connection is established. Selecting Yes opens Before and After connection sections.
    1. In either the Before connection or After connection section, select the application you want to launch by clicking the search button beside the Application box. A Windows box opens from your PC. Search for and click the application executive file to enter it into the Application box.
    2. Type the command line of the application into the Command line box.
    3. For an application that you are starting before a connection, set a tunnel delay start up time by typing between 10 and 120 (seconds) into the Tunnel Startup Delay box. Click Next.
  11. Select whether you will define or not define a failover profile. If you click I will define a failover profile, a list of previously configured profiles appears. Select a profile from this list, and then click Next.
  12. Select one of the following Keepalive types then click Next:
      • No Keepalives - disables the Keepalives.
      • Active Keepalives (Dead peer detection) - determines if a tunnel connection is available.
      • Passive Keepalives (No Dead peer detection) - maintains state information in the local internet access device.
  13. Click Finish to complete the creation of the profile.

Nortel
http://www.nortel.com
PreviousNext