elinanetworks.com

Secure VPN Server and Client configuration

Jump to: Client Installation, Client Configuration, Troubleshoot

SecureVPN is Elina's SSL-based VPN technology. SecureVPN supports on-demand, multi-protocol, virtual private networking over public networks such as the Internet. SecureVPN provides confidentiality and encryption. This document goes through configuration of the SecureVPN server and clients, client software installation and configuration on laptops and desktops.

Configuring SecureVPN connections in ENPAQ

The following steps are required to configure the SecureVPN server and create clients for this server.

Configuring the SecureVPN server

This screen is found under Configuration -> VPN -> SecureVPN and the details required are:

After filling in the details, click on Submit button to save the configuration. The screen is shown below.

Creating SecureVPN users

Go to Clients tab under the SecurVPN.

The configuration screen is shown below.

Allowing the SVPN tunnel

Go to Configuration -> Security -> Firewall -> Tunnels

Click on new Tunnel and assign the type as “Secure VPN” and zone as WAN and then click on Submit to save the configuration.

Policy edits for SecureVPN users

Go to Configuration -> Security -> Firewall -> Policy

Click on add a policy where the values to entered are:

• SourceZone - VPN
• Destination Zone - LAN
• Policy -  Accept

The configuration screen is shown below.

SecureVPN client configuration

Download the client certificate (aka key).

Keep the SecureVPN connection password handy.

Secure VPN Client Installation

Download the SecureVPN client software from the ENPAQ. Click on "Book" icon on the top right and choose the tab "Software". Choose "SecureVPN client for Windows" and download the software.

With administrator privileges,double-click on the downloaded software - SecureVPNClientSetup.exe. This step will fail if there are no administrator privileges.

Follow the screen sequence below to install the SecureVPN client software. Keep all the options as default. There is no need to change anything, at this stage.

Secure VPN Client Startup

Once the VPN client software is installed, the Secure VPN keys need to be installed. Follow the process below for this:

Double click on the OpenVPN icon to start the client.

Secure VPN Client Key Configuration

Double click on the “SecureVPN client” shortcut created at the installation time. Follow the screen shots below:

Choose the key file downloaded.

Enter the server details for the client to connect to.

Once the configuration is complete, the Secure VPN is ready to connect to the the server.

Right click on the VPN icon and click "Connect". The following screen shots detail the process:

Enter the password that was provided by the system administrator.

The Secure VPN client will attempt the connection and will report the steps that it is performing. Once connected, the tray icon will report the status.

Basic troubleshooting

From VPN client system

• Check whether TAP-win32 interface is created in “My Network Places”
• Check TAP-win32 interface is enabled
• Check whether Internet connection is working or not
• Check if the the HQ ISP link can be ping-ed
• Check if the HQ VPN Server IP can be ping-ed
• Check the log for status

At HQ ENPAQ VPN Concentrator

• Check VPN server is running
• Check the VPN server port is opened, if ENPAQ is configured as VPN concentrator and behind the firewall
• Check the VPN server log
• Troubleshoot → System Log → From the dropdown select SVPN Server log → Click on “Do”
• Check the VPN server Connect log
• Troubleshoot → System Log → From the dropdown select SVPN Server Connect Log → Click on “Do”
• Check the client connectivity whether the VPN packets are reaching till the VPN server
• Troubleshoot → Network Tools → From the dropdown select tcpdump → Select VPNS1 →
• Select protocol as UDP →
• For specific client debugging type the IP source/destination in the field Src/Destination IP