74.1. TheGreenbow IPSEC VPN client

74.1.1. Installing TheGreenbow IPSEC VPN client

Go to http://www.thegreenbow.com/ and download TheGreenbow IPSEC VPN client from Products > VPN Client > Download section.

Double-click the downloaded file and install the program following the instructions.

74.1.2. Checklist of parameters

These tables show the parameters of TheGreenbow and their corresponding parameters in Abilis configuration. The information must be inserted in a “mirror” way: i.e. “LOCAL” information for Abilis are “REMOTE” for IPSEC client and vice versa.

Table 74.1. Phase 1 parameters

The Greenbow parameterAbilis IKE TableAbilis IKE Table parameter
NameHOSTNAME
InterfaceHOSTREM-IP
Remote GatewayHOSTLOC-IP
Preshared KeyPSKKEY
EncryptionHOSTCIPHER
AuthenticationHOSTHASH
Key GroupHOSTDH
Local ID (Advanced parameter)HOSTID-TYPE
Local ID Value (Advanced parameter)HOSTIP or FQDN
Remote ID (Advanced parameter)HOSTPEER-ID-TYPE
Remote ID Value (Advanced parameter)HOSTPEER-IP or PEER-FQDN

Table 74.2. Phase 2 parameters

The Greenbow parameterAbilis IKE TableAbilis IKE Table parameter
NameCLINAME
VPN Client addressCLINET-REM
Address typeCLI
Remote host addressCLINET-LOC
Subnet MaskCLINET-LOC
EncryptionCLIESP-CIPHER
AuthenticationCLIESP-AUTH
ModeCLITUNNEL

74.1.3. Configuring The Greenbow IPSEC VPN client

Suppose that Abilis is configured in the following way. Refer to Section 68.13.1, “How to configure a RAS using IPSEC VPN server” for the configuration of IPSEC and IKE resources.

[22:54:53] ABILIS_CPX:d ike host:0

Parameter:  | Value:
------------+------------------------------------------------------------------
HOST:         0
NAME:         user_1
LOC-IP:       080.080.080.080
REM-IP:       *
IPRES:        4
AUTH:         PSK
HASH:         MD5
DH:           MODP1024
CIPHER:       3DES
SIDE:         INSIDE
KEYING-TRIES: 3
LIFE-TIME:    3600
DPD-ENABLE:   NO
DPD-DELAY:    30
DPD-TIMEOUT:  120
DPD-ACTION:   STOP
ID-TYPE:      IP
IP:           080.080.080.080
PEER-ID-TYPE: IP
PEER-IP:      192.168.200.001
-------------------------------------------------------------------------------

[22:54:53] ABILIS_CPX:d ike psk:0

Parameter:  | Value:
------------+------------------------------------------------------------------
PSK:          0
KEY:          ********
ID-TYPE:      ANONYMOUS
-------------------------------------------------------------------------------

[22:54:53] ABILIS_CPX:d ike cli:0

Parameter:  | Value:
------------+------------------------------------------------------------------
CLI:          0
NAME:         user_1
HOST-ID:      0
RULE:         IPSEC
PASSIVE:      YES
PERMANENT:    YES
TUNNEL:       YES
ESP:          YES
ESP-CIPHER:   3DES
ESP-AUTH:     MD5
AH:           NO
AH-AUTH:      MD5
LIFE-TIME:    28800
PFS:          YES
NET-LOC:      192.168.001.000/24
NET-REM:      192.168.200.001/32
-------------------------------------------------------------------------------

Execute TheGreenbow program: the following window will appear.

Configuration of Phase 1.

  • Right click on Configuration, and select New phase 1.

  • Configure Phase 1 as shown here below.

  • Click the Advanced… button and configure the following window as explained.

  • Click the OK button to close the window.

  • Click the Save & Apply button to save and initialize the changes made.

Configuration of Phase 2.

  • In the main window right click on the selected Phase 1 and and select Add Phase 2.

  • Configure Phase 1 as shown here below and click the Save & Apply button to save and initialize the changes made.

  • Then click the Open Tunnel button to open the VPN.

  • When the VPN is active the “Tunnel” light at the bottom becomes green. It is possible to display the status of the connection by clicking on Connections: this window will be shown.

  • To close the Tunnel, click the Close Tunnel button.