Usi ng the Linux and Solaris VPN 5000 Clients

The chapter describes how to use the Linux and Solaris VPN 5000 Clients.

Conn ecting to the VPN Server

You launch the Linux and Solaris VPN 5000 Clients from a shell.

To connect to the VPN server, use the open_tunnel command with the following syntax:

For Linux:

open_tunnel [-e] [-n] [-r] [-d eth0] [-h] vpn_server user_name

For Solaris:

open_tunnel [-e] [-n] [-r] [-d hme | le] [-h] vpn_server user_name

Options to the open_tunnel command are listed in Table 3-1.

This section of the manual documents the commands and command options of the Linux and Solaris VPN Client software.

The open_tunnel command establishes an active tunnel between the specified VPN 5000 concentrator IP address and the specified user.

 

Table 3-1: Open_Tunnel Command Options


Option
Description

 vpn_server

 IP address, DNS address, or alias name of the VPN 5000 Concentrator you are connecting to.

 user_name

 Client User ID name.

 -e
 Exclude local LAN. This keyword specifies whether to tunnel local LAN traffic. The server must have the ExcludeLocalLAN keyword enabled.


 -n
 Enable NAT transparency. The server's VPN Group Configuration for this user must have an ESP transform string. A transform string sets the authentication and encryption algorithms to be use.


 -r
 Use a RADIUS server.


Linux:

-d <interface>


Solaris:

-d <device>


 For Linux, the network interface can be the default of eth0, or an interface of your choice. For Solaris, the network device can be the default of hme, or the device of your choice.




Note You must specify -d if you are using a network interface or device that is different from the default.


 -x
 Increase debug level. This option can be listed more than once.

 -h
 Shows the command options.

Dis connecting from the VPN Server

To disconnect from the vpn server, use Ctrl-C to close terminate the open_tunnel command, or use the close_tunnel command. For example:

close_tunnel [-d hme] [-h]
 
Options to the close_tunnel command are listed in the following table.
 

Table 3-2: Close_Tunnel Command Options


Option
Description

 vpn_server

 IP address of the VPN 5000 Concentrator you are connecting to.

 user_name

 Client User ID name.

Linux:

-d <interface>


Solaris:

-d <device>


 For Linux, the network interface can be the default of eth0, or an interface of your choice. For Solaris, the network device can be the default of hme, or the device of your choice.



Note You must specify -d if you are using a network interface or device that is different from the default.


 -h
 Shows the command options.

Secu rity prompts

You are not prompted for RADIUS or shared secret passwords with the Linux and Solaris VPN 5000 Clients. This particular security information is contained in the configuration file.

If your configuration is set up to use SecurID, you are prompted for your passcode and your PIN. After attempting to connect, the server responds either with a connection message or an `access denied' message.

If you receive an `access denied' message, you can try again or contact the network administrator.

Table of Contents