Table of Contents

Setting Up a Login
Digital Certificates
Connecting to the VPN 5000 Concentrator

Connecting After Startup and Login
Connecting Before Login (Windows only)

The Configuration File
Exiting the VPN 5000 Client

Running the VPN 5000 Client

This chapter describes how to use the VPN 5000 Client. For an overview of the software user interface, see "VPN 5000 Client User Interface."

This section describes the operation procedures for the Windows and Mac OS VPN 5000 Clients. The operation under these platforms is virtually identical, except where indicated in the text.

Setting Up a Login

This section describes how to set up a login if your administrator has not already done so.

For an administrator to pre-configure a login, see "Network Administrator's Guide."

To set up your own login configuration:

Step 4 Enter the login name assigned by your network administrator.

Step 5 Enter the IP address or domain name of the VPN 5000 Concentrator that you will be logging into.

For information regarding other entry fields in the Login Properties window, see the "Login Properties Window" section.

Step 6 Click OK.

Digital Certificates

This section describes how to set up a digital certificate during the login.

The VPN Client window opens with the Configuration tab forward.

Step 2 Click on the Add button

The Login Properties opens.

Step 3 Select the Login Method.

• If you select Shared Key, your login method uses only the shared key password for authentication.

• If you select Manual Certificate, a root certificate will be used to validate the VPN 5000 concentrator to the client.

  • If there is already one or more root certificate files in the configuration file, you will not be prompted to select one. Each root certificate in the configuration file is validated during the login.

  • If there is no root certificate in the configuration file, you must import the certificate to be used during login with the file browser window that appears. The certificate file that you select is copied into the configuration file when the Login Properties box is exited.

For information on the Advanced button or using NAT, see the "Login Properties Window" section.

Step 6 Connect to the server as described in the following section.

Use the Certificates tab on the VPN Client window to manage certificates used in the Manual logon method. For more information on managing your certificates, see the "Certificates Tab" section.

Connecting to the VPN 5000 Concentrator

You can connect to the VPN 5000 Concentrator after startup and login, or you can connect to the concentrator before logging into your domain (Windows only), which is available only after you connect to the corporate network.

Connecting After Startup and Login

To establish tunnel sessions after startup:

For more information on security prompts, see "VPN 5000 Client User Interface."

Step 5 Click OK.

If the connection is successful, a person icon appears next to the login name for Windows, and a black dot appears next to the selected login name for Mac OS, and a connection message appears at the bottom of the window.

Note When the VPN 5000 Client is connected, only traffic destined for authorized remote networks are tunneled as designated by the configuration in the VPN 5000 concentrator. All other Internet traffic follows normal routing.

Connecting Before Login (Windows only)

To connect before logging into your domain:

---

Step 1 Open the Client Connect Window using one of the following methods:

• Open the VPN Client and check the Auto Connect to Default Before Logon box on the Configuration tab on the VPN Client window.

The VPN Client Connect window appears in the upper left corner of your screen each time you start up your computer.

---

Caution For Windows NT, do not type Ctrl-Alt-Del to log on to your computer until the VPN Client Connect window appears or you may lose your connection. The VPN Client is the last service on the Windows NT bootup.

---

• Double-click the VPNAutoStart file, located in the folder located in the VPN Client folder.

Step 2 Click one of the following buttons to connect to the VPN server:

• Phonebook---This button brings up the system phone book, which contains dial-up options.

If the phonebook button is grayed out, you do not have Remote Access Service (RAS) installed. Contact your administrator if you want to have this option available.

• LAN---This button connects the user through the local LAN.

When the Client connection is established, log on to the network as usual.

---

The Configuration File

The Configuration file contains information on passwords, security features, IP addresses and connection protocols. A configuration file is automatically generated each time you exit the client and saved in the same folder where the installer resides.

The name and location of the configuration file is listed below.

• For the Windows VPN 5000 Client, the configuration file is named vpn_config, with no file extension, and is located in the folder where you installed the VPN 5000 Client.

• For the Mac OS VPN 5000 Clients, the configuration file is named VPN Client Preferences, and is located in the Preferences folder.

To edit the configuration file, see "Network Administrator's Guide."

Exiting the VPN 5000 Client

If you are converting an old configuration file to a new one, you will be asked to overwrite the existing file. If you are the only user of your configuration file, you can answer Yes.

If other users with different logins use the same configuration file, you should answer No and give the file a new name. There is only one configuration file per machine, but multiple logins can use the same configuration file.

Posted: Tue Jun 20 14:42:11 PDT 2000
Copyright 1989 - 2000©Cisco Systems Inc.