ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzalr_5.4.0.1/rzalradvvpnfinal.htm

572 lines
30 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4.0//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../rzahg/ic.css">
<script type="text/javascript" language="javascript">
var textA = "<br><strong>Step 2: Migrate policy filters from a prior release<\/strong>";
var textB = "<p><strong>Step 3: Configure VPN with the New Connection wizard<\/strong>";
var textC = "<br><strong>Step 2: Configure VPN with the New Connection wizard<\/strong>";
//START NON-TRANSLATABLE
//Obtain name of HTML file in parent frame.
var parentDir = parent.window.location.href.substring(0,location.href.lastIndexOf('/')+1);
var parentUrl = parent.window.location.href.substring(parentDir.length,parent.window.location.href.length+1);
if (parentUrl.indexOf("#") >= 0) { parentUrl = parentUrl.substring(0,parentUrl.indexOf("#"));}
function restoreValues() {
//Is the hidden frame already loaded with the correct html?
if (parentUrl != "rzalradvvpnwelcome.htm") {
window.location = "rzalradvvpnwelcome.htm"; //load advisor frameset
} else {
//Obtain name of HTML file in hidden frame.
var hiddenDir = parent.hidden.window.location.href.substring(0,location.href.lastIndexOf('/')+1);
var hiddenUrl = parent.hidden.window.location.href.substring(hiddenDir.length,parent.hidden.window.location.href.length+1);
if (hiddenUrl.indexOf("#") >= 0) { hiddenUrl = hiddenUrl.substring(0,hiddenUrl.indexOf("#"));}
if (hiddenUrl != "rzalradvvpnhidden.htm") {
//Correct HTML not loaded, load it
parent.hidden.window.location = "rzalradvvpnhidden.htm";
}
}
}
//Retrieve previously entered information
var rulesfile = parent.hidden.savevalue[2];
var three = parseInt(parent.hidden.savevalue[3]);
//Connection name
var connName = parent.hidden.savevalue[5];
var six = parseInt(parent.hidden.savevalue[6]);
var eight = parseInt(parent.hidden.savevalue[8]);
var ten = parseInt(parent.hidden.savevalue[10]);
var twelve = parseInt(parent.hidden.savevalue[12]);
var localidentifier = parent.hidden.savevalue[13];
var fourteen = parseInt(parent.hidden.savevalue[14]);
var eighteen = parseInt(parent.hidden.savevalue[18]);
var remoteidentifier = parent.hidden.savevalue[19];
var twentyfive = parseInt(parent.hidden.savevalue[25]);
var twentyeight = parent.hidden.savevalue[28];
var remKeyServ = parent.hidden.savevalue[12];
var forty = parseInt(parent.hidden.savevalue[40]);
var cn = parent.hidden.savevalue[61];
var orgunit = parent.hidden.savevalue[62];
var org = parent.hidden.savevalue[63];
var locale = parent.hidden.savevalue[64];
var state = parent.hidden.savevalue[65];
var country = parent.hidden.savevalue[66];
var psk = "";
var certs = "";
var localID = "";
var localIDtype = "";
var remoteID = "";
var reptype = "";
var repID = "";
var lepID = "";
var leptype = "";
var locPortNum = "";
var remPortNum = "";
var protName = "";
var migwiz = "";
var step3 = "";
var text1c = "";
var text1g = "";
//Determines whether to add migrating wizard as step 2
if (parseInt(parent.hidden.savevalue[0]) == 0 && parseInt(parent.hidden.savevalue[1]) == 0) {
migwiz = textA;
step3 = textB;
} else {
step3 = textC;
}
//END NON-TRANSLATABLE
switch (fourteen) {
case 0:
leptype = "IP version 4 address";
lepID = "<br><strong>Identifier: <\/strong>" + parent.hidden.savevalue[15];
break;
case 1:
leptype = "IP address range";
lepID = "<br><strong>Identifier: <\/strong>" + parent.hidden.savevalue[15] + " to " + parent.hidden.savevalue[16];
break;
case 2:
leptype = "IP version 4 subnet";
lepID = "<br><strong>Identifier: <\/strong>" + parent.hidden.savevalue[15];
break;
case 3:
leptype = "Any IP address";
break;
case 4:
leptype = "PPP profile:";
lepID = "<br><strong>Identifier: <\/strong>" + parent.hidden.savevalue[15];
break;
default:
leptype = "Unknown";
lepID = "<br><strong>Identifier: <\/strong>Unknown";
break;
}
switch (twentyfive) {
case 0:
reptype = "IP version 4 address";
repID = parent.hidden.savevalue[26];
break;
case 1:
reptype = "IP address range";
repID = parent.hidden.savevalue[26] + " to " + parent.hidden.savevalue[27];
break;
case 2:
reptype = "IP version 4 subnet";
repID = parent.hidden.savevalue[26];
break;
case 3:
reptype = "Any IP address";
break;
case 4:
reptype = "Host name";
repID = parent.hidden.savevalue[26];
break;
default:
reptype = "Unknown";
repID = "Unknown";
break;
}
switch (eight) {
case 0:
localID = "IP version 4 address";
localIDtype = "IP address:";
localidentifier = parent.hidden.savevalue[9];
break;
case 1:
localID = "Host name";
localIDtype = "Identifier:";
localidentifier = parent.hidden.savevalue[9];
break;
case 2:
if (parseInt(parent.hidden.savevalue[3]) == 0) {
//distinguished name
localID = "Distinguished name";
localIDtype = "Identifier:";
localidentifier = parent.hidden.savevalue[9];
break;
} else {
//key identifier
localID = "Key Identifier";
localIDtype = "Identifier:";
localidentifier = parent.hidden.savevalue[9];
break;
}
case 3:
//pre-shared only
localID = "User @ fully qualified domain name";
localIDtype = "Identifier:";
localidentifier = parent.hidden.savevalue[9];
break;
default:
localID = "Unknown";
localIDtype = "Unknown";
localidentifier = "Unknown";
break;
}
switch (eighteen) {
case 0:
remoteID = "IP version 4 address";
break;
case 1:
remoteID = "Host name";
break;
case 2:
remoteID = "Key Identifier";
break;
case 3:
remoteID = "User @ fully qualified domain name";
break;
case 4:
remoteID = "IP address range";
break;
case 5:
remoteID = "IP version 4 subnet";
break;
case 6:
remoteID = "Any IP address";
break;
case 7:
remoteID = "Distinguished name";
break;
default:
remoteID = "Unknown";
break;
}
if ((parseInt(parent.hidden.savevalue[32]) == 0) || (parseInt(parent.hidden.savevalue[3]) == 0)) {
locPortNum = "Any port";
} else {
locPortNum = parent.hidden.savevalue[17];
}
if (parseInt(parent.hidden.savevalue[33]) == 0) {
remPortNum = "Any port";
} else {
remPortNum = parent.hidden.savevalue[77];
}
var thirtyfour = parseInt(parent.hidden.savevalue[34]);
switch (thirtyfour) {
case 0:
protName = "Any protocol";
break;
case 1:
protName = "UDP";
break;
case 2:
protName = "TCP";
break;
case 3:
protName = "IPSec";
break;
case 4:
protName = "AH";
break;
case 5:
protName = "ESP";
break;
default:
protName = "Unknown";
break;
}
var text1e = migwiz + "<br>Since you have policy filters on your system from a prior release and you plan to configure new VPN connections in the current release, you should use the <strong>Migrate Policy Filters<\/strong> wizard. ";
text1e += "The wizard removes the policy filters from <tt>" + rulesfile + "<\/tt>, which is the file you indicated contains policy filters from a prior release, and inserts equivalent policy filters into VPNPOLICYFILTERS.I3P, which is the default file for the policy filter rules generated by VPN. ";
text1e += "Your non-VPN filter rules will remain in <tt>" + rulesfile + "<\/tt>.<p>To access the wizard, follow these steps:";
text1e += "<ol><li>In iSeries<SUP>(TM)<\/SUP> Navigator, expand your server<strong>--&gt; Network--&gt; IP Policies<\/strong>.<\/li>";
text1e += "<li>Right-click <b>Virtual Private Networking<\/b> and select <b>Migrate Policy Filters<\/b>.<\/li>";
text1e += "<li>When you complete the wizard, click <strong>Finish<\/strong>.<\/li>";
text1e += "<li>Click <b>Help<\/b> if you have questions about how complete a page or any of its fields.<\/li><\/ol>"
text1e += "<p>When the wizard finishes migrating the policy filters, you should verify your rules by using the Packet Rules Editor in iSeries Navigator. ";
text1e += "This will help to ensure the rules will load without errors when you try to activate them.";
text1e += "<p>The next step is to configure the VPN connection based on information you specified in this advisor.";
var text1d = "<p>Congratulations! You have successfully completed the VPN planning advisor. Use this planning work sheet to assist you as you configure VPN on your iSeries. ";
text1d += "If you prefer hardcopy, print this page. Then, after you implement your VPN, you should file a copy of the completed work sheet with your system security policy information.<\/p>";
text1d += "<strong>Step 1: Complete the pre-requisite checklist<\/strong>";
text1d += "<br>You should answer yes to each question in the pre-requisite checklist before you proceed with your VPN setup.";
text1d += "<p><table border='1' cellspacing='1' cellpadding='2' width='90%'>";
text1d += "<tr><td class='tablemainheaderbar' align='left' valign='top' width='75%'><strong>Prerequisite checklist<\/strong><\/td>";
text1d += "<td class='tablemainheaderbar' align='left' valign='top' width='25%'><strong>Answers<\/strong><\/td><\/tr>";
text1d += "<tr><td valign='top'>Is your OS/400<SUP>(R)<\/SUP> V5R2 (5722-SS1)?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is the Digital Certificate Manager option (5722-SS1 Option 34) installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is Cryptographic Access Provider (5722-AC2 or AC3) installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is iSeries Access for Windows<SUP>(R)<\/SUP> (5722-XE1) installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is iSeries Navigator installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is the Network subcomponent of iSeries Navigator installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is TCP/IP Connectivity Utilities for OS/400 (5722-TC1) installed?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Did you set the retain server security data (QRETSVRSEC *SEC) system value to 1?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is TCP/IP configured on your iSeries (including IP interfaces, routes, local host name, and local domain name)?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Is normal TCP/IP communications established between the required endpoints?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Have you applied the latest program temporary fixes (PTFs)?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>If the VPN traverses firewalls or routers that implement IP packet filtering, do the firewall or router filter rules support AH and ESP protocols?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Are the firewalls or routers configured to permit IKE (UDP port 500), AH, and ESP protocols?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Are the firewalls configured to enable IP forwarding?<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign='top'>Do you have the <a href='../rzajb/rzajbpacketruleauthorities.htm'>proper authorities to administer packet rules<\/a> on your iSeries? <br><strong>Note:<\/strong> This link takes you to the packet rules topic in the iSeries Information Center and will cause you to leave the advisor.<\/td><td>&nbsp;<\/td><\/tr>";
text1d += "<tr><td valign=top>If you plan to use certificates to authenticate the key servers, do you have certificates configured on your system?<\/td><td>&nbsp;<\/td><\/tr><\/td><\/tr><\/table>"
var atext1c = step3 + "<br>Based on your answers, the VPN planning advisor has determined that you should create a gateway-to-gateway connection by using the New Connection wizard. ";
var btext1c = step3 + "<br>Based on your answers, the VPN planning advisor has determined that you should create a host-to-host connection by using the New Connection wizard. ";
var ctext1c = step3 + "<br>Based on your answers, the VPN planning advisor has determined that you should create a host-to-gateway connection by using the New Connection wizard. ";
var text1f = "<p>To access the wizard, follow these steps:<p><ol><li>In iSeries Navigator, expand your server<strong>--&gt; Network--&gt; IP Policies<\/STRONG>.<\/li>";
text1f += "<li>Right-click <strong>Virtual Private Networking<\/strong> and select <strong>New Connection<\/strong>.<\/li><\/ol>";
text1f += "<p>Use this table to complete the wizard. If you are working from hardcopy, check <strong>Complete<\/strong> after you finish each task.<br><br>"
text1f += "<table border='1' cellspacing='1' cellpadding='2' width='90%'>";
text1f += "<tr><td width='200' class='tablemainheaderbar'><strong>The wizard asks:<\/strong><\/td><td width='300' class='tablemainheaderbar'><strong>The advisor suggests that you enter:<\/strong><\/td><td width='85' class='tablemainheaderbar'><strong>Complete<\/strong><\/td><\/tr>"
text1f += "<tr><td width='200' valign='top'>What would you like to name this connection group?<\/td><td>" + connName + "<\/td><td>&nbsp;<\/td><\/tr>"
var atext1g = "<tr><td width='200' valign='top'>What type of connection group would you like to create?<\/td><td width='300' valign='top'>Select <strong>Connect your gateway to another gateway<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
var btext1g = "<tr><td width='200' valign='top'>What type of connection group would you like to create?<\/td><td width='300' valign='top'>Select <strong>Connect your host to another host<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
var ctext1g = "<tr><td width='200' valign='top'>What type of connection group would you like to create?<\/td><td width='300' valign='top'>Select <strong>Connect your host to another gateway<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
var text1h = "<tr><td width='200' valign='top'>What Internet Key Exchange policy do you want to use to protect your key?<\/td><td width='300' valign='top'>Select <strong>Create a new policy<\/strong> and then select <strong>highest security, lowest performance<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
var text1a = "<tr><td width='200' valign='top'>Are you using certificates?<\/td>";
text1a += "<td width='300' valign='top'>Select <strong>No<\/strong>&nbsp;<\/td><td>&nbsp;<\/td><\/tr>";
var text1acerts = "<tr><td width='200' valign='top'>Are you using certificates?<\/td>";
text1acerts += "<td width='300' valign='top'>Select <strong>No<\/strong> and then select the certificate you want to use to represent the local connection endpoint system from the list of certificates available on your system.<\/td><td>&nbsp;<\/td><\/tr>";
var text1b = "<tr><td width='200' valign='top'>Are you using certificates?<\/td>";
text1b += "<td width='300' valign='top'>Select <strong>Yes<\/strong>&nbsp;";
text1b += "<p>Remember, you must first configure your certificates with Digital Certificate Manager (Option 34). If you do not have certificates on your system, the Connection wizard assumes you will use a preshared key for authenticating the key servers.<\/td><td>&nbsp;<\/td><\/tr>";
var text1bcerts = "<tr><td width='200' valign='top'>Are you using certificates?<\/td>";
text1bcerts += "<td width='300' valign='top'>Select <strong>Yes<\/strong> and then select the certificate you want to use to represent the local connection endpoint system from the list of certificates available on your system.";
text1bcerts += "<p>Remember, you must first configure your certificates with Digital Certificate Manager (Option 34). If you do not have certificates on your system, the Connection wizard assumes you will use a preshared key for authenticating the key servers.<\/td><td>&nbsp;<\/td><\/tr>";
var textX = "<tr><td width='200' valign='top'>Enter the identifier to represent the local key server for this connection<\/td><td width='300' valign='top'><strong>Identifier type:<\/strong>" + localID + "<br><strong>" + localIDtype + "<\/strong>" + localidentifier + "<\/td><td>&nbsp;<\/td><\/tr>";
var textT = "<tr><td width='200' valign='top'>What is the identifier of the key server that you want to connect to?<\/td><td width='300' valign='top'><strong>Identifier type:<\/strong>&nbsp;" + remoteID;
var textU = "<br><strong>Identifier: <\/strong>" + remoteidentifier;
var textV = "<br><strong>Mask:<\/strong> " + parent.hidden.savevalue[20] + "<br>";
var textW = " to " + parent.hidden.savevalue[20] + "<br>";
var textZ = "<tr><td width='200' valign='top'>Select the identifier to represent the local connection endpoint<\/td>";
textZ += "<td width='300' valign='top'>Select the identifier type <strong>" + localID + "<\/strong> and identifier <strong>" + localidentifier + "<\/strong> from the list of identfier types and identifiers that were defined in the certificate you chose.<\/td><td>&nbsp;<\/td><\/tr>";
var textY = "<tr><td width='200' valign='top'>Select the identifier to represent the local connection endpoint<\/td>";
textY += "<td width='300' valign='top'>Select the identifier type <strong>" + "IP address " + "<\/strong> and identifier <strong>" + parent.hidden.savevalue[11] + "<\/strong> from the list of identfier types and identifiers that were defined in the certificate you chose.";
textY += "<br> Or, you can select the identifier type <strong>X.500 distinguished name<\/strong> and identifier <strong>" + parent.hidden.savevalue[21] + "<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
var textS = "<br><strong>Pre-shared key:<\/strong> The preshared key is a 32-character text string that OS\/400 VPN uses to authenticate the connection as well as to establish the keys that protect your data. In general, you should treat a preshared key as you would a password.<br>";
var textE = "<\/td><td>&nbsp;<\/td><\/tr>";
var textM = "<tr><td width='200' valign='top'>What are the parameters of the distinguished name?<\/td><td width='300' valign='top'><strong>Common name: <\/strong>&nbsp;" + cn + "<br><strong>Organizational Units:<\/strong>&nbsp;" + orgunit + "<br><strong>Organization:<\/strong>&nbsp;" + org + "<br><strong>Locality:<\/strong>&nbsp;" + locale + "<br><strong>State:<\/strong>&nbsp;" + state + "<br><strong>Country or region:<\/strong>&nbsp;" + country + "<\/td><td>&nbsp;<\/td><\/tr>";
var textK = "<tr><td width='200' valign='top'>Remote key server IP address<\/td><td width='300' valign='top'>Select <strong>The local key server will initiate this connection<\/strong>. Then enter <strong>" + remKeyServ + "<\/strong>&nbsp;in the <strong>IP address<\/strong> field.<\/td><td>&nbsp;<\/td><\/tr>";
var textN = "<tr><td width='200' valign='top'>What are the remote endpoints of the data that this connection will protect?<\/td>";
textN += "<td width='300' valign='top'><strong>Identifier type:<\/strong>&nbsp;" + reptype + "<BR>";
var textQ = "<br><strong>Identifier: <\/strong>" + repID;
var textP = "<br><strong>Mask:<\/strong> " + parent.hidden.savevalue[27];
var textO = "<\/td><td>&nbsp;<\/td><\/tr>";
var textI = "<tr><td width='200' valign='top'>What are the remote endpoints of the data that this connection will protect?<\/td><td width='300' valign='top'>Select <strong>The remote data endpoint identifier is the IP address of the local key server<\/strong>. The IP address, <strong>" + remKeyServ + "<\/strong>, should already display in the <strong>IP address<\/strong> field.<\/td><td>&nbsp;<\/td><\/tr>";
var textL = "<tr><td width='200' valign='top'>What are the local endpoints of the data that this connection will protect?<\/td><td width='300' valign='top'><strong>Identifier type:<\/strong>&nbsp;" + leptype + "<BR>";
var textJ = "<tr><td width='200' valign='top'>What are the local endpoints of the data that this connection will protect?<\/td><td width='300' valign='top'>Select <strong>The local data endpoint identifier is the IP address of the local key server<\/strong>. Then enter <strong>" + parent.hidden.savevalue[11] + "<\/strong> in the <strong>IP address <\/strong>field.<\/td><td>&nbsp;<\/td><\/tr>";
var textK = "<br><strong>Mask:<\/strong> " + parent.hidden.savevalue[16];
var textR = "<\/td><td>&nbsp;<\/td><\/tr>";
var textD = "<tr><td width='200' valign='top'>What are the ports and protocols of the data that this connection will protect?<\/td>";
textD += "<td width='300' valign='top'><strong>Local Port: <\/strong>" + locPortNum + "<br><strong>Remote Port: <\/strong>" + remPortNum + "<br><strong>Protocol: <\/strong>" + protName + "<\/td><td>&nbsp;<\/td><\/tr>";
textD += "<tr><td width='200' valign='top'>What data policy do you want to use to protect the data?<\/td>";
textD += "<td width='300' valign='top'>Select <strong>Create a new policy<\/strong> and then select <strong>highest security, lowest performance<\/strong><\/td><td>&nbsp;<\/td><\/tr>";
textD += "<tr><td width='200' valign='top'>Check the interfaces on the local system that this connection will be applied to<\/td>";
textD += "<td width='300' valign='top'>Select all available interfaces<\/td><td>&nbsp;<\/td><\/tr><\/table>";
textD += "<p>Review the paramenters you entered, and then click <strong>Finish<\/strong>. A dialog will open that asks you whether you want to activate the policy filters that the wizard will create as part of this configuration. ";
textD += "Select <strong>Yes, activate the generated policy filters<\/strong> then select <strong>Permit all other traffic<\/strong>. ";
textD += "Click <strong>OK<\/strong> to complete the configuration. When prompted, specify that you want to activate the rules on all interfaces.<p>";
textD += "<strong>Final Steps<\/strong><br>After you configure VPN on your system, you need to ensure, along with the system administrator at the remote site, that the remote system is configured correctly. ";
textD += "After you have done that, you should check the status of your connection to make sure that it's in the <tt>on-demand<\/tt> state. Or, perhaps you need to add more function to the connection. ";
textD += "For example, you many want to take advantage of OS/400 VPN's network address translation capabilities or maybe the connection will protect an L2TP tunnel.<br>";
textD += "<p>To learn about these concepts and other more complex VPN scenarios, see the <a href='../rzaja/rzajaotherinfo.htm'>Related information for VPN<\/a> section of this topic for a list a IBM<SUP>(R)<\/SUP> redbooks and other useful sources for VPN information.<\/p>";
//START NON-TRANSLATABLE
//What type of connection should the user select?
switch (six) {
case 1:
text1c = atext1c;
text1g = atext1g;
break;
case 2:
text1c = btext1c;
text1g = btext1g;
break;
case 3:
text1c = ctext1c;
text1g = ctext1g;
break;
}
//Are certificates being used?
if (three == 0) {
//Yes
certs = true;
text1a = text1acerts;
text1b = text1bcerts;
} else {
//No
certs = false;
}
////////////////////////////////////////////////////////////////
// //
// onBack() //
// //
// This function is called when the user clicks the Back //
// button on the form. This function loads the previous //
// page of the advisor in the contents frame. //
// //
////////////////////////////////////////////////////////////////
function onBack() {
if (parseInt(parent.hidden.savevalue[6]) == 1 || parseInt(parent.hidden.savevalue[6]) == 3) {
window.location = "rzalradvvpn100.htm";
} else {
window.location = "rzalradvvpn110.htm";
}
}
////////////////////////////////////////////////////////////////
// //
// onStartOver() //
// //
// This function is called when the user clicks on the //
// Start Over button on the form. The function resets all //
// values in the applet //
// //
////////////////////////////////////////////////////////////////
function onStartOver() {
//Reset all values
for (i=0; i < 100; i++) {
parent.hidden.savevalue[i] = "";
}
//Jump to next advisor page
window.location = "rzalradvvpnwelcome.htm";
}
///////////////////////////////////////////////////////////////
// //
//displayMig() //
// //
//This function displays only if user say yes to migrating //
//and yes to using pre-existing packet rules //
// //
///////////////////////////////////////////////////////////////
function displayMig() {
//text before table
document.writeln(text1e);
}
///////////////////////////////////////////////////////////////
// //
//prereqtext() //
// //
//This function displays the introduction text and the //
//pre-req checklist //
// //
// //
///////////////////////////////////////////////////////////////
function prereqtext() {
//Intro text
//list of prereq item
document.writeln(text1d);
}
////////////////////////////////////////////////////////////////
// //
// displayA() //
// //
// This function displays the first table along with a few //
// lines before the table. //
// //
////////////////////////////////////////////////////////////////
function displayA() {
//Lines of text before table
// The heading line of the table
// The connection group line. Always appears.
// system role line. Always appears.
// IKE policy line. Always appears.
document.writeln(text1c + text1f + text1g + text1h);
//Certificates line. always appears, but certs can be yes or no
if (certs == true) {
document.writeln(text1b);
} else {
document.writeln(text1a);
}
//Certificate identifier line. Only appears when using certificates is yes.
if (certs == true && eight != 2) {
document.writeln(textZ);
} else {
if (certs == true && eight == 2) {
document.writeln(textY);
}
}
//ID local key server.
if (certs == false) {
document.writeln(textX);
}
//ID remote key server. Always appears.
document.writeln(textT);
if (eighteen != 6 && eighteen != 7) {
document.writeln(textU);
if (eighteen == 5) {
document.writeln(textV);
} else {
if (eighteen == 4) {
document.writeln(textW);
}
}
}
//the preshared key text when certs = no
if (certs == false) {
document.writeln(textS);
}
document.writeln(textE);
//IP address of remote key server. Appears when remote id type is Key ID, DN, or u@fqdn
// this one appears when local key server can initiate a connection
//if (twentyeight == 0) {
//This appears when DN was selected for remote IDtype
if (eighteen == 7) {
document.writeln(textM);
}
if (eighteen == 2 || eighteen == 3 || eighteen == 7) {
document.writeln(textK);
}
//Local data endpoints appears when local system role is gateway
if (six == 1) {
document.writeln(textL);
if (fourteen != 3) {
document.writeln(lepID);
if (fourteen == 2) {
document.writeln(textK);
}
}
document.writeln(textR);
//Local data endpoints when local key server was a key id, user@fqdn, or dn but not a gateway
} else {
if (eight == 2 || eight == 3 || eight == 4) {
document.writeln(textJ);
}
}
//Remote data endpoints. Appears when remote system role is gateway
if (six != 2) {
document.writeln(textN);
if (twentyfive != 3) {
document.writeln(textQ);
if (twentyfive == 2) {
document.writeln(textP);
}
}
document.writeln(textO);
//Remote data endpoints when remote key server was key id, user@fqdn, or dn but not a gateway
} else {
if (eighteen == 2 || eighteen == 3 || eighteen == 7) {
document.writeln(textI);
}
}
//Ports and protocol. Always appears
//data policy. always appears
//interface. always appears
//always appears
//Directs user to final recommendations
document.writeln(textD);
}
//END NON-TRANSLATABLE
</script>
<title>VPN planning advisor</title>
</head>
<body>
<H2>VPN planning advisor</H2>
<STRONG>Planning worksheet</STRONG>
<script type="text/javascript" language="Javascript">
if (parseInt(parent.hidden.savevalue[0]) == 0 && parseInt(parent.hidden.savevalue[1]) == 0) {
prereqtext();
displayMig();
displayA();
} else {
prereqtext();
displayA();
}
</script>
<P>&nbsp;</p>
<form action=submit name="form1">
<CENTER>
<!-- TRNOTE Translate only the value attribute in the next two lines -->
<input name=submit type="button" value="&nbsp;&lt;&lt; Back&nbsp;" onClick="onBack()">
<input name=submit type="button" value="Start Over" onClick="onStartOver()">
</CENTER>
</form>
</body>
</html>