Update VPN policies for remote connections from Windows XP clients

Because the wizard creates a standard connection that can be used for most VPN configurations, you will need to update the policies that were generated by the wizard to ensure interoperability with Windows® XP clients. To update these VPN policies, complete the following tasks:

  1. In iSeries™ Navigator, expand iSeries A > Network > IP Policies > Virtual Private Networking > IP Security Policies.
  2. Double-click Internet Key Exchange Policies and right-click Any IP address and select Properties.
  3. On the Transform page, click Add.
  4. On the Add Internet Key Exchange Transform page, select the following options::
    • Authentication method: Pre-shared key
    • Hash algorithm: MD5
    • Encryption algorithm: DES-CBC
  5. Click OK.
  6. In iSeries Navigator, expand iSeries A > Network > IP Policies > Virtual Private Networking > IP Security Policies.
  7. Double-click Data Policies and right-click SalestoRemote and select Properties.
  8. On the General page, clear Use Diffie-Hellman perfect forward secrecy.
  9. On the Proposal page, click Add.
  10. On the New Data Policy Proposal page, select the following options:
    • Encapsulation mode: Transport
    • Key expiration: 15 minutes
    • Expire at size limit: 100000
  11. On the Transform page, click Add.
  12. On the Add Data Policy Transform page, select the following options:
    • Protocol: Encapsulating security payload (ESP)
    • Authentication algorithm: MD5
    • Encryption algorithm: DES-CBC
  13. Click OK.
Parent topic: Configure VPN connection to remote users
Previous topic: Configure a VPN connection on iSeries A for remote clients
Next topic: Activate filter rules