The administrator for the branch sales office used the VPN planning advisor to create dynamic planning work sheets to help them configure VPN between the branch sales office and the corporate office. The VPN planning advisor is an interactive tool that asks specific questions regarding your VPN needs. Based on your answers, the advisor generates a customized planning work sheet for your environment that can be used when you configure your VPN connection. This work sheet can then be used when configuring a VPN on your iSeries™ server. Each of the following planning work sheets are generated with the VPN planning advisor and are used to configure a VPN using the VPN New Connection wizard in iSeries Navigator.
| What the VPN wizard asks | What the VPN advisor recommends |
|---|---|
| What would you like to name this connection group? | SalestoCorporate |
| What type of connection group would you like to create? | Select Connect your gateway to another gateway |
| What Internet Key Exchange policy do you want to use to protect your key? | Select Create a new policy, and then select Highest Security, lowest performance |
| Are you using certificates? | Select Yes and mycocert as
the certificate Note: This certificate was created during the steps for configuring a Certificate Authority on iSeries A.
|
| Select the identifier to represent the local connection endpoint. | Select the identifier type IP version
4 address and identifier 192.168.1.2 from
the list of identfier types and identifiers that were defined in the certificate
you chose. Note: IP addresses used in this scenario are meant for example
purpose only. They do not reflect an IP addressing scheme and should not be
used in any actual configuration. You should use your own IP addresses when
completing these tasks.
|
| What is the identifier of the key server that you want to connect to? | Select the identifier type IP version
4 address and identifier: 172.16.1.3. Important: IP addresses used in this scenario are meant for example
purposes only. They do not reflect an IP addressing scheme and should not
be used in any actual configuration. You should use your own IP addresses
when completing these tasks.
|
| What are the local endpoints of the data that this connection will protect? | Identifier type: IP version 4 subnet Identifier: 10.1.1.0 Mask: 255.255.255.0 |
| What are the remote endpoints of the data that this connection will protect? | Identifier type: IP version 4 subnet Identifier: 10.2.1.0Mask: 255.255.255.0 |
| What are the ports and protocols of the data that this connection will protect? | Local Port: Any port Remote Port: Any port Protocol: Any protocol |
| What data policy do you want to use to protect the data? | Select Create a new policy, and then select Highest security, lowest performance |
| Check the interfaces on the local system that this connection will be applied to. |
|