Complete this worksheet before you configure a dynamic connection.
Before you create your dynamic VPN connections, complete this worksheet. The worksheet assumes you will use the New Connection Wizard. The wizard allows you to set up a VPN based on your basic security requirements. In some cases, you may need to refine the properties that the wizard configures for a connection. For example, you may decide that you require journaling or that you want the VPN server to start each time TCP/IP starts. If this is the case, right-click the dynamic-key group or connection that the wizard created and select Properties.
Answer each question before you proceed with your VPN setup.
| Prerequisite checklist | Answers |
|---|---|
| Is your operating system OS/400® V5R2 (5722-SS1) or later? | Yes |
| Is the Digital Certificate Manager option (5722-SS1 Option 34) installed? | Yes |
| Is iSeries™ Access for Windows® (5722-XE1) installed? | Yes |
| Is iSeries Navigator installed? | Yes |
| Is the Network subcomponent of iSeries Navigator installed? | Yes |
| Is TCP/IP Connectivity Utilities (5722-TC1) installed? | Yes |
| Did you set the retain server security data (QRETSVRSEC *SEC) system value to 1? | Yes |
| Is TCP/IP configured on your system (including IP interfaces, routes, local host name, and local domain name)? | Yes |
| Is normal TCP/IP communication established between the required endpoints? | Yes |
| Have you applied the latest program temporary fixes (PTFs)? | Yes |
| If the VPN tunnel traverses firewalls or routers that use IP packet filtering, do the firewall or router filter rules support AH and ESP protocols? | Yes |
| Are the firewalls or routers configured to permit IKE (UDP port 500), AH, and ESP protocols? | Yes |
| Are the firewalls configured to enable IP forwarding? | Yes |
| You need this information to configure a dynamic VPN connection | Answers |
What type of connection are you creating?
|
|
| What will you name the dynamic-key group? | |
What type of security and system performance do you
require to protect your keys?
|
|
| Are you using certificates to authenticate the connection? If no, what is the preshared key? | |
| What is the identifier of the local key server? | |
| What is the identifier of the local key server? | |
| What is the identifier of the remote key server? | |
| What is the identifier of the remote data endpoint? | |
What type of security and system performance do you
require to protect your data?
|