Application Notes
SL1000/500 VPN with SafeNet
SoftRemote VPN Client
Version 1.3
Copyright 2005, ASUSTek Computer, Inc. i
Revision History
Version Author Date Status
1.0 Julian Chang 08/20/2003 Initial draft
1.1 Nicole Lin 12/02/2004
1.2 Martin Su 06/27/2005
Copyright 2005, ASUSTek Computer, Inc. ii
Table of Contents
Revision History....................................................................................................................................ii
Table of Contents.................................................................................................................................iii
1 Introduction....................................................................................................................................1
2 Network Setup ...............................................................................................................................1
2.1 Connecting to the SL1000/500 Security Gateway using an IPSec Client...........................1
2.1.1 Provisioning Remote Access Groups and Users....................................................1
2.1.2 Configuring SL1000/500 VPN Policies for Aggressive Mode Remote Access.......3
2.1.2.1 Steps to configure SL1000 system..........................................................3
2.1.2.2 Steps to configure Remote Client............................................................7
2.1.2.3 Establishing VPN connection.................................................................11
Copyright 2005, ASUSTek Computer, Inc. iii
1 Introduction
This application note will detail all of the steps to create a working IKE IPSec VPN tunnel between an
ASUS SL1000 device (also be applied to SL500) and SafeNet SoftRemote VPN Client. All setting and
screen dumps contained within this application notes are taken from a SafeNet SoftRemote running
version 10.3.5(build 6), and a SL1000 device running firmware 1.1.68A.410.
2 Network Setup:
Figure 2.1 Overview of Network Connections
2.1 Connecting to the SL1000/500 Security Gateway using
an IPSec Client
2.1.1 Provisioning Remote Access Groups and Users
Step 1: Create a remote access user group and add a remote access user to the use r group.
Step 2: Verifying the users and the groups added in Step 1.
Step3: Under FirewallÆ AdvancedÆ Self Access, add a Self Access Rule for remote user to login-
--Allow TCP port 80 from WAN. See Figure 2.3.
Figure 2.2 Remote User Configuration page
Copyright 2005, ASUSTek Computer, Inc. Page 1
Figure 2.3 Self Access Rule Allowing Remote Users to Login
Copyright 2005, ASUSTek Computer, Inc. Page 2