VeriSign VIP VIP + AR VIP VIP AR VPN iphone ipad Apple Inc. iphone Android Google Inc. Copyright 2011 Allied Telesis K.K. All Rights Reserved.
VIP AR User Copyright 2011 Allied Telesis K.K. All Rights Reserved. 1
Copyright 2011 Allied Telesis K.K. All Rights Reserved.
ISP PPP PPP PW PPPoE IP user@isp isppasswd 10.100.10.1/32 1 WAN WAN IP LAN IP L2TP IKE 1 DPD NAT-Traversal eth0 10.100.10.1/32 ppp0 192.168.1.1/24 vlan1 PAP (pre-shared key) secret ( ) ( DPD ) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 3
VIP IP RADIUS PW PW 192.168.1.2/24 secret vipeg x600-24ts LDAP (Active Directory) IP VIP User ID VIP User PW 192.168.1.3/24 auth x900-24xt User User ID User PW Credential ID OTP test x900-24xt ABCD12345678 Note OTP One Time Password Copyright 2011 Allied Telesis K.K. All Rights Reserved. 4
Active Directory (LDAP) IP 192.168.1.3/24 IP 192.168.1.2/24 VIP (RADIUS) Intranet IP 192.168.1.0/24 VPN LAN IP 192.168.1.1/24 PPPoE IP 10.100.10.1/32 VIP VIP User iphone, ipad, Android, PC 192.168.2.1-100 (L2TP IP Pool ) 3G 3G RADIUS LDAP OTP (User ID + PW + OTP) (User ID+ PW) (User ID+ OTP) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 5
VIP VIP VIP VIP User VIP Enterprise 3.2 Note VIP Active Directory Active Directory User ID/PW, VIP UserID/PW Copyright 2011 Allied Telesis K.K. All Rights Reserved.
VIP 1. VIP VIP 2. (Identity Protection Manager) Manage VIP Certificates Copyright 2011 Allied Telesis K.K. All Rights Reserved. 7
VIP 3. Request a Certificate 4. Certificate Instructions Continue 5. Request a Certificate Certificate Name (vipeg) Submit Request Copyright 2011 Allied Telesis K.K. All Rights Reserved. 8
VIP 6. Manage VIP Certificates #5 Certificate Certificate Download Page 7. Format PKCS#12 Password PW (x600-24ts) Download Certificate Note Password Copyright 2011 Allied Telesis K.K. All Rights Reserved. 9
VIP 1. VIP Required Setting Add a VIP Certificate 2. File Name VIP Password PW (x600-24ts) Submit Copyright 2011 Allied Telesis K.K. All Rights Reserved. 10
VIP 3. VIP certificate was successfully imported Copyright 2011 Allied Telesis K.K. All Rights Reserved. 11
VIP LDAP 1. VIP Gateway Optional User Store Copyright 2011 Allied Telesis K.K. All Rights Reserved. 12
VIP 2. Edit User Store Submit VIP Active Directory Active Directory ID/PW VIP Active Directory Active Directory ID Copyright 2011 Allied Telesis K.K. All Rights Reserved. 13 ID ID
VIP RADIUS 1. VIP Validation Add Server 2. Add RADIUS Validation Server User ID LDAP Password Security Code Continue Copyright 2011 Allied Telesis K.K. All Rights Reserved. 14
VIP 3. Delegation No Continue Copyright 2011 Allied Telesis K.K. All Rights Reserved. 15
VIP 4. Radius VIP IP RADIUS PW (secret) Set RADIUS to LDAP Mapping VIP Active Directory cn client name Active Directory User ID Copyright 2011 Allied Telesis K.K. All Rights Reserved. 16 Test
VIP 5. Test VIP Active Directory Submit 6. RADIUS Validation RADIUS Start Copyright 2011 Allied Telesis K.K. All Rights Reserved. 17
VIP User 1. (Identity Protection Manager) Create VIP End User Copyright 2011 Allied Telesis K.K. All Rights Reserved. 18
VIP 2. Active Directory User ID (test) Create VIP End User 3. Credential ID Add Credential Credential ID (ABCD12345678) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 19
VIP 4. Credential Details Actions Check and Reset Note OTP VIP Copyright 2011 Allied Telesis K.K. All Rights Reserved. 20
VIP 5. OTP 6. OTP Security Code Continue 7. Continue Copyright 2011 Allied Telesis K.K. All Rights Reserved. 21
VIP ( VIP PW ) OTP VIP PW (Temporary Security Code) PW 2 OTP PW 1. Modify VIP End User test Generate Temporary Security Code Copyright 2011 Allied Telesis K.K. All Rights Reserved. 22
VIP ( VIP PW ) 2. Generate a Temporary Security Code (1) OTP =>Usage One Time Use (2) PW =>Usage Multiple use Expiration PW 3. Generate Temporary Security Code Copyright 2011 Allied Telesis K.K. All Rights Reserved. 23
VIP ( VIP PW ) 4. Temporary Security Code Copyright 2011 Allied Telesis K.K. All Rights Reserved. 24
AR Copyright 2011 Allied Telesis K.K. All Rights Reserved.
AR CLI ID/PW ID : manager PW : friend AR415S/AR550S/AR560S/AR570S 2.9.2-00 AR260S V2 http://www.allied-telesis.co.jp/support/list/router/ar560s/docs/index.html http://www.allied-telesis.co.jp/support/list/router/ar560s/docs/cfg-93.html http://www.allied-telesis.co.jp/support/list/router/ar560s/docs/cfg-195.html Copyright 2011 Allied Telesis K.K. All Rights Reserved. 26
AR Note - IPsec Copyright 2011 Allied Telesis K.K. All Rights Reserved. 27
AR Copyright 2011 Allied Telesis K.K. All Rights Reserved. 28
AR Note SECRET secret VIP VIP RADIUS Validation RAIUS Shared Secret Copyright 2011 Allied Telesis K.K. All Rights Reserved. 29
AR Note VIP CHAP AUTHENTICATION PAP Copyright 2011 Allied Telesis K.K. All Rights Reserved. 30
AR Note DNS DNS LAN PC DNS Copyright 2011 Allied Telesis K.K. All Rights Reserved. 31
AR Note LAN PC IP Copyright 2011 Allied Telesis K.K. All Rights Reserved. 32
AR Note - ICMP Copyright 2011 Allied Telesis K.K. All Rights Reserved. 33
AR Copyright 2011 Allied Telesis K.K. All Rights Reserved. 34
AR Copyright 2011 Allied Telesis K.K. All Rights Reserved. 35
AR Note - CREATE ENCO KEY EDIT.CFG Copyright 2011 Allied Telesis K.K. All Rights Reserved. 36
AR Note User SA Copyright 2011 Allied Telesis K.K. All Rights Reserved. 37
AR Note - NAT-Traversal IKE NAT-T Note - IPsec SHOW IPSEC POLICY SET IPSEC POLICY POSITION Note - IPsec IPsec VPN Copyright 2011 Allied Telesis K.K. All Rights Reserved. 38
AR Note - Security Officer Telnet Security Officer Telnet RSO Remote Security Officer Copyright 2011 Allied Telesis K.K. All Rights Reserved. 39
User Windows XP Windows 7 iphone/ipad Android Copyright 2011 Allied Telesis K.K. All Rights Reserved.
User Windows XP Windows XP ServicePack3 1. 2. 3. 4. 5. 6. IP IPsec IP WAN IP 10.100.10.1 Copyright 2011 Allied Telesis K.K. All Rights Reserved. 41
User 7. XXXX XXXX 5 8. ( ) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 42
User 9. (PAP) OK 10. Copyright 2011 Allied Telesis K.K. All Rights Reserved. 43
User 11. IPsec 12. IPsec ISAKMP (secret) OK Copyright 2011 Allied Telesis K.K. All Rights Reserved. 44
User 13. VPN L2TP IPsec VPN OK Copyright 2011 Allied Telesis K.K. All Rights Reserved. 45
User 14. XXXX Active Directory VIP User ID (test) Active Directory User PW (x900-24xt) 15. User PW OTP <User PW><OTP> Copyright 2011 Allied Telesis K.K. All Rights Reserved. 46
User Windows 7 Windows 7 (Service Pack ) 1. 2. 3. VPN 4. 5. IPsec IP WAN IP 10.100.10.1 OfficeAR Copyright 2011 Allied Telesis K.K. All Rights Reserved. 47
User 6. Active Directory VIP User ID (test) 7. xxx XXX 5 Copyright 2011 Allied Telesis K.K. All Rights Reserved. 48
User 8. Copyright 2011 Allied Telesis K.K. All Rights Reserved. 49
User 9. 5 10. XXXX XXXX 5 Copyright 2011 Allied Telesis K.K. All Rights Reserved. 50
User 13. PAP) 14. L2TP ISAKMP (secret) OK Copyright 2011 Allied Telesis K.K. All Rights Reserved. 51
User 15. VPN IPsec 2 L2TP/IPsec OK 16. Copyright 2011 Allied Telesis K.K. All Rights Reserved. 52
User 17. XXXX Active Directory VIP User ID (test) Active Directory User PW (x900-24xt) 18. User PW OTP <User PW><OTP> Copyright 2011 Allied Telesis K.K. All Rights Reserved. 53
User iphone / ipad ipad/ios 4.3 1. 2. 3. 4. VPN 5. VPN VPN... 6. L2TP RSA SecurID AR_VPN 10.100.10.1 ( IPsec IP ) test (Active Directory VIP User ID) x900-24xt OTP (<User PW><OTP>) secret ( ISAKMP (secret) ) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 54
User 7. VPN AR_VPN 8. VPN VPN 9. Copyright 2011 Allied Telesis K.K. All Rights Reserved. 55
User Android Android Galaxy Tab/Android 2.2 1. 2. 3. VPN 4. VPN VPN 5. VPN L2TP/IPsec PSK VPN 6. L2TP/IPsec PSK VPN VPN VPN IPsec L2TP DNS AR_VPN ) 10.100.10.1 ( IPsec IP ) secret (ISAKMP (secret) ) ( ) Copyright 2011 Allied Telesis K.K. All Rights Reserved. 56
User 7. VPN AR-VPN 8. AR-VPN test (Active Directory VIP User ID) x900-24xt OTP (<User PW><OTP>) 9. AR-VPN Copyright 2011 Allied Telesis K.K. All Rights Reserved. 57
Copyright 2011 Allied Telesis K.K. All Rights Reserved.