XP Road Warrior ConnectionBy: Darren Critchley

What is Road Warrior?

Remote client such as a salesperson who needs to connect to the main office LAN resources

Sometimes referred to as a Host to Net VPN or VPN Client

What is needed on the client end?

XP has the client built in, but complicated to configure

Free offerings such as Linsys Commercial offering Safenet Softremote

XP Service Pack 2 and the Windows Firewall Make sure your XP is up to date and

patched! Firewall necessary to protect

Roadwarrior Should not interfere with VPN Hotfix may be required to allow ping

across the VPN http://support.microsoft.com/?

kbid=889527

Set up a connection on the NetSentron NOTE: Due to the method in which the VPN identifies a

connection, you can only have one Pre-Shared Key Roadwarrior

From VPN page click Add Select “Host-to-Net Virtual Private Network (RoadWarrior)”

and click Add Give the VPN a name

Cannot start with a number Cannot contain spaces or non-alphanumeric items

Adjust local subnet if necessary Remote Host/IP you can optionally limit the connection to a

specific IP or Hostname Enter a Remark – describes this VPN Connection Dead Peer Detection action

Choose Clear as the connection is a Roadwarrior Check Enabled Enter a Pre-Shared key or have the NetSentron generate one

for you

Connect an XP Roadwarrior using the free Linsys Program The Linsys Client is really a nice wrapper that

is for configuring the IPSec policies on Windows.

download the Linsys utility from http://www.netsentron.com/utilities.html

install the program start the program The first time you run the program, it may

complain that a necessary patch is missing. If you wish to let the program find, download and install the patch, then click yes, otherwise you can search for it on your own.

Name the VPN, enter a name for the VPN in the empty box next to the IPSec Profile Name

If you have more than one Network card in your PC, you can select which one you wish to use from the Interface drop down list

Once you select a network card, the IP Address for the Local side of the Tunnel will automatically be filled in for you.

Enter the information for the Remote Side of the Tunnel

Enter VPN Gateway (hostname / ip) – this is the RED (WAN) address of the NetSentron

Enter the Remote Internal IP – this is the GREEN (LAN) address of the NetSentron

Enter the Private Address/Network Mask – this is the subnet on the GREEN (LAN) side of the NetSentron, insure that it matches the local subnet entry on the VPN connection on the NetSentron

Enter information into the IPSec Options area Select Pre-Shared Key for Authentication Method Enter your Pre-Shared Key that you entered into the

NetSentron into the text area insure that the rest of the settings are: 3DES, MD5, PFS

(checked), 3500, 50000 Click on the Other Options Tab and then make sure Debug

Enabled is checked Click on Ipsec Profiles Tab Save your connection by clicking the Disk Icon in the upper

part of the Linsys client

Test the Connection

Before we connect, bring up log Right click on the Linsys icon in the Task

Bar, select View Log Now click connect – if all is well, you

should see the log with a connection message and the Linsys Icon should turn green

Verify connection by pinging the NetSentron Green (LAN) Address