HP Sa3110 - VPN Server Appliance Release Notes
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Server
  5. Sa3110 - VPN Server Appliance
  6. Release notes
HP Sa3110 - VPN Server Appliance Release Notes

HP Sa3110 - VPN Server Appliance Release Notes

Hp vpn server appliance sa3000 series - release 6.8.2 release notes
Hide thumbs Also See for Sa3110 - VPN Server Appliance:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual, Installation Manual
hewlett-packard sa3000 series
vpn client
release 6.8.2 release notes
Hewlett-Packard Company
HP: 5971-0874
P/N: A52439-001
March 2001

Advertisement

Table of Contents
loading

Related Manuals for HP Sa3110 - VPN Server Appliance

Summary of Contents for HP Sa3110 - VPN Server Appliance

  • Page 1 6.8.2 release notes Hewlett-Packard Company HP: 5971-0874 P/N: A52439-001 March 2001...
  • Page 2 Hewlett-Packard SA3000 Series VPN Client...

  • Page 3: Disclaimer

    Conditions of Sale for such products, Hewlett -Packard Company assumes no liability whatsoever, and Hewlett- Packard Company disclaims any express or implied warranty, relating to sale and/or use of Hewlett-Packard Company products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right.
  • Page 4 Hewlett-Packard SA3000 Series VPN Client...

  • Page 5: Table Of Contents

    Contents DISCLAIMER CONTENTS INTRODUCTION IMITATIONS TO ELEASE ARDWARE ERVICE AND ELEPHONE UPPORT UMBERS SYSTEM REQUIREMENTS RELEASE 6.8.2 FEATURES UTHENTICATION UPPORT FOR ECONDARY UTHENTICATION MPLEMENTED ACKET UARD NCREASES SEFULNESS FOR EMOTE SERS VPN C LIENT OPERATES ACKET ROTECT SPECIAL CONSIDERATIONS KNOWN PROBLEMS Release 6.8.2 Release Notes...
  • Page 6 Hewlett-Packard SA3000 Series VPN Client...

  • Page 7: Introduction

    IPSec over dial-up connections, and, if your implementation is for Windows NT domain logon, you will not see the three-bar logon window until after the VPN tunnel is connected. Hewlett-Packard Company recommends you do not use the Release 6.8.2 VPN products on a Windows Me system.
  • Page 8 South Africa: RSA: 086 000 1030; outside RSA: +27 11 258 9301 • Spain: 902 321 123 • Sweden: 08 619 2170 • Switzerland: 084 880 1111 • Turkey: 90 212 221 6969 • United Kingdom:0870 842 2339 Hewlett-Packard SA3000 Series VPN Client...

  • Page 9: Latin America

    Asia In Asia, for hardware service and telephone support, contact an HP-authorized reseller or one of the following support centers: • Australia: 03-8877-8000 • Hong Kong: 800-96-2598 • India: 91-11-6826035 • Indonesia: 0800-21511 • Japan: 0120-220-119 • Korea: +82-2-32700911 • Malaysia: 60 3 2931811 or 1-800-881811 •...

  • Page 10: System Requirements

    Pentium 90-MHz processor performance level − 5 MB free disk space − 32 MB RAM • Windows 2000 Professional running on: − Pentium 133-MHz processor performance level − 15 MB free disk space − 64 MB RAM Hewlett-Packard SA3000 Series VPN Client...
  • Page 11 Using Windows 95 (Gold or A) Versions Because Microsoft Windows 95 Gold and Windows 95 A use DUN 1.0, these releases do not permit data to transfer over tunnels established over PPP dial-up connections. To view your Windows 95 version, select System Properties. Windows 95 B (OSR2) or Windows 95 C (OSR3) releases work successfully.

  • Page 12: Release 6.8.2 Features

    In Release 6.8.2, incorporating PacketGuard with the VPN Client gives remote users access to shared printers and files when a VPN tunnel is up. Hewlett-Packard SA3000 Series VPN Client...

  • Page 13: Vpn Client Co-Operates With Packetprotect

    To browse other computers on your local network while your VPN tunnel is connected, select the Enable Home network access check box in the Options window. To restrict traffic on your PC to traffic through the VPN tunnel, ensure this check box is clear. The default setting is enabled.

  • Page 14: Special Considerations

    In a single installation, the administrator or user must log on with administrative privileges, and then select the Disable raw socket security for all users (required for protocol 99) check box in the Options window Hewlett-Packard SA3000 Series VPN Client...
  • Page 15 Upgrading to Windows 2000 From Windows 95/98 or Windows NT If you plan to upgrade from Windows 95/98 or Windows NT to Windows 2000, ensure that you remove the VPN Client software before upgrading. AT&T Dialers Supported for Windows 95/98 If you use the AT&T Business Dialer with Windows 95 or Windows 98, use version 2.6 or later.
  • Page 16 Networking N.N, where N.N shows the DUN version you are using. 4. If N.N is less than 1.3, install the upgrade as described next. To upgrade to DUN version 1.3: 1. Using your browser, go to the following URL: http://support.microsoft.com/support/downloads/dp326 7.asp Hewlett-Packard SA3000 Series VPN Client...
  • Page 17 2. Click the upgrade file, msdun13.exe, then follow the instructions on your screen to download the file. 3. Install the upgrade, then reboot your PC. Also, if you have trouble browsing through a tunnel and have NetBEUI installed in your network control panel: 1.
  • Page 18 32. For Windows NT, call the file HOSTS and put the file in the directory [system root directory]\system 32\drivers\etc, where system root directory means the name of the directory in which Windows NT is located on your workstation. See Sample Novell Map File. Hewlett-Packard SA3000 Series VPN Client...
  • Page 19 2. Use the IP address of the server you want to use for authentication, instead of using its name. For example, use 10.250.113.1 instead of auth_server. To specify the IP address for NDS to use, when the Novell client logon window appears, click Advanced. The Advanced section appears.
  • Page 20 The first route should not be added to the route table. This behavior results from the Client-IP on the VPN device falling within the subnet defined through an address IP on the VPN device of 172.16.20.1 with a mask of 255.255.255.0. Hewlett-Packard SA3000 Series VPN Client...
  • Page 21 When the DHCP request is submitted to the VPN device, the device must respond with an IP address and subnet mask. To determine the subnet mask, the VPN device searches its interfaces for the first match in whic h the Client-IP resides on the network defined by the interface's IP address and subnet mask.
  • Page 22 Users are encouraged to use their local password when the VPN Client Login window appears. The software recognizes that this is not the authentication password and then the user is prompted to enter the authentication password in a second Authentication prompt window. Hewlett-Packard SA3000 Series VPN Client...
  • Page 23 Once this password is entered, the encrypted vpnuser.ini file is decrypted and the software update proceeds. When the local and authentication passwords are entered in this order, the VPN Client software recognizes the validity of the local password for future use. For first-time VPN Client users, however, if the authentication password is entered in the VPN Client Login window instead of in the Authentication prompt window,...
  • Page 24 If you are using the software in one of these countries, please disregard instructions concerning encryption greater than 56 bits in the online Help file as both software versions include the same online Help file. Hewlett-Packard SA3000 Series VPN Client...

  • Page 25: Known Problems

    Known Problems This section describes known problems at the time of release. IPSec Tunnel With Single IP SA Routes Entire Network Through Tunnel Adapter Reference Number 224DF If there is an IPSec tunnel configured with SAs with access to a single IP address, the VPN Client will still have a route to the entire network to go through the tunnel adapter.
  • Page 26 192.168.200.0/24, and a Client-IP address of 192.168.200.50, should restrict traffic from the VPN Client to the destination of 192.168.200.0/24. The problem is that the VPN Client is able to reach remote networks in the address span of the exclude network space. Hewlett-Packard SA3000 Series VPN Client...
  • Page 27 The same case holds true to a network in a VLSM class; a net-include of 192.168.200.0/24 and an exclude statement of 192.168.200.128/25. Logically speaking, all traffic from the lower half of the 192.168.200.0 network should be permitted, while the upper half of the network should be denied.
  • Page 28 During Release 6.8.2 VPN Client installation on a computer running Windows NT, the daconfig file presents the same restart window twice, following the window that asks Do you want the Hewlett-Packard Company SA3000 Series VPN Client to start automatically every time Windows restarts...
  • Page 29 Machine Hangs When Moving from Nortel Extranet Connection Reference Number 104298 On a Windows 98 computer, if a user opens a Nortel Extranet connection, then closes it, then tries to start a VPN Client tunnel connection, the computer could hang. A cold reboot is required to recover from this problem.
  • Page 30 AOL Windows 2000 Beta Client Disconnects Dial-Up Link When All-Zeros Tunnel Is Up Reference Number 552P and 719 In Release 6.8.2, the AOL Beta client for Windows 2000 times out when an all-zeroes tunnel is up. Hewlett-Packard SA3000 Series VPN Client...
  • Page 31 Using the VPN Client With Novell NetWare Reference Number 670S-2 The Novell NetWare 4 server uses IPX (Internet Packet Exchange), however, the VPN Client does not support IPX through a tunnel. Theoretically, to work around this, Novell NetWare/IP can be used. NetWare/IP encapsulates IPX information in an IP (Internet Protocol) packet that can be sent to any IP address.
  • Page 32 DNS (Domain Name Service) • DSS (Domain SAP/RIP Server) • NWIP Server Also, ensure that your workstation is capable of logging into an ISP through Dial-Up Networking (DUN) and that it has functional TCP/IP capabilities. Hewlett-Packard SA3000 Series VPN Client...
  • Page 33 Note: Because of the difficulties getting NetWare/IP to work with the VPN Client, you may not be able to get a client connection through your VPN tunnel even though you have followed all of the suggestions in this section. Installation Problem Reference Number 670F2F-1A When installing the VPN Client software in boot mode on a Windows NT system on which there is a third -party gina...
  • Page 34 When the Transport mode tunnel is down, packets such as ICMP pings and VPN Manager UDP traffic go through to the device in the clear. Hewlett-Packard SA3000 Series VPN Client...
  • Page 35 Windows 9x Dial Up Connection Passes Local Traffic Down Tunnel With 0.0.0.0 Subnet Reference Number 770 In Release 6.8.2, on Windows 9x, When you dial up to establish a tunnel with a 0.0.0.0 subnet, all traffic goes down the tunnel and you can no longer ping the local subnet.
  • Page 36 Notepad, delete the following line and save the modified vpnuser.ini file: interfaceIP = 0.0.0.0 Alternatively, you may change the interfaceIP= setting in the vpnuser.ini file to the current interface IP address. Either of these workarounds allows the tunnel to autoconnect. Hewlett-Packard SA3000 Series VPN Client...

This manual is also suitable for:

Sa3110Sa3150Sa3400Sa3450

Table of Contents