equinux VPN Tracker 6.4.6 User Manual
Page 51
Email (User FQDN)
An email address is used for identification (e.g. [email protected]).
Make sure to enter the email address the VPN gateway expects.
Some VPN gateways use the type “Email (User FQDN)” even though the identi-
fier is not a valid email address, but a username (e.g. johndoe). To accommo-
date such devices, VPN Tracker does not require the identifier to actually be
an email address.
Key ID
An identifier for vendor-specific use. Most notably, many Cisco devices use
this for the group name of the connecting user.
ASN.1 DN
An ASN.1 Distinguished Name (DN) is used for identification. Make sure to en-
ter the distinguished name the VPN gateway expects.
Local Certificate
The identifier is the ASN.1 Distinguished Name taken from the subject of the
local certificate (only possible when using certificates for authentication).
Remote Identifier
The identifier that VPN Tracker should expect from the VPN gateway. VPN
Tracker will compare the actual identifier sent by the VPN gateway to the one
configured here. If the identifiers do not match, the connection attempt will
be stopped and an error displayed in the log.
Don’t verify remote identifier
Turn off identifier verification. Identifier verification provides some minor secu-
rity benefits, but is more relevant for the VPN gateway’s side. It is usually ok to
turn off identifier verification temporarily while setting up and testing a con-
nection.
IP Address
An IP address is used for identification. Make sure to enter the IP address the
VPN gateway sends.
Remote Endpoint IP Address
Same as “IP Address”, but VPN Tracker will automatically use the IP address VPN
Tracker connects to.
Fully Qualified Domain Name (FQDN)
A fully qualified domain name (FQDN) is used for identification (e.g.
vpn.example.com). Make sure to enter the FQDN the VPN gateway sends.
Email (User FQDN)
An email address is used for identification (e.g. [email protected]).
Make sure to enter the email address the VPN gateway sends.
Some VPN gateways use the type “Email (User FQDN)” even though the identi-
fier is not a valid email address. To accommodate such devices, VPN Tracker
does not require the identifier to actually be an email address.
Key ID
An identifier for vendor-specific use.
ASN.1 DN
An ASN.1 Distinguished Name (DN) is used for identification. Make sure to en-
ter the distinguished name the VPN gateway sends.
Remote Certificate
The identifier is the ASN.1 Distinguished Name taken from the subject of the
remote certificate (only possible when using certificates for authentication).
DNS
Use Remote DNS Server
VPN Tracker can use a name (DNS) server in the remote network of the VPN to
look up certain (or all) host names. This is useful if your organization operates
an internal DNS server that can look up host names of computers on the in-
ternal network.
Availability: always
Receive DNS Settings from VPN Gateway
When checked, VPN Tracker will use the DNS settings transmitted by the VPN
gateway during automatic configuration. To see if your VPN gateway transmits
such information, turn off Remote DNS, then connect. VPN Tracker will show a
message in the log suggesting to turn on Remote DNS if settings have been
transmitted.
51