Cisco VPN Software Client Installation Guide for RTP2 Beta-Test

Similar documents
Business Connect Secure Remote Access Service (SRAS) Customer Information Package

How to Set Up External CA VPN Certificates

Step-by-step installation guide for monitoring untrusted servers using Operations Manager

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

SIX Trade Repository AG

SSL Certificate Based VPN

Installing and Configuring vcenter Multi-Hypervisor Manager

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

Remote Access via Cisco VPN Client

Installing and Configuring vcloud Connector

AT&T Cloud Web Security Service

Procedure to Connect NIC VPN in Windows for ebiz

Deltek Touch Expense for Ajera. Touch 1.0 Technical Installation Guide

Installing and Configuring vcloud Connector

VII. Corente Services SSL Client

How to Configure Mobile VPN for Forcepoint NGFW TECHNICAL DOCUMENT

How to Configure a Client-to-Site L2TP/IPsec VPN

3.1 Getting Software and Certificates

Privileged Access Agent on a Remote Desktop Services Gateway

PS Suite EMR ASP Remote Access Setup Guide for Macintosh computers

ActivIdentity 4TRESS AAA Web Tokens and F5 BIG-IP Access Policy Manager. Integration Handbook

Installation & Configuration Guide Version 1.6

Integrate Cisco VPN Concentrator

UNT System Campus VPN Guide

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

BLUEPRINT TEAM REPOSITORY. For Requirements Center & Requirements Center Test Definition

VMware Horizon View Deployment

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2

Horizon DaaS Platform 6.1 Service Provider Installation - vcloud

CounterACT Aruba ClearPass Plugin

RPC Over HTTP Install Windows Server 2003 Configure your Exchange 2003 front-end server as an RPC Proxy server

Frequently Asked Questions About Performance Monitor

H3C SecBlade SSL VPN Card

Novell Access Manager

SonicWall Global VPN Client Getting Started Guide

Connect to Wireless, certificate install and setup Citrix Receiver

Chapter 10 Configure AnyConnect Remote Access SSL VPN Using ASDM

vcloud Director Tenant Portal Guide vcloud Director 8.20

Authentication, Encryption, Transport, IP Version and VPN Routing

Using ZENworks with Novell Service Desk

Load Balancing VMware Workspace Portal/Identity Manager

Stonesoft Management Center. Release Notes Revision B

Using vrealize Operations Tenant App as a Service Provider

vshield Administration Guide

3. In the upper left hand corner, click the Barracuda logo ( ) then click Settings 4. Select the check box for SPoE as default.

Administrator's Guide

Immotec Systems, Inc. SQL Server 2008 Installation Document

Installation Guide Worksoft Certify Execution Suite

Sophos Firewall Configuring SSL VPN for Remote Access

Sophos Mobile SaaS startup guide. Product version: 7.1

ForeScout CounterACT. Controller Plugin. Configuration Guide. Version 1.0

How to Configure SSL VPN for Forcepoint NGFW TECHNICAL DOCUMENT

Read the following information carefully, before you begin an upgrade.

Cisco Secure Desktop (CSD) on IOS Configuration Example using SDM

Reconfiguring VMware vsphere Update Manager. Update 1 VMware vsphere 6.5 vsphere Update Manager 6.5

Cisco QuickVPN Installation Tips for Windows Operating Systems

Secure IIS Web Server with SSL

Edge Device Manager Quick Start Guide. Version R15

MyFloridaNet-2 (MFN-2) Remote Access VPN Reference Guide

CounterACT DNS Enforce Plugin

AT&T CLOUD SERVICES. AT&T Synaptic Compute as a Service SM. Using VMware vcloud Connector

Reconfiguring VMware vsphere Update Manager. 17 APR 2018 VMware vsphere 6.7 vsphere Update Manager 6.7

Managing GSS Devices from the GUI

FUJITSU Cloud Service S5 Setup and Configuration of the FTP Service under Windows 2008/2012 Server

Configuration of Shrew VPN Client on RV042, RV042G and RV082 VPN Routers through Windows

Remote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN

Sophos Mobile as a Service

Forescout. Configuration Guide. Version 4.2

SonicWALL Security Appliances. SonicWALL SSL-VPN 200 Getting Started Guide

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

Setting up Certificate Authentication for SonicWall SRA / SMA 100 Series

Version Installation Guide. 1 Bocada Installation Guide

Using VMware View Client for Mac

Stonesoft Management Center. Release Notes for Version 5.6.1

How to Configure Guest Access with the Ticketing System

Cisco Craft Works Interface Quick Start Guide Cisco IOS XR Software Release 3.2 1

A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e. Chapter 8 Networking Essentials

Defining IPsec Networks and Customers

SIMATIC NET. Industrial Remote Communication - Remote Networks SINEMA Remote Connect - Client. Preface. Requirements for operation 1

How to Set Up VPN Certificates

Using SSL to Secure Client/Server Connections

'phred dist acd.tar.z'

Windows 7 Professional 64 bit Installation and Configuration for MassLynx or Empower Controlled Ethernet Instrument Communication

FUJITSU Cloud Service S5. Introduction Guide. Ver. 1.3 FUJITSU AMERICA, INC.

Using the Terminal Services Gateway Lesson 10

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Immotec Systems, Inc. SQL Server 2008 Installation Document

NetExtender for SSL-VPN

Quick Start Access Manager 3.1 SP5 January 2013

Introduction. Introduction

Installation Guide. Mobile Print for Business version 1.0. July 2014 Issue 1.0

Sophos Connect. help

edp 8.2 Info Sheet - Integrating the ediscovery Platform 8.2 & Enterprise Vault

Integration Guide. LoginTC

Pexip Infinity and Google Cloud Platform Deployment Guide

ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

CounterACT User Directory Plugin

Stonesoft Management Center. Release Notes Revision A

Transcription:

DOC Cisco VPN Software Client Installation Guide for RTP2 Beta-, This guide provides firewall and network considerations and step-by-step instructions on how to install a Cisco VPN Software Client and install Certificate and Connection Entry for RTP2 Beta- Copyright SIX Group Ltd, 04.2015. All rights reserved. All trademarks observed.

Page i Identification Title: Cisco VPN Software Client Installation Guide for RTP2 Beta- Version, Date: Classification: Intended Audience: <Audience> Distribution: <Distribution> Keywords: Cisco VPN, Installation, Guide Reference: Filename: Cisco-VPN-Software-Client-Quick-Start-und-Installation-Guide-Beta-.docx Synopsis: This guide provides firewall and network considerations and step-by-step instructions on how to install a Cisco VPN Software Client and install Certificate and Connection Entry for RTP2 Beta- Author(s): Martin Schmid Reviewer: XRS-Team Approval: Lee Hannah Responsible: Martin Schmid Revision History Version, Date Description 1.00, 03.01.2012 First Version

Page ii Table of Content 1 Introduction... 1 1.1 Purpose & Scope... 1 1.2 Definitions & Abbreviations... 1 1.3 Contact... 1 2 Cisco VPN Software Client... 1 3 Network & Firewall Considerations... 2 3.1 VPN Endpoints... 2 3.2 DNS Servers... 2 3.2.1 DNS Servers with VPN Connection... 2 3.2.2 Ports Used for Cisco VPN Software Client Connections... 3 3.3 Repo Application Servers... 3 3.4 HTTP Proxy Server Exceptions... 4 3.5 Ports used for Connection and a Quick Guide to Troubleshooting... 4 3.5.1 For Clients with Direct Connections... 4 4... 5 4.1 Downloading and Configuring VPN Software Client... 5 4.2 Setting Up a VPN Connection... 14

Introduction Page 1 1 Introduction 1.1 Purpose & Scope This document describes how to set up a VPN connection with a Cisco VPN Software Client to the RTP2 trading platform. The guide provides basic information about technical requirements and network settings as well as detailed information about the installation and configuration of the Cisco VPN Software Client. 1.2 Definitions & Abbreviations Term/Abbreviation CVI DNS Environments FQDN IPSec Explanation Common VPN Infrastructure Domain Name System M01 RTP2 Beta- Fully Qualified Domain Name Internet Protocol Security RTP2 Repo of SIX trading platform 2 SCAP SSX SSL SWX VEP VPN SIX Swiss Exchange Common Access Portal SIX Swiss Exchange Secure Socket Layer SWX Swiss Exchange. Former name of SIX Swiss Exchange VPN Entrypoint Virtual Private Network 1.3 Contact For further information about specific issues, please contact Repo infodesk: Zürich +41 58 399 2190 E-mail: repoinfodesk@six-group.com 2 Cisco VPN Software Client The following Cisco VPN Software Client version is tested and supported by SIX Swiss Exchange: Cisco VPN Software Client V5.0.07.0440 (64 bit)

Network & Firewall Considerations Page 2 3 Network & Firewall Considerations 3.1 VPN Endpoints The table below gives the FQDN and IP addresses of the SIX Swiss Exchange VPN endpoints for Cisco VPN connections: Membertest & Production Data Centre A Data Centre B vpn.swx.com 146.109.0.10 146.109.64.10 (virtual IP addresses) vpnzs.swx.com 146.109.0.10 (virtual IP address) vpnzs01.swx.com 146.109.0.11 vpnzs02.swx.com 146.109.0.12 vpnzh.swx.com 146.109.64.10 (virtual IP address) vpnzh01.swx.com 146.109.64.11 vpnzh02.swx.com 146.109.64.12 The VPN Endpoints above are valid Repo of SIX Trading and Reference Data servers. NB. Please ensure that all of above VPN Endpoints have been enabled over your firewall. Due to our load balancing mechanism a VPN response that emanates from a source that has not been opened on your firewall will not be accepted by your organisation and your connection to the Repo trading environment could be refused. 3.2 DNS Servers 3.2.1 DNS Servers without VPN Connection These DNS servers resolve VPN endpoints: Data Centre IP Address Data Centre A 146.109.66.249 Data Centre A 146.109.66.250 Data Centre B 146.109.2.249 Data Centre B 146.109.2.250

Network & Firewall Considerations Page 3 3.2.2 DNS Servers with VPN Connection These DNS servers resolve Repo application servers: Data Centre IP Address Data Centre A 146.109.55.251 Data Centre A 146.109.55.252 Data Centre B 146.109.39.251 Data Centre B 146.109.39.252 3.2.3 Ports Used for Cisco VPN Software Client Connections The table below indicates the ports used between the Cisco VPN Software Client and the SIX Swiss Exchange VPN endpoint: IP Protocol No. Name Port Purpose Required for IPSec IPSec Over UDP IPSec Over TCP 17 UDP 500 IKE 50 IPSec None ESP 17 UDP 4500 IPSec via NAT-T 17 UDP 4501 IPSec via UDP 6 TCP 4501 IPSec via TCP 3.3 Repo Application Servers The table below gives the FQDN and IP addresses of the Repo application servers. These addresses can be reached through a Cisco VPN Software Client connection: Beta Reference Server Trading Server 1 rtp2-ref-mbt.pn.swx rtp2-trd1-mbt.pn.swx 146.109.52.199 146.109.52.198 Trading Server 2 rtp2-trd2-m01.pn.swx 146.109.52.197 The application servers above are valid for the Repo of SIX trading and reference data environments.

Network & Firewall Considerations Page 4 3.4 HTTP Proxy Server Exceptions Access to the various online features provided through the Repo platform, e.g. Member Page with Newsboard, Online Help and Statistics. (Membertest / Production) is not possible via a web-proxy server. They can only be accessed through a Cisco VPN (IPSec) tunnel connection. For these specific websites, you need to ensure that you have disabled any potential HTTP proxy server on the client PC. The following HTTP proxy server exceptions have to be set in your web-browser: *.pn.swx (for application servers) *.ps.swx (for CVI Private Web) 3.5 Ports used for Connection and a Quick Guide to Troubleshooting In order to be able to better troubleshoot any potential connectivity issues the following information gives you the ports associated with the individual destinations within both the Repo client-side environment as well as the Exchange-side infrastructures as well as methods to test the validity of any connection. 3.5.1 For Clients with Direct Connections Providing that the VPN is correctly connected, the following table details the application servers and their corresponding ports. If you are encountering connectivity issues with the repo trading system always ensure that the you are unable to make a telnet request to and receive a response from the corresponding FQDNs/IP Addresses in section 3.3 on the appropriate ports below (depending on your environment). The latter set of ports are used to receive help and peripheral information. Destination Environment TCP Port Exchange Beta Reference Server 146.109.52.199 7310 Beta Trading Server 1 and 2 146.109.52.198 146.109.52.199 7311, 7312

Page 5 4 If there is no Cisco VPN Software Client installed follow the step by step instructions below 4.1 Downloading and Configuring VPN Software Client To access the CVI Common VPN Infrastructure, proceed as follows (an Internet connection is required): 1. In your Browser, go to the CVI Common VPN Infrastructure Web page https://www.six-swissexchange.com/members/cvi/scap.html and login with cvim01enr / vicarphing 2. On the CVI Common VPN Infrastructure page, download the following three items: [ ] Cisco VPN Tunnel Software [ ] Connection [ ] CVI Root Certificate 3. For each of the three items, proceed as follows to download them and save them on your Desktop: a. Click on the item link (for example Cisco VPN Tunnel Software) and click Save as in the dialog box.

Page 6 b. In the Folders pane, select Desktop and click Save. 4. When you have repeated steps a to c above for the other two items (Connection and the CVI Root Certificate), verify that all three files are available on your Desktop. 5. On your Desktop, double-click the Cisco VPN Tunnel Software file you have downloaded: vpnclient-win-msi-5.0.03.0560-k9.exe. 6. Click Unzip.

Page 7 7. The file is being unzipped. In the dialog box, click OK. 8. Choose English and click OK. 9. The Installation Wizard is started. Click Next.

Page 8 10. Select the I accept the license agreement option and click Next. 11. Select a destination folder (or leave it unchanged) and click Next. 12. Click Next (2 times) to begin installation.

Page 9 13. When the VPN client has been installed, click Finish. 14. Click Yes to restart your computer. 15. To start the VPN client, click the Start menu and select All Programs > Cisco Systems VPN Client > VPN Client.

Page 10 16. The VPN Client is started. Click the Connection Entries tab and click the Import button. 17. Navigate to the Desktop, select the SWX_CVI.pcf file and click Open. 18. In the dialog box, click OK to confirm the successful import of the Connection Entry.

Page 11 19. The Connection Entry SWX_CVI is now listed under Connection Entry. 20. Click the Certificates tab. 21. On the Certificates menu, click Show CA/RA Certificates. 22. Click the Import button.

Page 12 23. In the dialog box, select the Import from File option and click Browse. 24. Navigate to the Desktop, select the SWXVPNROOTCA.cer file and click Open. 25. Click Import. 26. In the dialog box, click OK to confirm the successful import of the Root Certificate.

Page 13 27. The Root-Certificate swxcapprdrootca is now listed under the Certificates tab.

Page 14 4.2 Setting Up a VPN Connection 1. In your Browser, go to the CVI Common VPN Infrastructure Web page https://www.six-swissexchange.com/members/cvi/scap.html and login with cvim01enr / vicarphing 2. On the CVI Common VPN Infrastructure Web page and click on the link Private CVI VPN Homepage (via SSL connection). 3. A security alert is displayed. Click on Continue to this website (not recommended) link twice. 4. In the Login window, type again cvim01enr / vicarphing

Page 15 5. Click Login.The CVI Private Web page will open. (This may take some time ) 6. On the welcome screen, type the certificate Username and Password provided in the secured email for the RTPM01 environment. 7. Click Enter. 8. After successful login, the Userpage opens. Enter a personal defined download password (for example MyPwd123456).and click Download. 9. Save the certificate in a directory of your choice selecting Save as in a directory of your choice or select Save to store it in your Downloads directory. 10. Open the VPN Client: On the Certificates tab, click the Import button. 11. Select the option Import from File and click Browse.

Page 16 12. Navigate to the choosen directory or to the Downloads directory and select your certificate file (*.p12, in this example it is RTPM012002.p12). Then click Open. 13. The imported certificate is now displayed in the Import Path: box. In the Import Password: box, type the password you have selected (for example MyPwd123456). 14. If preferred you can protect the certificate and connection start by a new certificate password. Select a new password (for example MyNewCertificatePwd123456) and type it in the New Password / Confirm Password boxes. Remember or note down this password because you will use it to start the VPN connection and as well it is needed to delete the certificate. 15. Then click Import.

Page 17 16. A dialog box confirms that the import of the certificate was successful. Click OK. 17. The imported certificate is now displayed under the Certificates tab. 18. Click on Connection Entries tab. Right-click on the SWX_CVI Connection Entry and select Modify from the context menu. 19. As well you can Right-click on a Connection Entry of your choice and select Duplicate from the context menu.

Page 18 20. Right-click on the duplicated Connection Entry and select Modify from the context menu. 21. In the Tab Authentication select the Certificate Authentication option and select the RTPM01xxxx certificate in the Name box. (In this example it is 3 - RTPM012002 (Cisco) ) 22. As well edit the Connection Entry: field to a name of your choice. (In this example RTPM012002).

Page 19 23. Then click Save. 24. Click the Connect button and type in the certificate password if requested to start the connection (for example MyNewCertificatePwd123456). Then click OK. 25. A dialog box is displayed and confirms that you have successfully connected. Click Continue.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback