HOB HOBLink Administration Manual

Type
Administration Manual

Below you will find brief information for HOBLink VPN Gateway. This guide provides system administrators with detailed information on the HOBLink VPN Gateway, a VPN gateway solution for secure network access using IKE/IPsec encryption. The guide covers installation, configuration, including VPN peers and rules, and administration via the HOB Portal. It highlights features like multiple encryption methods, compatibility with other vendors, and support for IKE and IPsec standards.

Below you will find brief information for HOBLink VPN Gateway. This guide provides system administrators with detailed information on the HOBLink VPN Gateway, a VPN gateway solution for secure network access using IKE/IPsec encryption. The guide covers installation, configuration, including VPN peers and rules, and administration via the HOB Portal. It highlights features like multiple encryption methods, compatibility with other vendors, and support for IKE and IPsec standards.

Administration Guide
HOBLink VPN Gateway
Software version: 2.1
Issue: November 2014
2Security Solutions by HOB
HOBLink VPN Gateway Software and Documentation - Legal Notice
Contact: HOB GmbH & Co. KG
Schwadermuehlstr. 3
90556 Cadolzburg
Represented by: Klaus Brandstätter, Zoran Adamovic
Phone: + 49 9103 715 0
Fax: + 49 9103 715 271
Register of Companies: Entered in the Registry of Companies, Registry Court: Amtsgericht Fürth, Registration Number:
HRA 5180
Tax ID: Sales Tax Identification Number according to Section 27a Sales Tax Act: DE 132 747 002
Responsible for content according to Section 55 Paragraph 2 Interstate Broadcasting Agreement: Klaus Brandstätter,
Zoran Adamovic, Schwadermuehlstr. 3, 90556 Cadolzburg.
Disclaimer
All rights are reserved. Reproduction of editorial or pictorial contents without express permission is prohibited. HOBLink VPN
Gateway software and documentation have been tested and reviewed. Nevertheless, HOB will not be liable for any loss or
damage whatsoever arising from the use of any information or particulars in, or any error in, or omission from this document.
All information in this document is subject to change without notice, and does not represent a commitment on the part of HOB.
Liability for content
The contents of this publication were created with great care and diligence. While we keep it as up-to-date as practicable, we
cannot take any responsibility for the accuracy and completeness of the contents of this publication. As a service provider we
are responsible for our own content in this publication under the general laws according to Section 7 paragraph 1 of the TMG.
According to Chapters 8 to 10 of the TMG we are not obliged as a service provider to monitor transmitted or stored information
not created by us, or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of
information under the general laws remain unaffected. Liability is only possible however from the date of a specific
infringement being made known to us. Upon notification of such violations, the content will be removed immediately.
Liability for links
This publication may contain links to external websites over which we have no control. Therefore we cannot accept any
responsibility for their content. The respective provider or operator of the website pages to which there are links is always
responsible for the content of the linked pages. The linked sites were checked at the time of linking for possible violations of
the law. At the time the link was created in this publication, no illegal or harmful contents had been identified. A continuous
and on-going examination of the linked pages is unreasonable without concrete evidence of a violation. Upon notification of
any violations, such links will be removed immediately.
Copyright
The contents and works on these pages created by the author are subject to German copyright law. Reproducing, copying,
modifying, adapting, distributing or any kind of exploiting of this material outside the realms of copyright require the prior
written consent of the respective author or creator. The downloading of, and making copies of, these materials is only
permitted for private, non-commercial use. Where contents of this publication have not been created by the author, the
copyright of the third parties responsible for these contents shall be upheld. In particular any contents created by a third party
are marked as such. If you become aware of any copyright infringement within this publication, we kindly ask to be provided
with this information. Upon notification of any such violation, the concerned content will be removed immediately.
Trademarks
Microsoft Windows is a trademark of Microsoft Corporation.
Linux® is the registered trademark of Linux Torvalds in the U.S. and other countries.
UNIX is a registered trademark of The Open Group.
Mac OS and Apple are trademarks of Apple Inc., registered in the U.S. and other countries.
Oracle and Java are registered trademarks of Oracle and/or its affiliates.
All other product names, company names and service names may be trademarks, registered trademarks or service marks of
their respective corporations or owners, even if they are not specifically marked as such.
Issued: November 28, 2014
Security Solutions by HOB 3
Purpose of this Guide
This guide is designed to provide system administrators with detailed information
concerning HOBLink VPN Gateway and to help them decide where and when this product
can be most effectively deployed in their enterprise network.
This documentation contains descriptions of numerous possible scenarios and explains
required conditions. The procedures for configuring the individual software components are
documented in detail with step-by-step instructions.
Symbols and Conventions
This guide uses certain conventions and abbreviations which are explained here:
References to program commands, options and buttons are printed in Bold, for example:
select the command Open.
Cross-references to section headings and figures with numbers are marked in color as
follows: Section 5 Information and Support.
File names and text to be entered by the user are printed in Courier New. This input is
– unless otherwise mentioned - case sensitive.
In this documentation, HOB-specific terminology is abbreviated as follows:
Other abbreviations commonly used in this documentation are as follows:
This symbol indicates useful tips that can make your work easier.
This symbol indicates additional informative text.
This symbol indicates an important tip or procedure that may have far-reaching
effects. Please consider carefully the consequences of any changes and settings
you make here.
HOB-specific Terminology Abbreviation
HOBLink Virtual Private Network HOBLink VPN
Full Name Abbreviation
Internet Protocol Security IPsec
Internet Key Exchange IKE
Network Addresss Translation NAT
Extensible Markup Language XML
Uniform Resource Locator URL
Graphical User Interface GUI
Transmission Control Protocol/Internet Protocol TCP/IP
4Security Solutions by HOB
Dead Peer Detection DPD
User Datagram Protocol UDP
Distinguished Name DN
Network TUNnel/Tap, the Virtual Network Device
Interface
Tun/Tap
Remote Desktop Protocol RDP
Security Solutions by HOB 5
Contents
1 Introducing HOBLink VPN Gateway 7
1.1 Introducing Kanji............................................................................................. 7
1.2 Introducing VPN Peers and VPN Rules ......................................................... 7
1.3 Features of HOBLink VPN Gateway .............................................................. 7
1.4 Components of HOBLink VPN Gateway ........................................................ 9
2 Installing HOBLink VPN Gateway 13
2.1 Starting HOBLink VPN Gateway .................................................................. 13
2.2 Managing HOBLink VPN Gateway............................................................... 13
2.3 Requirements of HOBLink VPN Gateway .................................................... 14
3 Administering HOBLink VPN Gateway 15
3.1 HOB Portal ................................................................................................... 15
3.2 Administering HOBPortal.............................................................................. 16
3.3 Users ............................................................................................................ 17
3.4 Sessions....................................................................................................... 19
3.5 Portlets ......................................................................................................... 20
3.6 Using the HOB Portal ................................................................................... 22
4 Configuring the Kanji GUI Tool 25
4.1 Defining Paths for Kanji and XML files ......................................................... 26
4.2 Selecting Kanji and XML Filepaths from the Kanji Configuration ................. 27
5 Configuring HOBLink VPN Gateway 29
5.1 Properties ..................................................................................................... 29
5.2 Auditing ........................................................................................................ 31
5.3 Network ........................................................................................................ 33
5.4 Service.......................................................................................................... 34
5.5 Remote Authentication Dial In User Service (RADIUS) ............................... 35
5.6 Lightweight Directory Access Protocol (LDAP) ............................................ 37
5.7 Microsoft Layer 2 Tunneling Protocol (L2TP)............................................... 41
5.8 Internet Key Exchange (IKE)........................................................................ 42
5.9 Internet Protocol Security (IPsec)................................................................. 49
5.10 Users ............................................................................................................ 52
5.11 VPN .............................................................................................................. 54
5.12 VPN Gateway StatusInfo.............................................................................. 59
6 Configuring XML Parameters for HOBLink VPN Gateway 61
6.1 Configuration Parameters for Properties (properties) ............................. 61
6Security Solutions by HOB
6.2 Configuration Parameters for Auditing (auditing) .....................................61
6.3 Configuration Parameters for Network (network) .......................................62
6.4 Configuration Parameters for Service (service) ........................................ 63
6.5 Configuration Parameters for RADIUS (radius) ......................................... 64
6.6 Configuration Parameters for IKE (ike) .......................................................66
6.7 Configuration Parameters for IPsec (ipsec)................................................71
6.8 Configuration Parameters for Users (user) .................................................73
6.9 Configuration Parameters for VPN (vpn)...................................................... 74
6.10 Configuration Parameters for L2TP (l2tp) ..................................................80
6.11 Configuration Parameters for LDAP (ldap) .................................................81
7 Information and Support 83
HOBLink VPN Gateway Introducing HOBLink VPN Gateway
Security Solutions by HOB 7
1 Introducing HOBLink VPN Gateway
HOBLink Virtual Private Network Gateway (HOBLink VPN Gateway) is a VPN
gateway solution for access to your network data with strong and secure IKE/IPsec
encryption methods. It uses the IPsec, IKEv1 and IKEv2 protocols to give your
company the security you require. HOBLink VPN Gateway provides authenticity,
integrity and confidentiality checks for each stage of data transfer.
HOBLink VPN Gateway is a new implementation of an IPsec based VPN gateway
as a software solution. Versions for different products are provided and are primarily
available for Linux, BSD and Microsoft Windows platforms.
It is intended to support HOBLink VPN 1.8 clients and gateways, as well as other
RFC compliant solutions.
HOBLink VPN Gateway enables you to have secure, economical, reliable and
universal remote access to all your enterprise IT resources.
1.1 Introducing Kanji
Kanji is a GUI tool with a Java interface that is used to create and modify
configuration XML files. Kanji can be applied to many products. In this case, it is an
intuitive interface used in the HOB Portal that anyone is able to use to configure
VPN connections. See Section 3 Administering HOBLink VPN Gateway on page 15
for more information.
1.2 Introducing VPN Peers and VPN Rules
HOBLink VPN Gateway uses IPsec and IKE security encryption protocols. As these
do not allow a traditional client-server relationship, a system of peers is used to
avoid this problem. In a peer system there is no distinction between the participants
as with a client-server set up, with all devices being on the same peer level. A
system of rules is also used to govern how the peers within the VPN communicate
with each other.
1.3 Features of HOBLink VPN Gateway
HOBLink VPN Gateway is a gateway solution for access that uses these two
processes:
hobvpn2
hobsr
The process hobvpn2 runs in normal user space without any root or administrative
privileges on the computer. There are two reasons for this. Firstly, unlike most IPsec
VPNs that run in Kernel mode, if there is an error the operating system is not
involved, meaning there are no “blue screen” errors. Secondly, as the process is
How to set up the VPN Peers and the VPN Rules is described in Section
6.9 Configuration Parameters for VPN (vpn) on page 74. The other
components of the configuration consist of the information needed to fulfill
the requirements for setting up VPN Peers and VPN Rules.
Introducing HOBLink VPN Gateway HOBLink VPN Gateway
8Security Solutions by HOB
used for access over the public Internet, having no privileges means the process
cannot be used to access other parts of the computer in the event of an attack. This
is an extra security feature of this solution. Please note that hobvpn2 should be
started by a non-privileged user.
The second process, hobsr, is used for tasks that need root/administrator rights
(e.g. to open a RAW socket, to create or open the Tun/Tap device, creating static
routes and ProxyARP entries, etc.). This process is not accessible from the Internet,
providing only secure internal communication to hobvpn2. This process needs to
be provided with extra access rights and is started automatically by hobvpn2.
Other features and highlights of HOBLink VPN Gateway include:
Using state-of-the-art IPsec encryption technology and supporting strong
authentication, according to the IPsec RFCs 2401 ff.
Using multiple encryption methods such as AES128, AES192, AES256, 3DES,
Blowfish and CAST128.
Fully compatible with HOBLink VPN 1.6 and 1.8 gateways and clients, users and
user groups, as well as the IPsec products from many other vendors.
Using all IKE and IPsec standards and tunnel modes that were supported in
version 1, including IKEv1, AH, ESP, IPCOMP and their combinations (AH+ESP,
AH+IPCOMP, ESP+IPCOMP, AH+ESP+IPCOMP) to provide data manipulation
alerts and replay detection. This ensures that the data has not been corrupted.
IPsec processing takes advantage of multiple CPUs and can process several
packets concurrently. A special thread managing system optimizes the usage of
CPU and RAM resources.
The Tun/Tap interface is used to carry the IP packets from the kernel into user
space and vice versa.
IKEv1 supports two different types of Phase 1 negotiations, Main Mode and
Aggressive Mode. Aggressive Mode supports two additional authentication
methods, Hybrid and XAuth. IKE Phase 2 negotiations use Quick Mode.
IKE Phase 1 supports RADIUS and LDAP/AD authentication for clients.
IKE supports IKE Client Configuration Mode (for the assignment of virtual IPs
and primary and secondary DNS servers).
HOBLink VPN Gateway supports certificates (HOB CDB, Microsoft CryptoAPI).
HOBLink VPN Gateway supports Syslog auditing over UDP port 514.
HOBLink VPN Gateway includes NAT detection and NAT keepalives.
HOBLink VPN Gateway supports UDP encapsulation for NAT traversal.
HOBLink VPN Gateway supports DPD (Dead Peer Detection).
The VPN rules support the negation of the traffic selectors source, destination
and service.
HOBLink VPN Gateway supports XML configuration, with local configuration
files in XML format. SSL connections are also supported (https).
All services, ports and connections are fully configurable. Configuration is also
possible via a web browser, both local and remote.
HOBLink VPN Gateway Introducing HOBLink VPN Gateway
Security Solutions by HOB 9
1.4 Components of HOBLink VPN Gateway
HOBLink VPN Gateway is a complete software solution that is delivered in a
modular form. These modules, both core modules and configuration modules, are
installed together and work together to provide the functionality you require.
1.4.1 Core Modules
There are two core modules that provide the required functionality of HOBLink VPN
Gateway. These are the:
Process Modules
Library Modules
Process Modules
The basic functionality of HOBLink VPN Gateway is provided by the process
hobvpn2 (main process). An important process, hobsr, provides hobvpn2 with
added system resources and therefore needs special root permissions.
Another process, sendsig, sends two signals to the hobvpn2 process. These
signals provide the following tasks:
sendsig (sent without any parameter) - this signal indicates to the hobvpn2
process that the configuration has been changed while the VPN is still running.
The hobvpn2 process then reads the configuration file again and updates its in-
ternal processes accordingly, while it continues running.
sendsig hobvpn2 - this forces the hobvpn2 process to stop running
Library Modules
Some libraries are needed for a proper connection:
libgcc_s.so.1
libhobxcw3.so
libhvpnintf32.so
libstdc++.so.6.0.14 (this has a link called libstdc++.so.6).
1.4.2 Configuration Modules
The configuration modules are the files that contain the necessary data needed by
HOBLink VPN Gateway to fulfill the tasks required of it.
vpnconfig.xml – this file contains the configuration data that
HOBLink VPN Gateway needs to establish IKE/IPsec connections. It is located
in the installation folder /HOB/HOBLinkVPN of the application. For configuration
purposes, this file may either be edited directly or via a browser (either locally or
remotely), in which case the configuration server must be correctly configured.
See Section 3 Administering HOBLink VPN Gateway on page 15 for more
information.
Introducing HOBLink VPN Gateway HOBLink VPN Gateway
10 Security Solutions by HOB
Figure 1: Standard Browser-based Configuration Scheme
vpnconfig.knj – this file contains data describing the structural elements of
the HOBLink VPN Gateway configuration. It is used by the HOB configuration
server to create the HTML pages for the browser during configuration.
The browser-based configuration and retrieval of status information is managed by
the HOB Portal system. This is installed in the folder HOBPortal which is found in
the HOB folder of the installation.
A standard TCP/IP connection from the Java-capable web browser is used to
connect to the HOB Portal server, please see Section 3.1 HOB Portal on page 15
for more information.
1.4.3 Certificate Support Modules
Certificates are used to authenticate the machines responsible for communication.
The modules that contain these certificates are located in the installation folder of
HOBLink VPN Gateway. This folder contains a sub-folder, cert.db, containing two
files:
vpn.cdb - a HOB certificate database file
vpn.pwd - a password file
It is strongly recommended to always leave this file, vpnconfig.knj,
unchanged.
HOBLink VPN Gateway Introducing HOBLink VPN Gateway
Security Solutions by HOB 11
The certificates provided in this HOB keystore vpn.cdb are intended for
testing and demo purposes only. It is strongly recommended that for
productive day-to-day operations you remove these vpn.cdb and
vpn.pwd files and create your own keystore and password files. Use the
HOBLink Security Manager to either create your own PKI or just add the
available certificates to your own keystore.
These files can be edited via the HOBLink Security Manager tool, which
is delivered on CD for extra installation. Documentation concerning the
HOBLink Security Manager is available after the installation of this HOB
tool.
Introducing HOBLink VPN Gateway HOBLink VPN Gateway
12 Security Solutions by HOB
HOBLink VPN Gateway Installing HOBLink VPN Gateway
Security Solutions by HOB 13
2 Installing HOBLink VPN Gateway
The HOBLink VPN Gateway software is provided in a compressed file that is
installed using an install script. The compressed file is hob-vpn2-gw.tar.bz2
and the install script is installVPN2-GW.sh.
To install HOBLinkVPN Gateway for Linux:
1. Log on as Root User in your Linux system.
2. From the command line, run the install script installVPN2-GW.sh.
3. Select where to install the software (this will be /opt/HOB/ by default).
4. Select the option to start VPN2GW and HOBPortal (this step is optional).
Once the software has been installed, make sure that IP Forwarding is enabled. If
it is not enabled, run the script enableIPForwarding.sh located in the HOB
folder. To disable it again, run the script disableIPForwarding.sh.
2.1 Starting HOBLink VPN Gateway
When the software is installed via the install script, HOBLink VPN Gateway can
either be started in Step 2 below or started later.
To start HOBLink VPN Gateway:
1. Log on to the system as a normal user.
2. From the command line, run the script startVPN.sh located in the HOB folder.
This starts the hobvpn2 process, giving the parameter -c vpnconfig.xml for the
configuration file, as a daemon.
The script startVPN2-GW.sh can also be used to start HOBLink VPN Gateway,
which in turn also starts the HOBPortal server.
For debugging purposes:
The process hobvpn2 accepts the following parameters:
-a this step is optional. This runs hobvpn2 as an application. If this is not
already specified, hobvpn2 runs as a daemon (in the background) instead.
-c (config file) this step is optional. If this is not present, then the config.xml
file is used as default.
2.2 Managing HOBLink VPN Gateway
The following information refers to the installation folder, which is /opt/HOB/
HOBLinkVPN/ by default. The administration scripts are in the HOB installation
folder (in this case, /opt/HOB/).
The command ./hobvpn2 -c vpnconfig.xml starts the VPN process, where
the parameter -c indicates the name of the configuration file (vpnconfig.xml by
default). A normal, non-privileged user should start the process. It is easier to start
the VPN process by running the script startVPN.sh, which runs the provided
command.
Installing HOBLink VPN Gateway HOBLink VPN Gateway
14 Security Solutions by HOB
In order to stop the VPN process, run the script stopVPN.sh. This sends the
command ./sendsig hobvpn2 that orders the VPN process to stop working
gracefully.
To reload and implement changes in the configuration file, run the script
reloadConfig.sh. This runs the process ./sendsig, which sends the
command to the VPN process to reload and implement the configuration file.
2.3 Requirements of HOBLink VPN Gateway
The following are the necessary minimum requirements for a successful installation
of HOBLink VPN Gateway:
System Requirements
HOBLink VPN Gateway is designed to run on the Linux operating system platform.
It requires only a standard Linux machine, with at least Kernel 2.6.x, including the
Tun/Tap interface.
HOBLink VPN Gateway supports both 32 and 64 bit systems.
Software Requirements
There are two options available for configuring HOBLink VPN Gateway:
a web browser
a standard or XML editor (for editing the configuration file)
For logging purposes:
Messages created while starting HOBLink VPN Gateway are written into the file
trace.txt which is located in the installation folder.
Messages created while running HOBLink VPN Gateway are to be logged by a
syslog server listening on UDP port 514. By default, the configuration file
vpnconfig.xml that is delivered with the solution contains a syslog server
configuration with the IP address 127.0.0.1, localhost.
HOBLink VPN Gateway Administering HOBLink VPN Gateway
Security Solutions by HOB 15
3 Administering
HOBLink VPN Gateway
HOBLink VPN Gateway can be configured in two ways:
1. By manually setting the configuration parameters by editing the configuration
file vpnconfig.xml. The vpnconfig.xml file needs to be opened in a text
editor to edit the parameters as required.
Please refer to Section 6 Configuring XML Parameters for HOBLink VPN
Gateway on page 61 for a detailed description of the parameters.
2. By editing the file via the HOB Portal management interface in the browser.
When editing through a GUI, you need to connect locally to a web browser. The
following web browsers are supported:
Microsoft Internet Explorer - Versions 9,10,11
Firefox - Version 28
Google Chrome - Version 34
3.1 HOB Portal
HOB Portal is the interface for the browser connection to HOBLink VPN Gateway
over an IP-based network. This interface provides information about the gateway
and allows HOBLink VPN Gateway to be configured.
The installation folder of HOB Portal is /opt/HOB/HOBPortal/ by default.
The HOB Portal server should be started by the script startHOBPortal.sh,
which launches the command bin/startup.sh.
To stop the HOB Portal server, run the script stopHOBPortal.sh. This script
launches the command bin/shutdown.sh to stop the HOB Portal server.
3.1.1 Connecting to HOB Portal
To connect to HOB Portal locally, enter the following URL into a browser:
http://localhost:5822/
To connect to HOB Portal over the network, enter the URL using the
hostname as follows:
http://<hostname>:5822/
3.1.2 Connecting to HOB Portal over SSL
To create an SSL encrypted connection to HOB Portal, enter the URL:
https://<hostname>:8443 into your browser.
A Java keystore is delivered in the path .../HOBPortal/conf.
The relevant server setting is to be found in the file
.../HOBPortal/conf/server.xml, in line 87.
Administering HOBLink VPN Gateway HOBLink VPN Gateway
16 Security Solutions by HOB
Here you can find the path and name of the keystore as well as the password, which
is hoblinkvpn by default.
3.1.3 Using your own SSL certificate
To use your own SSL certificate when connecting to HOB Portal, perform the
following steps:
1. Create your Java keystore containing a valid certificate.
2. Edit the file server.xml accordingly.
3. Launch the process .../HOB/stopHOBPortal.sh and then the process
.../HOB/startHOBPortal.sh in order to restart the HOBPortal server.
3.2 Administering HOBPortal
This set of screens is available to the root user or another user with the authority to
manage the portal of HOBLink VPN Gateway. Logon to HOBLink VPN Gateway
with the root user username and password. The following screen is displayed:
Figure 2: HOBLink VPN Portal
Information about the root user’s current status and permissions is provided here,
as well as the quick links Manage Sessions and Manage the portal that are
available to you. Only an administrator can use the quick link Add a new user. In
addition, the title bar has the following icons that are on every page of the portal:
Home returns you to this start screen from anywhere within the application.
Users – accesses the manage users screen.
Portal configuration – displays the portlet and page administration screen.
Service – displays the current status of the service.
Properties – displays the system properties page.
HOBLink VPN Gateway Administering HOBLink VPN Gateway
Security Solutions by HOB 17
3.3 Users
When you access the quick link Add a new user you will see this screen. Here you
can manage the users already configured in HOBLink VPN Gateway and add new
users to the user list.
3.3.1 Add User
Figure 3: User
This tab allows you to add new the users to those that are already present in
HOBLink VPN Gateway. You need to complete the following fields:
Username - enter the name assigned to this user in the system
Password - enter the password for confirming the identity of this user
Confirm password - enter the password again to confirm
User authorities - select the permissions from this list of permissions available to
the user. It is possible to select several permissions.
Enabled - check this box to activate this user in the user list.
Sessions – displays the manage sessions page. See Section 3.4 Sessions
on page 19 for more information.
Auditing – displays the audit logs on screen.
Logs – displays the system logs on screen.
Help – displays the help that is available for this application.
Logout – logs you out of the application and returns you to the main
HOBLink VPN Gateway portal.
Administering HOBLink VPN Gateway HOBLink VPN Gateway
18 Security Solutions by HOB
There are also two buttons:
3.3.2 Users
The Users tab allows you to manage the already existing users. You will see this
screen:
Figure 4: Manage Users
In this list of users you select the user from the list. Use the Edit and the Remove
selected users buttons to manage selected users in the list.
click Reset to discard any edits and restore any previously entered
information to this page.
click Add user to save any changes and add the new user to the user list
use this button to edit the configuration of the selected user
this button deletes the selected user from the user list
HOBLink VPN Gateway Administering HOBLink VPN Gateway
Security Solutions by HOB 19
3.4 Sessions
When you access the quick link Manage sessions, you will see this screen. Here
you manage the sessions in HOBLink VPN Gateway.
Figure 5: Sessions
Sessions that are currently open are displayed in the list. Details of the sessions
such as username, authorities and last request time are shown. Sessions can be
deleted by selecting the sessions to be removed and then using the Remove
selected sessions button to remove them from this list.
Administering HOBLink VPN Gateway HOBLink VPN Gateway
20 Security Solutions by HOB
3.5 Portlets
When you access the quick link Manage the portal, you will see this screen. Here
you manage portlets and pages. There are three tabs on this interface: Portlets,
Pages and New.
3.5.1 Portlets
When the Portlets tab is selected, the following screen is displayed:
Figure 6: Manage Portlets
Here you see the portlets currently available for use in the pages (showing the ID
number, the context of the application and the name of each portlet).
3.5.2 Pages
Select the Pages tab to display the following screen where you manage pages.
Figure 7: Manage Pages
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82
  • Page 83 83

HOB HOBLink Administration Manual

Type
Administration Manual

Below you will find brief information for HOBLink VPN Gateway. This guide provides system administrators with detailed information on the HOBLink VPN Gateway, a VPN gateway solution for secure network access using IKE/IPsec encryption. The guide covers installation, configuration, including VPN peers and rules, and administration via the HOB Portal. It highlights features like multiple encryption methods, compatibility with other vendors, and support for IKE and IPsec standards.

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI