Chapter 2 Customizing the client 59
Configuring the Contivity VPN Client
Format of GinaList.ini:
#Following Ginas conflict with Nortel Networks' NNGINA.
#The comment line right above the Gina DLL will be shown to users if
it's detected.
#Cisco Gina DLL
CSGina.dll
#X Gina DLL
X.dll
The comment preceding the identified conflicting GINA is displayed to the
installing user if the specified GINA is detected during installation.
IPsec mobility and persistent tunneling
IPsec mobility maintains IPsec connections for mobile users, allowing them to
roam from subnet to subnet without terminating applications. It maintains a
connection between the Contivity VPN Client and the Contivity Secure IP
Services Gateway with minimum data loss when the IP address changes. After the
client has been notified by the operating system that the IP address has changed, it
notifies the Contivity gateway. These messages are encrypted and authenticated
based on the IKE SA to ensure security.
The Contivity VPN Client logs events to the logfile. This includes events such as
Contivity VPN Client sending messages that the IP address changed, and
receiving acknowledgement that these messages were received by the Contivity
gateway.
The Contivity VPN Client status monitor reports if roaming is enabled for the
session. The event log on the Contivity gateway reports on IPsec mobility actions.
When operating in split tunneling mode, the Contivity VPN Client periodically
checks the routing table on the client's machine to determine if the table has been
altered in any way. This checking is done for security reasons to detect intrusions
and unauthorized access to the private network. When a routing table change is
detected, the tunnel is brought down.
To Next Page
Loading...
