<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=text/html;charset=iso-8859-1 http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18813"></HEAD>
<BODY style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px" 
id=MailContainerBody leftMargin=0 topMargin=0 CanvasTabStop="true" 
name="Compose message area">
<DIV><FONT face=Calibri>For arkoon with mutual RSA authentication you have to 
put configuration to use an existing adapter and you have to add network 
addresses to ressources in the policy parameters (in my following config, 
192.168.3.0/24). Here's the relevant parameters of my .vpn export file (add your 
IP adresses and credentials):</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT 
face=Calibri>n:version:2<BR>n:network-ike-port:500<BR>n:network-mtu-size:1380<BR>n:client-addr-auto:0<BR>n:network-natt-port:4500<BR>n:network-natt-rate:15<BR>n:network-frag-size:540<BR>n:network-dpd-enable:1<BR>n:client-banner-enable:0<BR>n:network-notify-enable:1<BR>n:client-wins-used:0<BR>n:client-wins-auto:0<BR>n:client-dns-used:0<BR>n:client-dns-auto:0<BR>n:client-splitdns-used:0<BR>n:client-splitdns-auto:0<BR>n:phase1-dhgroup:2<BR>n:phase1-keylen:256<BR>n:phase1-life-secs:86400<BR>n:phase1-life-kbytes:0<BR>n:vendor-chkpt-enable:0<BR>n:phase2-keylen:256<BR>n:phase2-life-secs:3600<BR>n:phase2-life-kbytes:0<BR>n:policy-nailed:0<BR>n:policy-list-auto:0<BR>s:client-auto-mode:disabled<BR>s:client-iface:direct<BR>s:network-natt-mode:enable<BR>s:network-frag-mode:enable<BR>s:auth-method:mutual-rsa<BR>s:ident-client-type:asn1dn<BR>s:ident-server-type:asn1dn<BR>s:phase1-exchange:main<BR>s:phase1-cipher:aes<BR>s:phase1-hash:sha1<BR>s:phase2-transform:esp-aes<BR>s:phase2-hmac:sha1<BR>s:ipcomp-transform:disabled<BR>n:phase2-pfsgroup:2<BR>s:policy-list-include:192.168.3.0 / 
255.255.255.0</FONT></DIV></BODY></HTML>