<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=text/html;charset=iso-8859-1 http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18813"></HEAD>
<BODY style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
id=MailContainerBody leftMargin=0 topMargin=0 CanvasTabStop="true"
name="Compose message area">
<DIV><FONT face=Calibri>For arkoon with mutual RSA authentication you have to
put configuration to use an existing adapter and you have to add network
addresses to ressources in the policy parameters (in my following config,
192.168.3.0/24). Here's the relevant parameters of my .vpn export file (add your
IP adresses and credentials):</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT
face=Calibri>n:version:2<BR>n:network-ike-port:500<BR>n:network-mtu-size:1380<BR>n:client-addr-auto:0<BR>n:network-natt-port:4500<BR>n:network-natt-rate:15<BR>n:network-frag-size:540<BR>n:network-dpd-enable:1<BR>n:client-banner-enable:0<BR>n:network-notify-enable:1<BR>n:client-wins-used:0<BR>n:client-wins-auto:0<BR>n:client-dns-used:0<BR>n:client-dns-auto:0<BR>n:client-splitdns-used:0<BR>n:client-splitdns-auto:0<BR>n:phase1-dhgroup:2<BR>n:phase1-keylen:256<BR>n:phase1-life-secs:86400<BR>n:phase1-life-kbytes:0<BR>n:vendor-chkpt-enable:0<BR>n:phase2-keylen:256<BR>n:phase2-life-secs:3600<BR>n:phase2-life-kbytes:0<BR>n:policy-nailed:0<BR>n:policy-list-auto:0<BR>s:client-auto-mode:disabled<BR>s:client-iface:direct<BR>s:network-natt-mode:enable<BR>s:network-frag-mode:enable<BR>s:auth-method:mutual-rsa<BR>s:ident-client-type:asn1dn<BR>s:ident-server-type:asn1dn<BR>s:phase1-exchange:main<BR>s:phase1-cipher:aes<BR>s:phase1-hash:sha1<BR>s:phase2-transform:esp-aes<BR>s:phase2-hmac:sha1<BR>s:ipcomp-transform:disabled<BR>n:phase2-pfsgroup:2<BR>s:policy-list-include:192.168.3.0 /
255.255.255.0</FONT></DIV></BODY></HTML>