1.
What is SSH Sentinel VPN client?
Developed by SSH (http://www.ssh.com) Sentinel VPN client is a bundled software with
Prestige VPN solution. It supports
IPSec/VPN.
2. Why do I need to use
Sentinel?
SSH Sentinel(TM) is an easy-to-use software for remote working based on the latest VPN technology. The software provides smooth integration with
Prestige VPN which may be installed in HQ gateway.
3. Does SSH Sentinel work with the PPP over Ethernet (PPPoE) protocol, which is used by the ADSL Network Adapter cards?
Yes, the latest release SSH Sentinel 1.3, also supports PPPoE, but due to the wide range of PPPoE implementations and the fact, that we have a very limited access to PPPoE adapters in general, we are not able to fully test this functionality.
As a consequence, it is hard to say with exactly which PPPoE drivers SSH Sentinel 1.3 is fully compatible.
4. How to configure
Pre-IPSec filter?
In pre-ipsec configuration, never, remove the pre-IPSec filter rule that bypasses IKE traffic. If you do, all your attempts to establish any IPSec connection are bound to fail, because the negotiations never take place. Only when you would like to have some TCP/UDP packets bypass IPSec, must you specify the traffic as bypass in pre-ipsec filter. Otherwise, just not setup any bypass/discard/reject on the traffic you would like to be protected by
IPSec.
5.
What is "Acquire virtual IP address" for? Should I check this box?
With this feature, Sentinel can obtain a virtual IP address assigned from VPN gateway. However, if connecting with
Prestige, please not check this box. Prestige doesn’t support this feature in current firmware.
6.
What is "Extended Authentication"? Should I check this box?
With this feature, VPN connection from Sentinel can be authenticated to authentication server, such as, RADIUS, TACAS, …etc. behind remote VPN gateway. However, if connecting with
Prestige, please not check this box. Prestige doesn’t support this feature in current firmware. It will support in the near future.
7. Does Sentinel
support IP range?
No, only subnet/single is supported. So when connecting with
Prestige, please not use range as address type.
8.
Does Sentinel support 2 VPN connections at the same time?
No, Sentinel doesn’t support it. Only one VPN connection can be activated at the same time.
9.
What is this option, “Attach the selected values to proposal only” for?
To increase compatibility, Sentinel sends many kinds of possible proposal for it’s peer side, say
Prestige to choose. If you uncheck this option,
Sentinel will only send out the proposal you configured. To decrease negotiation time, you can uncheck this option, and verify phase1/phase2 parameters are consistent on both sides.
10.
How to initiate a VPN tunnel from Sentinel?
Right click SSH icon in system tray, click the VPN connection you have setup in Select VPN. Packets triggering doesn't work in this case.
11.
Can Prestige be the initiator of VPN tunnel to Sentinel?
No. Sentinel is supposed to be a VPN solution for remote access. Please always initiate your VPN tunnel from Sentinel but not from
Prestige.
12.
How can I verify if the VPN connection is up in Sentinel?
You can check if your VPN connection is up by double clicking SSH icon in system tray.
If the connection is up, you should see your VPN network in the popped out
window.
13. I am using EnterNet 300, a PPPoE dial up software. Any concern?
If using EnterNet PPP over Ethernet client, the network access type must be set from the client’s advanced connection settings to protocol driver. Open Enternet 300 Profiles window -> Connections -> Settings -> Advanced -> In Network Access section choose Protocol Driver. Please check http://www.nts.com/support/advsettings.html for more information.