Specifications
Security Options 119
Chapter 5
If you have a proxy server:
z Navigate to Settings > Connections > Set up my proxy server.
z Follow the on-screen instructions.
At this point, if you have wireless connectivity, you should be able to click on
the icon at the top of the screen with the two arrows pointing left and right
next to the speaker icon.
13. Select
Connect VPN.
You should be connected and every thing should be working.
NOTE—With AOS-W 2.2 or lower, L2TP/IPSEC clients terminating on anything other than
the switch IP (loopback or VLAN 1) required the server IP to be in the emulate servers
table for dest-natting purposes.
With AOS-W 2.3.0.0 and higher, this restriction has been removed. The only IPs needed
in the emulate servers table are the IPs not present on the current switch itself.
Configuring L2TP and IPSec with SecureID
The AlcatelReg.exe program is required to modify a registry setting in
Windows Mobile 2003. By default, Windows Mobile 2003's IPSec client
works with most RADIUS servers except one time password servers such as
RSA SecurID. This is because the Mobile 2003 client requires MSCHAPv2 for
user authentication. Since RSA does not support MSCHAPv2 for one-time
passwords, Alcatel has developed the following procedure to remove this
restriction on mobile 2003 so it behaves like normal Windows clients. To run
it:
1. - Create an L2TP/IPSec entry for the user on mobile 2003.
2. Copy AlcatelReg.exe from your desktop into mobile 2003. This can be
done from Microsoft ActiveSync and selecting
Explore.
3. It is recommended that the file be copied to:
Mobile Device\\My Pocket PC\\AlcatelReg.exe
(this corresponds to "My Device" on the PDA).
4. After copying, open the File Explorer on the PDA.
5. Locate where the file was copied to. If following the previous suggestions,
it would be under "My Device".
6. Run AlcatelReg.exe. A message should show the status of all the
L2TP/IPSec entries.
The program only needs to be run once after a new entry is created. It will
modify the registry in the entries for all L2TP/IPSec entries present in the PDA.