Back to Support

XHub VPN Services Configuration - Mac OS X - IPSecuritas

AHDS VPN services are based on IPSec protocol tunnels.

Mac OS X based customers can use IPSecuritas from Lobotomo Software to manage/create tunnels into the AHDS XHub network.

IPSecuritas is free, but please do consider making a donation by clicking on the Donate button on their website.

Follow these instructions to install and setup the IPSecuritas software.

You will need the VPN Connection Parameters checklist sent to you by AHDS support to fill in certain fields of the configuration.

  1. Download the IPSecuritas software and run the Installer package.
  2. Create a New Profile named AHDS-XHub
    Connections menu -> Edit Profiles...
    IPSecuritas New Profile
  3. On the General tab and enter the following settings:
    IPSecuritas Profile General
    1. Remote IPSec Device: Enter VPN Parameter: Remote Device ex: d1.xhub.ahds.com
    2. Local Side: leave at "Host", leave IP Address blank
    3. Remote Side: select "Network" from the popup menu
    4. Network Address: Enter VPN Parameter: Network Address ex: 10.98.32.0
    5. Network Mask: Enter VPN Parameter: Network Mask ex: 20
  4. Click on the Phase 1 tab and enter the following settings:
    IPSecuritas Profile Phase 1
    1. Lifetime: 28800 seconds
    2. DH Group: 1024 (2)
    3. Encryption: AES 256
    4. Authentication: SHA-1
    5. Exchange Mode: Agressive
    6. Proposal Check: Obey
    7. Nonce Size: 16
  5. Click on the Phase 2 tab and enter the following settings:
    IPSecuritas Profile Phase 2
    1. Lifetime: 3600 seconds
    2. PFS Group: 1536 (5)
    3. Encryption: Uncheck all but AES 256
    4. Authentication: Uncheck all but HMAC SHA-1
  6. Click on the ID tab and enter the following settings:
    IPSecuritas Profile ID
    1. Local Identifier: Select "User FQDN" and enter VPN Parameter: Tunnel ID into the field that appears: ex: dvpn1@xhub.ahds.com
    2. Remote Identifier: Address
    3. Authentication Method: XAuth PSK
    4. Preshared Key: Enter VPN Parameter: Preshared Key
    5. Username: Enter VPN Parameter: Username
    6. Store Password: If you click the checkbox another field will appear that you can use to store: VPN Parameter: Password, however we suggest you do not store your password for security reasons; you will need to enter it when you connect.
  7. Leave the DNS tab blank:
    IPSecuritas Profile DNS
  8. Click on the Options tab and leave everything at the defaults except:
    IPSecuritas Profile Options
    1. Enable MODE_CFG: Checkbox on
    2. Local IP in Remote Network: Checkbox on
    3. NAT-T: Select "Enable" from the popup menu
  9. The VPN configuration is now complete. Close the Connections window and click the Start button on the IPSecuritas window.
    When the tunnel connection starts up and completes, you can now make connections to your endpoints for DDE 3270 or Claims FTP.
    IPSecuritas Start IPSecuritas Running