Remote IPSec Access
IPSec VPN Client

The IPSec VPN client provides the vital ability for remote users to initiate VPN communications with corporate resources. Using VPNs, "road warriors" or telecommuters can safely access corporate networks from unsecured public networks or un-trusted local networks. A VPN connection can also be used to connect end users that need a secure "end user to host" connection to transmit sensitive information over an intranet. The IPSec VPN client used in conjunction with firewall-to-firewall gateway VPN Connection provides a total IPSec VPN solution. The IPSec VPN client meets IPSec standards.

Designed specifically for the mobile work force, the IPSec VPN client provides the vital ability for remote users to initiate VPN communication with corporate resources. Road warriors and telecommuters need to access mission critical networks over the Internet and often use unsecured public networks or untrusted local networks. A VPN connection may connect end-users that need a secure host to transmit sensitive information. The IPSec VPN client uses the IPSec ESP tunnel mode to form a secure communications channel to a network secured by a GTA Firewall. It provides VPN capability to desktop and notebook computers running Microsoft Windows, OS X, and Linux operating systems, enabling secure client-to-gateway communication over TCP/IP networks. Secured encrypted communications can be initiated in any IP environment.

Mobile Phones and Tablets

Secure remote IPSec VPN access isn't limited to desktop and laptop computers. Mobile phones and tablets running Apple IOS and Android operating systems have built-in IPSec VPN facilities that interoperate with GTA firewalls. A secure IPSec VPN connection to a mobile device means that email and an organization network resources can be available from nearly anywhere. Our guides for iPhone IPSec Configuration and Android IPSec Configuration make setting up a secure remote IPSec VPN quick and easy.

Simple Configuration and Installation

The remote IPSec VPN access is easy to configure and install. Firewall administrators configure IPSec remote access on the firewall in a few simple steps and all installation and certificate information is provided via the GTA Remote Access Portal on the firewall. Users can log in and download the installer, certificates, and installation guide for Windows, Apple Mac OS X, Linux, Apple IOS and Android operating systems. IPSec Client policies are also dynamically generated and available for download via the firewall.


The IPSec VPN Client transparently creates a VPN when operating on the Internet, including when utilizing NAT-T. With the client, secure connections can be made with all IPSec compliant network products, such as routers, gateway encryptors, and firewalls. Multiple encryption and authentication algorithms are employed, including DES, 3DES, AES, MD-5, SHA-1, and SHA-2. IKE is supported in main and aggressive modes. Certificates are used with Simple Certificate Enrollment Protocol (SCEP). XAUTH (Extended Authentication Protocol) V.6 supports RSA SecurID, LDAPv3, and RADIUS.

Security Standards

  • IPSec with IKE RFCs 2401 and 2409
  • Tunnel Mode
  • Transport Mode
  • NAT-T RFCs 3947 and 3948
  • X.509 Certificate Support - PKCS#12, PEM, SmartCard
  • Pre-shared Key Authentication
  • RSA Authentication
  • RSA + XAUTH Authentication
  • DES 56-bit Encryption
  • 3DES 168-bit Encryption
  • AES with 128-, 192-, or 256-bit Encryption
  • HMAC MD-5 128 Authentication Hash Algorithm
  • HMAC SHA-1 160-bit Authentication Hash Algorithm
  • HMAC SHA-2 256-bit, 384-bit or 512-bit Authentication Hash Algorithm
  • Diffie Hellman Group 1, Group 2, Group 5, Group 14, Group 16, Group 17 and Group 18 Support
  • IP Payload Compression Protocol (IPCOMP)