Configuration Example y 09/2014 Setting up a secure VPN ... · Setting up a secure VPN Connection between the TS Adapter IE Advanced and Windows 7 TS Adapter IE Advanced . Warranty

http://support.automation.siemens.com/WW/view/en/99681037

Configuration Example 09/2014

Setting up a secure VPNConnection between the TSAdapter IE Advanced andWindows 7TS Adapter IE Advanced


Warranty and liability

Security: TSAdapter_Win7Entry ID: 99681037, V1.0, 09/2014 2

Siem

ens

AG20

14Al

lrig

hts

rese

rved

Warranty and liability

Note The Application Examples are not binding and do not claim to be completeregarding the circuits shown, equipping and any eventuality. The ApplicationExamples do not represent customer-specific solutions. They are only intendedto provide support for typical applications. You are responsible for ensuring thatthe described products are used correctly. These application examples do notrelieve you of the responsibility to use safe practices in application, installation,operation and maintenance. When using these Application Examples, yourecognize that we cannot be made liable for any damage/claims beyond theliability clause described. We reserve the right to make changes to theseApplication Examples at any time without prior notice.If there are any deviations between the recommendations provided in theseapplication examples and other Siemens publications – e.g. Catalogs – thecontents of the other documents have priority.

We do not accept any liability for the information contained in this document.

Any claims against us – based on whatever legal reason – resulting from the use ofthe examples, information, programs, engineering and performance data etc.,described in this Application Example shall be excluded. Such an exclusion shallnot apply in the case of mandatory liability, e.g. under the German Product LiabilityAct (“Produkthaftungsgesetz”), in case of intent, gross negligence, or injury of life,body or health, guarantee for the quality of a product, fraudulent concealment of adeficiency or breach of a condition which goes to the root of the contract(“wesentliche Vertragspflichten”). The damages for a breach of a substantialcontractual obligation are, however, limited to the foreseeable damage, typical forthe type of contract, except in the event of intent or gross negligence or injury tolife, body or health. The above provisions do not imply a change of the burden ofproof to your detriment.

Any form of duplication or distribution of these Application Examples or excerptshereof is prohibited without the expressed consent of Siemens Industry Sector.

Securityinforma-tion

Siemens provides products and solutions with industrial security functions thatsupport the secure operation of plants, solutions, machines, equipment and/ornetworks. They are important components in a holistic industrial securityconcept. With this in mind, Siemens’ products and solutions undergo continuousdevelopment. Siemens recommends strongly that you regularly check forproduct updates.

For the secure operation of Siemens products and solutions, it is necessary totake suitable preventive action (e.g. cell protection concept) and integrate eachcomponent into a holistic, state-of-the-art industrial security concept. Third-partyproducts that may be in use should also be considered. For more informationabout industrial security, visit http://www.siemens.com/industrialsecurity.

To stay informed about product updates as they occur, sign up for a product-specific newsletter. For more information, visithttp://support.automation.siemens.com.

http://www.siemens.com/industrialsecurity

http://support.automation.siemens.com/

Table of Contents


Siem

ens

AG20

14Al

lrig

hts

rese

rved

Table of ContentsWarranty and liability ................................................................................................... 2

1 Task and Solution .............................................................................................. 4

1.1 Task ...................................................................................................... 41.2 Possible solution .................................................................................. 41.3 Characteristics of the solution .............................................................. 5

2 Configuration and Project Engineering ........................................................... 6

2.1 Setting up the environment .................................................................. 62.1.1 Required components and IP address overview ................................. 62.1.2 Service PC ........................................................................................... 72.1.3 DSL access for the TS Adapter IE Advanced (DSL router2) ............... 82.1.4 TS Adapter IE Advanced ...................................................................... 92.1.5 Setting up the infrastructure ............................................................... 102.2 Commissioning remote maintenance ................................................. 112.2.1 Preparation ......................................................................................... 112.2.2 Initial configuration of the TS Adapter IE Advanced .......................... 122.2.3 Parameterizing remote access ........................................................... 162.2.4 Final steps .......................................................................................... 222.3 Establishing the VPN connection ....................................................... 23

3 Testing the Tunnel Function .......................................................................... 29

4 Appendix: Handling CA Certificates .............................................................. 30

4.1 Deleting CA certificates ...................................................................... 304.2 Installing CA certificates ..................................................................... 31

5 History............................................................................................................... 32

1 Task and Solution


Siem

ens

AG20

14Al

lrig

hts

rese

rved

1 Task and Solution1.1 Task

The task is to establish a secure connection between two networks (e.g.,automation networks or individual devices) via the Internet or a company's internalnetwork.The following customer requirements have to be considered: Protection against spying and data manipulation. Prevention of unauthorized access. Easy handling and integration. Use of existing addresses and addressing schemes. Transparency (or easy use) for users.

1.2 Possible solution

Complete overviewThe figure below shows one way of implementing the customer requirements:

InternetModem/ Router

StatischeWAN-IP-Adresse

SCALANCEM874-x

VPN-Server

Automatisierungszelle

SIMATIC S7Stationen

Service PC

VPN tunnelIndustrial EthernetVPN TunnelIndustrial Ethernet

InternetModem/Router

VPN Client

TS AdapterIE Advanced

VPN Server

Automation Cell

SIMATIC S7Stations

Service PC

StaticWAN IP Address

InternetRouterWin 7

The connection between the service PC and the automation cell (for example,SIMATIC stations, panels, drives, PCs) is protected by a VPN tunnel.In this example, the service PC and the TS Adapter IE Advanced form the twotunnel endpoints for the secure connection. The TS Adapter IE acts as the VPNserver, the PC acts as the VPN client.Access to the TS Adapter IE (VPN server) from the WAN is predefined by the useof a static WAN IP address.WAN access on the client side is flexible; the IP address of the WAN port is notrelevant.When establishing the VPN tunnel, the roles are defined as follows:Table 1-1

Component VPN role

Service PC Initiator (VPN client); starts the VPN connectionTS Adapter IE Advanced Responder (VPN server); waits for the VPN connection

1 Task and Solution


Siem

ens

AG20

14Al

lrig

hts

rese

rved

TS Adapter IE AdvancedThe TS Adapter IE Advanced allows access, through the Internet, to all automationcomponents of a plant - e.g., S7 CPUs - that are connected to Industrial Ethernet.A PG/PC with at least Windows 7 or Windows Server 2008 allowsconvenient remote maintenance of a plant through the Internet, including enhancedsecurity mechanisms.They provide the following functions: SSTP VPN (data encryption and authentication) for remote maintenance. IPv4 and IPv6 support on the WAN interface (IPv6 for firmware version 1.1.0 or

higher). Time-controlled WAN connectivity. Packet filter configuration. Enabling and disabling routes (VPN tunnel, Internet access). Router functionality (port forwarding, NAT, DynDNS (with IPv6)).

1.3 Characteristics of the solution

High security standard due to– VPN,– certificates,– random numbers generated in hardware and– consideration of the strict Siemens Security Guidelines.

Customized solution for remote maintenance in the automation environment. The same range of functions (STEP 7 functions, diagnostics) as on site without

having to install additional programs. Easy integration into existing networks and protection of devices that do not

have their own security functions. Generally, enabling or configuring by IT administrators is not necessary.

2 Configuration and Project Engineering


Siem

ens

AG20

14Al

lrig

hts

rese

rved

2 Configuration and Project Engineering2.1 Setting up the environment

2.1.1 Required components and IP address overview

Software packagesTo work with the TS Adapter IE Advanced, you need a PC with a "Windows 7"operating system (or higher) and the "Primary Setup Tool" (PST) software (V4.1 orhigher).Install these software packages on a PC/PG.

Note The Primary Setup Tool is used to set the LAN interface of the TS Adapter IEAdvanced.This tool can be downloaded for free from Online Support, Entry ID: 19440762

Required devices/components:To set up the environment, use the following components: A TS Adapter IE Advanced (optional: A DIN rail installed accordingly, including

fitting accessories). A 24V power supply with cable connector and terminal block plug. DSL access with a dynamic WAN IP address and a DSL router

(e.g. SCALANCE M81x-1). DSL access with a static WAN IP address and a DSL router

(e.g. SCALANCE M81x-1). A PC on which "Windows 7" and the "PST" are installed. The necessary network cables, TP cables (twisted pair) according to the IE FC

RJ45 standard for Industrial Ethernet.

Note You can also use another Internet access method (e.g., UTMS).The configuration described below explicitly refers only to the components listedin "Required devices/components".




Siem

ens

AG20

14Al

lrig

hts

rese

rved

IP addressesFor this example, the IP addresses are assigned as follows:



SCALANCEM874-x

VPN-ServerVPN tunnelIndustrial Ethernet

DSL Router1 TS AdapterIE Advanced

Service PCDSL Router2

Win 7

DynamicWAN IP192.168.2.1 Static

WAN IP 172.16.0.1 172.16.47.1192.168.2.89 172.22.80.2

Table 2-1

Component Port IP address Router Subnet mask

Service PC LAN port 192.168.2.89 192.168.2.1 255.255.255.0DSL router1 LAN port 192.168.2.1 - 255.255.255.0DSL router1 WAN port Dynamic IP address from

provider- Assigned by

providerDSL router2 WAN port Static IP address from

provider- Assigned by

providerDSL router2 LAN port 172.16.0.1 - 255.255.0.0TS Adapter IE WAN port 172.16.47.1 172.16.0.1 255.255.0.0TS Adapter IE LAN port 172.22.80.2 - 255.255.255.0

2.1.2 Service PC

Installed softwareThe following software packages are relevant on the service PC: PC with the Windows 7 operating system as the remote end for the VPN

connection to the TS Adapter IE Advanced. Web browser to parameterize the TS Adapters IE Advanced. Primary Setup Tool to set the IP address.

Deleting the CA certificateIf you suspect that a CA certificate is misused, you should generate a new CAcertificate for security reasons. Make sure that the new CA certificate is replacedfor all service PCs involved (delete the old CA certificate and import the new one).For security reasons, you should regularly generate new CA certificates.To delete a CA certificate, please follow the instructions from Chapter 4 (Appendix:Handling CA Certificates).



Siem

ens

AG20

14Al

lrig

hts

rese

rved

Installing the CA certificateThe initial configuration of the TS Adapter IE Advanced is done via a local HTTPSconnection. As, at this time, a CA certificate for this TS Adapter IE Advanced hasnot yet been installed on the service PC, a security warning is displayed. You canacknowledge this security warning or install the CA certificate supplied on the CDin the Windows certificate store before first commissioning. To do this, pleasefollow the instructions from Chapter 4 (Appendix: Handling CA Certificates).

Note To manage CA certificates, you need administrator rights.

Web interface of the TS Adapter IE AdvancedTo open the Web interface, you have the following options: Open a directly connected Web browser with TIA Portal. Open a Web browser via a remote connection with TIA Portal. Directly connected standard Web browser.

This example uses the "Directly connected standard Web browser" method.

Note More information on the options to open the Web interface can be found in theappropriate chapter in the TS Adapter manual at the following link:https://www.automation.siemens.com/mdm/default.aspx?DocVersionId=65739502731&Language=en-EN&TopicId=65449369483&guiLanguage=en

2.1.3 DSL access for the TS Adapter IE Advanced (DSL router2)

Static IP address for DSL router2WAN access of the service PC (VPN client) to the TS Adapter IE Advanced (VPNserver) is implemented using a fixed public IP address. This IP address must berequested from the provider and then stored in DSL router2.

Port forwarding on DSL router2Due to the use of a DSL router as an Internet gateway, you have to enable thefollowing port on DSL router2 and forward the data packets to the TS Adapter IEAdvanced (VPN server; IP address on the WAN port): TCP port 443 (HTTPS)

Note Some routers allow remote access via an Internet connection (HTTPS port 443).In this case, it is not possible to forward port 443 to the TS Adapter IE Advancedusing port forwarding. For remote access to the router, you have to use anotherport (e.g., port 5443).

Port 443 is the default port for VPN connections (SSTP) in Windows - andtherefore also for the TS Adapter IE - and cannot be changed.

https://www.automation.siemens.com/mdm/default.aspx?DocVersionId=65739502731&Language=en-EN&TopicId=65449369483&guiLanguage=en




Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.1.4 TS Adapter IE Advanced

Resetting to factory defaultTo make sure that no old configurations and certificates are stored in the TSAdapter IE Advanced, reset the module to factory default.For the appropriate chapter in the TS Adapter manual, please use the followinglink:https://www.automation.siemens.com/mdm/default.aspx?DocVersionId=65739502731&Language=en-EN&TopicId=49826068875&guiLanguage=en

Physical connection between the PC and the TS Adapter IE AdvancedConnect the PC to a LAN port of the TS Adapter IE Advanced.

Assigning the IP addressIn the as-supplied state and after resetting the parameters, the TS Adapter IEAdvanced has no valid IP address. To be able to work with the module, first set itsIP parameters as described in Table 2-1. To do this, use the Primary Setup Tool.

Note For information on the Primary Setup Tool such as installation, configuration andhandling, please refer to the manual - Entry ID:19440762






Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.1.5 Setting up the infrastructure

Connect all the components involved in this solution.



SCALANCEM874-x

VPN-Server

Service PCDSL Router1 TS Adapter

IE Advanced

Service PCDSL Router2

Win 7

WAN PortLAN Port WAN PortLAN Port LAN Port WAN Port LAN Port

Table 2-2

Component Local port Partner Partner port

Service PC LAN port DSL router1 LAN portTS Adapter IE WAN port DSL router2 LAN portTS Adapter IE LAN port E.g., an automation network (does not exist in

this solution)



Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.2 Commissioning remote maintenance

2.2.1 Preparation

Components usedThis solution uses the following components: TS Adapter IE Advanced and astandard Internet browser.

Physical connection between the PC and the TS Adapter IE AdvancedConnect the service PC to a free LAN port of the TS Adapter IE Advanced andchange the network settings on the service PC as follows:IP address: 172.22.80.100Subnet mask: 255.255.255.0

Opening the Web interfaceThe TS Adapter IE Advanced is configured on a "directly connected" basis with astandard Internet browser.

1. In the address field of the browser, enter the IP address of theTS Adapter IE Advanced in the following form: https://172.22.80.2:5443. Inparticular, make sure to specify port 5443 on which the Web interface can beaccessed.

2. Enter the user name and password. When you log on for the first time or aftersetting to factory default, the login data is defined as follows:Name: AdministratorPassword: admin

3. Click "Login".

Result:The Web interface of the TS Adapter opens.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.2.2 Initial configuration of the TS Adapter IE Advanced

When you first log on, a guided tour takes you through all the settings required tocommission the TS Adapter IE Advanced.The following section lists and explains the individual steps of the guided tour.

System ClockAmong other things, the system time is used to generate certificates. Set the timeas follows:

1. Enter the system time parameters. The time must be entered in UTC format.

2. Apply the settings with "Save settings".



Siem

ens

AG20

14Al

lrig

hts

rese

rved

Specific Password SettingsEach password that is newly created or changed in the TS Adapter must followspecific rules. In the Web interface of the TS Adapter IE Advanced, you can definethese rules yourself, for example the minimum length and minimum number ofpassword elements.

1. Define the settings for entering the password.




Siem

ens

AG20

14Al

lrig

hts

rese

rved

Changing the administrator passwordWhen you first log on, you are prompted to replace the default password of thedefault user, "Administrator", with a new password.

1. In the "Password" field, enter a new administrator password and reenter thepassword to confirm it.When choosing the password, make sure that it complies with the passwordcheck rules ("Specific Password Settings").




Siem

ens

AG20

14Al

lrig

hts

rese

rved

CA certificate generationThe last step of the guided tour prompts you to generate a new CA certificate. Thisoverwrites the default CA certificate.

1. In "Common name", add the name to "SIMATIC TeleService Adapter". In theCA certificate, this name is stored as the subject name and issuer information.

2. Use the "Generate CA certificate" button to generate the CA certificate.

ResultThe initial configuration of the TS Adapter is complete.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.2.3 Parameterizing remote access

PreparationOpen the Web interface of the TS Adapter IE Advanced.To do this, please follow the instructions from Chapter 2.2.1 (Preparation).Log on as an administrator and use the new password (see Chapter 2.2.2).

IP parameters - Public NetworkNow you define how the TS Adapter IE Advanced can be accessed remotely.

1. In the navigation bar, go to "Parameters" > "Public Network". In "Remoteaddress assignment", select "Free entry".

2. In "Remote address", enter the static WAN IP address of your DSL accesspoint.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

3. For the WAN interface, select "Static" in "IP address assignment" and enter theIP address for the WAN interface as listed in Table 2-1.As the DNS server, use the IP address of the DSL router's LAN interface.




Siem

ens

AG20

14Al

lrig

hts

rese

rved

IP parameters - Plant NetworkNow you define which IP address is assigned to the service PC when establishingthe VPN connection.

1. In the navigation bar, go to "Parameters" > "Plant Network" > "IP parameters".Enter any available IP address that is in the same subnet as the plant network(automation network on the LAN interface of the TS Adapter).




Siem

ens

AG20

14Al

lrig

hts

rese

rved

Connection parametersDepending on the application, access to the TS Adapter via the WAN interface canbe configured differently. Remote maintenance via VPN is desired for this example.To enable it, proceed as follows:

1. In the navigation bar, go to "Information" > "Connections". Change theconnection control of the WAN interface to "ONLINE + VPN".




Siem

ens

AG20

14Al

lrig

hts

rese

rved

Creating a userTo enable the service PC to establish a VPN connection to the TS Adapter IEAdvanced, a login with a user name and password is required.During the initial configuration, only the "Administrator" user is entered in the TSAdapter. As this user cannot establish a VPN connection, another user has to beentered.To create a new user, proceed as follows:

1. In the navigation bar, go to "Security" > "User Management". Use "Edit" tocreate another user.

2. In the appropriate text boxes, enter a user name and password. Confirm thepassword.When choosing the password, make sure that it complies with the passwordcheck rules ("Specific Password Settings").



Siem

ens

AG20

14Al

lrig

hts

rese

rved


ResultYou have created a new user with the right to establish a VPN connection.

Exporting the CA certificateTo allow the service PC to uniquely identify the TS Adapter IE Advanced as theconnection partner, the TS Adapter IE Advanced generates a CA certificate with aunique fingerprint(see Chapter 2.2.2 (Initial configuration of the TS Adapter IE Advanced).To establish a VPN connection, it is mandatory to store this CA certificate in theWindows certificate store (local computer).To export the certificate, proceed as follows:

1. In the navigation bar, go to "Security" > "Certificates". Use the "Exporting CAcertificate" button to export the CA certificate.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

2. Save the certificate to your project folder.

3. The CA certificate of the TS Adapter IE Advanced is stored in your projectfolder.

ResultThe parameterization of the TS Adapter for remote maintenance is complete.

2.2.4 Final steps

Service PCTo establish a VPN connection, it is mandatory to store the CA certificategenerated by the TS Adapter in the Windows certificate store (local computer).To do this, please follow the instructions from Chapter 4 (Appendix: Handling CACertificates).

Infrastructure1. Connect the service PC to the LAN interface of DSL router1.

2. Assign the required network configuration to the network card as shown inTable 2-1.

3. In all devices on the LAN port of the TS Adapter IE Advanced, enter the defaultgateway (IP address of the LAN port).



Siem

ens

AG20

14Al

lrig

hts

rese

rved

2.3 Establishing the VPN connection

When the TS Adapter IE Advanced has been parameterized for remotemaintenance and the infrastructure has been connected as shown in Table 2-2, theservice PC (VPN client) can initialize the VPN tunnel to the TS Adapter IEAdvanced (VPN server).To establish a remote connection to the TS Adapter IE Advanced, proceed asfollows:

1. On the service PC (Windows 7), open Control Panel.

2. In the search bar, enter "network" and select "Set up a connection or network".

3. Select the "Connect to a workplace" option and click "Next".



Siem

ens

AG20

14Al

lrig

hts

rese

rved

4. Select "Use my Internet connection (VPN)".

5. In the appropriate text boxes, enter the WAN IP address of DSL router2 (DSLrouter of the TS Adapter IE Advanced to be contacted) and a name for theconnection.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

6. Check the "Don't connect now; just set it up so I can connect later" option andclick "Next".

7. Enter the user name and the associated password of the newly created user(see page 20) in the appropriate text boxes.Click "Create".



Siem

ens

AG20

14Al

lrig

hts

rese

rved

8. Select "Close" to close the dialog.

9. Click the network icon in the SysTray. The new connection is displayed in"Dial-up and VPN". Select the new connection and right-click > "Properties" toopen the appropriate dialog.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

10. Go to the "Security" tab and select "Secure Socket Tunneling Protocol (SSTP)"as the VPN type.Close the properties with "OK".

11. Once again, click the network icon in the SysTray and select the newconnection. Click "Connect" to establish the remote connection to the TSAdapter IE Advanced.



Siem

ens

AG20

14Al

lrig

hts

rese

rved

12. Enter the password for the user (see page 20) and select "Connect" to startconnection establishment.

ResultThe VPN connection to the TS Adapter is being established. Once the VPNconnection has been established, the dialog closes. The following status messageappears: "Connected"

Note If a connection cannot be established, try to find the cause.

More information and troubleshooting help can be found in the appropriatechapter in the TIA manual at the following link:




3 Testing the Tunnel Function


Siem

ens

AG20

14Al

lrig

hts

rese

rved

3 Testing the Tunnel FunctionChapter 2 completes the commissioning of the configuration and the service PCand the TS Adapter IE Advanced have established a VPN tunnel for securecommunication.You can test the established tunnel connection using a ping command on aninternal node. This is described below.Alternatively, you can also use other methods to test the configuration (forexample, by opening the internal Web page when using a PROFINET CPU).

1. On the service PC, select"Start" > "All Programs" > "Accessories" > "Command Prompt" in the start bar.

2. In the command line of the "Command Prompt" window that appears, enter the"ping <IP address of internal node of remote end>" command at the cursorposition.

ResultYou get a positive response from the internal node.

Note In Windows, the default settings of the firewall may prevent ping commands frompassing. You may have to enable the ICMP services of the "Request" and"Response" type.

4 Appendix: Handling CA Certificates


Siem

ens

AG20

14Al

lrig

hts

rese

rved

4 Appendix: Handling CA Certificates4.1 Deleting CA certificates

To delete existing CA certificates, proceed as follows:

1. Log on to the system as an administrator.

2. Use Microsoft® Management Console to open Windows Certificate Manageron your PG/PC.

3. To do this, click "Start", enter mmc in the search box and press the ENTERKEY.The console opens.

4. In the "File" menu, click "Add/Remove Snap-In…".The snap-in selection dialog box opens.

5. In the "Snap-In" list, double-click "Certificates" and in the next dialog, select"Computer account".

6. In the next dialog, select the "Local Computer" item and click "Finish" and"OK".The Console Root opens and displays the "Certificates (Local Computer)"folder.

7. Open the displayed "Certificates (Local Computer)" folder and click "TrustedRoot Certification Authorities".

8. Open the "Certificates" folder, select the desired CA certificate and select"Delete" in the context menu.

9. Confirm the following prompt with "Yes".

ResultThe selected CA certificate is deleted from the list of available certificates.

4 Appendix: Handling CA Certificates


Siem

ens

AG20

14Al

lrig

hts

rese

rved

4.2 Installing CA certificates

To install a CA certificate, proceed as follows:

1. Log on to the system as an administrator.

2. Use Microsoft® Management Console to open Windows Certificate Manageron your PG/PC.

3. Click "Start", enter mmc in the search box and press the ENTER KEY.The console opens.

4. In the "File" menu, click "Add/Remove Snap-In…".The snap-in selection dialog box opens.

5. In the "Snap-In" list, double-click "Certificates" and in the next dialog, select"Computer account".

6. In the next dialog, select the "Local Computer" item and click "Finish" and"OK".The Console Root opens and displays the "Certificates (Local Computer)"folder.

7. Open the displayed "Certificates (Local Computer)" folder and click "TrustedRoot Certification Authorities".

8. Click the "Certificates" folder and use the context menu to select the"Action" > "All Tasks" > "Import…" command.

9. Read the information displayed in the "Certificate Import Wizard" dialog andclick "Next".

10. In the following dialog, click "Search…", select the desired CA certificate andapply it with "Open".

11. Double-click "Next" and then "Finish" to install the CA certificate.

5 History


Siem

ens

AG20

14Al

lrig

hts

rese

rved

ResultThe selected CA certificate is installed in the specified location in the Windowscertificate store.

5 History

Table 5-1

Version Date Modifications

V1.0 09/2014 First version

Documents

Configuration Example y 09/2014 Setting up a secure VPN ... · Setting up a secure VPN Connection between the TS Adapter IE Advanced and Windows 7 TS Adapter IE Advanced . Warranty