========================================================= General ========================================================= - The import file is formatted to reflect the standard (look and feel of) INI files. - The naming is arbitrary. A wizard in the Secure Entry Clients lets you select and import the file. ========================================================= Profiles ========================================================= - For every additional profile a block with the name "[PROFILEX]" is added where X is a value that is incremented. - Every block should be given a unique "Name". - All parameters that are dependent on the default values must be included in this Block. Example: ========= [PROFILE1] Name=MyProfile 1 ConnMedia=4 ... [PROFILE2] Name=MyProfile 1 ConnMedia=8 ... --------------------------------------------------------- Basic Settings --------------------------------------------------------- Parameter: Profile name Key: Name Type: String Values: String with max. 39 characters Default: Name must be configured Parameter: Connection type Key: ConnType Type: Integer Values: 0 = Internet connection without VPN 1 = VPN connection to IPSec gateway Default: VPN connection to IPSec gateway Parameter: Communication media Key: ConnMedia Type: Integer Values: 0 = ISDN 4 = Modem 8 = LAN / WLAN (over IP) 10 = xDSL (PPPoE) 14 = xDSL (AVM - PPP over CAPI) 15 = Ext. Dialer 16 = PPTP 18 = GPRS/UMTS Default: ISDN Parameter: Use Microsoft RAS dialer Key: UseRAS Type: Integer Values: 0 = Off 1 = On Default: Off Parameter: Use this profile after every system reboot Key: BootProfile Type: Integer Values: 0 = Off 1 = On Default: Off --------------------------------------------------------- Dial-Up Network --------------------------------------------------------- Parameter: Username Key: UserName Type: String Values: String with max. 254 characters Default: None string Parameter: Password Key: Password Type: String Values: String with max. 254 characters Default: None string Paraneter: Save password Key: SavePw Type: Integer Values: 0 = Off 1 = On Default: Off Parameter: Destination Phone Number Key: PhoneNumber Type: String Values: String with max. 30 characters Default: None string Parameter: RAS script file Key: ScriptFile Type: String Values: String with max. 30 characters Default: None string --------------------------------------------------------- Modem --------------------------------------------------------- Parameter: Modem Key: Modem Type: String Values: String with max. 50 characters Default: None string Parameter: Com Port Key: ComPort Type: Integer Values: 1 = COM1 2 = COM2 ... 8 = COM8 Default: COM1 Parameter: Baud Rate Key: Baudrate Type: Integer Values: 1200 2400 4800 9600 19200 38400 57600 115200 Default: 57600 Parameter: Release Com Port Key: RelComPort Type: Integer Values: 0 = Off 1 = On Default: On Parameter: Modem Init. String Key: InitStr Type: String Values: String with max. 254 characters Default: None string Parameter: Dial Prefix Key: DialPrefix Type: String Values: String with max. 254 characters Default: None string Parameter: APN Key: APN Type: String Values: String with max. 64 characters Default: None string Parameter: SIM PIN AT command Key: GprsATCmd Type: String Values: String with max. 16 characters Default: AT+CPIN= Parameter: SIM PIN Key: GprsPin Type: String Values: String with max. 16 characters Default: None string --------------------------------------------------------- Line Management --------------------------------------------------------- Parameter: Connection Mode Key: ConnMode Type: Integer Values: 0 = manual 1 = automatic 2 = variable Default: manual Parameter: Inactivity Timeout (sec) Key: Timeout Type: Integer Values: 1 to 65535 Default: 100 Parameter: PPP Multilink Key: MultiLink Type: Integer Values: 0 = Off 1 = Tx 2 = Rx 3 = TxRx Default: Off Parameter: Multilink Threshold Key: MlThreshold Type: Integer Values: 0 to 100 Default: 0 --------------------------------------------------------- IPSec General Settings --------------------------------------------------------- Parameter: Gateway Key: Gateway Type: String Values: IP address or string with max. 254 characters Default: 0.0.0.0 Parameter: IKE policy Key: IKE-Policy Type: String Values: automatic mode Name of IKE policy Default: automatic mode Parameter: IPSec policy Key: IPSec-Policy Type: String Values: automatic mode Name of IPSec policy Default: automatic mode Parameter: Exchange mode Key: ExchMode Type: Integer Values: 2 = Main Mode 4 = Aggressive Mode Default: Main Mode Parameter: PFS group Key: PFS Type: Integer Values: 0 = None 1 = DH-Group 1 (768 Bit) 2 = DH-Group 2 (1024 Bit) 5 = DH-Group 5 (1536 Bit) Default: None Parameter: Use IP compression Key: UseComp Type: Integer Values: 0 = Off 1 = On Default: Off Parameter: Disable DPD (Dead Peer Detection) Key: DisDPD Type: Integer Values: 0 = Off 1 = On Default: Off --------------------------------------------------------- Identities --------------------------------------------------------- Parameter: Local identity - type Key: IkeIdType Type: Integer Values: 1 = IP Address 2 = Fully Qualified Domain Name 3 = Fully Qualified Username 4 = IP Subnet Address 9 = ASN1 Distinguished Name 10 = ASN1 Group Name 11 = Free string used to identify groups Default: IP Address Parameter: Local identity - ID Key: IkeIdStr Type: String Values: String with max. 254 characters Default: None string Parameter: Use pre-shared key Key: UsePreShKey Type: Integer Value: 0 = Off 1 = On Default: On Parameter: Shared secret Key: Secret Type: String Values: String with max. 254 characters Default: None string Parameter: Use extended authentication (XAUTH) Key: UseXAUTH Type: Integer Values: 0 = Off 1 = On Default: On Parameter: Username (XAUTH) Key: XAUTH-Id Type: String Values: String with max. 254 characters Default: None string Parameter: Password (XAUTH) Key: XAUTH-Pw Type: String Values: String with max. 254 characters Default: None string Parameter: Use access data from Key: XAUTH-Src Type: Integer Values: 0 = Configuration 1 = Certificate field "e-mail" 2 = Certificate field "cn" 3 = Certificate field "serial no." Default: Configuration --------------------------------------------------------- IP Address Assignment --------------------------------------------------------- Parameter: IP Address Assignment Key: IpAddrAssign Type: Integer Values: 0 = Use IKE Config Mode (the parameter "IP-Adresse" may not be configured) 1 = Use lokal IP address (the parameter "IP-Adresse" may not be configured) 2 = Manual IP address (the parameter "IP-Adresse" must be configured Default: Use lokal IP address Parameter: IP address Key: IPAddress Type: String Values: IP address Default: Not configured Parameter: Subnet mask Key: SubnetMask Type: String Values: IP netmask Default: Not configured Parameter: DNS/WINS server Key: DNS1 Key: DNS2 Key: WINS1 Key: WINS2 Type: String Values: IP address Default: 0.0.0.0 Parameter: Domain name Key: DomainName Type: String Values: String with max. 254 characters Default: None string --------------------------------------------------------- Remote Networks --------------------------------------------------------- Parameter: Network addresses Key: Network1 Key: Network2 Key: Network3 Key: Network4 Key: Network5 Type: String Values: IP address Default: 0.0.0.0 Parameter: Subnet masks Key: SubMask1 Key: SubMask2 Key: SubMask3 Key: SubMask4 Key: SubMask5 Type: String Values: IP netmask Default: 0.0.0.0 Parameter: Apply tunneling security for local networks Key: UseTunnel Type: Integer Values: 0 = Off 1 = On Default: Off --------------------------------------------------------- Certificate Check --------------------------------------------------------- Parameter: Incoming certificate's subject Key: SubjectCert Type: String Values: String with max. 254 characters Default: None string Parameter: Incoming certificate's issuer Key: IssuerCert Type: String Values: String with max. 254 characters Default: None string Parameter: Issuer's certificate fingerprint Key: FingerPrint Type: String Values: String with max. 254 characters Default: None string Parameter: Use SHA1 fingerprint Key: UseSHA1 Type: Integer Values: 0 = Off 1 = On Default: Off --------------------------------------------------------- Firewall Settings --------------------------------------------------------- Parameter: Enable Stateful Inspection Key: Firewall Type: Integer Values: 0 = off 1 = when connected 2 = always Default: Off Parameter: Only communication within the tunnel permitted Key: OnlyTunnel Type: Integer Values: 0 = Off 1 = On Default: Off Parameter: Enable NetBIOS over IP Key: EnableNetBIOS Type: Integer Values: 0 = Off 1 = On Default: On Parameter: If Microsoft's dialer in use only communication within the tunnel is permitted Key: RasOnlyTunnel Type: Integer Values: 0 = Off 1 = On Default: Off ========================================================= IKE Policies ========================================================= - For every additional proposal added to an IKE policy a block with the name "[IKEPOLICYX]" is added where X is a value that is incremented. - Every block must contain a "Name". The name indicates the policy in which the new proposal is added. - If a policy already exists with the same name, this will be overwritten and lost. - All parameters that are dependent on the default values must be included in this Block. Example: ========= [IKEPOLICY1] Name=MyIkePolicy 1 IkeAuth=1 ... [IKEPOLICY2] Name=MyIkePolicy 1 IkeAuth=3 ... --------------------------------------------------------- Parameter --------------------------------------------------------- Parameter: Name Key: IkeName Type: String Values: String with max. 254 characters Default: The name must be configured Parameter: Authentication Key: IkeAuth Type: Integer Values: 1 = Preshared Key 3 = RSA-Signatur Default: Preshared Key Parameter: Encryption Key: IkeCrypt Type: Integer Values: 1 = DES 2 = Triple DES 3 = Blowfish 4 = AES 128 Bit 5 = AES 192 Bit 6 = AES 256 Bit Default: AES 128 Bit Parameter: Hash Key: IkeHash Type: Integer Values: 1 = MD5 2 = SHA Default: MD5 Parameter: DH Group Key: IkeDhGroup Type: Integer Values: 1 = DH-Group 1 (768 Bit) 2 = DH-Group 2 (1024 Bit) 5 = DH-Group 5 (1536 Bit) Default: DH-Group 2 (1024 Bit) ========================================================= IPSec Policies ========================================================= - For every additional proposal added to an IPSec policy a block with the name "[IPSECPOLICYX]" is added where X is a value that is incremented. - Every block must contain a "Name". The name indicates the policy in which the new proposal is added. - If a policy already exists with the same name, this will be overwritten and lost. - All parameters that are dependent on the default values must be included in this Block. Example: ========= [IPSECPOLICY1] Name=MyIPSecPolicy 1 IpsecCrypt=2 ... [IPSECPOLICY2] Name=MyIPSecPolicy 1 IpsecCrypt=6 ... --------------------------------------------------------- Parameter --------------------------------------------------------- Parameter: Name Key: IPSecName Type: String Values: String with max. 254 characters Default: The name must be configured Parameter: Transform Key: IpsecCrypt Type: Integer Values: 1 = DES 2 = Triple DES 3 = Blowfish 4 = AES 128 Bit 5 = AES 192 Bit 6 = AES 256 Bit Default: AES 128 Bit Parameter: Authentication Key: IpsecAuth Type: Integer Values: 1 = MD5 2 = SHA Default: MD5 ========================================================= Policy Lifetimes ========================================================= - If you want to import settings that dictate the lifetimes of the IKE/IPSEC policies, a "LIFETIMES" block must be created. - The lifetime parameters should be added under this heading. Example: ========= [LIFETIMES] IkeLTSec=000:06:30:00 IPSecLTSec=000:02:00:00 --------------------------------------------------------- Parameter --------------------------------------------------------- Parameter: IKE policy / Duration Key: IkeLTSec Type: String Values: String with 12 characters Format: TTT:HH:MM:SS T=days, H=hours, M=minutes, S=seconds e.g. 000:06:30:00 => 6 hours und 30 minutes Default: 8 hours (000:08:00:00) Parameter: IPSec policy / Duration Key: IPSecLTSec Type: String Values: String with 12 characters Format: TTT:HH:MM:SS T=days, H=hours, M=minutes, S=seconds e.g. 000:06:30:00 => 6 hours und 30 minutes Default: 8 hours (000:08:00:00) ========================================================= Configuration Locks ========================================================= - If you want to import settings that dictate the configuration locks, a "CONFLOCKS" block must be created. - The configuration locks should be added under this heading. - Lock parameters they are not exists in the import file are set by default of no locked. Example: ========= [CONFLOCKS] User=administrator Password=admin MenuLogon=0 MenuEAP=0 ... --------------------------------------------------------- General --------------------------------------------------------- ID for configurations lock -------------------------- Parameter: User Key: User Type: String Values: String with max. 254 characters Default: None string Parameter: Password Key: Password Type: String Values: String with max. 254 characters Default: None string Configuration rights -------------------- For all parameters this group are use the following types and values. Type Integer Value: 0 = Configuration is locked 1 = Configuration can be opened Default: Configuration can be opened Parameter: Extended Firewall Setting Key: MenuFW Parameter: Certificate Key: MenuCert Parameter: Call Control Manager Key: MenuCCM Parameter: EAP Settings Key: MenuEAP Parameter: Logon Options Key: MenuLogon Parameter: Phonebook backup Key: MenuBackup Parameter: Profile import Key: MenuImport --------------------------------------------------------- Profiles --------------------------------------------------------- General Rights -------------- For all parameters this group are use the following types and values. Type: Integer Value: 0 = unauthorised 1 = authorised Default: authorised Parameter: Configurable profiles Key: ProfEdit Parameter: Deletable profiles Key: ProfDel Parameter: Allow user to create new profiles Key: ProfNew Visible profile parameter fields -------------------------------- For all parameters this group are use the following types and values. Type: Integer Value: 0 = Parameter field is not visible 1 = Parameter field is visible Default: Parameter field is visible Parameter: Basic Settings Key: PageGen Parameter: Dial-Up Network Key: PageDialIn Parameter: Modem Schlüssel: PageModem Parameter: Line Management Key: PageLineMgm Parameter: IPSec General Settings Key: PageIpsec Parameter: Identities Key: PageIdent Parameter: IP Address Assignment Key: PageIpAddr Parameter: Remote Networks Key: PageNetworks Parameter: Certificate Check Key: PageCertCheck Parameter: Firewall Settings Key: PageFirewall