VPN Questionnaire

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

VPN Questionnaire

Attempts to guide the user in validating their IPSec VPN router setup between Nimbix and a remote site. Mainly used for customer's who wish to host their license server, and require an IPSEC / VPN tunnel.

A VPN can be used to provide a secure, routable connection between a remote device (server, route, etc.) on the public Internet with a static IP and a remote end-point. The data being transmitted and received by the two end-points is secure within a protected VPN tunnel.

Internet Protocol Security (IPSec) is a protocol suite that enables devices to secure communication at the Internet Protocol (IP), or network layer. IPSec provides security in the following ways:

• Data confidentiality: Data communicated across the tunnel is encrypted to prevent the deciphering of data if intercepted.
• Origin authentication: The identity of each peer in the tunnel is validated to prevent the impersonation of devices.
• Integrity Validation: Data communicated across the tunnel is validated to prevent data tampering.

Email *

Nimbix uses default ports for applications. By filling out this VPN questionnaire you agree that your license managers either run on the default ports or you agree to set up port forwarding to those default ports. *

I agree.

Company Name *

Technical Contact *

Technical Contact Email *

What zone will you be running jobs in? (Please specify the zone if selecting "Other") *

US-01

US-02

US-03 (GovCloud)

Other:

What's the remote side make / model of VPN device? (note, the device MUST support 3DES or better.) *

What is the remote side's public peer or end-point IP address? *

Please provide your license server's IP address and subnet network, to be used for the interesting traffic list *

Typically for Ansys, we'll need TCP port 1055, 2325, 2326, and 27000 allowable. Please consult with your Nimbix Customer Success Engineer to be sure.

Encryption Settings

Nimbix strongly recommends the use of IKEV2 encryption. We are able to support just about any IKEV2 cipher. However, IKEV1 support is limited to the following ciphers.

Supported IKEV1 settings
Phase 1
Encryption AES-CBC-128
Integrity HMAC-SHA1-96
Pseudo-Random Function (PRF)* PRF-SHA1-96
Diffie-Hellman (DH) Group 2
Phase 1 lifetime 36,600 seconds (10 hours, 10 minutes)

Phase 2
Encryption AES-CBC-128
Integrity HMAC-SHA1-96
PFS Algorithm (required) Yes
Diffie-Hellman (DH) Group 2
Phase 2 lifetime 10,800 seconds (3 hours)

Preferred IKEV2 settings
Phase 1
Encryption: aes-256
Integrity: sha512
Group: 14
Hash: sha1
Lifetime seconds: 10800

Phase 2
Supported Tunneling Protocol: ESP
Encryption: aes-256
Hash: sha1
Perfect Forward Secrecy Enabled: Yes
PFS Group: 14
Lifetime seconds: 10800

Based on the IKEV information above, please select your preferred IKEV version.

IKEV1

IKEV2

Clear selection

Submit

Clear form

Never submit passwords through Google Forms.

This form was created inside of Nimbix.

Does this form look suspicious? Report

Forms