Home User Questions
Consults and resellers
- Knowledgeable home users looking to get the advantage.
- SOHO users and Network administrators that need to be in control.
- Businesses that require easily deployable mission-critical products, across OS platforms.
- Security-conscious consultants that require flexibility.
Injoy Firewall Overview
- 10.0.0.0 - 10.255.255.255
- 172.16.0.0 - 172.16.255.255
- 192.168.0.0 - 192.168.255.255
- Pre-shared Key (PSK) Authentication - peers authenticate themselves using an encrypted password
- Extended Authentication (XAUTH) - user-based authentication
- Group Authentication - adds one more authentication layer by using additional group login/password pair to indicate that peer belongs to some group and let authenticating peer to apply relevant group access rights
- RSA Digital Signatures Authentication (RSA DSS) - Signature based (private/public key) authentication, used in place of PSK.
- x.509 Digital Certificates - the most powerful, but also the most complicated authentication mechanism
- Traditional port forwarding, where port 500 and protocols 50 and 51 are forwarded to the internal IPSec capable PC
- NAT Traversal: An IPSec extension which allows NAT'ed peers to easily establish a VPN tunnel from behind NAT devices - even if both peers are behind NAT
- Using the Firewall GUI.
Click the surface of the GUI with the right mouse button to bring up the pop-up menu. In the pop-up menu select "File | Properties" and then choose the Authorize tab.
- Using the Firewall configuration file.
Navigate to the InJoy Firewall directory and then continue into the "config" subdirectory. In that directory, open gateway.cnf (or gateway.cn_ if gateway.cnf does not yet exist) and fill in your license information.
In other words, NAT permits multiple users with internal IP addresses to use single public routable IP address for Internet access. This is important nowadays, where the IP version 4 address space is limited.
- The client systems must have a DNS server filled in, which is able to resolve Internet domain names
- The client systems default gateway/route must point to the internal IP number of the InJoy Firewall PC.
- The IP addresses of the work-stations must fall within the internal networks specified in ("File | Properties | Network") in the InJoy Firewall GUI.
- IP Forwarding must be enabled on the NAT PC.
To enable the InJoy Firewall DHCP Server, refer to the dialog: "File | Properties | Firewall Server".