A Finmeccanica Company
AgustaWestland UK - Firewall VPN Addition
Vendor Code:
VPN ID:
To be completed by AgustaWestland
Firewall Information
Make:
Model:
Version:
Internet IP Address:
VPN Information
Encryption Scheme:
IKE
IKE Renegotiation:
1440 minutes
IKE Key Exchange Encryption:
AES-256
IKE Data Integrity:
SHA1
IKE Diffie-Hellman Group:
5 (1536bit)
IPSEC Renegotiation:
3600 seconds
IPSEC Data Encryption:
AES-256
IPSEC Data Integrity:
SHA1
IPSEC Perfect Forward Secrecy:
Yes
Pre-Shared Secret:
To Be Advised using PGP encrypted e-mail
Diffie-Hellman Group:
5(1536bit)
VPN A-End (AW(UK))
Firewall IP Address
194.169.32.245
194.169.33.0/24
Encryption Domain:
194.169.35.0/24
172.30.0.0/16
To be completed by AgustaWestland
Services Exposed:
Page 1 of 3
WA3907/5
Contact Name:
To be completed by AgustaWestland
Contact Tel.:
To be completed by AgustaWestland
Contact E-mail:
To be completed by AgustaWestland
VPN B-End (Supplier)
Encryption Domain:
Services Exposed:
None
Contact Name:
Contact Tel.:
Contact E-mail:
Office Use Only
Help Desk Reference
Page 2 of 3
WA3907/5
Guidance
AgustaWestland (UK) is requesting the setting up of a Virtual Private Network between our two
companies.
The following notes are to assist you in providing the information we require from you and in
understanding the information we are providing to you.
Firstly, are you the best person to provide and understand the necessary technical information?
Please route this form to whoever manages and configures your firewall on the internet connection.
This may be a third party (service provider) or Internet Service Provider.
If you don’t have a firewall we can’t establish a VPN so will need to discuss other secure
connections. Contact me on the number below.
Next please complete under Firewall Information the Make, Model and Version (Hardware or
Software) of your firewall and its external IP address.
In the next section VPN Information we are providing to you the parameters of the VPN. These
parameters relate to the set up of the IKE Key exchange protocol and to the IPSEC
implementation. Please review and report any issues you have with these.
The VPN A-End table defines to you the servers and services we are allowing you to connect to.
These services are the only ones you are authorised to connect to.
Please complete the VPN B-End table with contact details for your technical expert. We need this
to send the pre-shared secret which will be despatched to the contact (only). We use PGP
encryption for the exchange of the secret. Please protect this information in the same way you
would any other provided sensitive information.
In “encryption domain” identify all the computers you wish to connect to us over the VPN. We
would expect you to identify either a single IP address or range of IP addresses in a suitable
notation e.g. 1.2.3.4 or 1.2.3.4/32 etc. Please identify if you are using NAT or any other internal
addressing schemes.
Please return the form to me at the address below. We will register the VPN and give it a unique
identifier. We will provide back to you the agreed information.
David Hammonds
Security and Connectivity Manager.
Box 109
AgustaWestland
Lysander Road
Yeovil
BA20 2YB
Tel : +44 (0)1935 702516
Email: dave.hammonds@agustawestland.com
Page 3 of 3
WA3907/5