Panasonic 7 Manuel d'utilisateur

Naviguer en ligne ou télécharger Manuel d'utilisateur pour Matériel Panasonic 7. Panasonic 7 User Manual Manuel d'utilisatio

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 178
  • Table des matières
  • MARQUE LIVRES
  • Noté. / 5. Basé sur avis des utilisateurs

Résumé du contenu

Page 1 - N&RTEL

Part No. NN46110-500 311642-M Rev 01 February 2007 Document status: Standard600 Technology Park Drive Billerica, MA 01821-4130Version 7.00Nortel VPN R

Page 2 - Statement of conditions

10 ContentsNN46110-500

Page 3 - 4. General

100 Chapter 5 Configuring the systemConfiguring multinetting using the CLITable 8 shows the command syntax for configuring multinetting using the CLI.

Page 4

Chapter 5 Configuring the system 101Table 9 displays the command syntax for configuring OSPF. Table 9 Configuring OSPF over a secondary addressCommand

Page 5 - Contents

102 Chapters Configuring the systemTable 9 Configuring OSPF over a secondary addressCommand description Command syntaxSet the OSPF priority on a secon

Page 6 - 6 Contents

Chapter 5 Configuring the system 103Table 10 Configuring RIP over a secondary addressCommand description Command syntaxDisable importing of default ro

Page 7 - Chapter 5

104 Chapters Configuring the systemThe MSS should be 40 bytes less than the largest packet the implementation can re-assemble.5 Interface filter show

Page 8 - 8 Contents

Chapter 5 Configuring the system 105Asynchronous data over TCPAsynchronous data over TCP (AOT) is a protocol that enables transport of asynchronous da

Page 9

106 Chapters Configuring the system3 Select Public or Private for Service.4 Click the Connection Originator to enable.5 Specify the Peer IP address

Page 10 - NN46110-500

Chapter 5 Configuring the system 107NTP supports the 2007 Daylight Savings Time change in the United States andvarious Canadian provinces. In 2007, Da

Page 11

108 Chapters Configuring the system5 Click on the Return to the Date and Time window link to return to the previous window.Configuring system setting

Page 12 - 12 Figures

Chapter 5 Configuring the system 109• Serial Menu (default). In this mode, a standard menu interface is presented. You can use an application such as

Page 13

11FiguresFigure 1 Typical PDN ... 26Figure 2 VPN service

Page 14 - 14 Tables

110 Chapters Configuring the system— 2400— 1200 — 600— 300— 150d Data, Parity, and Stop applies only when AoT is selected.e Enter the Modem Initia

Page 15 - Text conventions

Chapter 5 Configuring the system 111Using proxy ARPYou can configure the Nortel VPN Router to respond to ARP requests on any of its physical interface

Page 16 - 16 Preface

112 Chapters Configuring the systemUsing the SSH server to allow secure sessionsYou can enable an SSH server to allow secure CLI sessions, such as tel

Page 17 - Acronyms

Chapter 5 Configuring the system 113Configuring the SSH serverTo set the parameters for the SSH server:1 Select Services > Available.The Allowed S

Page 18 - 18 Preface

114 Chapters Configuring the systemFigure 18 Allowed Services windowAllowed ServicesTunnel Type Public PrivateIPsecP PPPTPP PL2TP & L2FP PFirewall

Page 19 - Related publications

Chapter 5 Configuring the system 115Using the CLI for SSH serverDefining an SSH server (CLI)To configure an SSH server on the Nortel VPN Router, from

Page 20 - How to get Help

116 Chapters Configuring the systemDisplaying the current settings for the SSH serverTo display the current settings for the SSH server, from CLI Glob

Page 21 - Preface 21

Chapter 5 Configuring the system 117Restricted product - export license requirementThis product incorporates encryption technology that is highly rest

Page 22 - 22 Preface

118 Chapters Configuring the systemNN46110-500

Page 23 - New in this release

119Chapter 6Configuring branch office tunnelsThe branch office feature allows you to configure a secure tunnel connection between two private networks

Page 24 - SSH server configurations

12 FiguresFigure 30 Roaming from behind NAT to behind NAT ...150Figure 31 Roaming from behind NAT to no NA

Page 25 - Overview

120 Chapter 6 Configuring branch office tunnelsFigure 19 Typical branch office environmentThe section “Configuring a branch office” on page 128” provi

Page 26 - Virtual private networking

Chapter 6 Configuring branch office tunnels 121Figure 20 Branch-to-branch with a firewall and a routerLAN Public LANPrivate LANIn the branch-to-branc

Page 27 - Licensing features

122 Chapter 6 Configuring branch office tunnelsFigure 21 Indirectly connected branch officesIn branch offices, you might have two or more branches tha

Page 28 - Command line interface

Chapter 6 Configuring branch office tunnels 123PPTP nested tunnelsNested tunnels allow you to create a PPTP end user tunnel inside an IPSec branch off

Page 29 - Getting started

124 Chapters Configuring branch office tunnelsDNS for branch office tunnel endpointsWhen configuring branch office tunnels with the Nortel VPN Router,

Page 30 - 30 Chapter 2 Getting started

Chapter 6 Configuring branch office tunnels 125Figure 22 VPN DNSWhen you configure an initiator for an asynchronous branch office tunnel, you can use

Page 31 - Management virtual address

126 Chapter 6 Configuring branch office tunnelsA DNS server will be aware of all the IP addresses that correspond to a particular domain name. When a

Page 32 - 32 Chapter 2 Getting started

Chapter 6 Configuring branch office tunnels 127branch offices are configured to use a domain name as a remote endpoint of the ABOT tunnel. When two in

Page 33 - Chapter 2 Getting started 33

128 Chapters Configuring branch office tunnelsThe Nortel VPN Client supports dynamic DNS registration. The Client Dynamic DNS Registration setting on

Page 34 - 34 Chapter 2 Getting started

Chapter 6 Configuring branch office tunnels 129Figure 25 Setting up a branch office configurationWhich Management Page to Use?1What to Do?23Settings f

Page 35 - Chapter 2 Getting started 35

13TablesTable 1 Sample IP addressing associations ...30Table 2 Services supported on a multine

Page 36 - Configuring Interfaces

130 Chapters Configuring branch office tunnelsAdding a groupTo create a new group:1 Select Profiles > Branch Office.2 In Groups section, click Ad

Page 37 - Chapter 2 Getting started 37

Chapter 6 Configuring branch office tunnels 131Configuring a tunnel connectionTo configure a connection:1 On the Profiles > Branch Office window,

Page 38 - Multinetting

132 Chapters Configuring branch office tunnels6 Click the Filters drop-down list and choose the filter that you want this branch office connection to

Page 39 - Chapter 2 Getting started 39

Chapter 6 Configuring branch office tunnels 133network, select it from the list and the Connection Configuration window appears. These networks have b

Page 40 - 40 Chapter 2 Getting started

134 Chapters Configuring branch office tunnelsFigure 26 Sample branch office configurationAs the administrator of a branch office connection, you can

Page 41 - Figure 7 Deployment Scenario

Chapter 6 Configuring branch office tunnels 135The Profiles > Filters window must have the filters that you want to use for the branch office conne

Page 42 - 42 Chapter 2 Getting started

136 Chapters Configuring branch office tunnels12 Click on the Test button on each end of the tunnel to verify connectivity.13 Try to ping from on PC

Page 43 - Nortel VPN Router

137Chapter 7Configuring control tunnelsControl tunnels are special tunnels that allow you to securely manage a Nortel VPN Router over the Internet. Th

Page 44 - 44 Chapter 2 Getting started

138 Chapter? Configuring control tunnelsFigure 27 Branch office control tunnelVPN Server 3VPN Server 4Control tunnel typesThere are two types of contr

Page 45 - Chapter 2 Getting started 45

Chapter 7 Configuring control tunnels 139Figure 28 Sample control tunnel environmentBranch office control tunnels allow anyone on the configured netwo

Page 47 - Chapter 2 Getting started 47

140 Chapter? Configuring control tunnelsIn this environment, the remote Boston Nortel VPN Router is a control tunnel to the local Cleveland Nortel VPN

Page 48 - 48 Chapter 2 Getting started

Chapter 7 Configuring control tunnels 141To create a nailed-up control tunnel using the nailed-up parameter:1 Go to Profiles > Branch Office windo

Page 49 - Chapter 2 Getting started 49

142 Chapter? Configuring control tunnels1 Initiate a Telnet session to the customer’s Nortel VPN Router.2 Enter the appropriate control create strin

Page 50 - Using boot modes

Chapter 7 Configuring control tunnels 143Enter a name and then select select the parent group whose attributes the new group inherits; for example, /B

Page 51 - Chapter 2 Getting started 51

144 Chapter? Configuring control tunnelsConfiguring a control tunnel connectionTo configure a Control Tunnel connection:On the Connection Configuratio

Page 52 - Preparing for configuration

Chapter 7 Configuring control tunnels 145• In the remote endpoint address field, enter the address of the remote Nortel VPN Router (for example, 132.

Page 53 - Chapter 2 Getting started 53

146 Chapter? Configuring control tunnels12 Click Create Local Network to go the Profiles > Networks window and define a local network. The Local n

Page 54 - 54 Chapter 2 Getting started

147Chapter 8Configuring IPSec mobility and persistent modeA large number of companies choose to secure access to their corporate networks via VPN usin

Page 55 - Chapter 2 Getting started 55

148 Chapter 8 Configuring IPSec mobility and persistent modeFigure 29 Example configurationOne solution to this problem is to use mobile IP technology

Page 56 - Welcome window

Chapter 8 Configuring IPSec mobility and persistent mode 149IPSec mobility on Nortel VPN RouterNortel VPN Router provides a new concept of IPSec mobil

Page 57 - Chapter 2 Getting started 57

15PrefaceThis guide introduces the Nortel VPN Router. It also provides overview and basic configuration information to help you initially set up your

Page 58 - 58 Chapter 2 Getting started

150 Chapter 8 Configuring IPSec mobility and persistent modeThe Nortel VPN Client status monitor reports if roaming is enabled for the session. The ev

Page 59 - Chapter 3

Chapter 8 Configuring IPSec mobility and persistent mode 151Roaming from behind NAT to no NATIn Figure 31 before roaming a client was connected via AP

Page 60

152 Chapter 8 Configuring IPSec mobility and persistent modeIPSec mobility in NAT environmentIn some situations roaming in the environment of NAT devi

Page 61

Chapter 8 Configuring IPSec mobility and persistent mode 153When operating in IPSec mobility mode with split tunneling enabled, the Nortel VPN Client

Page 62 - Enterprise environment

154 Chapter 8 Configuring IPSec mobility and persistent modeMaximum roaming timeMaximum roaming time is the time used by the Nortel VPN Client to keep

Page 63 - Service provider environment

Chapter 8 Configuring IPSec mobility and persistent mode 155Persistent tunnelingA persistent VPN connection provides the ability to maintain a VPN con

Page 64

156 Chapter 8 Configuring IPSec mobility and persistent modeSession persistence time should be longer than the roaming time as persistence starts only

Page 65 - Deployment procedure

Chapter 8 Configuring IPSec mobility and persistent mode 157Figure 32 Groups edit IPSec window2 Scroll down to Mobility Support and select Enabled. T

Page 66 - Table 6 BOQS parameters

158 Chapter 8 Configuring IPSec mobility and persistent modeIPSec mobility performs at higher level than physical adapters. As a result, the PC on whi

Page 67

Chapter 8 Configuring IPSec mobility and persistent mode 159To enable IPSec mobility:CES(config-group/ipsec)#mobility enableTo disable IPSec mobility:

Page 68

16 Prefacebraces ({})brackets ([ ])ellipsis points (. . . )italic textplain Courier textIndicate required elements in syntax descriptions where there

Page 69

160 Chapter 8 Configuring IPSec mobility and persistent modeTo view the IPSec configuration for the group, for example Base:CES(config)#show groups ip

Page 70 - PPPoE instructions

Chapter 8 Configuring IPSec mobility and persistent mode 161ConfiguredClient web page Saver Password Required Client screen Saver Activation Time Clie

Page 71 - Static IP instructions

162 Chapter 8 Configuring IPSec mobility and persistent modeNN46110-500

Page 72 - Compact flash disk

163Appendix ABranch office quick start templateThe branch office quick start template provides a list of values that the local Nortel VPN Router 1010/

Page 73

164 Branch office quick start templateNN46110-500

Page 74

165Glossaryacknowledgement (ACK)A type of message sent to indicate that a block of data arrived at its destination without error.address masksIP addre

Page 75 - Configuring user tunnels

166 GlossaryDiffie-HelmanA key agreement algorithm that does key establishment, not encryption. However, the key it produces may be used for encryptio

Page 76

Glossary 167firewallA collection of hardware and software components that controls communication between two networks, such as a private network and t

Page 77

168 GlossaryIP addressThe identifiers used by the protocols that govern Internet information exchange. The Internet Network Information Center assigns

Page 78

Glossary 169management IP addressThe IP address that is used to manage all system services from a Web browser, such as HTTP, FTP, and SNMP. This addre

Page 79

Preface 17separator ( > ) vertical line ( | )Shows menu paths.Example: Choose Status > Health Check.Separates choices for command keywords and a

Page 80

170 GlossaryPoint-to-Point Protocol (PPP)A protocol that provides a method for transmitting packets over serial point-to-point links.Point-to-Point Tu

Page 81 - Setting up user tunnels

Glossary 171Routing Information Protocol (RIP)A distance vector, as opposed to link state, routing protocol.RSA digital signatureA public-key encrypto

Page 82

172 GlossaryA method used by RIP in which a new routing table is sent almost immediately after a routing change has been made. This is in contrast to

Page 83

173IndexAaccess hours 78, 81, 119 accessible networks 120, 121 asymmetric branch office tunnel (ABOT) 119 asynchronous data over TCP (AOT) 105authenti

Page 84

174 Indexpassword 51default routebranch office 121DHCP client 94 DNSbranch office tunnel endpoints 124 host name 92 round robin DNS 125 Dynamic DNS (D

Page 85

Index 175filter 95Internet domain 92 inverse split tunneling 85IP address assigning 29 currently assigned 95IPSec mobility configuring 156 logging 149

Page 86

176 IndexNnavigational menu 57 nested tunnels 123Network Address Translation (NAT) 122 Network Time Protocol (NTP) 106Nortel VPN Router 1010/1050/1100

Page 87 - Inverse split tunneling

Index 177SSafe mode 50, 108search for users 84serial interface 31, 45services 56split tunnel 76, 84subnet mask 95subnetworks 119Switch concepts 25Symm

Page 88

178 IndexWWeb browser interface 50 Web interface options 53 Welcome display 56NN46110-500

Page 89

18 PrefaceNAT network address translationNOCnetwork operations centerNTP Network Time ProtocolNVR Nortel VPN RouterOSPFOpen Shortest Path FirstOSS ope

Page 90

Preface 19Related publicationsFor more information about the Nortel VPN Router, refer to the following publications:Release notes provide the latest i

Page 91 - Configuring the system

Copyright © 2007 Nortel Networks. All rights reserved.The information in this document is subject to change without notice. The statements, configurat

Page 92

20 PrefaceHard-copy technical manualsYou can print selected technical manuals and release notes free, directly from the Internet. Go to the www.nortel

Page 93 - Setting up LAN interfaces

Preface 21• search the Technical Support Web site and the Nortel Knowledge Base for answers to technical issues• sign up for automatic notification

Page 94

22 PrefaceNN46110-500

Page 95 - Edit LAN Interface window

23New in this releaseThe following sections details what is new in Nortel VPN Router Configuration - Basic Features for Release 7.0.Network Time Proto

Page 96

24 New in this releaseSystemlog lifetime or disk size limit usage optionVPN Router allows you to choose between setting a log file disk size limit or

Page 97

25Chapter 1 OverviewThis chapter introduces the Nortel VPN Router. The Nortel VPN Router is a family of products that deliver security and IP services

Page 98

26 Chapter 1 OverviewNortel VPN Router access allows remote users to dial in to an Internet Service Provider (ISP) anywhere and reach corporate headqu

Page 99 -

Chapter 1 Overview 27Figure 2 VPN service modelsThe Nortel VPN Router uses a combination of authorization, authentication, privacy, and access control

Page 100 - Deleting an IP address

28 Chapter 1 OverviewThe Nortel VPN Router Stateful Firewall License key must be installed to enable the Nortel VPN Router Stateful firewall.Tunnel ke

Page 101

29Chapter 2 Getting startedThis chapter describes methods for configuring and managing the Nortel VPN Router .Note: If you are setting up a Nortel VPN

Page 102 - NN46110-S00

Nortel Networks Inc. software license agreementThis Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nor

Page 103

30 Chapter 2 Getting startedFigure 3 Sample IP addressing schemeTable 1 Sample IP addressing associationsIP address Description (when applicable, wher

Page 104

Chapter 2 Getting started 31Table 1 Sample IP addressing associations (continued)10.2.1.23 DHCP-assigned IP address for a remote user10.8.4.6 Sample r

Page 105 - Asynchronous data over TCP

32 Chapter 2 Getting started• Identification• CRL Retrieval• CMPTo enable or disable management protocols, go to Services > Available window. Fr

Page 106

Chapter 2 Getting started 33Figure 6 shows MVA using CLIP to manage from a remote PC tunneled from the public side.Figure 6 MVA managing from a remote

Page 107

34 Chapter 2 Getting startedConfiguring MVA with the serial menuTo configure the MVA with the serial menu:1 Connect the serial cable (supplied with y

Page 108 - Configuring system settings

Chapter 2 Getting started 35Note: This administrator’s password is also the primary administrator’s password. This password guarantees access to the

Page 109

36 Chapter 2 Getting started7 Type M and press Enter to change the Management IP address. The current IP address appears. The Old Managem

Page 110

Chapter 2 Getting started 37Utilized Channels (Fractional T1) 1 212345678902345678901234Currently=R) Return to the Main Menu.Please select a menu choi

Page 111 - Using proxy ARP

38 Chapter 2 Getting started7 Type E and press Enter to save the settings and exit. You can then manage the Nortel VPN Router from a Web browser.Mult

Page 112 - Using the GUI for SSH server

Chapter 2 Getting started 39Table 2 shows the services supported on a multinetted interface. Table 2 Services supported on a multinetted interfaceServ

Page 113 - Configuring the SSH server

Government, the respective rights to the software and software documentation are governed by Nortel Networks standard commercial license in accordance

Page 114

40 Chapter 2 Getting startedTable 2 Services supported on a multinetted interfaceService Integration descriptionAuthentication Protocols (RADIUS)Supp

Page 115 - Using the CLI for SSH server

Chapter 2 Getting started 41Figure 7 Deployment ScenarioChanging the management IP addressTo manage the system, the network must have a route to the m

Page 116 - Disabling the SSH server

42 Chapter 2 Getting started• 1 stop bit• No parity• No flow controlThe Welcome window appears and you are prompted to supply a user name and passw

Page 117

Chapter 2 Getting started 43The following menu appears:Main Menu: System is currently in NORMAL mode.0) Management Address1) Interfaces2) Administrato

Page 118

44 Chapter 2 Getting startedRestricting source IPs access to managementYou are able to filter management access of source IP addresses. Access Lists (

Page 119 - Chapter 6

Chapter 2 Getting started 45To set an ACL for TELNET, enter the following NNCLI command:CES(config)#telnet access-list <the_name_of_an_acl>To re

Page 120

46 Chapter 2 Getting startedUsing a terminal emulation program, such as HyperTerminal on the PC, press Enter. The Welcome window appears and you are p

Page 121 - Private LAN

Chapter 2 Getting started 475 Please enter the administrator's password: setupNote: The factory default user name is admin and the default passwo

Page 122

48 Chapter 2 Getting startedInterface Menu0) Slot 0, Port 1, Private LAN IP Address = 47.17.163.163 Subnet Mask = 255.255.255.240 Speed/Duplex = AutoN

Page 123 - PPTP nested tunnels

Chapter 2 Getting started 498 Select 0 and press Enter to enter the Slot 0, Port 1, Private LAN menu and add the interface IP address.Please select a

Page 124

ContentsPreface...15Before you begin ...

Page 125 - Round Robin DNS

50 Chapter 2 Getting startedUsing boot modesThe Nortel VPN Router can be booted in one of two system modes: Safe mode or Normal mode. Each mode has it

Page 126 - Figure 23 Failover example

Chapter 2 Getting started 513 Enter the system default login and password in lowercase characters, as follows:Login: ad^in Password: setupAt this poi

Page 127 - Dynamic DNS

52 Chapter 2 Getting startedPreparing for configurationTo properly prepare for configuration of the Nortel VPN Router, you should havethe following it

Page 128 - Configuring a branch office

Chapter 2 Getting started 53• Manufacturer of device as well as firmware version, throughput, and any special configuration requirements for any devi

Page 129 - What to Do?

54 Chapter 2 Getting startedTable 4 Configuration checklist (continued)window Values required Your ValuesSystem > Identity Primary IP address Secon

Page 130 - Adding a tunnel

Chapter 2 Getting started 55Table 4 Configuration checklist (continued)window Values required Your ValuesServers > Radius Auth Access (enabled or d

Page 131

56 Chapter 2 Getting startedTable 4 Configuration checklist (continued)window Values required Your ValuesAdmin > License Keys Install License KeysA

Page 132

Chapter 2 Getting started 57• Click on Guided Config to begin the Guided Configuration. This option allows access to all Configuration Management faci

Page 133

58 Chapter 2 Getting startedNN46110-500

Page 134

59Chapter 3Setting up the Nortel VPN Router 1010, 1050, and 1100This chapter provides instructions for the network administrator who is responsible fo

Page 135

6 ContentsChapter 2Getting started...29IP addressing...

Page 136

60 Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100 Figure 8 Default configuration □By default, the Nortel VPN Router 1010, 1050, and 1

Page 137 - Configuring control tunnels

Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100 61Branch office quick start utilityThe branch office quick start utility (BOQS) simpli

Page 138 - Control tunnel types

After the VPN services are provisioned, branch office networks are logically connected to a central office network or to a NOC network. Branch office

Page 139

• Set the Text Pre-Shared Key to the same name as central office tunnel password.• Set Dynamic Routing to enabled.• Set RIP to enabled.After the ce

Page 140 - Nailed-up control tunnels

Every Nortel VPN Router 1010, 1050, and 1100 must have a distinct IP address that is visible from the NOC subnet. A NOC can assign any address reachab

Page 141 - Creating control tunnels

Deployment procedureThe following sequence of events illustrates the deployment procedure.• Factory configured Nortel VPN Router 1010, 1050, and 1100

Page 142

66 Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100Table 6 contains the BOQS parameters. Table 6 BOQS parametersCentral office tunnel c

Page 143 - Adding a control tunnel

Branch office quick start templateThe branch office quick start template provides a list of values that the local Nortel VPN Router 1010, 1050 or 1100

Page 144

68 Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100Power cordAC to DC external power supplyMolded serial cable RJ-45 to DB9Ethernet cro

Page 145

7 Press the power switch to the “on” position and wait for the VPN Router to boot.Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100 69N

Page 146

Contents 7Chapter 4Configuring user tunnels... 75Configuring group character

Page 147 - Chapter 8

• If your ISP uses static IP addressing, go to “Static IP instructions” on page 71.”70 Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100

Page 148

6 Set the Administrative State option to Enabled.7 From the Interface Filter list, choose permit all.8 Click on OK.9 Locate the provisioning works

Page 149 - Roaming performance factors

12 In the Gateway Address field, type the default route address that the ISP provided.13 Click on OK.14 Locate the provisioning worksheet sent by t

Page 150 - IPSec mobility and NAT

• Numerous text filesYou can store two software images on the flash disk at the same time. Operationalchanges for the compact flash disk are:• The c

Page 151

74 Chapter 3 Setting up the Nortel VPN Router 1010, 1050, and 1100NN46110-500

Page 152 - Routing table changes

75Chapter 4Configuring user tunnelsThe Nortel VPN Router uses the Internet and tunneling protocols to create secure connections. The following section

Page 153 - Initial contact payload (ICP)

76 Chapter 4 Configuring user tunnelsThe Nortel VPN Router associates all remote users with a group, which dictates the attributes that are assigned t

Page 154 - Maximum roaming time

Chapter 4 Configuring user tunnels 77For example, \Base is the base group, Research and Development and Finance are child groups of the base group, an

Page 155 - Persistent tunneling

78 Chapter 4 Configuring user tunnelsConfiguring group characteristicsIn addition to assigning users to groups and providing authentication access, yo

Page 156 - Configuring IPSec mobility

Chapter 4 Configuring user tunnels 79• Maximum password age is the time after which the login password expires. The Maximum Password Age range is fro

Page 157

8 ContentsChapter 6Configuring branch office tunnels...119PPTP nested tunnels...

Page 158

80 Chapter 4 Configuring user tunnelsPort, and TCP Connection establishment. Go to the Profiles > Filters window to create tunnel filters.13 Selec

Page 159

Chapter 4 Configuring user tunnels 81c Choose an Excess Action for traffic handling, either Drop or Mark.You can also choose Define new bandwidth rate

Page 160

82 Chapter 4 Configuring user tunnels1 Choose Services > Available.2 Select the tunnel type.3 Select the Management Protocol for the Nortel VPN

Page 161 - To exit configuration mode:

Chapter 4 Configuring user tunnels 832 After selecting a group, you must click on Display to view the group members. This allows you to quickly chang

Page 162

84 Chapter 4 Configuring user tunnelsStatic IP Address option in the Profiles > Groups > Connectivity option (it is only used if the group allow

Page 163 - Appendix A

Chapter 4 Configuring user tunnels 85LDAP search allows you to enter any LDAP database attribute that is part of the person, organizational Person, or

Page 164

86 Chapter 4 Configuring user tunnelsThe security of a mandatory tunnel is partially compromised by the addition of inverse split tunneling in a way s

Page 165 - Glossary

Chapter 4 Configuring user tunnels 87To select the split tunneling mode in which you wish to operate, the Split Tunneling drop down menu has been modi

Page 166 - 166 Glossary

88 Chapter 4 Configuring user tunnelsFigure 12 Edit > IPsec page for wildcard2 Select Enabled - Inverse or Enabled Locally Connected from the Spli

Page 167 - Glossary 167

Chapter 4 Configuring user tunnels 893 Select None from the Split Tunnel Networks menu.4 Select a network from the Inverse Split Tunnel Networks men

Page 168 - 168 Glossary

Contents 9Routing table changes...152Initial contact payload (IC

Page 169 - Glossary 169

90 Chapter 4 Configuring user tunnelsNN46110-500

Page 170 - 170 Glossary

91Chapter 5Configuring the systemThis chapter describes how to configure various system-level features:LAN interfaces WAN interfaces 802.1q VLAN subin

Page 171 - Glossary 171

92 Chapter 5 Configuring the system1 Enter a Management IP Address for the system. You need this address to contact all system services, such as HTTP

Page 172 - 172 Glossary

Chapter 5 Configuring the system 9310 Click on OK. The Nortel VPN Router checks all of the DNS addresses to see if they respond and then provides an

Page 173

94 Chapter 5 Configuring the systemA host can send only enough packets to a public interface to establish a tunnel connection. If the tunnel is not es

Page 174 - 174 Index

Chapter 5 Configuring the system 95From the Select Protocol list, select the tunneling protocol to use: IP is the standard Internet Protocol, and Poin

Page 175 - Index 175

96 Chapter 5 Configuring the systemAdditional fields appear on the Edit LAN Interface window for optional network cards. LAN represents the physical p

Page 176 - 176 Index

Chapter 5 Configuring the system 974 MAC Pause (Ethernet packet flow control) section enables the Nortel VPN Router to automatically adjust and contr

Page 177 - Index 177

98 Chapter 5 Configuring the systemTo add an IP address:1 Click the Add Multinet button on the LAN Interfaces window.Figure 14 on page 98 shows the L

Page 178 - Welcome display 56

Chapter 5 Configuring the system 99Figure 15 LAN Interfaces > Add IP Address windowN0RTELSystem “ Identity- ATM- LAN- WAN“ Dial Interface “ Circ

Commentaires sur ces manuels

Pas de commentaire