Compatible Systems Enterprise-8, A00-1869 manual IP Settings for Setups Behind a Firewall

Page 29

Chapter 6 - Basic Configuration Guide

23

Use the IP Connection Dialog Box to set address parameters for Ethernet 1:0, 3:0, 5:0 and 7:0. These Ethernet interfaces do not have any other settings available because they only handle IPSec traffic and do not do routing.

Use the IPSec Gateway Dialog Box (under Global/IPSec Gateway) to set the IPSec Gateway address. The IPSec Gateway must be on the same IP network as Ethernet 1:0, 3:0, 5:0 and 7:0.

TB: Use the configure command and set the IPAddress, SubnetMask and IPBroadcast keywords, and either the RIPVersion keyword or the OSPFEnabled keyword, in the IP Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and IP Ethernet 6:0 sections.

Use the configure command and set the IPAddress, SubnetMask and IPBroadcast keywords in the IP Ethernet 1:0, IP Ethernet 3:0, IP Ethernet 5:0 and

IP Ethernet 7:0 sections. No other keywords should be configured for these sections.

Use the configure command and set the IPSecGateway keyword in the General section.

IP Settings for Setups Behind a Firewall

If setting up the IntraPort-8 behind a firewall, you need to set some basic IP parameters for Ethernet 0:0, 2:0, 4:0, and 6:0. Ethernet 1:0, 3:0, 5:0 and 7:0 are not used and should not be connected to anything.

IP address (default = 198.41.12.1)

IP subnet mask (default = 255.255.255.0)

IP broadcast address (default = 198.41.12.255)

RIP 1, RIP 2 or OSPF (Open Shortest Path First) for Ethernet 0:0 only

IP gateway for Ethernet 0:0, 2:0, 4:0, and 6:0.

CV: Use the TCP/IP Routing: Ethernet Dialog Box to set the IP address, subnet mask, broad- cast address and IP routing protocol for Ethernet 0:0, 2:0, 4:0, and 6:0. OSPF can only be configured using text-based configuration.

Use the IP Static Routing Dialog Box (under Global/IP Static Routes) to set an IP gateway.

TB: Use the configure command and the IPAddress, SubnetMask, and IPBroadcast keywords in the IP Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and

IP Ethernet 6:0 section.

Use the edit config command and set an IP gateway, in the IP Static section.

ϖNote: The gateway address would typically be an interface on a firewall. It must be on the same TCP/IP network as Ethernet 0:0, IP Ethernet 2:0, IP Ethernet 4:0 and IP Ethernet 6:0. With this setup, you must configure the firewall to allow:

UDP port 500 (ISAKMP)

Protocol number 50, which is the AH (Authentication Header) protocol packet type - and/or -

Protocol number 51, which is the ESP (Encapsulating Security Payload) protocol packet type

Image 29
Contents IntraPort Enterprise-8 VPN Access Server Installation Guide Page CompatiView Software Installation Network InstallationCommand Line Management Introduction to the IntraPort Enterprise-8Shipping Defaults Basic Configuration GuideLED Patterns and Test Switch Settings Appendix a Connector and Cable Pin OutsIii Appendix F Terms and ConditionsLocation of Voltage Switch on the Power Supply Introduction to the IntraPort Enterprise-8 IntraPort Enterprise-8 Installation OverviewIntraPort Enterprise-8 Manual Overview Getting Started Warranty and ServiceFew Notes Please Read the ManualsSupplied with the IntraPort Enterprise-8 Additional Items Needed for InstallationWhat You Will Need to Get Started Mounting Instructions Placement ConsiderationsSafety Guidelines Parts and Tools Changing the Power Supply Voltage SettingsInstalling Mounting Ears for a Telco Rack Installing Mounting Ears and HandlesRack-Mount Brackets Rack-Mount BracketsFastening the Right Bracket to the Rack Right Bracket InstallationFastening the Left Bracket to the Rack Left Bracket InstallationLowering the Shelf Securing the ShelfMoving the Unit into a Standard Equipment Rack Moving the Unit into the RackPlacing the Unit in a Standard Equipment Rack Placing the Unit in an Equipment RackSecuring the Unit to the Rack Securing the Unit to the RackPhysical Connection Requirements Network InstallationDetail of Riop Cards Connecting the Server to the EthernetPower Alarm Information Connecting a Management ConsolePowering Up the Server Installation and Operation CompatiView Software InstallationCompatiView for Windows System RequirementsTransport Protocols and CompatiView Out-of-Band Command Line Management Command Line ManagementSetting Up Telnet Operation Ethernet Interface Configuration Basic Configuration GuideIP Settings for Setups in Parallel with a Firewall IP ProtocolIP Settings for Setups Behind a Firewall AppleTalk Protocol Configuring the Server for LAN-to-LAN TunnelsIPX Protocol Required for Client Tunnel Configurations Configuring the Server for IP and IPX Client TunnelsSuggested for Client Tunnel Configurations VPN User DatabaseRadius Server User Authentication Settings Setting up Radius AuthenticationSetting the IntraPort Enterprise-8 for a Radius Server ACE/Server Settings Setting up SecurID AuthenticationSetting the IntraPort Enterprise-8 for an ACE/Server Saving a Configuration File to Flash ROM Ethernet Interfaces Shipping DefaultsDefault Password IntraPort Enterprise-8 LED Patterns IntraPort Enterprise-8 Switch Settings Pin Outs for DB-25 Male to DB-25 Female Console Cable Appendix a Connector and Cable Pin OutsAppendix B Downloading Software From Compatible Systems Appendix C Security Dynamics ACE/Server Information Removing and Replacing an Riop Card or Cover Plate Appendix D Adding or Replacing Riop CardsReplacing or Cleaning the Intraport Enterprise-8 Air Filter Appendix E When the Over Temp Light Comes OnAppendix F Terms and Conditions Appendix F Terms and Conditions