Nortel Networks BSR222 manual Advanced Router Configuration

Page 35

Chapter 5 User Notes 35

Both RIP-1 and RIP-2

Advanced Router Configuration

The following notes are intended to help with advanced router configuration.

Setting up the router when the system has a server

1If you are using a Full-Feature NAT configuration, first, do the following...

a In SUA/NAT / Address Mapping, add a 'Server' rule, specifying the 'Public' IP address of the server.

2For both SUA-Only and Full-Feature NAT configurations, do the following...

a In SUA/NAT : SUA Server, add server private IP address and port number(s) to the SUA/NAT Server table.

b In FIREWALL, add a WAN-to-LAN rule

c If the service is not in the list of available services, add it as a 'Custom Port'.

d Add the rule, selecting the service, and entering the server IP address as the destination IP address.

Connecting two sites to establish a virtual private network

The recommended method to do this is through a branch-to-branch IPSec tunnel.

1In VPN / Summary, add a new tunnel by editing an unused rule. Create an Active, Branch Office tunnel.

a Select 'Nailed Up' if the tunnel should not be closed while not in use.

b Enter the authentication information, with either a pre-shared key or an imported certificate.

c Enter the IP Address assigned to the router WAN port. This should be a static address, or a dynamic DNS name, and the IP address of the remote router.

d Select the encryption and authentication algorithms.

e Add an IP policy, by specifying the IP address ranges of the local and remote hosts that will use the tunnel.

Nortel Business Secure Router 222 — Fundamentals

Image 35

Contents Nortel Business Secure Router 222 Fundamentals Trademarks Copyright NortelContents Chapter User Notes Page NN47922-301 Before you begin PrefaceRelated publications Hard-copy technical manuals How to get help AC Power Adapter Specifications Internet account information worksheet Chapter Introducing the Business Secure RouterIntroducing the Business Secure Router NN47922-301 Chapter Hardware installation Label Description Front panelRear panel PowerHardware installation NN47922-301 Static or dynamic configuration Windows 2000/NT/XP Chapter Setting up your computer IP addressSetting up your computer IP address Checking your computer IP address Command PromptSetting up your computer IP address NN47922-301 Accessing your Business Secure Router via the WebGUI Chapter Configuring your Business Secure RouterConfiguring your Business Secure Router Configuring your Business Secure Router Using the wizard to configure for internet access Configuring your Business Secure Router Internet connection with ethernet Internet connection with PPPoE Internet connection with Pptp WAN IP address assignment System DNS servers Test your internet connectionGeneral Chapter User NotesGeneral Notes VPN Client Termination FirewallUser Notes Routing SecurityConnecting two sites to establish a virtual private network Advanced Router ConfigurationSetting up the router when the system has a server Adding IP telephony to a multi-site network Allowing remote management of a LAN-connected BCM50 Preventing heavy data traffic from impacting telephone calls Setting up the router for guest accessSetting Up a Remote Office with a UNIStim IP Telephone VPN Connections With Cisco Routers Inter-Operability With Third-Party RoutersProblem You cannot ping any computer on the LAN Chapter TroubleshootingProblem You cannot access the Internet Problem You cannot get a WAN IP address from the ISP