Headquarters

2. Configure IP for internet access

Give a fixed public address to the interface eth0, which is the Internet connection interface. You can replace eth0 with ppp0 if you use a leased line.

enable ip

add ip int=eth0 ip=200.200.200.1

Give a fixed private address to the interface vlan1, which connects the router to the headquarters LAN.

add ip int=vlan1 ip=192.168.140.254

Set the default route. The next hop is the gateway address provided by the ISP.

add ip rou=0.0.0.0 mask=0.0.0.0 int=eth0 next=200.200.200.254

If desired, set up the router as a DHCP server for the headquarters LAN.

create dhcp policy=hq lease=7200

add dhcp policy=hq rou=192.168.140.254 add dhcp policy=hq subn=255.255.255.0

create dhcp range=hq_hosts policy=hq ip=192.168.140.16 num=32 ena dhcp

3. Configure remote management access, if desired

If you need remote management access, we strongly recommend that you use Secure Shell (SSH). You should not telnet to a secure gateway.

To configure SSH, define appropriate RSA encryption keys, then enable the SSH server.

create enco key=2 type=rsa length=1024 description="host key" format=ssh

create enco key=3 type=rsa length=768 description="server key" format=ssh

enable ssh server serverkey=3 hostkey=2

Enable the user who connects via SSH to log in as secoff, by adding the secoff user as an SSH user. Also, you may choose to restrict access so that it is only permitted from particular addresses.

add ssh user=secoff password=<secoff-password> ipaddress=<trusted-remote-ip-address> mask=<subnet-mask-of-trusted-hosts>

disable telnet server

Secure Shell is a more secure, encrypted method of remote management access than telnet. If you need to use telnet, even though it is insecure, you should restrict access by defining

Page 9 AlliedWare™ OS How To Note: VPNs for Corporate Networks

Page 9
Image 9
Allied Telesis AR440S manual Configure IP for internet access, Configure remote management access, if desired

AR440S specifications

Allied Telesis offers a range of advanced routers designed to meet the connectivity and operational needs of modern enterprises. Among its extensive lineup, the AR450S, AR441S, AR415S, AR442S, and AR440S models stand out for their robust features and technologies, making them ideal solutions for various networking environments.

The Allied Telesis AR450S is a high-performance router tailored for service providers and large enterprises. It supports advanced routing protocols, including IPv4 and IPv6, ensuring compatibility with both legacy and modern networks. The AR450S boasts substantial throughput capabilities, making it suitable for bandwidth-intensive applications. Its versatile WAN options, including Ethernet and cellular connectivity, allow seamless integration into diverse network architectures.

Next in the lineup is the AR441S, which focuses on providing enhanced security and reliability. With built-in firewall capabilities and VPN support, this model ensures secure communication over the internet. The AR441S also features numerous Ethernet ports for flexible connectivity, enabling organizations to scale their networks as needed. Its user-friendly interface facilitates straightforward configuration and management.

The AR415S is designed for branch offices and small to medium-sized enterprises. This router offers a balance of performance and affordability, equipped with essential features like Quality of Service (QoS) and traffic shaping. The AR415S supports multiple WAN connections, which helps in maintaining reliable internet access by auto-failing to backup connections when necessary.

The AR442S incorporates advanced networking technologies, including dynamic routing protocols and deep packet inspection. This model enhances performance by optimizing traffic flow and improving bandwidth utilization. Its support for VoIP and other multimedia applications makes it an excellent choice for organizations seeking to maximize their communication capabilities.

Lastly, the AR440S is engineered for high availability and redundancy. It includes dual power supplies and hot-swappable components, ensuring that network services remain uninterrupted during maintenance. The AR440S is particularly valuable in mission-critical environments where downtime can lead to significant business disruption.

In summary, the Allied Telesis AR series routers—AR450S, AR441S, AR415S, AR442S, and AR440S—offer a rich set of features tailored to various operational needs. With their advanced routing capabilities, security features, and reliable performance, these routers represent the cutting edge of networking technology for businesses looking to enhance their connectivity and operational efficiency.