Manuals / Avocent / Computer Equipment / Network Router

Avocent Cyclades-PR2000 installation manual Parameter, Description

Models: Cyclades-PR2000

1 136

Download 136 pages 56.31 Kb

Page 119

Cyclades-PR2000

STEP SIX

Now, the Remote Security Networks must be defined. This is done in the CONFIG =>SECURITY =>VPN =>REMOTE IP NETWORKS =>ADD NETWORK menu. The IP address and network mask must be defined for all remote devices to be included in the remote network for VPN communication. The Remote Security Gateway IP address (set in step five) must also be given for each network. In the example, the RSG IP address for the network 10.255.255.0 is 9.9.9.1, and the RSG IP address for the network 192.168.0.0 is 20.20.20.1.

STEP SEVEN

The last step is to activate VPN and configure the VPN options. Be aware that after activating VPN on the local network, data sent to the remote network will not be forwarded until VPN is configured and activated on that network too. The VPN Options Menu parameters should be set using the guidelines given below. The options should be defined identically for all Remote Security Gateways in a VPN.

VPN Options Menu CONFIG =>SECURITY =>VPN =>OPTIONS

Parameter	Description
Cyclades VPN Status	Activates the Virtual Private Network. Warning: until VPN is activated on both ends of
	a given tunnel, all traffic will halt.
Tunnel Keepalive	Keepalive messages are sent across each tunnel with this frequency, to make sure
Timeout	that the router on the other end of the connection is operating.
Tunnel Keepalive	If a keepalive message reply is not received, the router sends the request again this
Retries	number of times.
Tunnel Inactivity	If no messages are passed for this time period (keepalive messages not included), the
Timeout	tunnel will be disconnected.
Time Interval for VPN	This is the time between retries (for either tunnel creation or keepalive requests that
Retries	are not acknowledged).

Chapter 14 - Virtual Private Network Configuration

119

Image 119

Avocent Cyclades-PR2000 installation manual Parameter, Description

Contents

Cyclades Corporation Installation ManualAccess Router Cyclades-PR2000Canadian DOC Notice Cyclades-PR2000 Installation ManualFCC Warning Statement IP Bridge Table of ContentsSpecial Keys Static Routing OSPF Configuration on the InterfaceOSPF Global Configurations The IP ProtocolCreation of user accounts and passwords The LAN Interface DB-25 Loopback ConnectorTable of Contents The WAN InterfacesCHAPTER 1 HOW TO USE THIS MANUAL Text Conventions Installation AssumptionsIcon ConventionDescription IconsCyclades Technical Support and Contact Information Cyclades-PR2000 Cyclades CorporationChapter 1 - How to Use This Manual Phone + 01 510 Fax + 01 510 41829 Albrae Street Fremont, CA USABack Panel of PR2000 CHAPTER 2 WHAT IS IN THE BOXDB-25 Back Panel of PR2000 Quick Installation ManualConfig Chapter 3 Using CyROS MenusConnection Using the Console Cable and a Computer or Terminal PR2000 login super PR2000 PasswordAll menus have the following elements Special Keys Cyros Management Utility The CyROS Management UtilityCyclades-PR2000 Chapter 3 - Using CyROS MenusNetwork Mask Example 1 Connection to an Internet Access Provider via ModemCHAPTER 4 STEP-BY-STEP INSTRUCTIONS FOR COMMON APPLICATIONS Speed 38.4kFIGURE 4.2 ETHERNET NETWORK PROTOCOL MENU PARAMETERS ParameterExample Your ApplicationYour Application STEP TWOParameter ExampleFIGURE 4.4 SWAN NETWORK PROTOCOL IP MENU PARAMETERS ParameterExample Your ApplicationFIGURE 4.5 PPP ENCAPSULATION MENU PARAMETERS ParameterExample Your ApplicationParameter ParameterExample Your ApplicationYour Application STEP SEVENParameter ExampleInstructions for listing the configuration Instructions for creating a backup of the configuration file100.130.130.1 Example 2 A LAN-to-LAN Example Using Frame RelayCentral Offices Remote Site’sFIGURE 4.10 ETHERNET NETWORK PROTOCOL MENU PARAMETERS ParameterExample Your ApplicationDSU/CSU, the Clock Source is External ParameterExample Your ApplicationFIGURE 4.12 SWAN NETWORK PROTOCOL IP MENU PARAMETERS ParameterExample Your ApplicationYour Application sending end must be using the same headerParameter ExampleYour Application FIGURE 4.14 DLC CONFIGURATION MENU PARAMETERSParameter ExampleFIGURE 4.15 STATIC ROUTE MENU PARAMETERS ParameterExample Your ApplicationChapter 4 - Step-by-Step Instructions Instructions for creating a backup of the configuration fileInstructions for listing the configuration Cyclades-PR2000FIGURE 4.16 PRIMARY AND SECONDARY BACKUP LINKS BETWEEN TWO LANS Example 3 Link BackupParameter ParameterExample Your ApplicationParameter ParameterExample Your ApplicationExample This parameter has no effect for link backup. For loadThis parameter has no effect for link backup. For load ParameterYour Application FIGURE 4.21 STATIC BACKUP ROUTE PARAMETERSParameter ExampleInstructions for listing the configuration Instructions for creating a backup of the configuration fileDescription CHAPTER 5 CONFIGURATION OF THE ETHERNET INTERFACEThe IP Network Protocol ParameterIncoming IP Accounting ParameterDescription FIGURE 5.1 IP BRIDGE EXAMPLE IP BridgeDescription Other ParametersParameter the Clock Source is always External CHAPTER 6 THE SWAN AND ASYNC INTERFACESParameter DescriptionSTEP TWO Description ParameterCHAPTER 7 NETWORK PROTOCOLS ConfigDescription The IP ProtocolParameter Detailed Incoming IP Accounting ParameterDescription For the Spanning Tree Algorithm, a priority is given to each link in the router and to The Transparent Bridge ProtocolParameter DescriptionParameter CHAPTER 8 DATA-LINK PROTOCOLS ENCAPSULATIONPPP The Point-to-Point Protocol Applies when Enable Van Jacobson IP Header Compression is Yes . ThisLCP Link Control Protocol messages are normally exchanged to monitor the status of ParameterDescription Description CHARcommunication. When Start is used, a connection is attempted as soon as the line ParameterTraffic Control based on Data Link Connection PPPCHARHDLC Frame RelayDescription end must be using the same header type NLPID or SNAP as the router on the receiving endParameter 200.1.1.1 DLCI200.1.1.4 200.1.1.3 Router200.1.1.1 200.1.1.2Description ParameterFIGURE 8.2 PUBLIC X.25 NETWORK EXAMPLE X.25Switch / DCE X.25Description X.25 Menu CONFIG=INTERFACE=LINK=ENCAPSULATION =X.25Parameter Description X.25 Menu ContinuedParameter Description X.25 with PAD Packet Assembler/DisassemblerParameter Dynamic Routing CHAPTER 9 ROUTING PROTOCOLS Routing StrategiesStatic Routing 142.10.0.4 Static RoutesNetwork 142.10.0.3A Network Slot192.168.100.1 ETH0Description Both Examples -- To access all hosts in Network 3, its mask, 255.255.255.0, is usedParameter Description RIP ConfigurationParameter AREA Backbone OSPFAREA AN AUTONOMOUS SYSTEMDescription OSPF Configuration on the InterfaceParameter are configured in CONFIG = INTERFACE =LINK =NETWORK PROTOCOL =IP Description OSPF Global ConfigurationsParameter Description ParameterDescription ParameterDescription ParameterDescription only when Virtual Link Status is ActiveParameter BGP-4 Configuration 200.50.50.0 FIGURE 9.4 EXAMPLE SYSTEM WITH PR2000 IN AS 100 BEING CONFIGUREDTele Popeye Description ParameterDescription ParameterDescription ParameterCONFIG=IP=BGP4=NEIGHBOR=ADD continued Description esir dParameter ROUTE MAP Description Applies only for Access List Type equal to AS Path. Limits the search on AS number toParameter FIGURE 9.7 ROUTE MAP ASSOCIATED WITH AN ACCESS LIST Description Alters the weight used to determine the best path. This value replaces the importanceParameter Description ParameterCreation of the host table Creation of user accounts and passwordsCHAPTER 10 CYROS, THE OPERATING SYSTEM User Name Password User Type Super, Usr, Auto, or PPPAuto IP Accounting 200.200.200.11 200.200.200.10 CHAPTER 11 NAT NETWORK ADDRESS TRANSLATION200.240.230.2 NAT Local Addresses # address range NAT Enabled NAT mode Expanded Port map translation EnabledUDP Timeout min DNS Timeout min TCP Timeout min TCP flags Timeout min NAT Global Addresses # address range 1 200.240.230.225 toTypes of Address Translation Description Menu OptionDescription Menu OptionDescription ParameterDescription ParameterCHAPTER 12 RULES AND FILTERS Configuration of IP FiltersFIGURE 12.1 THE RULES LIST MENU TREE ConfigSame as Add Rule ListFIGURE 12.2 FIREWALL EXAMPLE Exterior Router DENYSteps necessary to activate filtering on the exterior router in the example Destination IP Operator FIGURE 12.4 OUTPUT FOR EXTERIOR ROUTER EXAMPLELinked exterioroutFIGURE 12.4 OUTPUT FOR EXTERIOR ROUTER EXAMPLE CONTINUED Interior Router PERMITDestination Port Operator FIGURE 12.6 OUTPUT FOR INTERIOR ROUTER EXAMPLEFilterlist Name slot1in Traffic Rule Lists 3 Service Prioritization Destination Port FIGURE 12.8 OUTPUT SHOWING PARAMETERS FOR TRAFFIC RULE EXAMPLE11.11.11.0 Page Port Any PortRequests DataThe configured rules will appear as shown in the following listing FIGURE 13.1 IPX NETWORK EXAMPLE CHAPTER 13 IPX INTERNETWORK PACKET EXCHANGEETH0 SlotEnabling IPX Configuring the Ethernet InterfaceConfiguring Other Interfaces Value for the Example Frame RelayX.25 RoutingFIGURE 13.2 ROUTING TABLE FOR THE EXAMPLE The SAP Service Advertisement Protocol TablePR4000 CHAPTER 14 VIRTUAL PRIVATE NETWORK CONFIGURATIONPR3000 Page REMOTE SECURITY NETWORK REMOTE SECURITY NETWORKLOCAL SECURITY NETWORK PR2000STEP THREE Description ParameterTest APPENDIX A TROUBLESHOOTINGWhat to Do if the Login Screen Does Not Appear When Using a Console Boot Code stepCPU LED Morse code What to Do if the Router Does Not Work or Stops WorkingEvent Testing the Ethernet Interface Testing the WAN Interfaces The next 4 columns indicate bytes and packets sent and received Cyclades - PR2000 LEDsSafety APPENDIX B HARDWARE SPECIFICATIONS General SpecificationsPower Requirements external DC adapter Physical SpecificationsETHERNET PORT External InterfacesThe WAN Interfaces The LAN InterfaceCONSOLE PORT The Asynchronous InterfaceASYNCHRONOUS PORT The Console InterfaceThe Straight-Through Cable CablesFIGURE B.7 DB-25 - M.34 ADAPTOR - DB-25 FEMALE TO M.34 MALE DB-25 - M.34 AdaptorSignal The ASY/Modem CableThe Cross Cable SignalFIGURE B.9 CROSS CABLE - DB-25 MALE TO DB-25 MALE Cyclades-PR2000 DB-25 Loopback ConnectorFIGURE B.10 LOOPBACK CONNECTOR - DB-25 MALE Appendix B - Hardware SpecificationsRequirements APPENDIX C CONFIGURATION WITHOUT A CONSOLEProcedure Index C CablesCyclades Philippines