Manuals / Avocent / TV and Video / Home Theater Server

Avocent Cyclades-PR4000 installation manual Virtual Private Network Configuration 143

Models: Cyclades-PR4000

1 174

Download 174 pages 19.29 Kb

Page 143

Cyclades-PR4000

An example showing a local security network and two remote security networks is shown in Figure 14.2. The PR4000 in the local security network will be configured step by step. (Which network is considered local and which network is considered remote depends on the router being configured.)

STEP ONE

The Virtual Private Network Utility must be Enabled in the ADMIN =>ENABLE FEATURES =>VPN menu before it can be used. Navigate to this menu and enter the password supplied by Cyclades to activate VPN.

STEP TWO

Link 1 of the PR4000 (RSG3) should be fully configured and operational before beginning the VPN configuration. Each router has an IP address (with optional secondary IP addresses) for each numbered interface. In addition, each router has a Router IP Address which is one of the interface IP addresses. This router IP address is used whenever a single IP address is needed to identify the router. It is critical that each router being used as a remote security gateway have this parameter defined. It is NOT defined automatically. Navigate to CONFIG =>IP =>ROUTER IP and confirm that this parameter has been defined and is set to the value desired. An address that can be routed on the internet is generally used.

Important!! The Router IP Addresses for the other Remote Security Gateways (RSG1 and RSG2 in the example) must also be known before beginning the configuration of RSG3.

Chapter 16 - Virtual Private Network Configuration

143

Image 143

Avocent Cyclades-PR4000 installation manual Virtual Private Network Configuration 143

Contents

Cyclades-PR4000 Canadian DOC Notice Cyclades-PR4000 Installation ManualFCC Warning Statement Table of Contents IP Bridge 119 139 156 HOW to USE this Manual Installation Assumptions Icons CONFIG=INTERFACE=LText Conventions Convention DescriptionCyclades Technical Support and Contact Information CONFIGURATION=ALLUSA Cyclades CorporationWhat is in the BOX With M.34 Interface Swan Expansion CardSlot with Swan RSV Card or DB-25 Male Number of Phone Lines Signaling ISDN-PRI CCS or CASProvisioning the T1/E1 Dialup Lines Phone Numbers, Hunting Groups, and Hunting Sequence Isdn Switch Type ISDN-PRI onlyOne-Way or Two-Way Service Data/Voice SupportTermination at the Customer Premises Signaling Method and Dialing Method T1 CAS-BR onlyLine Coding FramingUsing CyROS Menus Lmi-typeANSI, Group of four, None a Special Keys Discard, save to Flash, or save to Run configurationCyROS Management Utility Cyros Management UtilityCyROS Management Utility Slot #2 Port #26 Status CyROS Management Utility Operating the Front-Panel Display LCDModem Order Modem OverviewND no Slot/Link OrderInterface Overview Screen Interface OverviewSystem Info IP TrafficSyslog Messages STEP-BY-STEP Instructions for Common Applications Example 1 Using the PR4000 as a Remote Access ServerMask PR4000 Telephone Number RadiusServer NetworkNAT Step ONEParameter Example Your Application IP MTUE1/T1 Controller Menu Parameters Radius Server Parameters Step ThreeStep Five Step FourInstructions for listing the configuration 192.168.0.11 192.168.0.0Host PR4000 HostParameter Example Your Application Swan Physical Menu Parameters Global Assigned because the IP 10 PPP Encapsulation Menu Parameters MlpppStep SIX 11 Static Route Menu ParametersStep Eight Configuration =TO Flash Step NineStep Seven Instructions for listing the configuration Parameter Description Configuration of the Ethernet InterfaceIP Network Protocol Incoming IP Accounting Config =RULES LIST=IP=CONFIGURE RULES=ADD RULE=ALLOW200.240.240.8 200.240.240.4 IP Bridge200.240.240.9 200.240.240.3 200.240.240.2 200.240.240.1 PR4000 Link PR3000Other Parameters Clock Source is always External Swan InterfaceStep TWO Protocol Be used for authentication Rest Same as Add Group E1 and T1 INTERFACES, Without SignalingOtherwise, see chapter Menu Item Description CONFIG=INTERFACE=T1/E1=CHANNELHdlc Step Four Controller Menu Tree E1 and T1 INTERFACES, with SignalingCONFIG=CONTROLLER=T1/E1 BRI Line Router Analog Line Remote Users CCS Signaling Mode ISDN-PRIIntegrated Isdn Line ISDN-PRI Interface Configuration Menu Tree Timeout function Router Analog Line Remote Users CAS Signaling ModeIntegrated CAS Line All Channels Parameters Independent of Signaling ModeInterface E1/T1 CAS One Channel RangeMultilink Options Channel Menu CONFIG=INTERFACE=T1/E1=CHANNELModem Internet Service ProviderIP Address LANServerIP Address PR4000 Router a SIgnaling Config Interface E1/T1 Channel=MODEMS =DIGITAL Modem Parameter Description Copy From Channel Interface T1/E1 Channel Wizards TS ProfileRAS Profile LAN-to-LAN ProfileAnsi Menu Items Description12 Parameters SET by the RAS Wizard 13 Parameters SET by the LAN-TO-LAN Wizard Network Protocol Network ProtocolsIP Protocol Detailed Incoming IP Accounting Transparent Bridge Protocol PPP The Point-to-Point Protocol DATA-LINK Protocols EncapsulationPPP Menu Char Frame Relay PppcharHdlc Parameter Description 200.1.1.1 DlciSalvador Recife Network São Paulo Rio de Janeiro NetworkParameter Description Router / DTE Switch / DCEModem or Step ONE Menu With PAD Packet Assembler/Disassembler Dynamic Routing Routing ProtocolsRouting Strategies Static Routing10.0.0.0 Static Routes142.10.0.0 Mask 192.168.100.0Interfaces UnnumberedAdd Static Route Menu Config =STATIC Routes =IP =ADD Route RIP Configuration Ospf Ospf Configuration on the Interface 10Mbps, 65 for T1, 1785 for 56kbps, etc Ospf Global Configurations =ROUTING Protocol =OSPF =ADVERTISE this NON-OSPF Interface CONFIG=STATIC ROUTES=IP=ADD ROUTE=OSPF Advertises this=PASSWORD Applies when Area Range N Status is Active =IP=OSPF=AREA=AUTHENTICATION Type Only when Virtual Link Status is ActiveBGP-4 Configuration 255.255.255.0 200.50.50.0 PR3000 200.200.200.2 Tele Brutus Example System with PR3000 in AS 100 Being ConfiguredCONFIG=IP=BGP4=BGP NETWORK=ADD CONFIG=IP=BGP4=GLOBALRoute Reflector Client CONFIG=IP=BGP4=NEIGHBOR=ADDRouting Protocols 107 Parameter Description Route PR3000 RredUp Ro 100.10.0.0/16 Seq Rule Message From Tele Popeye Route Map RoutesRouting Protocols 110 Message From Tele Popeye Rule Seq RuleDiscardedDiscarded RoutesRoutes CONFIG=IP=BGP4=ROUTE MAP=ADD CONFIG=IP=BGP4=AGGREGATE ADDRESSES=ADD Creation of the host table Creation of user accounts and passwordsCYROS, the Operating System Slip IP Accounting Detailed information can be accessed via SnmpPR4000 With NAT Network Address TranslationTranslated Types of Address Translation Menu Option Description Interface. Five minutes is a reasonable time NAT 122 Rules and Filters Configuration of IP FiltersRule List Rules ListBastion Host 10.0.0.0 Extension to Network Exterior Router Perimeter Network Slot 192.168.0.0Let Telnet Connections Out Exterior RouterLet Mail out Filters and Rules 127 TCP Interior Router Output for IP Filtering ExampleStop Telnets From the Outside Except Bastion Host Stop Forged Packets Don’t Allow Access to NewsFilters and Rules 131 Client B Traffic Rule ListsLink 33.33.33.1 25% or less Filters and Rules 133 Filterlist Name traffic1 Output Showing Parameters for Traffic Rule Example Back Operator Start Number Mac Address 00 60 2E 00 11 IPX Internetwork Packet ExchangeIPX Network Internal NetworkEnabling IPX Configuring the Ethernet InterfaceConfiguring Other Interfaces Parameter Value for the Example Frame RelayRouting Routing Table for the Example SAP Service Advertisement Protocol TableVirtual Private Network Configuration Virtual Private Network Configuration 143 IP172.16.0.0 Link Link IP10..255.255.0Router IP Address RSG3 Remote IP Network 9.1 Security Gateway Router LinkVirtual Private Network Configuration 145 Virtual Private Network Configuration 146 Test CPU Boot Code step Appendix a TroubleshootingEvent Port 2 LED Morse code What to Do if the Router Does Not Work or Stops WorkingTesting the Ethernet Interface Testing the WAN Interface Testing the Two T1/E1 Ports Use of a Cross Cable for Testing T1/E1 Ports and ModemsHow to Test the Modems DPS Test Results 113 Physical Specifications Appendix B. Hardware SpecificationsGeneral Specifications Power RequirementsRTS DTR External InterfacesConsole Port Console PortTPTX+ Tptx TPRX+ Tprx Ethernet PortEthernet Port T1/E1 Interface T1 and E1Straight-Through Cable CablesCross Cable Pin 13 B 10 F 15 S 17 T 24 W 11 U DB-25 Male Cyclades Router Signal Pin PGndRouter-MD / V.35 Cable DB-25 to M.34 Adapter Cross Cable for Testing the T1/E1 Ports TxD/V.35 B TxD/V.35 a RxD/V.35 B RxD/V.35 a Signal Pin PGndISO 2110 Standard Cable DB-25 Male Modem Cyclades RouterRJ-45 Male E1 / DB-15 CableRequirements Appendix C Configuration Without a ConsoleProcedure Step Two Appendix D Installation of Additional Digital ModemsAppendix D Installation of Additional Digital Modems Step OneStep Five Step FourStep Seven Step SixClamp Slot Clamp Step EightStep Nine Step Eleven Step TenIndex 172 Index 173 Cyclades Philippines