Motorola Enterprise Series Routers manual Set up administrative interface access restriction

System Configuration 3-61

6.Choose None as the value for Underlying Encapsulation…

7.Local WAN IP Address and Local WAN IP Mask can be left at 0.0.0.0 if WAN interface can receive IP Address from a DHCP server

8.Select NEXT SCREEN

9.Primary Domain Name Server and Secondary Domain Name Server can be left at 0.0.0.0, if dynamic address is used on WAN

10.Select RESTART DEVICE

Set up administrative interface access restriction

(See “Telnet Tiered Access – Two Password Levels” on page 10-1 for more information.)

1.Go to System Configuration…

2.Select Security… and then Superuser Configuration

3.Type desired username and password. You will be asked to re-enter password. Navigate to 'ADD SUPERUSER' to add 'Superuser' and restrict access to administrative console.

4.Once 'Superuser' is created, you can add further users, if desired, by going to Add Access Name/Pass- word...

5.Escape once back to Main Menu

Setting up an encrypted communication channel: (PPTP with MS-CHAP/MPPE)

(See “Virtual Private Networks (VPNs)” on page 5-1 for more information.)

1.From the Main Menu, Go to Quick Menus...

2.Select ATMP/PPTP Default Profile

3.Set Answer ATMP/PPTP Connections: to Yes

4.Under PPTP Configuration Options set Receive Authentication... to MS-CHAP

5.Escape once back to Quick Menus

6.Scroll up to Add Connection Profiles and press Enter

7.Supply a descriptive Profile Name.

8.Set the Encapsulation Type... to PPTP and press Enter

9.Enter Encapsulation Options...

a.Enter the PPTP Partner IP Address - this can be set to 0.0.0.0

b.For Authentication... select MS-CHAP

c.For Data Encryption... select MPPE

d.Enter the Receive Host Name and Receive Secret the client will be entering as their username and password in their Dial-up Networking VPN profile.

e.Set Initiate Connections to No.

f.Adjust the Idle Timeout (seconds) to whatever you prefer. The default value is 300 seconds.