Chapter 5 User Notes 37

2Create a tunnel between the sites, as described above.

3Create an H.323 trunk between the BCM50s, as per the BCM50 User Guide.

Configuring the router to act as a Nortel VPN Server (Client Termination)

1Under VPN / Client Termination, a Enable Client Termination.

b Select authentication type and the encryption algorithms supported.

c If the clients are assigned IP addresses from a pool, define the pool, and enable it.

2Assuming a Local User Database is used for authentication,

a Add user name and password to the local user database as an IPSec user, and activate it. If the hosts will be assigned a static IP address, enter the address that will be assigned to the user.

Configuring the router to connect to a Nortel VPN Server (Client Emulation)

1Go to VPN / Summary, and select 'Edit'.

2Select a connection type of Contivity Client, and fill in the web page with the relevant data.

3If Group authentication or On-Demand Client Tunnels are needed, click the 'Advanced' button to configure this.

Allowing remote management of a LAN-connected BCM50

1Create the appropriate NAT server rules to add the BCM50.

Go to SUA/NAT / SUA Server, and create two server rules for HTTPS and Element Manager access:

One named BCM_HTTPS, with port number 443, and the IP address of the BCM50

One named BCM_EM, with the port number 5989, and the IP address of the BCM50

Nortel Business Secure Router 222 — Fundamentals

Page 37
Image 37
Nortel Networks BSR222 manual Allowing remote management of a LAN-connected BCM50