background image

"Software" is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is
copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data,
audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole
or partial copies. Nortel Networks grants you a license to use the Software only in the country where you acquired the
Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for
the selection of the Software and for the installation of, use of, and results obtained from the Software.

1.

Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the
Software on only one machine at any one time or to the extent of the activation or authorized usage level,
whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer
furnished equipment ("CFE"), Customer is granted a nonexclusive license to use Software only on such
hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as
confidential information using the same care and discretion Customer uses with its own similar information that it
does not wish to disclose, publish or disseminate. Customer will ensure that anyone who uses the Software
does so only in compliance with the terms of this Agreement. Customer shall not a) use, copy, modify, transfer or
distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer
or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d)
sublicense, rent or lease the Software. Licensors of intellectual property to Nortel Networks are beneficiaries of
this provision. Upon termination or breach of the license by Customer or in the event designated hardware or
CFE is no longer in use, Customer will promptly return the Software to Nortel Networks or certify its destruction.
Nortel Networks may audit by remote polling or other reasonable means to determine Customer’s Software
activation or usage levels. If suppliers of third party software included in Software require Nortel Networks to
include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks
with respect to such third party software.

2.

Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer,
Software is provided "AS IS" without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS
ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING,
BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated
to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties,
and, in such event, the above exclusions may not apply.

3.

Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE
LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS
OF, OR DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL,
INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS),
WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR
USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN
ADVISED OF THEIR POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or
supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some
jurisdictions do not allow these limitations or exclusions and, in such event, they may not apply.

4.

General

a.

If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks
Software available under this License Agreement is commercial computer software and commercial
computer software documentation and, in the event Software is licensed for or on behalf of the United States
Government, the respective rights to the software and software documentation are governed by Nortel
Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections
12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).

b.

Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer
fails to comply with the terms and conditions of this license. In either event, upon termination, Customer
must either return the Software to Nortel Networks or certify its destruction.

c.

Customer is responsible for payment of any taxes, including personal property taxes, resulting from
Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable
export and import laws and regulations.

d.

Neither party may bring an action, regardless of form, more than two years after the cause of the action
arose.

e.

The terms and conditions of this License Agreement form the complete and exclusive agreement between
Customer and Nortel Networks.

Summary of Contents for Contivity 221

Page 1: ...CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B ...

Page 2: ...ocument without notice Nortel Networks Inc does not assume any liability that may occur due to the use or application of the product s or circuit layout s described herein Portions of the code in this software product may be Copyright 1988 Regents of the University of California All rights reserved Redistribution and use in source and binary forms of such portions are permitted provided that the a...

Page 3: ...ng between Nortel Networks and Customer Software is provided AS IS without any warranties conditions of any kind NORTEL NETWORKS DISCLAIMS ALL WARRANTIES CONDITIONS FOR THE SOFTWARE EITHER EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON INFRINGEMENT Nortel Networks is not obligated to provide sup...

Page 4: ... Agreement is governed by the laws of the country in which Customer acquires the Software If the Software is acquired in the United States then this License Agreement is governed by the laws of the state of New York ...

Page 5: ...r Remote Management 9 Contivity 221 configuration tasks 9 Configuring 802 1x over Ethernet 10 Configuring Bandwidth Management 13 Configuring Certificate Management 17 Configuring Contivity Client Global Setting for VPN 20 Configuring IPSec Tunnel Nail Up 21 Configuring Multi user Configuration 23 Configuring SSH HTTPS for Remote Management 25 CCM Using Contivity Configuration Manager to Configure...

Page 6: ...6 Contents CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 7: ...ments Configuring and Troubleshooting the Contivity 221 SOHO Internet Security Gateway Contivity 221 SOHO Internet Security Gateway Quick Start Guide Contivity Configuration Manager 2 2 User Guide Contivity Configuration Manager Wizards How to get help This section explains how to get help for Nortel products and services How to get help This section explains how to get help for Nortel products an...

Page 8: ... obtain the phone number for your region www nortel com callus Getting help from a specialist by using an Express Routing Code To access some Nortel Technical Solutions Centers you can use an Express Routing Code ERC to quickly route your call to a specialist in your Nortel product or service To locate the ERC for your product or service go to www nortel com erc Getting help through a Nortel distr...

Page 9: ...ty Association SA lifetime expires When the Contivity 251 restarts it automatically renegotiates any nailed up tunnels In effect the IPSec tunnel becomes an always on connection after the tunnel is initiated Multi user Configuration With this Contivity 221 feature you can manage multiple users through the import and export of user information SSH HTTPS for Remote Management Secure Shell SSH is a s...

Page 10: ...e 25 See the following sections for detailed explanations of these tasks See previous versions of this document for an explanation of legacy configuration tasks Configuring 802 1x over Ethernet To configure 802 1x over Ethernet Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select 802 1x and click the Properties tab 3 Click the 802 1x tab then enter the ap...

Page 11: ...Local User Database page 12 6 On the Local User Database page enter the appropriate name and password for the database 7 Select the appropriate Active check boxes for the databases See Figure 2 Contivity 221 AuthServer Local User Database page 12 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel...

Page 12: ...e Figure 3 Contivity 221 AuthServer RADIUS page 13 10 On the RADIUS page enter the appropriate information in the Authentication Server and the Accounting Server sections See Figure 3 Contivity 221 AuthServer RADIUS page 13 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 13: ...about Bandwidth Management To configure Bandwidth Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select Bandwidth Management and click the Properties tab See Figure 4 Contivity 221 Bandwidth Management page 14 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel...

Page 14: ...ement node select the LAN Root Class element 7 Click the LAN Root Class Properties tab 8 Click the Properties tab then select the Class Configuration tab See Figure 5 Contivity 221 Class Configuration page 15 The Class Name and Bandwidth Budget fields contain the values specified in the Bandwidth Management Properties tab CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 ...

Page 15: ... click the Palette tab Double click Class Set up 10 Click the Properties tab then click the Class Configuration tab 11 Configure the Class Name and Bandwidth Budget fields as required See Figure 6 Contivity 221 LAN Class Configuration page 16 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Net...

Page 16: ...ck the Filter Configuration tab 13 To enable the Bandwidth Filter select the Enable Bandwidth Filter check box See Figure 7 Contivity 221 LAN Filter Configuration page 17 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 17: ... My Certificates Trusted Certificates and Trusted Remote Host Certificates To configure Certificate Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 Select Certificates and expand it 3 In the Certificates node select the Trusted CAs node 4 In the Trusted CAs node import a trusted CA certificate by using the Certificate Create wizard For more infor...

Page 18: ...rd to import a certificate issued by a certification authority or to create a self signed certificate or a certificate request See Contivity Configuration Manager Wizards 8 Select the Properties tab of the self signed certificate On the Basic page the certificate name properties the certification path and other certificate information appears If more than one self signed certificate exists you can...

Page 19: ...e information appears 13 In the Certificates node select Trusted Remote Host Certificate 14 In the Directory Servers node select a directory service See Figure 9 Contivity 221 Directory Services page 19 Figure 9 Contivity 221 Directory Services 15 Click the Properties tab of the directory service 16 On the Basic page enter the necessary information in the Directory Service Setting and Login Settin...

Page 20: ...xtracted from the selected certificate 21 From the Remote ID Type list select one of the following IP DNS E mail Subject Name and Any See Figure 10 Contivity 221 VPN Authentication Method page 20 End Configuring Contivity Client Global Setting for VPN The Contivity Client Global Setting features provides configuration support for client global settings for VPNs You can use this feature to configur...

Page 21: ...ing 4 In the MAC Address Allowed box enter the MAC address End Configuring IPSec Tunnel Nail Up See Configuring Basic Features for the Contivity Secure IP Services Gateway 311642 L for more information about Nail Up control tunnels To configure IPSec Tunnel Nail Up Step Action 1 In the CCM navigation pane select and expand the Contivity 221 device node 2 Select VPN and expand it CCM Using Contivit...

Page 22: ... 22 Figure 12 Contivity 221 Nailed Up option for branch office connection 6 For all IP Policies of the branch office connection on the IP Policy page select the Enable Control Ping check box If you chose Enable Control Ping you must specify which IP is the endpoint of the control ping See Figure 13 Contivity 221 Control Ping page 23 CCM Using Contivity Configuration Manager to Configure Contivity ...

Page 23: ... Configuration Step Action 1 In the CCM navigation pane select the Contivity 221 device 2 Click the Properties tab 3 Click the Import tab then enter the appropriate information in the boxes See Figure 14 Contivity 221 Properties Import page 24 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Ne...

Page 24: ...t tab then enter the appropriate information in the boxes See Figure 15 Contivity 221 Properties Export page 24 Figure 15 Contivity 221 Properties Export CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 25: ...mote Management To configure SSH HTTPS for Remote Management Step Action 1 In the CCM navigation pane select the Contivity 221 device and expand it 2 In the Contivity 221 device node select the Properties tab of the Remote Management element 3 On the Properties page click the SSH tab See Figure 17 Contivity 221 SSH for Remote Management page 26 CCM Using Contivity Configuration Manager to Configur...

Page 26: ... the server port number 6 For Secured Client IP Address select either All or Selected 7 Click the WWW tab 8 Select and enter the appropriate information in the boxes lists and check boxes See Figure 18 Contivity 221 HTTPS for Remote Management page 27 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks N...

Page 27: ... 27 Figure 18 Contivity 221 HTTPS for Remote Management End CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 28: ...nfiguration Manager to Configure Contivity 221 CCM Using Contivity Configuration Manager to Configure Contivity 221 317747 B 01 01 Standard Release 2 3 March 2006 Copyright 2006 Nortel Networks Nortel Networks Confidential ...

Page 29: ......

Page 30: ...ing Contivity Configuration Manager to Configure Contivity 221 Copyright 2006 Nortel Networks All Rights Reserved Publication 317747 B Document status Standard Document version 01 01 Document date March 2006 ...

Reviews: