Compatible Systems IntraPort A00-1869 Скачать руководство пользователя

Страница: 1 / 44

IntraPort Enterprise-8

VPN Access Server

Installation Guide

Compatible Systems Corporation

4730 Walnut Street

Suite 102

Boulder, Colorado 80301

303-444-9532
800-356-0283

http://www.compatible.com

Содержание IntraPort A00-1869

Страница 1: ...IntraPort Enterprise 8 VPN Access Server Installation Guide Compatible Systems Corporation 4730 Walnut Street Suite 102 Boulder Colorado 80301 303 444 9532 800 356 0283 http www compatible com ...

Страница 2: ...rks are the property of their respective holders Part number A00 1869 FCC Notice This product has been certified to comply with the limits for a Class A computing device pursuant to Subpart J of Part 15 of FCC Rules It is designed to provide reasonable pro tection against radio or television communication interference in a commercial environment Operation of this equipment in a residential area co...

Страница 3: ...TINGS 6 Installing Mounting Ears and Handles 7 Rack Mount Brackets 8 Right Bracket Installation 9 Left Bracket Installation 10 Securing the Shelf 11 Moving the Unit into the Rack 12 Placing the Unit in an Equipment Rack 13 Securing the Unit to the Rack 14 Chapter 3 Network Installation 15 PHYSICAL CONNECTION REQUIREMENTS 15 CONNECTING THE SERVER TO THE ETHERNET 16 CONNECTING A MANAGEMENT CONSOLE 1...

Страница 4: ...ient Tunnel Configurations 25 VPN User Database 25 Setting up RADIUS Authentication 26 Setting the IntraPort Enterprise 8 for a RADIUS Server 26 RADIUS Server User Authentication Settings 26 Setting up SecurID Authentication 27 Setting the IntraPort Enterprise 8 for an ACE Server 27 ACE Server Settings 27 SAVING A CONFIGURATION FILE TO FLASH ROM 28 Chapter 7 Shipping Defaults 29 DEFAULT PASSWORD 2...

Страница 5: ...patible Systems 33 Appendix C Security Dynamics ACE Server Information 34 Appendix D Adding or Replacing RIOP Cards 35 Appendix E When the Over Temp Light Comes On 36 REPLACING OR CLEANING THE INTRAPORT ENTERPRISE 8 AIR FILTER 36 Appendix F Terms and Conditions 37 ...

Страница 6: ...igure 6 Lowering the Shelf 11 Figure 6 1 Securing the Shelf 11 Figure 7 Moving the Unit into a Standard Equipment Rack 12 Figure 7 1 Moving the Unit into a Telco Rack 12 Figure 8 Placing the Unit in a Standard Equipment Rack 13 Figure 8 1 Placing the Unit in a Telco Rack 13 Figure 9 Securing the Unit to the Rack 14 Figure 10 IntraPort Enterprise 8 VPN Access Server 15 Figure 11 Detail of RIOP Card...

Страница 7: ...r these components provide cost effective on demand connections to your corporate network IntraPort Enterprise 8 Installation Overview This manual will help you mount the IntraPort Enterprise 8 VPN Access Server in a rack and install it on your Local Area Network It also includes general maintenance information and some technical specifications For the most up to date information available on the ...

Страница 8: ...instructions on how to connect the server to your local Ethernet and power it up Instructions are included for twisted pair Ethernet environ ments Chapter 4 CompatiView Software Installation This part of the manual describes how to install CompatiView Compatible Systems GUI Graphical User Interface management software which is included with your server Chapter 5 Command Line Preparation This part ...

Страница 9: ...a lifetime comprehensive warranty a twenty four hour advance replacement program unlimited phone support and software upgrades for the life of the product A 24 x 7 support plan is also available Compatible Systems maintains copies of current software updates on the Internet You may download product software from the Internet at any time For more information on down loading current product software...

Страница 10: ...e reusable replacement air filter CD ROM including 4 CompatiView software for Windows 4 Operating software 4 VPN Client software Windows and Mac OS versions 4 HTML version of product documentation which can be viewed with your favorite Web browser VPN Client Reference Guide CompatiView Management Software Reference Guide Text Based Configuration and Command Line Management Reference Guide Warranty...

Страница 11: ... not exceed 35 pounds of evenly distributed weight on top of the server Additional weight may bend the case Safety Guidelines To help ensure your safety and minimize potential damage to equipment read and follow these guidelines before attempting to move or work on the IntraPort Enterprise 8 VPN Access Server These guidelines do not encompass all potential hazards You must use good judgment and du...

Страница 12: ...n screws or clips for fastening the brackets to the rack At least two people to lift the device into place Do not attempt to move the device into the rack or onto a table or platform by yourself Changing the Power Supply Voltage Settings The default setting for the voltage switches on the server s power supplies is for a low input voltage marked 115V on the switch If your electrical system require...

Страница 13: ...e is not enough finger room to use them but the handles are recom mended for all other installations If you are not going to rack mount the IntraPort Enterprise 8 it is recommended that you install the mounting ears and handles using the Standard Equipment Rack position as shown in Figure 2 1 Use the supplied screws and fasten the mounting ears to the sides of the device using 5 screws on each sid...

Страница 14: ...a Telco rack Note that the left bracket features a fold down shelf which maintains the proper alignment of the brackets in the rack but does not bear the weight of the unit The ledges at the bottom of the brackets bear the weight of the unit until it is securely attached to the equipment rack You will need to provide your own screws or clips to fasten the brackets and mounting ears to the equipmen...

Страница 15: ...e that they are level with each other using a level if necessary Once you have determined the desired location fasten the right bracket to the rack using your own screws or clips as shown in Figure 4 At least 2 screws must be used to fasten the top of the bracket to the rack using any two holes on the rack tab At least 3 screws must be used to fasten the bottom of the bracket to the rack One of th...

Страница 16: ... order to make sure that they are level with each other Once you have determined the desired location fasten the left bracket to the rack using your own screws or clips as shown in Figure 5 2 screws must be used to fasten the top of the bracket to the rack using any two holes on the rack tab At least 3 screws must be used to fasten the bottom of the bracket to the rack One of the screws must be us...

Страница 17: ...owering the Shelf 1 Lower the shelf onto the tabs protruding from the right bracket as shown in Figure 6 and use the thumb screws to fasten the shelf to the bracket The brackets and shelf should look like Figure 6 1 when fully installed Figure 6 1 Securing the Shelf ...

Страница 18: ...7 Moving the Unit into a Standard Equipment Rack 1 Two people are needed to move the unit into the rack Do not attempt to move the unit by yourself Holding the unit by the front and side handles as shown in Figure 7 care fully lift the unit and place it into the brackets Figure 7 1 Moving the Unit into a Telco Rack 1 Two people are needed to move the unit into the rack Do not attempt to move the u...

Страница 19: ...n a Standard Equipment Rack Figure 8 1 Placing the Unit in a Telco Rack 1 Slide the unit back into the rack until the mounting ears are flush with the sides of the rack Proper placement in a standard equipment rack should look like Figure 8 Proper placement in a Telco rack should look like Figure 8 1 ...

Страница 20: ...e Unit to the Rack Figure 9 Securing the Unit to the Rack 1 Using your own screws or clips secure the mounting ears to the rack as shown in Figure 9 using two screws at the top of each mounting ear and two screws at the bottom of each mounting ear ...

Страница 21: ...Figure 10 IntraPort Enterprise 8 VPN Access Server Physical Connection Requirements To connect each one of the IntraPort Enterprise 8 s Ethernet interfaces to twisted pair Ethernet cabling you will need one unshielded twisted pair station cable that is connected to a 10BaseT compatible twisted pair hub for a transmit speed of 10 Mbps or a 100Mbps Fast Ethernet hub for a transmit speed of 100 Mbps ...

Страница 22: ...rewall In this setup the Ethernet interfaces on slots 1 3 5 and 7 can be connected to the same Ethernet segment as your Internet gateway router The Ethernet interfaces on slots 0 2 4 and 6 serve as IP IPX and AppleTalk router ports for your internal networks The other option is to set up the server behind your firewall using the Ethernet interfaces on slots 0 2 4 and 6 only In this scenario the ot...

Страница 23: ...ess on an IP host or workstation on the same Ethernet segment as the server See Chapter 5 Command Line Management for more information Powering Up the Server Figure 12 Detail of Power Units v Note The default setting for the voltage switch on the power supplies for the IntraPort Enterprise 8 is for a low input voltage marked 115V on the switch If your electrical system requires a high input voltag...

Страница 24: ...or Windows you need IBM PC or compatible w 486 or later processor Microsoft Windows 95 98 or Windows NT installed VGA or better monitor IP A WinSock compatible transport stack and or IPX A Netware or Microsoft Client installation v Note To choose the active transport protocol on a Windows machine which has both IPX and IP installed select Options from the Database menu and click the General tab Th...

Страница 25: ...e server or by setting a workstation s IP address to 198 41 12 2 with a Class C subnet mask 255 255 255 0 so that it can communicate over Ethernet with 198 41 12 1 the shipping default of Ethernet 0 0 After setting the server s IP address be sure to change the workstation s configuration back to its original settings The IPX protocol does allow CompatiView to automatically discover the server Comp...

Страница 26: ...appear on the screen If you plan to use out of band access for ongoing management of your server you can find further information on configuring your server in Chapter 6 Basic Configuration Guide Otherwise see the section later in this chapter on Setting Up Telnet Operation for information on setting the server to allow Telnet access from hosts on its network Temporarily Reconfiguring a Host for C...

Страница 27: ...a reconfigured IP host Instructions for setting up these two methods were given earlier in this chapter Once you have set up the command line interface do the following A Use the configure command and set the IPAddress SubnetMask and IPBroadcast keywords in the IP Ethernet 0 0 section B Use the save command to save the changes to the device s Flash ROM You may also use CompatiView from a reconfigu...

Страница 28: ... odd numbered slots 1 3 5 and 7 feature IPSec only interfaces These ports can only send and receive IPSec packets All other traffic is dropped Thus Ethernet 0 0 2 0 4 0 and 6 0 can be thought of as internal private ports and Ethernet 1 0 3 0 5 0 and 7 0 can be thought of as external public ports If you have physically installed your IntraPort Enterprise 8 using both types of ports then you should ...

Страница 29: ...r Ethernet 0 0 2 0 4 0 and 6 0 Ethernet 1 0 3 0 5 0 and 7 0 are not used and should not be connected to anything IP address default 198 41 12 1 IP subnet mask default 255 255 255 0 IP broadcast address default 198 41 12 255 RIP 1 RIP 2 or OSPF Open Shortest Path First for Ethernet 0 0 only IP gateway for Ethernet 0 0 2 0 4 0 and 6 0 CV Use the TCP IP Routing Ethernet Dialog Box to set the IP addre...

Страница 30: ...onfigured values You may also want to use more meaningful zone names CV Use the AppleTalk Routing Ethernet Dialog Box for Ethernet 0 0 2 0 4 0 and 6 0 TB Use configure and set keywords in the AppleTalk Phase 2 Ethernet 0 0 AppleTalk Phase 2 Ethernet 2 0 AppleTalk Phase 2 Ethernet 4 0 and AppleTalk Phase 2 Ethernet 6 0 sections Configuring the Server for LAN to LAN Tunnels Required for LAN to LAN T...

Страница 31: ...PN Group Name section Then set the BindTo LocalIPNet and or LocalIPXNet and IPNet keywords in that section v Note The IP network or subnet specified as the Local IP Network or subnet must not conflict with networks specified in other VPN Group configurations VPN Groups or with any other IP address within the server Suggested for Client Tunnel Configurations You may want to change authentication an...

Страница 32: ...will also log the real IP address of the client and the IP address assigned to the client by the IntraPort Enterprise 8 as it begins to account for the client To use this feature the two attribute numbers for these two IP address strings must also be configured in the RADIUS server s dictionary file and in the RADIUS section of the IntraPort s configura tion The following is an example for a Livin...

Страница 33: ... CV Use the SecurID Configuration Dialog Box under Global SecurID to enable SecurID and set the encryption method and server address Use the SecurID tab in the VPN Group Configuration Dialog Box to enable SecurID for a group of users TB Use the configure command and set the Enabled EncryptMeth and PrimaryServer keywords in the SecurID section then set the SecurIDRequired keyword in a VPN Group Nam...

Страница 34: ... Once a configuration is complete you can save it to the server s Flash ROM Until saved all changes are made in a separate buffer and the server s interfaces continue to run as before the changes were made CV Use the Save to Device option from the File menu TB Use the save command ...

Страница 35: ...mask 255 255 255 0 Broadcast address 198 41 12 255 Mode Routed All other Ethernet interfaces are off IPX Defaults Ethernet 0 0 is on Mode Routed 802 3 on autoseeding 802 2 on autoseeding Type II off 802 2 SNAP off All other Ethernet interfaces are off AppleTalk Defaults Ethernet 0 0 is on Mode Routed Phase II on autoseeding All other Ethernet interfaces are off ...

Страница 36: ...perature The filter needs changing See Appendix E for instructions Sys Ready The server booted properly without detecting any failures General Indicators Ethernet Traffic Indicators TX Ethernet transmit packet RX Ethernet receive packet Load Indicators These lights indicate the load on the encryption coprocessor card Ethernet Lights Load Lights Indication 5 flashing 20 flashing Server stacks start...

Страница 37: ...ckplane In general the only time you should use an individual RIOP card s switch is when the card is unable to communi cate with the backplane for some reason M Caution Settings marked with an asterisk may erase your Flash ROM Please do not use these settings without first contacting Compatible Systems Technical Support 0 Normal Operation 1 Unused 2 Unused 3 Run Boot ROM Downloader 4 Unused 5 Eras...

Страница 38: ... A Connector and Cable Pin Outs Pin Outs for DB 25 Male to DB 25 Female Console Cable The cable supplied with the IntraPort Enterprise 8 is twenty five conductors straight through Connections on the console interface follow the standard RS 232C pin outs ...

Страница 39: ...he latest version of CompatiView management software is also available To download software follow the instructions below 1 Use your browser to access http www compatible com and find the link on our home page to Software Downloads 2 Select the product and software version you want and click on the appropriate file to download it v Note These files are also accessible directly via Anonymous FTP at...

Страница 40: ... directly from Security Dynamics Technologies Inc Use the following information to contact Security Dynamics for more infor mation Security Dynamics Technologies Inc 20 Crosby Drive Bedford MA 01730 U S A 800 SECURID 800 732 8743 or 888 732 8743 To telephone from outside the U S 781 687 7000 E mail info securitydynamics com Web site http www securitydynamics com ...

Страница 41: ...r cover plate Figure 13 Removing and Replacing an RIOP Card or Cover Plate 1 Loosen the captive thumb screws on either end of the RIOP card you wish to remove 2 Grasping only the handles on either end of the card gently remove it from its slot Place the card in a board rack or other safe place 3 To add a card to an empty slot grasp only the handles of the RIOP card and gently move the card along t...

Страница 42: ...e procedure outlined next to clean and replace the dust filter Replacing or Cleaning the Intraport Enterprise 8 Air Filter Under normal operation the air filter does not require periodic maintenance The filter should be replaced only when an excessive amount of dirt and dust has collected over an extended period of time A replacement filter is supplied with the unit to minimize the unit s down tim...

Страница 43: ...e Products that do not conform to this Warranty This Warranty shall be invalidated if the Products a have not been installed handled or used in accordance with Compatible Systems recommended procedures b have been damaged through the negligence or abuse of the Customer or of any subsequent purchasers c are damaged by causes external to the Products including without limitation shipping damage powe...

Страница 44: ...ssure correct identification of the Customer and to insure prompt and accurate processing 6 Limitation of Remedies Compatible Systems liability for all claims brought pursuant to or in connection with this agreement including the purported breach hereof shall be limited a in the case of claims for breach of warranty to compliance with the repair or replacement provisions of the warranty and b in a...

Результаты поиска

Содержание IntraPort A00-1869

Отзывы:

Похожие инструкции для IntraPort A00-1869

Бренды по названию

Популярные бренды

Compatible Systems IntraPort A00-1869, Руководство по установке

Результаты поиска

Содержание IntraPort A00-1869

Отзывы:

Похожие инструкции для IntraPort A00-1869

Бренды по названию

Популярные бренды