manualshive.com logo in svg

HP sa3110, Руководство по установке, Страница: 34 / 92

Поделиться
Скачать
HP sa3110 Скачать руководство пользователя страница 34

Performing the Initial Hardware Setup

3-12

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450 Installation Guide

As a bridge, the VPN device ARP responds under the following 
conditions:

1.

The ARP request is for an address that has been assigned to 
an interface on the VPN device.

2.

The ARP request is for an address that has been assigned to 
a remote user tunnel as a client IP.

3.

The ARP request is for an address that is currently in the VPN 
device device’s ARP cache for an interface other than the 
interface where the ARP request was picked up.

4.

If the ARP request is for an address that is not in the VPN 
device device’s ARP cache for any of its interfaces, then the 
VPN device broadcasts a new ARP request out of all 
interfaces except for the interface where the original ARP 
request was picked up. If a device responds to the VPN 
device, the VPN device creates a new entry in its ARP cache 
and behaves as in condition 3 in the preceding paragraph.

Note: 

Note: 

Note: 

Note: ARP requests and responses can become a significant 
percentage of your network traffic if the devices on your 
network are misconfigured.

When Bridge 

When Bridge 

When Bridge 

When Bridge 
Mode Should Be 

Mode Should Be 

Mode Should Be 

Mode Should Be 
Used

Used

Used

Used

A VPN device should be configured as a bridge if you were going 
to connect two physically separate network segments that 
contain devices in the same logical subnet. This is often the case 
when the VPN device is going to be connected between an 
existing firewall and a corporate network (referred to as inline 
configuration in the 

Hewlett-Packard VPN Server Appliance 

SA3110/SA3150/SA3400/SA3450 Network Layout Reference 
Guide).

Note: 

Note: 

Note: 

Note: The mode of operation of the VPN device does not affect 
the firewall or tunneling functionality of the VPN device. The 
physical interfaces of the VPN device can still be designated as 
black and red, and firewall rules can still be defined to allow or 
disallow IP traffic.

Next Step

Next Step

Next Step

Next Step

Connecting the Device to the Network (page 3-12)

Содержание sa3110

Страница 1: ...Hewlett Packard Company HP 5971 0872 P N A52437 001 March 2001 hewlett packard vpn server appliance sa3110 sa3150 sa3400 sa3450 installation guide ...

Страница 2: ...ii ...

Страница 3: ...r life sustaining applications Hewlett Packard Company may make changes to specifications and product descriptions at any time without notice This Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide as well as the software described in it is furnished under license and may only be used or copied in accordance with the terms of the license The information in this man...

Страница 4: ...dattaa EU direktiivin 1999 5 EC määräyksiä Ce produit est conforme aux exigences de la Directive Européenne 1999 5 EC Dieses Produkt entspricht den Bestimmungen der Europäischen Richtlinie 1999 5 EC Þessi vara stenst reglugerð Evrópska Efnahags Bandalagsins númer 1999 5 EC Questo prodotto è conforme alla Direttiva Europea 1999 5 EC Dette produktet er i henhold til bestemmelsene i det europeiske di...

Страница 5: ... Configuring Syslog for Troubleshooting 3 14 Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Overview to Installing HP SA3000 Series VPN Manager 4 1 Installing VPN Manager 4 2 Adding a VPN Device With VPN Manager 4 4 Saving New Device Information to a Configuration File 4 7 Installing HP...

Страница 6: ... Network Infrastructure Checklists Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists A 1 Router Checklists A 2 Firewall Checklists A 4 Using An Existing Firewall A 6 Internal Network Checklists A 7 Authentication Checklists A 11 Port Combinations Table A 12 Index Index Index Index Index 1 Index 1 Index 1 Index 1 ...

Страница 7: ...A3450 Installation Guide G G G G e e e e t t t t t t t t i i i i n n n n g g g g S S S S t t t t a a a a r r r r t t t t e e e e d d d d Getting Started Getting Started Getting Started Getting Started Getting Started 1 1 Required Components of a VPN Device 1 3 ...

Страница 8: ...Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide G G G G e e e e t t t t t t t t i i i i n n n n g g g g S S S S t t t t a a a a r r r r t t t t e e e e d d d d ...

Страница 9: ...our VPN device Supplementary procedures for the VPN device Chapter and Chapter and Chapter and Chapter and Appendix Appendix Appendix Appendix Contents Contents Contents Contents The following list describes the contents and purpose of each chapter and the appendix 1 Getting Started This chapter gives an overview of the structure of this manual and explains the function of each installation compon...

Страница 10: ...are on your PC 6 Supplementary Procedures This chapter gives instructions for the following procedures Installing or Replacing the X 21 or V 35 Serial Card in the VPN device Using the copy command Capturing a terminal emulation session as text Viewing a terminal emulation session Deleting the current VPN device configuration Reconfiguring the VPN device Viewing the IP configuration Using Telnet 7 ...

Страница 11: ...r load balancing and redundancy for VPN Client connections The VPN device performs three major functions At the communications level the VPN device can act either as an IP router or as an IP bridge that is it operates at layer 3 not layer 2 As a packet encryptor the VPN device can selectively encrypt and decrypt data based on source and destination addresses and ports This provides the flexibility...

Страница 12: ...ries products This provides desktop to gateway security within a local area network or across any wide area network Because all HP VPN products operate at the network layer the VPN Client is completely transparent to users and works with most applications Users can dial in to any Internet service provider ISP and use the VPN Client to create a secure channel back to your network which eliminates t...

Страница 13: ... e e f f f f o o o o r r r r e e e e Y Y Y Y o o o o u u u u I I I I n n n n s s s s t t t t a a a a l l l l l l l l Before You Install Before You Install Before You Install Before You Install Hardware and Software Requirements 2 1 Installation Overview 2 3 Installation Preparation Checklist 2 4 ...

Страница 14: ...tt Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide B B B B e e e e f f f f o o o o r r r r e e e e Y Y Y Y o o o o u u u u I I I I n n n n s s s s t t t t a a a a l l l l l l l l ...

Страница 15: ...2000 Workstation or Server version with Service Pack 4 minimum for year 2000 capability running on Intel Pentium 100 MHz minimum processor perfor mance level or better At least 5 MB of free disk space At least 32 MB of RAM Support for Winsock 2 0 VPN Client VPN Client VPN Client VPN Client Requirements Requirements Requirements Requirements The hardware and software requirements for HP SA3000 Seri...

Страница 16: ...nstall 2 2 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide Intel Pentium 133 MHz minimum processor or better 2 GB hard drive with 650 MB minimum free disk space 64 MB minimum RAM ...

Страница 17: ...device Related Info Related Info Related Info Related Info Installation Preparation Checklist page 2 4 Complete preinstallation requirements Perform the initial hardware setup Set up a basic routing mode configuration and connect the device to the network Install and configure the VPN Manager software Install and configure the VPN Client software Refer to the Installation Preparation Checklist in ...

Страница 18: ...t of network administrators use one of the following configurations One Armed Router Configuration In Line Router Configuration In Parallel Configuration For more complete information on these configurations see the Network Layout Reference Guide ___Before you perform the initial hardware setup you must have the following information and terminal emulation program available Serial communication po...

Страница 19: ...e 2 5 ___If you use a different subnet when creating site to site tunnels make the proper routing changes for your organization For example if your internal network is 10 0 0 0 and you assign an incoming address from 192 168 x x all internal routers must be configured to send all 192 168 0 0 traffic to the VPN device ...

Страница 20: ...Before You Install 2 6 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide ...

Страница 21: ... a r r r r e e e e S S S S e e e e t t t t u u u u p p p p Performing the Initial Hardware Setup Performing the Initial Hardware Setup Performing the Initial Hardware Setup Performing the Initial Hardware Setup Performing the Initial Hardware Setup 3 1 Preparing to Configure a New VPN Device 3 2 Setting Up a Basic Routing Mode Configuration on a New Device 3 5 Using Bridge Mode With the VPN Device...

Страница 22: ...tion Guide P P P P e e e e r r r r f f f f o o o o r r r r m m m m i i i i n n n n g g g g t t t t h h h h e e e e I I I I n n n n i i i i t t t t i i i i a a a a l l l l H H H H a a a a r r r r d d d d w w w w a a a a r r r r e e e e S S S S e e e e t t t t u u u u p p p p ...

Страница 23: ...ter you complete the following tasks 1 Physically connect the supplied DB 9 cable to your VPN device and your PC 2 Check power supply voltage setting 3 Turn on the VPN device 4 Create a console window with your terminal emulation program 5 Establish an initial session between your PC and your VPN device 6 Run your setup script 7 Configure Syslog for troubleshooting 8 Connect your device to the net...

Страница 24: ... with your terminal emulation program When the VPN device is in a factory default state the only way to communicate with it is through the console cable You run the console cable between the serial port on the device and the serial port on the computer on which you want to have the console window After you make the physical connection you open a console window so you can run the setup script to co...

Страница 25: ...g a Creating a Creating a Console Console Console Console Window Window Window Window To create a Console window 1 In the Start menu For NT systems select Programs then Accessories then HyperTerminal For Windows 98 systems select Programs then Accessories then Communications then HyperTerminal The HyperTerminal window appears 2 In the File menu select New Connection The Connection Description wind...

Страница 26: ...0 Click OK You return to the terminal emulation program window where the cursor is blinking in an otherwise blank white screen You now have an active console session and can communicate from your computer to the device Next Step Next Step Next Step Next Step Setting Up a Basic Routing Mode Configuration on a New Device page 3 4 ...

Страница 27: ...e device See the previous section Preparing to Configure a New VPN device You must know the IP address and subnet mask for the red Ethernet interface E0 and for the black Ethernet interface E1 and the IP address for the default gateway You want the device to be in normal mode before you start configuring it through the setup script Allow the device 60 seconds to boot through safe mode into normal ...

Страница 28: ...ego displaying the license agreement the next time that the VPN device starts Next a name and state prompt similar to this one appears on the screen hostname SAFE 11 Wait 60 seconds The device changes from safe mode to normal mode The device must be in normal mode before you run the setup script for it 12 At the name and state prompt enter enable A password prompt appears on the screen 13 At the p...

Страница 29: ...run the setup script 1 To get into setup mode at the name and state prompt enter setup The prompt changes to the following hostname setup Note Note Note Note The word setup in parentheses means that you are in setup mode 2 To set the host name of the device at the prompt enter the name you want to call the device For example if you want to call the device vpn1 enter vpn1 at the following prompt En...

Страница 30: ...admin Note Note Note Note Passwords are case sensitive 10 To set the time zone of the device enter the time zone with respect to Greenwich Mean Time For example to set the time zone for Boston enter timezone est 5 edt 11 To set the VPN device s clock enter the year month day hour in 24 hour format minute and second For example to set the system clock to December 31 2000 at 2 18 p m enter the follo...

Страница 31: ... SA3110 SA3150 SA3400 SA3450 Installation Guide 3 9 ping 10 1 2 2 255 255 0 The device informs you of the success of the ping The setup script is now complete The initial configuration is set on the new VPN device Next Step Next Step Next Step Next Step Using Bridge Mode With the VPN Device page 3 8 ...

Страница 32: ...e Note Note Switching from bridge mode to router mode or from router mode to bridge mode requires you to reboot the VPN device Router Mode Router Mode Router Mode Router Mode Address Address Address Address Assignment Assignment Assignment Assignment In router mode each physical interface on the VPN device must be assigned an address from a different subnet For example Ethernet 0 could be assigned...

Страница 33: ...own menu and select the Enable Bridging Mode check box Bridge mode command overrides the interface command To disable bridge mode from VPN Manager in the Configure Devices window for the VPN device on the Interfaces tab clear the Enable Bridging Mode check box The VPN device reverts to router mode using the IP addresses assigned in the interface commands Note Note Note Note Using the interface com...

Страница 34: ... condition 3 in the preceding paragraph Note Note Note Note ARP requests and responses can become a significant percentage of your network traffic if the devices on your network are misconfigured When Bridge When Bridge When Bridge When Bridge Mode Should Be Mode Should Be Mode Should Be Mode Should Be Used Used Used Used A VPN device should be configured as a bridge if you were going to connect t...

Страница 35: ...teps Steps Steps Steps To connect the VPN device to the network 1 Turn the device off before connecting network cables 2 Connect the supplied Ethernet cables to the Ethernet interfaces 3 Connect your Ethernet LAN cables to the shielded cables 4 Turn the device on Once you have connected your VPN device to the network behind your firewall configure the device using VPN Manager included on the CD RO...

Страница 36: ...es of text returned by factory default mode Syslog is syslog priority all 0 To set Syslog to level 7 in the console window or through a Telnet session see Using Telnet in Chapter 7 1 At the VPN prompt enter Config 2 At the VPN prompt enter syslog priority all 7 3 At the VPN prompt enter end 4 At the VPN prompt enter write Activating or Activating or Activating or Activating or Deactivating Deactiv...

Страница 37: ...Configuring Syslog for Troubleshooting Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide 3 15 Next Step Next Step Next Step Next Step Installing VPN Manager page 4 1 ...

Страница 38: ...Performing the Initial Hardware Setup 3 16 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide ...

Страница 39: ...r r i i i i e e e e s s s s V V V V P P P P N N N N M M M M a a a a n n n n a a a a g g g g e e e e r r r r Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Installing HP SA3000 Series VPN Manager Overview to Installing HP SA3000 Series VPN Manager 4 1 Installing VPN Manager 4 2 Adding a VPN Device With VPN Manager 4 4 Saving N...

Страница 40: ... Guide I I I I n n n n s s s s t t t t a a a a l l l l l l l l i i i i n n n n g g g g H H H H P P P P S S S S A A A A 3 3 3 3 0 0 0 0 0 0 0 0 0 0 0 0 S S S S e e e e r r r r i i i i e e e e s s s s V V V V P P P P N N N N M M M M a a a a n n n n a a a a g g g g e e e e r r r r ...

Страница 41: ...view to Installing HP SA3000 Series VPN Manager VPN Manager VPN Manager VPN Manager In this chapter you complete the following tasks 1 Install the HP SA3000 Series VPN Manager software 2 Add your VPN device meaning that the VPN Manager sees the device and knows it is accessible 3 Create a device list 4 Save the device list 5 Save your VPN device configuration information to a file Next Step Next S...

Страница 42: ... to the licensing information screens click Next 4 To continue the installation click Yes A window prompts you for your user information 5 Enter your user name and company name then click Next The next installation window displays the default directory for the program files 6 To accept the default directory click Next Setup adds an icon to the Program Folder 7 To accept the Hewlett Packard Company...

Страница 43: ...450 Installation Guide 4 3 When you double click the VPN Manager icon on your desktop the VPN Manager application starts and you are prompted for a password when opening the encrypted device list file Next Step Next Step Next Step Next Step Adding a VPN device With VPN Manager page 4 4 ...

Страница 44: ...reads the host name that you already configured on the device through the console window If you do not want to change the host name leave this field blank If you do change the host name click Commit to update the configuration 5 In the Folder field select the device list network layout in which you want the device information to reside If you select All Devices the device is placed in the All Devi...

Страница 45: ...ce Details list box select the device 12 In the File menu select Save As The Save As window appears 13 In the File name field enter a name for the file The VPN Manager attaches a imn extension to the file name that you specify 14 Click Save 15 Click Add You return to the VPN Manager main window 16 In the Configure menu select Login Password The Set Login password appears 17 In the New Password fie...

Страница 46: ...SA3000 Series VPN Manager 4 6 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide Next Step Next Step Next Step Next Step Saving New Device Information to a Configuration File page 4 7 ...

Страница 47: ...ow appears 2 Enter and reenter the password to confirm it Note Note Note Note This password is for the device list only and is not related to the password you entered when you initially ran the Setup Script Chapter 3 Setting Up a Basic Routing Mode Configuration on a New Device It is also unrelated to the password you entered in the preceding section Adding a VPN Device With VPN Manager when you c...

Страница 48: ...Installing HP SA3000 Series VPN Manager 4 8 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide ...

Страница 49: ...0 0 0 0 0 0 S S S S e e e e r r r r i i i i e e e e s s s s V V V V P P P P N N N N C C C C l l l l i i i i e e e e n n n n t t t t Installing HP SA3000 Series VPN Client Installing HP SA3000 Series VPN Client Installing HP SA3000 Series VPN Client Installing HP SA3000 Series VPN Client Overview to Installing HP SA3000 Series VPN Client 5 1 Installing VPN Client 5 3 Configuring the VPN Client for ...

Страница 50: ...tion Guide I I I I n n n n s s s s t t t t a a a a l l l l l l l l i i i i n n n n g g g g H H H H P P P P S S S S A A A A 3 3 3 3 0 0 0 0 0 0 0 0 0 0 0 0 S S S S e e e e r r r r i i i i e e e e s s s s V V V V P P P P N N N N C C C C l l l l i i i i e e e e n n n n t t t t ...

Страница 51: ... OSR2 or Windows 95 C OSR3 releases work successfully To view your Windows 95 version select System Properties If you use Windows 95 Gold or Windows 95A follow these steps to upgrade to DUN 1 3 before you install the VPN Client 1 Install the Windows 95 Dial Up Networking DUN 1 3 upgrade To obtain this upgrade using your browser go to URL http support microsoft com support downloads dp3267 asp Clic...

Страница 52: ...are Version Compatibility Software Version Compatibility Software Version Compatibility Software Version Compatibility The Hewlett Packard Company strongly recommends that you use Release 6 8 2 of all VPN software Before installing the VPN Client you may want to read some background information to become familiar with firewalls and encryption terminology that you are likely to encounter when using...

Страница 53: ...s to accept the displayed License Agreement The User Information Window appears 8 Enter your name and the name of your company Select Next to continue The Choose Destination Location window appears 9 Enter the location where you want VPN Client to be installed or select Next to accept and use the default folder location The Select Program Folder window appears 10 Enter the name you want to have ap...

Страница 54: ...mmended 16 Select Yes to have the VPN Client start each time you reboot Windows or select No to have manual control over starting the VPN Client Note Note Note Note You cannot undo this option once the VPN Client is installed To undo this operation you must reinstall the VPN Client Reinstalling the VPN Client does not remove any configuration parameters you have saved to file You are asked whether...

Страница 55: ...name and password 2 Enter your user name and password in the window that appears Note Note Note Note The password is one that you make up and is used only for the purpose of running the VPN Client the first time 3 In the Tunnels menu select New The General Tab appears Note Note Note Note Set up your authentication method now unless you are using a SecurID or RADIUS authenticated security pro file ...

Страница 56: ...nstallation Guide 9 Enter Peer IP and Peer Name in the corresponding fields and click OK 10 Select Enable WINS DNS via VPN device and click OK You now have created a basic VPN tunnel For more information on configuring advanced features of the VPN Client see the online Help file within the VPN Client software ...

Страница 57: ...pplementary Procedures Supplementary Procedures Supplementary Procedures Supplementary Procedures Supplementary Procedures 6 1 Installing or Replacing the X 21 or V 35 Serial Card in the VPN Device 6 2 Using the Copy Command TFTP 6 6 Capturing a Terminal Emulation Session as Text 6 8 Viewing a Terminal Emulation Session 6 9 Deleting the Current VPN Device Configuration 6 10 Restoring the VPN Devic...

Страница 58: ...nce SA3110 SA3150 SA3400 SA3450 Installation Guide S S S S u u u u p p p p p p p p l l l l e e e e m m m m e e e e n n n n t t t t a a a a r r r r y y y y P P P P r r r r o o o o c c c c e e e e d d d d u u u u r r r r e e e e s s s s ...

Страница 59: ...supplementary procedures which are done occasionally as required This chapter gives instructions for the following supplementary procedures Installing or replacing the X 21 or V 35 serial card in the VPN device Using the copy command TFTP Capturing a terminal emulation session as text Viewing a terminal emulation session Deleting the current VPN device configuration Reconfiguring the VPN device Vi...

Страница 60: ...are requirements requirements requirements requirements This section lists the hardware requirements for installing the X 21 or V 35 serial card into your HP VPN Server Appliance SA3400 SA3450 You need the following hardware to install the X 21 or V 35 serial card into your VPN device VPN device X 21 or V 35 serial card Phillips screwdriver Disposable grounding wrist strap Safety Safety Safety Saf...

Страница 61: ...ver of the VPN Device VPN Device VPN Device VPN Device To remove the cover of the VPN device 1 Loosen and remove the six cover screws located on the sides and rear of the unit chassis 2 Remove the top cover of the VPN device Installing or Installing or Installing or Installing or Replacing the Replacing the Replacing the Replacing the X 21 or V 35 X 21 or V 35 X 21 or V 35 X 21 or V 35 Serial Card...

Страница 62: ...tion 2 Self diagnostics test 3 User diagnostics test 4 Burn in traffic tests 5 Final Assembly and Serializations 3 In the Main menu select Configuration A new menu appears with two options LAN and WAN 4 In the menu select WAN 5 In the Main Menu select Final Assembly and Serializations The device asks Is there an Access Pro Installed Please confirm y n 6 Enter n The device prompts Enter the serial ...

Страница 63: ...tions you want to retain into your newly created configuration in your Console window To create the new configuration file and restore the advanced settings of your saved ISBR cfg file 1 Follow the instructions in this Hewlett Packard VPN Server ApplianceSA3110 SA3150 SA3400 SA3450Installation Guide in Chapter 3 in the section entitled Setting Up a Basic Routing Mode Configuration on a New Device ...

Страница 64: ...xt editor such as Notepad 2 Ensure the source computer has a TFTP daemon running 3 Install the isbr exe and lrvg exe files on your TFTP server 4 Open the Console window See Preparing to Configure a New VPN device in Chapter 3 5 In the Console window enter copy from ip address of the source computer with the TFTP daemon running isbr exe The isbr exe file is transferred immediately from the computer...

Страница 65: ...Using the Copy Command TFTP Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide 6 7 The device reboots and the new settings take effect upon restart ...

Страница 66: ... window before using it for text capture See Preparing to Configure a VPN device in Chapter 3 Steps Steps Steps Steps To capture a console session as a text file for later review 1 At your desktop double click the Console icon The Console HyperTerminal window appears 2 In the Transfer menu select Capture Text The Capture Text window appears 3 Accept the default folder location and file name or bro...

Страница 67: ... Session This section tells you how to view a previously recorded terminal emulation session Steps Steps Steps Steps To view a previously recorded terminal emulation session 1 Open Notepad or similar text editor 2 In the Start menu select Programs then Accessories then Notepad 3 In the File menu select Open The Open window appears 4 In the list box select the desired session 5 Click Open You retur...

Страница 68: ...perTerminal icon The Console HyperTerminal window appears 2 Press Enter three times This causes HyperTerminal to send a handshake to the VPN device attached to COM port N on your PC When you receive a response from the device a name and state prompt similar to the following example appears on the screen namevpn NORMAL 3 At the name and state prompt enter enable A password prompt appears 4 At the p...

Страница 69: ...ete these four files and restore the VPN device configuration to near factory default condition 1 At the name and state prompt enter del filename where filename equals the filename extension of the first file to be deleted The specified file is deleted immediately The name and state prompt reappears 2 Repeat the previous step to delete the remaining three files 3 At the name and state prompt enter...

Страница 70: ...P Configuration window appears 3 Accept the default adapter that appears or in the Ethernet Adapter drop down menu select another one 4 Click More Info The expanded IP Configuration window appears A description follows IP Configuration IP Configuration IP Configuration IP Configuration Window Window Window Window The IP Configuration window has three parts Host Information Ethernet Adapter Informa...

Страница 71: ...thernet adapters in the Ethernet Adapter drop down menu The information in the text boxes changes to reflect this selection Information appears for review only Adapter Address showing the hardware address of the adapter card six two digit hexadecimal characters separated by hyphens IP Address showing the IP address of the adapter Subnet Mask showing the subnet mask of the adapter Default Gateway s...

Страница 72: ...has the following command buttons Button Button Button Button Function Function Function Function OK Lets you close the window and apply the configuration parameters shown Release Releases the current TCP IP binds for the displayed adapter only so that a new stack can be created Renew Renews the current TCP IP binding for the displayed adapter only Release All Releases the current TCP IP bindings ...

Страница 73: ...indow appears 2 In the Open field enter telnet then the IP address of the red private interface of the VPN device The Telnet window appears 3 In the Connect menu select Remote System The Connect window appears 4 In the Host Name drop down menu select a previously used host name or enter the name or IP address of the VPN device to which you want to telnet in the Host Name field 5 In the Port field ...

Страница 74: ... then click OK You return to the Connect window 12 Click Connect A Password prompt appears on the screen 13 Enter the enable password A row of asterisks appears as you enter your password The status Passed appears Information concerning the device to which you are connected appears You are provided with the command line prompt of the destination host ...

Страница 75: ... u u u u r r r r e e e e C C C C h h h h e e e e c c c c k k k k l l l l i i i i s s s s t t t t s s s s Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists Appendix Network Infrastructure Checklists A 1 Router Checklists A 2 Firewall Checklists A 4 Using An Existing Firewall A 6...

Страница 76: ... p p p p p e e e e n n n n d d d d i i i i x x x x N N N N e e e e t t t t w w w w o o o o r r r r k k k k I I I I n n n n f f f f r r r r a a a a s s s s t t t t r r r r u u u u c c c c t t t t u u u u r r r r e e e e C C C C h h h h e e e e c c c c k k k k l l l l i i i i s s s s t t t t s s s s ...

Страница 77: ...ing upon which protocols you support on your corporate network Complete the following checklists before you install the VPN device The Port Combinations table at the end of this appendix provides the ports you use depending upon which protocols you support on your corporate network Checklist Checklist Checklist Checklist Task Task Task Task Router Checklists You provide each router s manufacturer ...

Страница 78: ...an external router specify the following information External Router External Router External Router External Router IP Address and IP Address and IP Address and IP Address and Subnet Mask Subnet Mask Subnet Mask Subnet Mask Specify your router s IP addresses and subnet masks Router Router Router Router Manufacturer Manufacturer Manufacturer Manufacturer Router Model Router Model Router Model Rout...

Страница 79: ...IP VPN Device IP VPN Device IP Address and Address and Address and Address and Subnet Mask Subnet Mask Subnet Mask Subnet Mask Assign the IP addresses and subnet masks to the VPN device that you plan to use as a router If you plan to use the VPN device for a bridge assign the same IP address and subnet mask to both interfaces Yes Yes Yes Yes No No No No Interface Interface Interface Interface IP A...

Страница 80: ... a user s IP address and subnet mask is 0 0 0 0 and the user can gain access to any application http ftp and so on The outbound and inbound firewall checklists ask for IP addresses subnet masks and the applications each user can access Outbound Outbound Outbound Outbound Firewall Access Firewall Access Firewall Access Firewall Access Rights Rights Rights Rights Complete the following outbound and ...

Страница 81: ...nd Firewall Access Firewall Access Firewall Access Firewall Access Rights Rights Rights Rights Inbound Inbound Inbound Inbound Users Users Users Users IP Address IP Address IP Address IP Address Subnet Mask Subnet Mask Subnet Mask Subnet Mask Accessible Accessible Accessible Accessible Applications Applications Applications Applications ...

Страница 82: ...er type and version of your existing firewall in the following table Firewall Firewall Firewall Firewall Interface Interface Interface Interface Addresses Addresses Addresses Addresses Provide the IP addresses of the interfaces on your existing firewall Firewall Firewall Firewall Firewall Manufacturer Manufacturer Manufacturer Manufacturer Firewall Type Firewall Type Firewall Type Firewall Type Fi...

Страница 83: ...onnectors Connectors The VPN device includes two RJ 45 UTP female connections Provide the physical type of your LAN _______________________________________________________ Provide the types of cables and connectors it requires in the following table WAN Cables and WAN Cables and WAN Cables and WAN Cables and Connectors Connectors Connectors Connectors Provide the physical type of your WAN ________...

Страница 84: ...he communications The VPN device is itself a DTE device Follow these rules to choose which type of adapter cable to use and see the following illustration If connecting the VPN device to a Data Service Unit Channel Service Unit DSU CSU device with a DCE interface use a DTE adapter cable If connecting the VPN device to a DSU CSU device with a DTE interface use a DCE adapter cable If you connect the...

Страница 85: ...E cable Provide the type of adapter cable required DTE or DCE _______________________________________________________ Internal Internal Internal Internal Network IP Network IP Network IP Network IP Addresses and Addresses and Addresses and Addresses and Subnet Masks Subnet Masks Subnet Masks Subnet Masks Provide the IP addresses and subnet masks of your internal network in the following table VPN ...

Страница 86: ...etwork Network Protocols Protocols Protocols Protocols Provide the protocols you run on your network in the following table IP Addresses IP Addresses IP Addresses IP Addresses Subnet Masks Subnet Masks Subnet Masks Subnet Masks Protocols Protocols Protocols Protocols Yes Yes Yes Yes No No No No TCP IP IPX SPX NETBEUI AppleTalk Other_________________ ...

Страница 87: ...Authentication Authentication Types Types Types Types Determine which authentication methods to use and provide this information in the following table You may use a combination of authentication applications for remote users and site to site connections If you use a third party authentication method specify the version number Security Type Security Type Security Type Security Type Version Version...

Страница 88: ...col Protocol Destination Port Destination Port Destination Port Destination Port Source Source Source Source Port Port Port Port Actions Actions Actions Actions UDP In 2233 Out 2233 All All These data packets are encrypted They must be allowed through the firewall and should be directed to the device and no other destination address UDP In 10025 Out 10025 All All These packets are encrypted manage...

Страница 89: ...should not open this firewall rule unless the VPN Manager is running outside the firewall UDP In 10027 Out 10027 All All These packets are certificate requests between the certificate authority server and a VPN device or HP client Protocol Protocol Protocol Protocol Destination Port Destination Port Destination Port Destination Port Source Source Source Source Port Port Port Port Actions Actions A...

Страница 90: ...Appendix Network Infrastructure Checklists A 14 Hewlett Packard VPN Server Appliance SA3110 SA3150 SA3400 SA3450 Installation Guide ...

Страница 91: ...vice 1 3 VPN Manager 1 3 H H H H hardware requirements 2 1 host name of device 3 7 HP SA3000 Series VPN Client functions of 1 4 installing 2 1 5 1 5 3 removing 5 1 starting 5 4 HP SA3000 Series VPN Manager functions of 1 3 installing 2 1 4 2 HyperTerminal 3 3 I I I I initial session establishing 3 5 installation preparation checklist 2 4 process 2 3 installing VPN Client 2 1 5 1 5 3 VPN Manager 2 ...

Страница 92: ...up script running 3 7 software requirements 2 1 Syslog configuring for troubleshooting 3 14 T T T T Telnet 6 15 terminal emulation session capturing as text 6 8 HyperTerminal 6 8 viewing 6 9 text file of terminal emulation session 6 8 TFTP copy command 6 6 time zone setting 3 8 troubleshooting 3 14 turning on the VPN device 3 3 V V V V viewing IP configuration 6 12 VPN device configuring 3 5 3 9 V...

Отзывы:

Нет отзывов