ShoreTel VPN Concentrator 4500 Скачать руководство пользователя страница 1 | Manualshive

Страница: 1 / 46

background image

VPN Concentrator 4500/5300

Installation and Configuration Guide

1
2
3
...
»

Содержание VPN Concentrator 4500

Страница 1: ...VPN Concentrator 4500 5300 Installation and Configuration Guide...

Страница 2: ...r mechanical for any purpose without prior written authorization of ShoreTel Inc ShoreTel Inc reserves the right to make changes without notice to the specifications and materi als contained herein an...

Страница 3: ...ount Installation 10 Connecting the Power and Cables 10 1 2 2 5 Initial Configuration 11 1 2 3 Deployment Scenarios 12 2 1 Introduction 13 2 2 Redundant VPN Concentrators 14 2 3 SSL VPN Authentication...

Страница 4: ...f recommended configuration and deployment procedure 33 4 1 Tools and Troubleshooting 35 4 1 1 Network Information 36 4 1 2 Network Connectivity 37 4 1 3 Viewing Log Files 38 4 1 4 Packet Capture 39 4...

Страница 5: ...10 100 Ethernet LAN Ports 4 x 10 100 Ethernet Serial Ports 1 x RS 232 Dimensions Height 1 688 42 863 mm Width 10 438 265 113 mm Depth 6 625 168 275 mm Weight 2 lb 0 91 kg Power 12V 3A external AC Ada...

Страница 6: ...f or no power from the AC outlet Solid Green Power is supplied to the unit Status Off The unit could not boot up because of self test failure Solid Green Self test passed Flashing Green Configuration...

Страница 7: ...C USB Ports Not used D Ethernet WAN Port This port is typically used when connecting the 4500 to an upstream router E Management Console Port This port is used to establish a local console session wi...

Страница 8: ...hilips or slotted screws 1 inch long F Erase If pressed twice in quick succession the CLI password will be changed to its original password If pressed three times in quick succession the 5300 will rev...

Страница 9: ...y Wall Mount Installation You can mount the 4500 on a wall using the two mounting brackets on the bottom of the appliance We recommend that you use the two round or pan head screws 1 Install two screw...

Страница 10: ...into an AC outlet and the other end into the power receptacle on the 4500 Make sure that the power and status LEDs shown in Figure 1 1 as A and B are solid green after a short while WARNING Always con...

Страница 11: ...e Subnet Mask 7 Perform the following steps in the Network Settings section Set the Default Gateway to the upstream router s IP address Set the Primary DNS Server and Secondary DNS Server to the prima...

Страница 12: ...ory default will erase all configuration changes B Power LED Off Power switch is off or no power from the AC outlet Solid Green Power is supplied to the unit C Disk Activity LED Off No disk activity F...

Страница 13: ...on The serial port uses a baud rate of 9600 8 data bits 1 stop bit and no parity Call out Description A Power Inlet Accepts a 3 pin Shroud Female connector of a power cord with 3 pin Shroud Male conne...

Страница 14: ...nvironmental specifications for the system Connecting the Power and Cables 1 Connect one end of an Ethernet cable to local LAN port Port 1 of the 5300 This port can be seen as F in Figure 1 3 Connect...

Страница 15: ...wing steps in the WAN Interface Settings section Choose Static IP Address Set the IP Address to an IP address that is within the subnet of your firewall s DMZ Note The IP address may be a private IP a...

Страница 16: ...e WAN port of the VPN Concentrator to the DMZ network or port of the firewall as shown in Figure 1 6 The WAN port should be assigned to a private IP address RFC 1918 or an IP address that can be used...

Страница 17: ...unnels A maximum of 10 simultaneous SSL VPN tunnels can be licensed on the 4500 A maximum of 100 simultaneous SSL VPN tunnels can be licensed on the 5300 WARNING If ShoreTel VPN phones will be deploye...

Страница 18: ...a remote phone The database can be populated by the administrators using the GUI If the MAC address of a remote phone is not found in this database then the SSL VPN connection request is rejected MAC...

Страница 19: ...2 Other Features Contact Center Administrator Manual 15 History Log A history log of all connection requests is maintained which includes information such as success and failure of sessions establishm...

Страница 20: ...Other Features Chapter2 16...

Страница 21: ...root directory of the FTP server 2 Make sure that the pub e_4500 and pub e_5300lf directories exist under the root directory of the FTP server 3 To upgrade VPN Concentrator 4500 obtain the image files...

Страница 22: ...hen be displayed VPN Concentrator 4500 supports a maximum of 10 SSL VPN sessions and VPN Concentrator 5300 supports a maximum of 100 SSL VPN sessions Additional licenses can be obtained by following t...

Страница 23: ...d in further configuration of the device 3 3 Configuration 1 If the LAN network has sub networks that need to be accessed through the VPN Concentrator then choose Route submenu of System submenu of Co...

Страница 24: ...can be entered by separating the IP addresses with spaces The system sends the syslog data to the default syslog port 514 which can not be changed Please obtain the IP address of the server from Shore...

Страница 25: ...he system Please use caution when adjusting the ethernet link rate as incompatible rate setting may render the device unreachable Parameter Description LAN Ethernet Link rate can be set to the followi...

Страница 26: ...be adjusted to reduce the latency introduced by large data packets on a slower link If the WAN upstream bandwidth is less than 256 Kbps the MTU size is automatically reduced to 800 bytes The default...

Страница 27: ...tor can route data between multiple broadcast domains that it is a member of The VPN Concentrator 4500 can also do port based VLANs which enables it to tag untagged data coming from a port Parameter D...

Страница 28: ...new VLAN IP Address IP address of the VPN Concentrator in the broadcast domain associated with the VLAN ID being created Network Mask Network mask of the broadcast domain for the new VLAN LAN Port Mem...

Страница 29: ...SL VPN sessions will be terminated at that point The main configuration page is divided into the following sections Global Configuration LDAP Configuration Stunnel Firewall Configuration Proxy ARP Con...

Страница 30: ...specified in number of seconds By default this feature is disabled and if enabled Stunnel Server Tunnel Timeout will be set to a default value of 86400 seconds Stunnel Server Tunnel Timeout Timeout v...

Страница 31: ...nable or disable the LDAP authentication feature to authenticate the username and password of the SSL VPN client A valid LDAP Server IP Address must be configured to enable this feature By default LDA...

Страница 32: ...d Max Clients parameter value By default this list is empty If you have added some value in IP pool range it will only become effective after the next restart of Stunnel Note Remove addresses from the...

Страница 33: ...r of Username Passwords that can be registered at a time is 1000 The maximum length allowed for both Username and Password is 16 characters Empty strings are not allowed for both Username and Password...

Страница 34: ...ate MAC Addresses cannot be configured If MAC Blacklist validation is enabled then MAC Blacklist validation is done prior to MAC Whitelist validation To add or delete MAC addresses from the database c...

Страница 35: ...addresses are allowed Duplicate MAC Addresses cannot be configured If MAC Whitelist validation is enabled MAC Whitelist validation is done after MAC Blacklist validation To add or delete MAC addresse...

Страница 36: ...s well as how to authenticate with this device Two methods are provided 1 Via MAC Address specific IP Phone configuration files 2 Manual configuration using the Phone User Interface The latter method...

Страница 37: ...ots if set to 1 This will force password entry after all power on events but will permit auto matic restoration of dropped links without user intervention Sources are MAN CFG Default is 0 VpnPwPrompt...

Страница 38: ...his is the port number on the VPN concentrator that the phone will connect to Press the key to accept the default value or use the digit keys to enter a different port number followed by the key to co...

Страница 39: ...Chapter 3 Configuration VPN Concentrator Installation and Configuration Guide 33 This procedure allows for a turn key installation of remote phones with minimal user intervention...

Страница 40: ...Configuration Chapter3 34...

Страница 41: ...rface CLI can be used to troubleshoot the system Sometimes both GUI and CLI need to be used to debug the problem Logging into the GUI system has been explained earlier in Section 1 2 1 5 and Section 1...

Страница 42: ...oth GUI and CLI Following screenshot displays the network information such as routing tables link status and interface status Please make sure that all links and interfaces are up and running and all...

Страница 43: ...suing the ifconfig command 4 1 2 Network Connectivity Once all the physical and logical interfaces are up and running then network connectivity can be checked by using the ping command traceroute comm...

Страница 44: ...2 2 2 icmp_seq 2ttl 53time 45 6ms 64bytesfrom4 2 2 2 icmp_seq 3ttl 53time 45 6ms 4 2 2 2pingstatistics 4packetstransmitted 4packetsreceived 0 packet loss round tripmin avg max 44 7 45 6 46 5ms Note St...

Страница 45: ...the packets for a given SSL VPN connection 1 Identify the PPP session associated with a given phone by obtaining the IP address of the phone from the Active Sessions by using its MAC address Once the...

Страница 46: ...Tools and Troubleshooting Chapter4 40...

Отзывы:

Нет отзывов

Похожие инструкции для VPN Concentrator 4500

MSR3610-I Series

Бренд: H3C Страницы: 33

SNAPconnect E12

Бренд: Synapse Страницы: 35

Бренд: Logic IO Страницы: 45

Бренд: SpectraLink Страницы: 15

CONNECT RETH001

Бренд: CAME Страницы: 32

SURFboard SBG6400

Бренд: ARRIS/Motorola Страницы: 59

Touchstone TG862

Бренд: Arris Страницы: 2

Touchstone TG3452

Бренд: Arris Страницы: 2

Бренд: Technicolor Страницы: 6

Бренд: ActionTec Страницы: 73

Бренд: Teltonika Страницы: 6

Бренд: NexLink Страницы: 24

Бренд: Celestix Страницы: 37

Бренд: H3C Страницы: 32

Бренд: Zte Страницы: 2

BACnet HPE-MRBN

Бренд: HRW Страницы: 15

Бренд: RADVision Страницы: 20

Бренд: Patton Страницы: 61

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды