Iniciar sesión:
Votos - , Puntuación media: ( )

Manual de usuario Allied Telesis, modelo AlliedWare NetScreen Routers

Fabricar: Allied Telesis
Tamaño del archivo: 1.09 mb
Nombre del archivo: 235b5eb0-811b-8264-b515-cb0e0298e9f1.pdf

Idioma del manual:en

El documento se está cargando, por favor, espere
El documento se está cargando, por favor, espere

Resumen del manual


To support this challenge, Allied Telesis routers are designed to inter-operate with a wide range of equipment. This How To Note details one of the inter-operation solutions from Allied Telesis: creating virtual private networks between Allied Telesis and SonicWALL routers. It shows you how to configure a VPN between a local Allied Telesis router and a remote SonicWALL router, stepby- step. On the Allied Telesis router, it uses the Site-To-Site VPN wizard for the VPN configuration. The wizard runs on selected AR400 Allied Telesis routers from the router’s web-based GUI (graphical user interface). It asks you to enter a few details and from those it configures the following settings: • encryption to protect traffic over the VPN • ISAKMP with a pre-shared key to manage the VPN • the firewall, to protect the LANs and to allow traffic to use the VPN • Network Address Translation (NAT), so that you can access the Internet from the private LAN through a single public IP address. This Internet access does not interfere with the VPN solution • (in this example) NAT-Traversal because one end of the VPN tunnel is behind a separate NAT device C613-16098-00 REV E What information will you find in this document? This How To Note begins with the following information: • "Related How To Notes" on page 2 • "Which products and software version does it apply to?" on page 2 Then it describes the configuration, in the following sections: • "The network" on page 3 • "How to configure the Allied Telesis router" on page 4 • "How to configure the SonicWALL router" on page 12 • "How to test the tunnel" on page 29 • "How to use the CLI instead of the GUI" on page 30 Related How To Notes Allied Telesis offers How To Notes with a wide range of VPN solutions, from quick and simple solutions for connecting home and remote offices, to advanced multi-feature setups. Notes also describe how to create a VPN between an Allied Telesis router and equipment from a number of other vendors. For a complete list of VPN How To Notes, see the Overview of VPN Solutions in How To Notes in the How To Library at Which products and software version does it apply to? The VPN wizard is available on the following Allied Telesis routers, running Software Version 2.9.1 or later: • AR415S • AR440S, AR441S, AR442S You can use the command line to set up an equivalent configuration on AR700 and other AR400 Series routers. See "How to use the CLI instead of the GUI" on page 30 for the necessary commands. We created this example with a SonicWALL TZ 170, running SonicOS Enhanced 2.5.1.1-65e. SonicOS Standard does not support NAT-T draft 3, so this solution requires SonicOS Enhanced. The screenshots in this Note are from an Internet Explorer 6.0 browser running on Windows XP. Page 2 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers The network This example illustrates a NAT-T solution, which you need when one or both of the routers are behind a NAT device such as some xDSL and cable modems. In this example, an Allied Telesis AR415S router is behind a NAT device. The following diagram shows the LANs and their interfaces and addresses. vlan1: 192.168.1.1 eth0: 192.168.254.1/30 Allied Telesis router 192.168.254.2/30 100.100.100.1/30 NAT device SonicWALL router Internet WAN: 200.200.200.1/30 workstation: 192.168.1.100 by automatic address assignment VLAN: 192.168.2.1 workstation: 192.168.2.100 by automatic address assignment VPN tunnel 200.200.200.2/30 100.100.100.2/30 at-sonic.eps Note: You can still use this example if you have no NAT device between the Allied Telesis router and the Internet, or if you have a NAT device between the SonicWALL router and the Internet, with slight alterations. See "Appendix: Using this example if you don’t have a NAT device in the same position" on page 31 for details. Initiating the In this example, you can only initiate the tunnel from the Allied Telesis end, not the tunnel from SonicWALL end. If you want to let the SonicWALL initiate the VPN too, you have to either end configure your NAT device to allow it. To do this, set up pinholes (allow rules) on the NAT device to allow through UDP traffic on ports 500 and 4500. Page 3 | AlliedWare™ OS How To Note: VPNs with SonicWALL routers How to configure the Allied Telesis router Before you 1. Install and configure the NAT device. start 2. Access the router via its GUI. 3. Customise the router and set up vlan1 as the LAN interface. The site-to-site VPN wizard always uses vlan1 as the local LAN for the VPN connection, so you must make sure an IP interface is configured on vlan1 before running the wizard. 4. Create a security officer. If you use the Basic Setup wizard to customise the router, this creates one security officer, with a username of “secoff”. 5. Set up the WAN interface. This example uses a fixed IP address on the WAN interface— modify it to use an appropriate interface for your network. The router ...

Comentarios



Tu reseña
Tu nombre:
Introduzca dos números de la imagen:
capcha





Categoría