Résumé du contenu de la page N° 1 
                    
                        IntraPort 2 and IntraPort 2+
VPN Access Server
Administrator’s Guide
Compatible Systems Corporation
4730 Walnut Street
Suite 102
Boulder, Colorado  80301
303-444-9532
800-356-0283
http://www.compatible.com                                                                                                                                                                                                                                                                                                       
                    
                    Résumé du contenu de la page N° 2 
                    
                        IntraPort 2 and IntraPort 2+ VPN Access Server Administrator’s Guide,  Version 1.5 Copyright © 1999, Compatible Systems Corporation All rights reserved.  IntraPort, RISC Router, MicroRouter and Compati- View are trademarks of Compatible Systems Corporation.  Other trade- marks are the property of their respective holders. Copyright© 1997-1999 by Hi/fn, Inc. Includes one or more U.S. Patent  Nos.: 4,701,745; 5,003,307; 5,016,009; 5,126,739; 5,146,221;  5,414,425; 5,414,850; 5,463,390; 5,506,580; 
                    
                    Résumé du contenu de la page N° 3 
                    
                        Chapter 1 - Introduction 1 ABOUT THE INTRAPORT 2/2+ VPN ACCESS SERVER 1 A NOTE ABOUT REMOTE CLIENT CONNECTIONS 1 INTRAPORT 2/2+ VPN ACCESS SERVER INSTALLATION OVERVIEW 1 Chapter 2 - Getting Started 5 A FEW NOTES 5 Please Read the Manuals 5 Warranty and Service 5 Getting Help with the IntraPort 2/2+ VPN Access Server 5 WHAT YOU WILL NEED TO GET STARTED 6 Supplied with the IntraPort 2/2+ VPN Access Server 6 Needed for Installation 6 Ethernet Connection Requirements 7 VPN Client Software Requiremen
                    
                    Résumé du contenu de la page N° 4 
                    
                        Chapter 6 - Basic Configuration Guide 19 SETUP OPTIONS 19   Diagram of Dual-Ethernet Setup 20   Diagram of Single-Ethernet Setup 21 CONFIGURATION USING COMPATIVIEW 22 VPN Client Tunnel Settings 22 CONFIGURING THE SERVER FOR LAN-TO-LAN TUNNELS 37 BASIC CONFIGURATION USING COMMAND LINE 41 VPN Client Tunnel Settings 41 CONFIGURING THE SERVER FOR LAN-TO-LAN TUNNELS 48 Chapter 7 -  Alternate Protocols and Security  Parameters 50 IPX Protocol 50 Required for IPX 50 Suggested for IPX 50 AppleTalk Proto
                    
                    Résumé du contenu de la page N° 5 
                    
                        Appendix B - Connector and Cable Pin Outs 58 Pin Outs for DB-25 Male to DB-25 Female RS-232 Data &  Console Cable 58 Appendix C - Security Dynamics ACE/Server  Information 59 Appendix D - LED Patterns and Test Switch Settings 61 IntraPort 2/2+ VPN Access Servers LED Patterns 61 Ethernet Back Panel Indicators LEDs 61 Front Panel LEDs 61 Sys Ready 61 Power On, No Traffic 61 Ethernet Traffic Indicators 61 IntraPort 2 Connections/Users LEDs 62 IntraPort 2+ Connections/Users LEDs 62 IntraPort 2 Speci
                    
                    Résumé du contenu de la page N° 6 
                    
                        iv                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  
                    
                    Résumé du contenu de la page N° 7 
                    
                         Chapter 1 - Introduction 1 Chapter 1 - Introduction About the IntraPort 2/2+ VPN Access  Server Congratulations on your purchase of the IntraPort 2 or IntraPort 2+  VPN Access Server. These VPN Access Servers provide secure  Internet-based remote access and site-to-site connections.  The IntraPort 2 will support up to 16 simultaneous LAN-to-LAN  connections and up to 64 simultaneous remote client connections. The  IntraPort 2+ will support up to 32 simultaneous LAN-to-LAN connec- tions and up t
                    
                    Résumé du contenu de la page N° 8 
                    
                        2 Chapter 1 - Introduction In short, the installation steps are: 1. Install the IntraPort 2 or IntraPort 2+ hardware on your Ethernet  LAN and connect one or both of the 10/100 twisted-pair Ethernet  interfaces to a Fast Ethernet or Ethernet hub. 2. Select the management tool you wish to use with the server. If you  want to use the CompatiView management software, you must  install the software on a Windows PC computer which is connected  to your network. 3. Configure the IntraPort 2/2+ LAN and 
                    
                    Résumé du contenu de la page N° 9 
                    
                         Chapter 1 - Introduction 3 Alternate Protocols and Security Parameters This part of the manual lists configuration parameters that must be set in  order to use the IntraPort 2/2+ VPN Access Server with protocols other  than TCP/IP, and when using additional security parameters such as  SecurID and RADIUS. Appendices Additional information that might be of interest to you, such as tech- nical specifications, default settings, and how to download current soft- ware from Compatible Systems’ websit
                    
                    Résumé du contenu de la page N° 10 
                    
                        .                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                    
                    Résumé du contenu de la page N° 11 
                    
                         Chapter 2 - Getting Started 5 Chapter 2 - Getting Started A Few Notes Please Read the Manuals The manuals included with your IntraPort 2/2+ VPN Access Server  contain very important information about the product and Virtual  Private Networking in general. Please read this manual thoroughly, and  refer to the management reference guides as required. It’s worth the few  minutes it will take. Also, please fill out the warranty registration card and return it to us  today. This will help us keep yo
                    
                    Résumé du contenu de la page N° 12 
                    
                        6 Chapter 2 - Getting Started questions via e-mail to support@compatible.com. Compatible Systems’  phone number is listed on the front of this guide. We will be happy to  help you. What You Will Need To Get Started Before installing the IntraPort 2/2+ VPN Access Server, please check  the list below to make sure that you have received all of the items that  are supplied with the server package. You should also make sure you have any additional items that are  necessary to connect the server to yo
                    
                    Résumé du contenu de la page N° 13 
                    
                         Chapter 2 - Getting Started 7 Ethernet Connection Requirements The server’s Ethernet interfaces directly support full or half duplex  100BaseTx or 10BaseT twisted-pair Ethernet. To connect the server’s  Ethernet interfaces to twisted-pair Ethernet cabling, you will need an  unshielded twisted-pair station cable that is connected to a  10BaseT-compatible twisted-pair hub (for a transmit speed of 10  Mbps) or a 100Mbps Fast Ethernet hub (at either transmit speed) for  each interface you plan to c
                    
                    Résumé du contenu de la page N° 14 
                    
                        .                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
                    
                    Résumé du contenu de la page N° 15 
                    
                         Chapter 3 - Network Installation 9 Chapter 3 - Network Installation Figure 1. IntraPort 2/2+ VPN Access Server Back Panel This section of the manual describes how to connect the IntraPort 2/2+  VPN Access Server to your Ethernet network. In summary, the steps for  installation are: 1. Make sure the server is powered down and not connected to any  power source. 2. Connect the server to the Ethernet network(s). 3. Connect a management console to the server (optional). 4. Plug in the power cable a
                    
                    Résumé du contenu de la page N° 16 
                    
                        10 Chapter 3 - Network Installation The other option is to set up the server behind your Internet access  router/firewall using Ethernet 0 only. In this scenario, Ethernet 1 is not  used and should not be plugged in to anything. You will also have to set up  your firewall to allow IPSec traffic through (see the section on setting up  an IP Gateway for Ethernet 0 in Chapter 6 for more information). The 10/100 Ethernet interfaces directly support full or half duplex  100BaseTx or 10BaseT twisted-p
                    
                    Résumé du contenu de la page N° 17 
                    
                         Chapter 4 - CompatiView Software Installation 11 Chapter 4 - CompatiView  Software Installation All of the products in the Compatible Systems networking family,  including all IntraPort servers, RISC Router and MicroRouter models,  can be managed from a single management platform called  CompatiView. CompatiView is included on the CD-ROM which was  shipped with your IntraPort 2/2+ VPN Access Server. If your IntraPort  2/2+ is running software version 5.0 or later, then you must use  CompatiView
                    
                    Résumé du contenu de la page N° 18 
                    
                         Note: To choose the active transport protocol on a Windows machine  which has both IPX and IP installed, select “Options” from the  Database menu and click the General tab. Then select the appro- priate radio button under “Transport.” Installation and Operation The Windows version of the CompatiView program can be found  in the Network Management/CompatiView/Windows directory on  the CD-ROM that was included with your IntraPort 2/2+ VPN  Access Server. Run the auto-installation program (CV5x f
                    
                    Résumé du contenu de la page N° 19 
                    
                         Chapter 4 - CompatiView Software Installation 13 two most common IPX frame types upon startup (802.2 and 802.3  (raw)). If CompatiView has the IPX/SPX protocol selected as its trans- port, it will be necessary to either powerup the server before powering  up the workstation, or reboot the workstation after the server has  completed its boot sequence. This process will ensure that the worksta- tion and the server have the proper IPX network bindings for communi- cation. For more information on u
                    
                    Résumé du contenu de la page N° 20 
                    
                        .