Avaya Business Communications Manager Configuration manual
Configuration — Remote Worker
Avaya Business Communications Manager
Release 6.0
Document Status: Standard
Document Number: NN40171-505
Document Version: 01.04
Date: October 2010
© 2010 Avaya Inc.
All Rights Reserved.
Notices
While reasonable efforts have been made to ensure that the information in this document is complete and accurate at the time of printing,
Avaya assumes no liability for any errors. Avaya reserves the right to make changes and corrections to the information in this document
without the obligation to notify any person or organization of such changes.
Documentation disclaimer
Avaya shall not be responsible for any modifications, additions, or deletions to the original published version of this documentation
unless such modifications, additions, or deletions were performed by Avaya. End User agree to indemnify and hold harmless Av aya,
Avaya’s agents, servants and employees against all claims, lawsuits, demands and judgments arising out of, or in connection with,
subsequent modifications, additions or deletions to this documentation, to the extent made by End User.
Link disclaimer
Avaya is not responsible for the contents or reliability of any linked Web sites referenced within this site or documentation(s) provided by
Avaya. Avaya is not responsible for the accuracy of any information, statement or content provided on these sites and does not
necessarily endorse the products, services, or information described or offered within them. Avaya does not guarantee that these links will
work all the time and has no control over the availability of the linked pages.
Warranty
Avaya provides a limited warranty on this product. Refer to your sales agreement to establish the terms of the limited warranty. In
addition, Avaya’s standard warranty language, as well as information regarding support for this product, while under warranty, is
available to Avaya customers and other parties through the Avaya Support Web site: http://www.avaya.com/support
Please note that if you acquired the product from an authorized reseller, the warranty is provided to you by said reseller and not by Avaya.
Licenses
THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA WEBSITE, HTTP://SUPPORT.AVAYA.COM/LICENSEINFO/
ARE APPLICABLE TO ANYONE WHO DOWNLOADS, USES AND/OR INSTALLS AVAY A SOFTWARE, PURCHASED FROM
AVAYA INC., ANY AVAYA AFFILIATE, OR AN AUTHORIZED AVAYA RESELLER (AS APPLICABLE) UNDER A
COMMERCIAL AGREEMENT WITH AVAYA OR AN AUTHORIZED AVAYA RESELLER. UNLESS OTHERWISE AGREED TO
BY AVAYA IN WRITING, AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE WAS OBTAINED FROM ANYONE
OTHER THAN AVAYA, AN AVAYA AFFILIATE OR AN AVAYA AUTHORIZED RESELLER, AND AVAYA RESERVES THE
RIGHT TO T AKE LEGAL ACTION AGAINST YOU AND ANYONE ELSE USING OR SELLING THE SOFTWARE WITHOUT A
LICENSE. BY INSTALLING, DOWNLOADING OR USING THE SOFTWARE, OR AUTHORIZING OTHERS TO DO SO, YOU,
ON BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU ARE INSTALLING, DOWNLOADING OR USING THE
SOFTWARE (HEREINAFTER REFERRED TO INTERCHANGEABLY AS "YOU" AND "END USER"), AGREE TO THESE
TERMS AND CONDITIONS AND CREATE A BINDING CONTRACT BETWEEN YOU AND AVAYA INC. OR THE
APPLICABLE AVAYA AFFILIATE ("AVAYA").
Copyright
Except where expressly stated otherwise, no use should be made of the Documentation(s) and Pr oduct( s) p rovided by Avaya. All content
in this documentation(s) and the product(s) pr ov id ed by Avaya including the selection, arrangement and design of the content is owned
either by Avaya or its licensors and is protected b y copyright and other intellectual property laws including the sui generis rights relating
to the protection of databases. You may not modify, copy, reproduce, republish, upload, post, transmit or distribute in any way any
content, in whole or in part, including any code and software. Unauthorized reproduction, transmission, dissemination, storage, and or
use without the express written consent of Avaya can be a criminal, as well as a civil offense under the applicable law.
Third Party Components
Certain software programs or portions thereof included in the Product may contain software distributed under third party agreements
("Third Party Components"), which may contain terms that expand or limit rights to use certain portions of the Product ("Third Party
Terms" ). Information regarding distributed Linux OS source code (for those Products that have distributed the Linux OS source code),
and identifying the copyright holders of the Third Party Components and the Third Party Terms that apply to them is available on the
Avaya Support Web site: http://support.avaya.com/Copyright.
Trademarks
The trademarks, logos and service marks ("Marks") displayed in this site, the documentation(s) and product(s) pr ovided by Avaya are the
registered or unregistered Marks of Avaya, its affiliates, or other third parties. Users are not permitted to use such Marks without prior
written consent from A vaya or such third party which may own the Mark. Nothing contained in this site, the documentation(s) and
product(s) should be construed as granting, by implication, estoppel, or otherwise, any license or right in and to the Marks without the
express written permission of Avaya or the applicable third party. Avaya is a registered trademark of Avaya Inc. All non-Avaya
trademarks are the property of their respective owners.
Downloading documents
For the most current versions of documentation, see the Avaya Support. Web site: http://www.avaya.com/support
Contact Avaya Support
Avaya provides a telephone number for you to use to report problems or to ask questions about your product. The support telephone
number is 1-800-242-2121 in the United States. For additional support telephone numbers, see the Av aya Web site: http://
www.avaya.com/support
Contents
Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Customer Service. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Getting started with remote worker support . . . . . . . . . . . . . . . . . . . . . . . . . 7
About remote worker support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Symbols and text conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Virtual private network configuration overview . . . . . . . . . . . . . . . . . . . . . 11
Contents 3
Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Getting technical documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Getting product training . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Getting help from a distributor or reseller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Getting technical support from the Avaya Web site . . . . . . . . . . . . . . . . . . . . . 5
Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Network configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
VPN configurations support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Remote worker configuration when branch tunnels are used . . . . . . . . . . . . . . . . . . . 15
Security credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
VPN Security banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Node-locked licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Using the BCM as an HTTP server for downloading license and configuration files 18
Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Procedure steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
SRS-type license file tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Licensing user interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Known issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Invalid PSK userID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Procedure steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Speech path interruption during re-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Provisioning the VPN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Configuration parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Pre-provisioning VPN within the corporate network (before deployment) . . . . . . . . . . 24
Manual configuration using the Network Configuration menu . . . . . . . . . . . . . . . . . . . 25
Remote provisioning using the remote PC application . . . . . . . . . . . . . . . . . . . . . . . . 25
Configuring the IP phone using the Remote PC Application . . . . . . . . . . . . . . . . . 26
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
4 Contents
Remote worker configuration overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Router configuration requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Configuring the remote worker feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Enabling the remote worker keycode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Configuring the public IP address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Enabling the remote worker feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Sample lab set up for remote worker configuration. . . . . . . . . . . . . . . . . . 37
Equipment requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
VoIP signaling and media information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Router configuration for BCM50E #1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Firewall configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Static NAT and static PAT configuration: . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Dynamic NAT and dynamic PAT configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Branch office tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
VPN client termination configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Router configuration for BCM50E 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Static NAT and static PAT configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Dynamic NAT and dynamic PAT configuration: . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Branch office tunnel configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Router configuration for Secure Router 100x 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Firewall configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
Static NAT and static PAT configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Dynamic NAT and dynamic PAT configuration: . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Router configuration snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Router configuration for Secure Router 100x 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
NN40171-505NN40171-505
Customer Service
This section explains how to get help for Avaya products and services.Visit the Avaya Web site to
access the complete range of services and support that Avaya provides. Go to http://
www.avaya.com or go to one of the pages listed in the following sections.
Navigation
• “Getting technical documentation” on page 5
• “Getting product training” on page 5
• “Getting help from a distributor or reseller” on page 5
• “Getting technical support from the Avaya Web site” on page 5
Getting technical documentation
To download and print selected technical publications and release notes directly from the Internet,
go to http://www.avaya.com/support.
5
Getting product training
Ongoing product training is available. For more information or to register, you can access the Web
site at http://www.avaya.com/support. From this Web site, you can locate the Training contacts
link on the left-hand navigation pane.
Getting help from a distributor or reseller
If you purchased a service contract for your Avaya product from a distributor or authorized
reseller, contact the technical support staff for that distributor or reseller for assistance.
Getting technical support from the Avaya Web site
The easiest and most effective way to get technical support for Avaya products is from the Avaya
Technical Support Web site at http://www.avaya.com/support.
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
6 Customer Service
NN40171-505NN40171-505
Chapter 1
Getting started with remote worker support
This section contains information on the following topics:
• “About remote worker support” on page 7
• “Audience” on page 7
• “Acronyms” on page 8
• “Symbols and text conventions” on page 8
• “Related publications” on page 9
About remote worker support
Avaya Business Communications Manager 6.0 (BCM 6.0) includes new options for remote
worker support. You can connect your Avaya 1100 Series IP Deskphone to the Avaya BCM
through a secure VPN tunnel, or by using the new remote worker feature. Using the remote worker
feature, you can use the BCM system as an HTTP server, allowing you to distribute configuration
files, license files, and firmware to IP clients.
7
This guide includes an appendix, which provides details on a sample network setup that supports
remote workers.
Audience
This guide is intended for administrators who want to configure the BCM for remote worker
support.
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
8 Chapter 1 Getting started with remote worker support
Acronyms
This guide uses the following acronyms:
BOT branch office tunnel
HTTP hypertext transfer protocol
IP internet protocol
LAN local area network
NAT network address translation
PAT port address translation
PSK pre-shared key
RTCP realtime control protocol
RTP realtime transfer protocol
UDP user data protocol
VPN virtual private network
WAN wide area network
Symbols and text conventions
These symbols are used to highlight critical information for the [Product Name (short)] system:
Caution: Alerts you to conditions where you can damage the equipment.
Danger: Alerts you to conditions where you can get an electrical shock.
Warning: Alerts you to conditions where you can cause the system to fail or work
improperly.
Note: A Note alerts you to important information.
Tip: Alerts you to additional information that can help you perform a task.
NN40171-505NN40171-505
Chapter 1 Getting started with remote worker support 9
Security note: Indicates a point of system security where a default should be changed,
or where the administrator needs to make a decision about the level of security required
!
for the system.
Warning: Alerts you to ground yourself with an antistatic grounding
strap before performing the maintenance procedure.
Warning: Alerts you to remove the [Product Name (short)] main unit
and expansion unit power cords from the ac outlet before performing any
maintenance procedure.
These text conventions are used in this guide to indicate the information described:
Convention Description
bold Courier
text
italic text Indicates book titles
plain Courier
text
FEATURE
HOLD
RELEASE
separator ( > ) Shows menu paths.
Related publications
Related publications are listed below. For more information about the Avaya Business
Communications Manager 6.0 documentation suite, see Documentation Roadmap
(NN40170-119).
Indicates command names and options and text that you need to enter.
Example: Use the
Example: Enter
info command.
show ip {alerts|routes}.
Indicates command syntax and system output (for example, prompts
and system messages).
Example:
Set Trap Monitor Filters
Indicates that you press the button with the coordinating icon on
whichever set you are using.
Example: Protocols > IP identifies the IP option on the Protocols
menu.
Avaya Business Communications Manager 6.0 Configuration — Telephony (NN40170-502)
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
10 Chapter 1 Getting started with remote worker support
NN40171-505NN40171-505
Chapter 2
Virtual private network configuration overview
The virtual private network (VPN) feature provides VPN client capability to the following IP sets:
• Avaya 1120E IP Deskphone
• Avaya 1140E IP Deskphone
• Avaya 1150E IP Deskphone
For more information about configuring your IP set for VPN, see the Avaya IP Deskphone
configuration guide for your model of IP set.
Navigation
• "Network configuration" (page 11)
• "VPN configurations support" (page 14)
• "Remote worker configuration when branch tunnels are used" (page 15)
• "Security credentials" (page 16)
• "VPN Security banner" (page 17)
• "Licensing" (page 17)
• "Using the BCM as an HTTP server for downloading license and configuration files"
(page 18)
• "Known issues" (page 21)
11
Network configuration
The following table shows supported VPN routers.
Table 1 VPN routers
Router Model Release
VPN router 1750, 2700, 5000 Release 3.2
VPN gateway 3050, 3070 Release 7.0
Avaya Business
Communications Manager 50
(BCM50) integrated router
Note: Your CSC version can be found in Business Element Manager at Administration >
Hardware Inventory > Additional Information > CSC Hardware version
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
Avaya BCM50a/ba, BCM50e/
be, CSC versions other than 1*
Release 6.0
12 Chapter 2 Virtual private network configuration overview
The VPN feature enables the set to establish an encrypted VPN tunnel from the set to a Avaya
BCM 6.0 system. When the tunnel is established, the following IP set-related traffic traverses the
tunnel:
• UNIStim signaling
•media
• TFTP provisioning
• HTTP provisioning
All set-related traffic must travel through a single tunnel. For example, it is not possible for some
traffic to travel inside the tunnel and some traffic to travel outside the tunnel. Traffic on the PC
port of the set is always excluded from the VPN tunnel.
If you have a BCM50 system with an integrated router (BCM50a, BCM50ba, BCM50e, or
BCM50be models) the VPN tunnel terminates on the BCM50 integrated router. If you use
pre-shared key (PSK) authentication, user credentials are validated on the BCM50 integrated
router. If you use XAUTH authentication, user credentials are validated on the BCM50 integrated
router and on the Radius server, which resides on the customer LAN.
You must install the VPN client for your version of Windows on your PC or laptop in order to
utilize the VPN feature. For more information about configuring VPN client termination on a
BCM50 integrated router, see the BCM50 Integrated Router Configuration Guide for your
BCM50 model. For information about configuring VPN client termination on a VPN router or
VPN gateway, see the configuration guide for your model of VPN router or VPN gateway.
VPN access to the BCM Customer LAN consists of 3 separate networks:
• Home network - The VPN user’s home network, located behind a router and connected
through an Internet Service Provider (ISP) to the Internet.
• Public Internet - Access to this network is provided by the ISP.
• BCM LAN - The office LAN with the BCM providing telephony services.
The BCM LAN and the Home LAN network cannot be on the same LAN. Most commercially
available home routers and BCM systems share the same default subnet of 192.168.1.x, Avaya
recommends that the subnet on the BCM system be changed.
Figure 1"PSK authentication network diagram" (page 13) shows the VPN deployment model with
a BCM50 system with an integrated router using PSK authentication. Figure 2"XAUTH
authentication network diagram" (page 13) shows the VPN deployment model with a BCM50
system with an integrated router using XAUTH authentication.
NN40171-505NN40171-505
Chapter 2 Virtual private network configuration overview 13
Figure 1 PSK authentication network diagram
Figure 2 XAUTH authentication network diagram
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
14 Chapter 2 Virtual private network configuration overview
If you have a BCM450 system, or a BCM50 system that does not include an integrated router, you
can use a VPN router or VPN gateway. In this case, place the VPN router or gateway on the edge
of your network. The VPN tunnel from the set terminates on the VPN router or gateway and the set
registers to the call server on the BCM50 or BCM450 system. This configuration is used when you
have a large number of VPN users (set or CVC).
Figure 3"VPN router/gateway and BCM call server network diagram" (page 14) shows a
configuration of a network using a VPN router or gateway and a BCM call server.
Figure 3 VPN router/gateway and BCM call server network diagram
VPN configurations support
The following table shows valid VPN configuration parameters for IP sets. BCM supports
Aggressive mode when you use a VPN router or VPN gateway.
Table 2 Supported configurations
Aggressive mode PSK
VPN parameter
Protocol VPN router/gateway VPN router/gateway VPN router/gateway
Mode Aggressive Aggressive Main*
Authentication PSK PSK X.509
PSK-UserID <user_ID> <user_ID> N/A
NN40171-505NN40171-505
with no XAUTH
Aggressive mode PSK
with XAUTH Main mode X.509 with no XAUTH
Table 2 Supported configurations
Chapter 2 Virtual private network configuration overview 15
Aggressive mode PSK
VPN parameter
PSK-Password <user_password> <user_password> N/A
XAUTH dis ena dis
XAUTH-UserID N/A <user_password> N/A
XAUTH-Password N/A <user_password> N/A
Primaryserver <FQDN> <FQDN> <FQDN>
Secondaryserver <FQDN> <FQDN> <FQDN>
Root Cert N/A N/A <required>
Device Cert N/A N/A <required>
*Note: Main mode is not supported if client termination resides on the BCM system.
with no XAUTH
Aggressive mode PSK
with XAUTH Main mode X.509 with no XAUTH
Remote worker configuration when branch tunnels are used
You can deploy VPN Client tunnels the Avaya BCM50a/e when VPN branch tunnels are used.
When you deploy VPN Client tunnels in this manner, the number of active tunnels you can have is
limited on the BCM50a/e.
Complete the following procedure to establish a VPN between two sites using a VPN branch
tunnel. The recommended method to do this is through a branch-to-branch IPSec tunnel. For more
information, see BCM50e Integrated Router Configuration — Basics (N0115788).
1 In VPN / Summary, add a new tunnel by editing an unused rule.
2 Create an Active Branch Office tunnel.
3 Select Nailed Up, if the tunnel should not be closed while not in use.
4 Select Main for Negotiation Mode.
5 Enter the authentication information, with either a pre-shared key or an imported certificate.
6 Enter the IP Address assigned to the router WAN port. This should be a static address, or a
dynamic DNS name, and the IP address of the remote router.
7 Select the encryption and authentication algorithms.
8 Add an IP policy, by specifying the IP address ranges of the local and remote hosts that use the
tunnel.
9 Repeat these steps 1 through 7 at the other end of the branch.
Note: If a VPN Client Termination is used on these sites, you must include the
client termination address range in the tunnel policies in order for the VPN
clients to see the other site.
Avaya Business Communications Manager 6.0 Configuration — Remote Worker
16 Chapter 2 Virtual private network configuration overview
Security credentials
The VPN feature requires different types of security credentials depending on the mode of
authentication selected. Security credentials are configured on the VPN router or VPN gateway by
the administrator. For more information about configuring security credentials, see the
configuration guide for your VPN router or VPN gateway.
The following table shows which credentials are required for each mode.
Table 3 Security credentials required for each authentication mode
Mode Credentials
Aggressive Mode with
Authentication PSK, XAUTH
disabled
Aggressive Mode with
Authentications PSK and
XAUTH enabled
Main Mode X.509 certificates,
no XAUTH*
*Not applicable if the BCM is used to terminate the tunnel.
PSK (user ID and password)
PSK (user ID and Password),
XAUTH user ID, and XAUTH
password
Root certificate, device
certificate
The following list provides a description of the credentials.
• PSK (user ID and password)
The IP set uses PSK to authenticate itself to the VPN router (also known as Group ID and
Group Password). You can provision PSK in the configuration menu or through a
configuration file. The PSK user ID and password is a maximum of 20 alphanumeric
characters.
You can configure the user ID manually or you can pre-configure the user ID using the
configuration file. If you save the PSK user ID, you do not have to reenter it when you want to
use it.
You can configure the password manually or pre-configure the password using the
configuration file. Optionally, you can leave the password blank. If you configure the
password, you do not have to reenter it when you use it. If you do not configure the password,
you are prompted to enter it each time it is required. You can configure the VPN server to
provide a policy message to instruct the set not to save the password locally. The server policy
takes precedence over the password saved in the IP set.
Note: The XAUTH password is saved locally to the IP set until the IP set
successfully connects to the VPN server for the first time. The VPN server policy
then takes precedence.
NN40171-505NN40171-505
Loading...