Compatible Systems IntraPort Enterprise-8, IntraPort A00-1869 User Manual
IntraPort Enterprise-8
VPN Access Server
Installation Guide
Compatible Systems Corporation
4730 Walnut Street
Suite 102
Boulder, Colorado 80301
303-444-9532
800-356-0283
http://www.compatible.com
IntraPort Enterprise-8 VPN Access Server Installation Guide, Version 1
Copyright © 1999, Compatible Systems Corporation
All rights reserved. IntraPort Enterprise, RISC Router, MicroRouter and CompatiView are
trademarks of Compatible Systems Corporation. Other trademarks are the property of their
respective holders.
Part number: A00-1869
FCC Notice: This product has been certified to comply with the limits for a Class A computing
device, pursuant to Subpart J of Part 15 of FCC Rules. It is designed to provide reasonable protection against radio or television communication interference in a commercial environment.
Operation of this equipment in a residential area could cause interference with radio or television
communication.
Table of Contents
Introduction to the IntraPort Enterprise-8 1
A NOTE ABOUT REMOTE CLIENT CONNECTIONS 1
NTRAPORT ENTERPRISE-8 INSTALLATION OVERVIEW 1
I
I
NTRAPORT ENTERPRISE-8 MANUAL OVERVIEW 2
Chapter 1 - Getting Started 3
A FEW NOTES 3
Please Read the Manuals 3
Warranty and Service 3
Getting Help with the IntraPort Enterprise-8 3
HAT YOU WILL NEED TO GET STARTED 4
W
Supplied with the IntraPort Enterprise-8 4
Additional Items Needed for Installation 4
Chapter 2 - Mounting Instructions 5
PLACEMENT CONSIDERATIONS 5
SAFETY GUIDELINES 5
PARTS AND TOOLS 6
CHANGING THE POWER SUPPLY VOLTAGE SETTINGS 6
Installing Mounting Ears and Handles 7
Rack-Mount Brackets 8
Right Bracket Installation 9
Left Bracket Installation 10
Securing the Shelf 11
Moving the Unit into the Rack 12
Placing the Unit in an Equipment Rack 13
Securing the Unit to the Rack 14
Chapter 3 - Network Installation 15
PHYSICAL CONNECTION REQUIREMENTS 15
CONNECTING THE SERVER TO THE ETHERNET 16
CONNECTING A MANAGEMENT CONSOLE 17
POWERING UP THE SERVER 17
Power Alarm Information 17
Chapter 4 - CompatiView Software Installation 18
COMPATIVIEW FOR WINDOWS 18
System Requirements 18
Installation and Operat io n 18
Transport Protocols and CompatiVie w 19
Chapter 5 - Command Line Management 20
OUT-OF-BAND COMMAND LINE MANAGEMENT 20
TEMPORARILY RECONFIGURING A HOST FOR COMMAND LINE MANAGEMENT 20
SETTING UP TELNET OPERATION 21
i
Table of Contents
Chapter 6 - Basic Configuration Guide 22
ETHERNET INTERFACE CONFIGURATION 22
IP Protocol 22
IP Settings for Setups in Parallel with a Firewall 22
IP Settings for Setups Behind a Firewall 23
IPX Protocol 24
Required for IPX 24
Suggested for IPX 24
AppleTalk Protocol 24
Required for AppleTalk 24
Suggested for AppleTalk 24
Configuring the Server for LAN-to-LAN Tunnels 24
Required for LAN-to-LAN Tunnel Configurations 24
Suggested for LAN-to-LAN Tunnel Configurations 24
Configuring the Server for IP and IPX Client Tunnels 25
Required for Client Tunnel Configurations 25
Suggested for Client Tunnel Configurations 25
VPN User Database 25
Setting up RADIUS Authentication 26
Setting the IntraPort Enterprise-8 for a RADIUS Server 26
RADIUS Server User Authentication Settings 26
Setting up SecurID Authentication 27
Setting the IntraPort Enterprise-8 for an ACE/Server 27
ACE/Server Settings 27
SAVING A CONFIGURATION FILE TO FLASH ROM 28
Chapter 7 - Shipping Defaults 29
DEFAULT PASSWORD 29
ETHERNET INTERFACES 29
IP Defaults 29
IPX Defaults 29
AppleTalk Defaults 29
Chapter 8 - LED Patterns and Test Switch Settings 30
INTRAPORT ENTERPRISE-8 LED PATTERNS 30
Over Temp 30
Sys Ready 30
General Indicators 30
Ethernet Traffic Indicat ors 30
Load % Indicators 30
INTRAPORT ENTERPRISE-8 SWITCH SETTINGS 31
Appendix A - Connector and Cable Pin Outs 32
PIN OUTS FOR DB-25 MALE TO DB-25 FEMALE CONSOLE CABLE 32
ii
Table of Contents
Appendix B - Downloading Software From Compatible Systems 33
Appendix C - Security Dynamics ACE/Server Information 34
Appendix D - Adding or Replacing RIOP Cards 35
Appendix E - When the “Over Temp” Light Comes On 36
REPLACING OR CLEANING THE INTRAPORT ENTERPRISE-8 AIR FILTER 36
Appendix F - Terms and Conditions 37
iii
Table of Contents
Figure 1. Location of Voltage Switch on the Power Supply 6
Figure 2. Installing Mounting Ears and Handles for a Standard Equipment Rack 7
Figure 2.1. Installing Mounting Ears for a Telco Rack 7
Figure 3. Rack-Mount Brackets 8
Figure 4. Fastening the Right Bracket to the Rack 9
Figure 5. Fastening the Left Bracket to the Rack 10
Figure 6. Lowering the Shelf 11
Figure 6.1. Securing the Shelf 11
Figure 7. Moving the Unit into a Standard Equipment Rack 12
Figure 7.1. Moving the Unit into a Telco Rack 12
Figure 8. Placing the Unit in a Standard Equipment Rack 13
Figure 8.1. Placing the Unit in a Telco Rack 13
Figure 9. Securing the Unit to the Rack 14
Figure 10. IntraPort Enterprise-8 VPN Access Server 15
Figure 11. Detail of RIOP Cards 16
Figure 12. Detail of Power Units 17
Figure 13. Removing and Replacing an RIOP Card or Cover Plate 35
Figure 14. Removing the Filter Cover Plate 36
iv
Introduction to the IntraPort Enterprise-8 1
Introduction to the IntraPort Enterprise-8
Congratulations on your purchase of the IntraPort Enterprise-8 VPN Access Server. The
IntraPort Enterprise-8 s uppor ts u p to 512 LAN -to-L AN tunn els and up t o 40, 000 simu ltan eous
remote client connections.
In addition, it offers DES and 3DES encryption using built-in hardware coprocessors.
A Note About Remote Client Connections
In order to create a tunnel to a network over the Internet, remote users must run VPN Client
software on a Windows95/98 PC, Windows NT PC, Mac OS, Linux, or Sun Solaris computer
which is connected to the Internet via PPP or Ethernet.
The IntraPort VPN Clients are applications which set up the remote access VPN tunnels to the
IntraPort Enterprise-8 VPN Access Server and make sure that appropriate data gets sent.
The clients work in conjunction with your communications software. Connections can be
made to the Internet via PPP software or over a local intranet via a workstation’ s LAN adapter.
Together, these components provide cost-effective on-demand connections to your corporate
network.
IntraPort Enterprise-8 Installation Overview
This manual will help you mount the IntraPort Enterprise-8 VPN Access Server in a rack and
install it on your Local Area Network. It also includes general maintenance information and
some technical specifications. For the most up-to-date information available on the IntraPort
Enterprise-8 VPN Access Server, please visit the Technical Support section of our Web site at:
http://www.compatible.com.
In short, the installation steps are:
1. Mount the IntraPort Enterprise-8 in a rack or other appropriate setting.
2. Install the IntraPort Enterprise-8 hardware on your Ethernet LAN and connect the
10/100 twisted-pair Ethernet interfaces to Fast Ethernet or Ethernet hubs.
3. Select the management tool you wish to use with the server. If you want to use the
CompatiView management software, you must install the software on a Windows PC
computer which is connected to your network.
4. Configure the IntraPort Enterprise-8 LAN and tunnel parameters using the manage-
ment tool you have chosen.
5. Install and Configure the VPN Client software for remote users. (See the VPN Cli-
ent Reference Guide.)
Introduction to the IntraPort Enterprise-8 2
IntraPort Enterp ri se-8 Man u a l Overvi ew
The manual is divided int o s everal s ecti ons th at sh oul d pr ovi de you w it h the basic information
you will need to use the IntraPort Enterprise-8 on your network. For the latest documentation
on Compatible Systems products, including the most current version of this manual, visit the
Technical Support section of our Web site.
Chapter 1 - Getting Started
This part of the manual describes the contents of the IntraPort Enterprise-8 package and
emphasizes the preparation and equipment you will need to install the server.
Chapter 2 - Mounting Instructions
This part of the manual includes detailed instructions for mounting the IntraPort Enterprise-8
in a variety of equipment racks and instructions on changing the voltage switch settings.
Chapter 3 - Network Installation
This part of the manual includes step-by-step instructions on how to conn ect the server to your
local Ethernet and power it up. Instructions are included for twisted-pair Ethernet environments.
Chapter 4 - CompatiView Software Installation
This part of the manual describes how to install CompatiView, Compatible Systems’ GUI
(Graphical User Interface) management software which is included with your server.
Chapter 5 - Command Line Preparation
This part of the manual provides basic instructions for using command line management and
text-based configuration to configure a server.
Chapter 6 - Basic Configuration Guide
This part of the manual provides a minimal list of parameters that must be entered into a server
for proper operation.
Chapter 7 - Shipping Defaults
This part of the manual lists factory defaults.
Chapter 8 - LED Patterns and Switch Settings
This part of the manual describes the LED indicators and the test switch settings.
Appendices
This part of the manual includes add itional informat ion that mi ght be of in terest t o you such as
technical specifications, some maintenance procedures and instructions for downloading
current so ftware.
Chapter 1 - Getting Started 3
Chapter 1 - Getting Started
A Few Notes
Please Read the Manuals
The manuals included with your IntraPort Enterprise-8 VPN Access Server contain very
important information about installing and operating the IntraPort Enterprise-8. Please read
this manual, and refer to the management reference guides as required. It’s worth the few
minutes it will take.
Also, please fill out the warranty registration card and return it to us today. This will help us
keep you informed about updates to the IntraPort Enterprise-8 and future products available
from Compatible Systems.
Y o u can also register on the Web at http://www.compatible.com. If you’d like to be notified via
e-mail about new products and receive important news from Compatible Systems, please join
our e-mail list on the Web.
Warranty and Service
The IntraPort Enterprise-8 is covered by the Compatible Systems Integr ated Suppo rt Pack age,
which includes a lifetime comprehensive warranty, a twenty-four hour advance replacement
program, unlimited phone support and software upgrades for the life of the product. A 24 x 7
support plan is also available.
Compatible Systems maintains copies of current software updates on the Internet. You may
download product software from the Internet at any time. For more information on downloading current product software, see Appendix B.
Getting Help with the IntraPort Enterprise-8
If you have a question about the IntraPort Enterprise-8 and can’t find the answer in one of the
manuals included with the product, please visit the technical support section of our Web site
(http://www.compatible.com). This site includes extensive technical resources which may
answer many of your questions. You can also request technical support by filling out a brief
form. Technical support requests received via the Web form will receive expedited treatment.
You may also call Compatible Systems Corporation or send support questions via e-mail to
support@compatible.com. Compatible Systems' phone number is listed on the front of this
guide. We will be happy to help you.
Chapter 1 - Getting Started 4
What You Will Need to Get Started
Before connecting the IntraPort Enterprise-8 VPN Access Server, please check the list below
to make sure that you have received all of the items that are supplied with the shipping
package(s).
You should also make sure you have any additional items that are necessary to connect the
server to your network.
Supplied with the IntraPort Enterprise-8
Please check your shipping package(s) for the following items:
• IntraPort Enterprise-8 unit
• 2 power cords
• One left rack-mount bracket
• One right rack-mount bracket
• Two mounting ears
• Two handles
• Two hand le spacers
• 14 mounting screws (10-32 undercut flat head)
• One DB-25 male to DB-25 female console cable
• One reusable replacement air filter
• CD-ROM including:
4 CompatiView software for Windows
4 Operating software
4 VPN Client software (Windows and Mac OS versions)
4 HTML version of product documentation (which can be vi ewed with your favorit e
Web browser)
• VPN Client Reference Guide
• CompatiView Management Software Reference Guide
• Text-Based Configuration and Command Line Management Reference Guide
• Warranty registration card
Additional Items Needed for Installation
• If you choose to rack-mount the IntraPort Enterprise-8, you will need to provide your
own screws or clips to secure the mounting brackets to the equipment rack. A more
detailed list of the items needed for mounting the server is in Chapter 2 - Mounting
Instructions.
• Before connecting the IntraPort Enterprise-8 to your network, you need to make sure
that you have the necessary interface cabling equipment. See Chapter 3 - Network
Installation for details.
Chapter 2 - Mounting Instructions 5
Chapter 2 - Mounting Instructions
The IntraPort Enterprise-8 VPN Access Server is designed to be mounted in a 19-inch equipment rack or in a Telco rack. Compatible Systems pr ovid es all the p arts necessar y for s ecurin g
the supplied mounting brackets and ears to the device; however, due to the variety of equipment racks and mounting techniques, you will need to provide your own screws or clips to
secure the mounting brackets and ears to the equipment rack.
Placement Considerations
There are several things to consider when preparing to install the IntraPort Enterprise-8 VPN
Access Server.
• Do not place the server on the floor, since it will more quickly accumulate dust. As
alternatives to rack-mounting, it can be placed on a sturdy table or solid platform.
• A clean, air-conditioned environment is ideal.
• An open equipment rack (i.e., one without side enclosures or doors) is recommended
for adequate ventilation.
• The chassis requires 13.5 shelf positions (23.5 vertical inches) of rack space.
• While no rear clearance is required, the front of the server needs adequate clearance
for air circulation, RIOP card addition or replacement, cable connections, etc. At least
two feet of front clearance and one inch of top clearance are recommended.
• Load the equipment rack from the bottom. For stability, it is strongly recommended
that the IntraPort Enterprise-8 VPN Access Server be placed in the bottom half of an
equipment rack.
Safety Guidelines
v Note: When stacking other equipment on the IntraPort Enterprise-8 VPN Access Server, do
not exceed 35 pounds of evenly distributed weight on top of the server. Additional weight may
bend the case.
T o help en sure you r safety and minimize p otential damage to equipment, read an d follow these
guidelines before attempting to move or work on the IntraPort Enterprise-8 VPN Access
Server. These guidelines do not encompass all potential hazards. You must use good judgment
and due caution when working with this or any other electrical device.
• The default setting for the voltage switch on the power supplies for the Carrier-8 is for
a low input voltage (marked 115V on the switch). If your electrical system requires a
high input voltage on the power supp lies, you must change the settings before
ging in the server (for instructions, see Changing the Power Supply Voltage Settings).
• Never attempt to move the server using the RIOP card handles or the filter cover
opening. They will not su ppo rt t he wei ght of the device. Use the built-in si d e handles
and either the large mounting handles, if you have installed them, or the very bottom
of the chassis to move it (see Figures 2 and 2.1).
• The IntraPort Enterprise-8 VPN Access Server weighs approximately 110 pounds.
Moving the server requires at least two people, able to bear 55 pounds of weight
apiece. If your union or company policy outlines a lower maximum weight load per
person, use the appropriate number of people.
• Make sure you have a clear path between the server and the equipment rack, platform
or table before attempting to move it into place.
plug-
+ Warning: All power cords an d inter face cab les must be dis conn ected befo re you attempt to
move or work on the IntraPort Enterprise-8 VPN Access Server. Even the interface cables can
deliver lethal doses of electricity.
Parts and Tools
Chapter 2 - Mounting Instructions 6
The following items are needed to install the mounting ears and handles on the IntraPort Enterprise-8 VPN Access Server.
• IntraPort Enterprise-8 unit
• Two mounting ears
• Two handles
• Two hand le spacers
• 14 mounting screws (10-32 undercut flat head)
• Phillip’s head screwdriver
In addition to the above items, the following items are needed to install the IntraPort Enterprise-8 VPN Access Server in an equipment rack.
• One left rack-mount bracket
• One right rack-mount bracket
• One DB-25 male to DB-25 female console cable
• Tape measure (optional)
• Level (optional)
• Your own screws or clips, for fastening the brackets to the rack
• At least two people to lift the device into place. Do not attempt to move the device
into the rack or onto a table or platform by yourself.
Changing the Power Supply Voltage Settings
The default setting for the voltage switches on the server’s power supplies is for a low input
voltage (marked 115V on the swi tch) . If y our elect rical s ystem r equires a hig h input volt age on
the power supplies, you must change it manually on the device before
To change the settings:
1. Make sure the server is powered down and not connected to any power source.
2. Using a small screw driver, change the voltage switches to the desired setting (230V
for high input voltage, 115V for low input voltage).
Figure 1. Location of Voltage Switch on the Power Supply
plugging the device in.
Chapter 2 - Mounting Instructions 7
Installing Mounting Ears and Handles
Figure 2. Installing Mounting Ears and Handles for a Standard Equipment Rack
Figure 2.1. Installing Mounting Ears for a Telco Rack
The mounting ears should be installed on the IntraPort Enterprise-8 VPN Access Server
whether you are planning to rack-mount it or not. The handles need not be installed for Telco
rack mounts because there is not enough finger room to use them, but the handles are recommended for all other installations.
If you are not going to rack-mount the IntraPort Enterprise-8, it is recommended that you
install the mounting ears and handles using the Standard Equipment Rack position (as shown
in Figure 2).
1. Use the supplied screws and fasten the mounting ears to the sides of the device using
5 screws on each side as shown in Figure 2 (for a standard equipment rack) or in Figure 2.1 (for a Tel co rack).
2. Use the supplied screws and fasten the handles and spacers to the center o f the mounting ears as shown in Figure 2.
Rack-Mount Brackets
Chapter 2 - Mounting Instructions 8
Figure 3. Rack-Mount Brackets
Brackets (shown in Figure 3) are provided for mounting the IntraPort Enterprise-8 in a standard 19-inch equipment rack or a Telco rack. Note that the left bracket features a fold-down
shelf which maintains the proper alignment of the brackets in the rack, but does not bear the
weight of the unit. The ledges at the bottom of the brackets bear the weight of the unit until it is
securely attached to the equipment rack. You will need to provide your own screws or clips to
fasten the brackets and mounting ears to the equipment rack.
Loading...